Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Super Slow, Nothing Seems to Help


  • This topic is locked This topic is locked
43 replies to this topic

#1 brigg

brigg

  • Members
  • 457 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:24 AM

Posted 24 December 2012 - 12:22 PM

My computer is running very very slow and mostly when I'm on the internet or running a program to help my computer.
I'm using XP on an older Dell.
Word seems to be fine now, as is generally navigating around my system.
Also, I'm getting "device driver not installed" over the wireless icon in my tray.

I've tried a number of things, and will start with the most recent and go backwards.

I'm running GMER now in Safe Mode with Networking. After 11 hours, it's found one item and is currently scanning the Program files. When I highlight the found item and right click, all the options (including Delete and Disable Service) are grayed out except Options and About. I noticed it's spending a few hours in Program Files\Common Files\Adobe\Help.
Last night I tried to run ComboFix a couple of times from Safe Mode with Networking, and it barely gets started - never got to where it says it changed the clock or anything completes. (A friend suggested it, before I read all the stuff here about it).

I uninstalled all the virus malware software with an uninstaller program (starts with an R) and did the complete detailed uninstalls. Still, some of those programs showed up in my Start Program Menu, and I uninstalled them from there. Still couldn't get ComboFix to run.

Before all that, I let Piriform Defraggler run for about 28 hours. It made it to 5% and showed it had over a day left. I have about 50% of my disk that is fragmented. I stopped it.
Prior to that I ran Panda Cloud Scan and it found nothing.
I think it was right about here I ran CCCleaner, let it go to completion, and it cleaned some things up.

Before that, I downloaded a new version of Super AntiSpyWare Pro and ran that. A quick scan found 38 items and I took care of those. I ran the full scan and it ran for about 18 hours, found some stuff, but I wasn't around the minute it finished, and it closed up.
Prior to that, I found the following in my Start up and took them out: jusched, qttaqsk, Jing, igfxtray, igfxpers, hkcmd.
Before that I ran Spybot for 12 hours. It was 3/4 of the way through. I stopped it.
Before that, I ran Avira for 18 hours, and it found some stuff, but it was so slow, I stopped it.
Before that, I ran Panda cleaner - it found 2 registry items, and it cleaned those up.

Please let me know if you need any other information! Please help! Thank you in advance!

Mod Edit: Deleted duplicate topic and left this one. Deleted topic was moved from XP forum. ~bloopie

Edited by bloopie, 24 December 2012 - 04:01 PM.

Kansas City Mo area - Central time zone 

Dell D620 Laptop    -   Operating System:  Windows XP Professional 32-bit SP3     -     CPU:  Intel Core Duo T2300E @ 1.66GHz 51 °C     -  Yonah 65nm Technology

RAM:  1.00GB Dual-Channel DDR2 @ 267MHz (4-4-4-12)    -     Motherboard:  Dell Inc. 53 °C     -     Graphics:  Plug and Play Monitor (1280x720@60Hz)
Storage:  74GB SAMSUNG HM080HI (SATA) 36 °C     -     Optical Drives:  TSSTcorp CDRW/DVD TSL462C     -     Audio:  SigmaTel High Definition Audio CODEC
PAE Enabled - Installation Date: 3/20/2009     -     Plug and Play Monitor (1280x720@60Hz)     -     Intel Mobile Intel 945GM Express Chipset Family (Dell)
 

BC AdBot (Login to Remove)

 


#2 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:01:24 AM

Posted 24 December 2012 - 09:47 PM

Hello brigg,

Please run these tools for me:

Step :step1:

Now, let's get a Security Check of your machine:

Please download and run Security Check from HERE,and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document in your next reply.

==========

Step :step2:

Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, or you will need to run the application again.

==========

Step :step3:

Run RogueKiller

Download RogueKiller from here or here and save it to your desktop.

  • Close all programs and disconnect any USB or external drives before running the tool.
  • Right-click RogueKiller.exe and select Run as Administrator.
  • Once the Prescan has finished, click Scan.
  • Once the Status box shows "Scan Finished", click Delete.
  • When the Status box shows "Deleting Finished", click Report and then copy and paste the log in your next reply.
  • The log can also be found at RKreport[1].txt on your desktop.

==========

In your next reply, please include the following:

  • The Security Check log
  • The Rkill log
  • The RogueKiller log
bloopie

#3 brigg

brigg
  • Topic Starter

  • Members
  • 457 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:24 AM

Posted 24 December 2012 - 10:11 PM

HI. Thanks for the reply!
Gmer is still running (the 21st hour) - it's in the last parts of my files.
Are you familar with that program?
There's not much documentation on it and I'm not sure how to handle the clean up of the problem files it found.
Anyway, I'd like to let it finish, unless you tell me it's not worth it, and then I'll get right to your stuff.
Thanks so much for your time. It's a beautiful thing.

Brigid

Kansas City Mo area - Central time zone 

Dell D620 Laptop    -   Operating System:  Windows XP Professional 32-bit SP3     -     CPU:  Intel Core Duo T2300E @ 1.66GHz 51 °C     -  Yonah 65nm Technology

RAM:  1.00GB Dual-Channel DDR2 @ 267MHz (4-4-4-12)    -     Motherboard:  Dell Inc. 53 °C     -     Graphics:  Plug and Play Monitor (1280x720@60Hz)
Storage:  74GB SAMSUNG HM080HI (SATA) 36 °C     -     Optical Drives:  TSSTcorp CDRW/DVD TSL462C     -     Audio:  SigmaTel High Definition Audio CODEC
PAE Enabled - Installation Date: 3/20/2009     -     Plug and Play Monitor (1280x720@60Hz)     -     Intel Mobile Intel 945GM Express Chipset Family (Dell)
 

#4 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:01:24 AM

Posted 25 December 2012 - 08:16 AM

Hi again,

Yes, as a member of the Malware Response Team I am familiar with GMER. Scans are expected to take some time, but can be very useful in determining if a rootkit is present. However, we have other tools at our disposal that run much faster.

If the scan is still not complete, then abandon it for now and run my previous instructions. :)

bloopie

#5 brigg

brigg
  • Topic Starter

  • Members
  • 457 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:24 AM

Posted 25 December 2012 - 09:35 AM

Good morning! Happy Day to you.

Thanks for your reply this am.

It is finished after over 24 hours. I saved a log.
It found the one item in Rootkit/Malware, but wouldn't let me delete it there. It also shows up in "services" and will
let me delete it there.
I'm a little nervous to do that. Do you think I should?
I think I will make a little something to eat and see if you've responded when I'm done. If not, I'll move on.

Thanks!

Kansas City Mo area - Central time zone 

Dell D620 Laptop    -   Operating System:  Windows XP Professional 32-bit SP3     -     CPU:  Intel Core Duo T2300E @ 1.66GHz 51 °C     -  Yonah 65nm Technology

RAM:  1.00GB Dual-Channel DDR2 @ 267MHz (4-4-4-12)    -     Motherboard:  Dell Inc. 53 °C     -     Graphics:  Plug and Play Monitor (1280x720@60Hz)
Storage:  74GB SAMSUNG HM080HI (SATA) 36 °C     -     Optical Drives:  TSSTcorp CDRW/DVD TSL462C     -     Audio:  SigmaTel High Definition Audio CODEC
PAE Enabled - Installation Date: 3/20/2009     -     Plug and Play Monitor (1280x720@60Hz)     -     Intel Mobile Intel 945GM Express Chipset Family (Dell)
 

#6 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:01:24 AM

Posted 25 December 2012 - 10:41 AM

Good morning, and Happy Holidays! :)

Don't go removing anything just yet!! I need to see what it is to be sure of it's findings...it may very well be a false positive, so don't remove anything unless I instruct you to do so, okay?

Did you save the GMER log? If so, zip it up and attach it to your next reply...then we'll move on. :)

bloopie

#7 brigg

brigg
  • Topic Starter

  • Members
  • 457 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:24 AM

Posted 25 December 2012 - 11:18 AM

HI Bloopie:

I didn't delete anything. I did run all that stuff you told me to. I also have the Gmer log file. I cant find how to attach anything!
I now have a RK_Quarantine folder on my desktop.

Kansas City Mo area - Central time zone 

Dell D620 Laptop    -   Operating System:  Windows XP Professional 32-bit SP3     -     CPU:  Intel Core Duo T2300E @ 1.66GHz 51 °C     -  Yonah 65nm Technology

RAM:  1.00GB Dual-Channel DDR2 @ 267MHz (4-4-4-12)    -     Motherboard:  Dell Inc. 53 °C     -     Graphics:  Plug and Play Monitor (1280x720@60Hz)
Storage:  74GB SAMSUNG HM080HI (SATA) 36 °C     -     Optical Drives:  TSSTcorp CDRW/DVD TSL462C     -     Audio:  SigmaTel High Definition Audio CODEC
PAE Enabled - Installation Date: 3/20/2009     -     Plug and Play Monitor (1280x720@60Hz)     -     Intel Mobile Intel 945GM Express Chipset Family (Dell)
 

#8 brigg

brigg
  • Topic Starter

  • Members
  • 457 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:24 AM

Posted 25 December 2012 - 11:28 AM

I dont think I have security to attach anything.
Everything is pretty small. Here it is!

====================================================================================
here's the Checkup Log
Results of screen317's Security Check version 0.99.56
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Please wait while WMIC compiles updated MOF files.
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Panda Cloud Cleaner
JavaFX 2.1.1
Java™ 6 Update 26
Java 7 Update 7
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.3.300.265
Adobe Reader 8 Adobe Reader out of Date!
Adobe Reader 10.1.3 Adobe Reader out of Date!
Mozilla Firefox (17.0.1)
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 35% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

======================================================================================================================================

Here's the RKill file
Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/25/2012 09:50:54 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* System Policy Removed: DisableRegistryTools [HKCU]
* Explorer Policy Removed: NoActiveDesktopChanges [HKCU]
* Explorer Policy Removed: NoSetActiveDesktop [HKCU]

Backup Registry file created at:
C:\Documents and Settings\Administrator\Desktop\rkill\rkill-12-25-2012-09-51-18.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Manual

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic

* Automatic Updates (wuauserv) is not Running.
Startup Type set to: Automatic

* helpsvc [Missing Parameters Key]

* RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 12/25/2012 09:57:49 AM
Execution time: 0 hours(s), 6 minute(s), and 54 seconds(s)

==========================================================================================================================================
RogueKiller file contents
RogueKiller V8.4.1 [Dec 24 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Safe mode with network support
User : Administrator [Admin rights]
Mode : Scan -- Date : 12/25/2012 10:08:12

Bad processes : 0

Registry Entries : 8
[RUN][BLACKLISTDLL] HKCU\[...]\Run : Remote System Protection (rundll32.exe C:\WINDOWS\system32\od3d2ljc9j.dll, HUI_proc) -> FOUND
[RUN][HJNAME] HKCU\[...]\Run : asg984jgkfmgasi8ug98jgkfgfb (C:\DOCUME~1\Administrator\Local Settings\Temp\lsass.exe) -> FOUND
[RUN][BLACKLISTDLL] HKUS\S-1-5-21-1177238915-329068152-682003330-500[...]\Run : Remote System Protection (rundll32.exe C:\WINDOWS\system32\od3d2ljc9j.dll, HUI_proc) -> FOUND
[RUN][HJNAME] HKUS\S-1-5-21-1177238915-329068152-682003330-500[...]\Run : asg984jgkfmgasi8ug98jgkfgfb (C:\DOCUME~1\Administrator\Local Settings\Temp\lsass.exe) -> FOUND
[HJPOL] HKCU\[...]\System : DISABLETASKMGR (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ] HKCU\[...]\ActiveDesktop : NoChangingWallpaper (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

Particular Files / Folders:

Driver : [NOT LOADED]

HOSTS File:
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


MBR Check:

+++++ PhysicalDrive0: FUJITSU MHT2040AH +++++
--- User ---
[MBR] 627c0f161f4568f4f07849e7471c10da
[BSP] c046c74d87941a5c403954eec365505d : Legit3 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38154 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Generic Flash Disk USB Device +++++
--- User ---
[MBR] e9f63d0661c566a7c81b3265bc62460c
[BSP] 3cbab33dec6586a0c708d883b95bdef6 : Standard MBR Code
Partition table:
0 - [ACTIVE] FAT16-LBA (0x0e) [VISIBLE] Offset (sectors): 63 | Size: 1008 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1]_S_12252012_02d1008.txt >>
RKreport[1]_S_12252012_02d1008.txt

==========================================================================================================================================

GMER
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-12-25 08:25:50
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 FUJITSU_MHT2040AH rev.006C
Running: mv0nwvhj.exe; Driver: C:\DOCUME~1\Administrator\Local Settings\Temp\uxldapob.sys


---- Devices - GMER 1.0.15 ----

Device \FileSystem\Cdfs \Cdfs B9E04400

---- EOF - GMER 1.0.15 ----

Kansas City Mo area - Central time zone 

Dell D620 Laptop    -   Operating System:  Windows XP Professional 32-bit SP3     -     CPU:  Intel Core Duo T2300E @ 1.66GHz 51 °C     -  Yonah 65nm Technology

RAM:  1.00GB Dual-Channel DDR2 @ 267MHz (4-4-4-12)    -     Motherboard:  Dell Inc. 53 °C     -     Graphics:  Plug and Play Monitor (1280x720@60Hz)
Storage:  74GB SAMSUNG HM080HI (SATA) 36 °C     -     Optical Drives:  TSSTcorp CDRW/DVD TSL462C     -     Audio:  SigmaTel High Definition Audio CODEC
PAE Enabled - Installation Date: 3/20/2009     -     Plug and Play Monitor (1280x720@60Hz)     -     Intel Mobile Intel 945GM Express Chipset Family (Dell)
 

#9 brigg

brigg
  • Topic Starter

  • Members
  • 457 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:24 AM

Posted 25 December 2012 - 11:35 AM

P.S. I did all that in Safe Mode.

Kansas City Mo area - Central time zone 

Dell D620 Laptop    -   Operating System:  Windows XP Professional 32-bit SP3     -     CPU:  Intel Core Duo T2300E @ 1.66GHz 51 °C     -  Yonah 65nm Technology

RAM:  1.00GB Dual-Channel DDR2 @ 267MHz (4-4-4-12)    -     Motherboard:  Dell Inc. 53 °C     -     Graphics:  Plug and Play Monitor (1280x720@60Hz)
Storage:  74GB SAMSUNG HM080HI (SATA) 36 °C     -     Optical Drives:  TSSTcorp CDRW/DVD TSL462C     -     Audio:  SigmaTel High Definition Audio CODEC
PAE Enabled - Installation Date: 3/20/2009     -     Plug and Play Monitor (1280x720@60Hz)     -     Intel Mobile Intel 945GM Express Chipset Family (Dell)
 

#10 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:01:24 AM

Posted 25 December 2012 - 11:51 AM

Hi again,

Please run everything in normal mode if possible, if not then try in safemode.

I also have the Gmer log file. I cant find how to attach anything!

Sorry about that...I forgot that attachments aren't allowed in this forum, but in the Logs forum instead.

Is that the whole GMER log? There's nothing pointing to a rootkit there.

The log from RogueKiller seems to show that you did not select the Delete button as per my instruction. Please run it again and select Delete, then post me the new log.

==========

When you're through with that, do these next:

Step :step1:

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note*** If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents in your next reply.

==========

Step :step2:

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

==========

Step :step3:

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

==========

Please post all requested logs in your next reply, and let me know how the computer is running now!

bloopie

Edited by bloopie, 25 December 2012 - 11:52 AM.
Added normal mode point.


#11 brigg

brigg
  • Topic Starter

  • Members
  • 457 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:24 AM

Posted 25 December 2012 - 11:54 AM

Hi there - quick answer to first two items.
That was the whole Gmer log and I did delete in RK, per your instructions. I'm running it again now.

Kansas City Mo area - Central time zone 

Dell D620 Laptop    -   Operating System:  Windows XP Professional 32-bit SP3     -     CPU:  Intel Core Duo T2300E @ 1.66GHz 51 °C     -  Yonah 65nm Technology

RAM:  1.00GB Dual-Channel DDR2 @ 267MHz (4-4-4-12)    -     Motherboard:  Dell Inc. 53 °C     -     Graphics:  Plug and Play Monitor (1280x720@60Hz)
Storage:  74GB SAMSUNG HM080HI (SATA) 36 °C     -     Optical Drives:  TSSTcorp CDRW/DVD TSL462C     -     Audio:  SigmaTel High Definition Audio CODEC
PAE Enabled - Installation Date: 3/20/2009     -     Plug and Play Monitor (1280x720@60Hz)     -     Intel Mobile Intel 945GM Express Chipset Family (Dell)
 

#12 brigg

brigg
  • Topic Starter

  • Members
  • 457 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:24 AM

Posted 25 December 2012 - 12:17 PM

HI -

I'm still in Safe mode and am doing the downloading on another computer.
The Kapersky showed four options (not two) - I had them typed in here but I accidentally cleared it. It's gone now.
The last one required a reboot so I left it unchecked. It's running now, 14 threats so far.

Other stuff - I did do the delete. I reran the RK and it found nothing this time. New log below.
Also, that was the entire Gmer log. There was only the one item found ("device") in the Rootkit tab.

==================================================================================================================================

RogueKiller V8.4.1 [Dec 24 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Safe mode with network support
User : Administrator [Admin rights]
Mode : Scan -- Date : 12/25/2012 10:57:34

Bad processes : 0

Registry Entries : 0

Particular Files / Folders:

Driver : [NOT LOADED]

HOSTS File:
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


MBR Check:

+++++ PhysicalDrive0: FUJITSU MHT2040AH +++++
--- User ---
[MBR] 627c0f161f4568f4f07849e7471c10da
[BSP] c046c74d87941a5c403954eec365505d : Legit3 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38154 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[3]_S_12252012_02d1057.txt >>
RKreport[1]_S_12252012_02d1008.txt ; RKreport[2]_D_12252012_02d1010.txt ; RKreport[3]_S_12252012_02d1057.txt

Kansas City Mo area - Central time zone 

Dell D620 Laptop    -   Operating System:  Windows XP Professional 32-bit SP3     -     CPU:  Intel Core Duo T2300E @ 1.66GHz 51 °C     -  Yonah 65nm Technology

RAM:  1.00GB Dual-Channel DDR2 @ 267MHz (4-4-4-12)    -     Motherboard:  Dell Inc. 53 °C     -     Graphics:  Plug and Play Monitor (1280x720@60Hz)
Storage:  74GB SAMSUNG HM080HI (SATA) 36 °C     -     Optical Drives:  TSSTcorp CDRW/DVD TSL462C     -     Audio:  SigmaTel High Definition Audio CODEC
PAE Enabled - Installation Date: 3/20/2009     -     Plug and Play Monitor (1280x720@60Hz)     -     Intel Mobile Intel 945GM Express Chipset Family (Dell)
 

#13 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:01:24 AM

Posted 25 December 2012 - 12:29 PM

Are you still in safemode because you cannot get anything to run in normal mode?

When TDSSKiller, MBAM, and adwCleaner are finished, post the logs and let me know how the computer is running in normal mode. :thumbup2:

bloopie

#14 brigg

brigg
  • Topic Starter

  • Members
  • 457 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:24 AM

Posted 25 December 2012 - 12:53 PM

I'm still in Safe mode with networking.

Kapersky found a bunch of threats (14 or so)
I selected Continue but did not see the thing about Reboot that you said I would see.
I rescanned, and it found a bunch (14 threats). Again, only option is to Continue and then complete. I never saw REboot. I manually rebooted (turned off for one minute) and re-ran it.
"Boot Sectors" was the additional item I selected from the Menu of Four (not two) options.
It found 14 items again.
They all said "Skip", I hit Continue and got "Suspicious objects were found"
14 threats.
And then the only option is to Close or Start Scan. I Closed.

I'm running a quick scan in Malwarebytes now. The instructions you link to are for a full scan, not a quick scan as you request. The database updated automatically.


========================================================================================================================================
Here is the newest log from Kapersky
11:31:51.0984 0752 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:31:52.0828 0752 ============================================================
11:31:52.0828 0752 Current date / time: 2012/12/25 11:31:52.0828
11:31:52.0828 0752 SystemInfo:
11:31:52.0828 0752
11:31:52.0828 0752 OS Version: 5.1.2600 ServicePack: 3.0
11:31:52.0828 0752 Product type: Workstation
11:31:52.0828 0752 ComputerName: D610
11:31:52.0828 0752 UserName: Administrator
11:31:52.0828 0752 Windows directory: C:\WINDOWS
11:31:52.0828 0752 System windows directory: C:\WINDOWS
11:31:52.0828 0752 Processor architecture: Intel x86
11:31:52.0828 0752 Number of processors: 1
11:31:52.0828 0752 Page size: 0x1000
11:31:52.0828 0752 Boot type: Safe boot with network
11:31:52.0828 0752 ============================================================
11:31:57.0375 0752 Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:31:57.0390 0752 ============================================================
11:31:57.0390 0752 \Device\Harddisk0\DR0:
11:31:57.0390 0752 MBR partitions:
11:31:57.0390 0752 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
11:31:57.0390 0752 ============================================================
11:31:57.0421 0752 C: <-> \Device\Harddisk0\DR0\Partition1
11:31:57.0421 0752 ============================================================
11:31:57.0421 0752 Initialize success
11:31:57.0421 0752 ============================================================
11:32:16.0093 1204 ============================================================
11:32:16.0093 1204 Scan started
11:32:16.0093 1204 Mode: Manual; SigCheck; TDLFS;
11:32:16.0093 1204 ============================================================
11:32:17.0156 1204 ================ Scan system memory ========================
11:32:17.0156 1204 System memory - ok
11:32:17.0156 1204 ================ Scan services =============================
11:32:17.0359 1204 [ 567E7867277A727E23DDEA1F463C216C ] a2free c:\program files\a-squared free\a2service.exe
11:32:19.0500 1204 a2free ( UnsignedFile.Multi.Generic ) - warning
11:32:19.0500 1204 a2free - detected UnsignedFile.Multi.Generic (1)
11:32:19.0718 1204 [ 31A8AB3DEB93E3D90717AD8FB0974C3F ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
11:32:20.0093 1204 Aavmker4 - ok
11:32:20.0140 1204 Abiosdsk - ok
11:32:20.0171 1204 abp480n5 - ok
11:32:20.0265 1204 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:32:23.0812 1204 ACPI - ok
11:32:23.0875 1204 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:32:24.0265 1204 ACPIEC - ok
11:32:24.0281 1204 adpu160m - ok
11:32:24.0437 1204 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:32:24.0875 1204 aec - ok
11:32:24.0937 1204 [ 375EB0B97E3950ADEF3633C27A82438B ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
11:32:24.0968 1204 AegisP ( UnsignedFile.Multi.Generic ) - warning
11:32:24.0968 1204 AegisP - detected UnsignedFile.Multi.Generic (1)
11:32:25.0093 1204 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:32:25.0375 1204 AFD - ok
11:32:25.0390 1204 Aha154x - ok
11:32:25.0421 1204 aic78u2 - ok
11:32:25.0453 1204 aic78xx - ok
11:32:25.0562 1204 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:32:25.0906 1204 Alerter - ok
11:32:25.0968 1204 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
11:32:26.0343 1204 ALG - ok
11:32:26.0359 1204 AliIde - ok
11:32:26.0390 1204 amsint - ok
11:32:26.0531 1204 [ 090880E9BF20F928BC341F96D27C019E ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
11:32:26.0640 1204 ApfiltrService - ok
11:32:26.0718 1204 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:32:27.0078 1204 AppMgmt - ok
11:32:27.0171 1204 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:32:27.0531 1204 Arp1394 - ok
11:32:27.0578 1204 asc - ok
11:32:27.0609 1204 asc3350p - ok
11:32:27.0640 1204 asc3550 - ok
11:32:27.0843 1204 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:32:27.0953 1204 aspnet_state - ok
11:32:27.0984 1204 aswFsBlk - ok
11:32:28.0093 1204 [ 1ACA2B7EFE91CA68CEED9C904ED3310D ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
11:32:28.0125 1204 aswMon2 - ok
11:32:28.0171 1204 [ CC40B9C301AF5D145713B2764EEC3907 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
11:32:28.0218 1204 aswRdr - ok
11:32:28.0265 1204 [ 67DB88B01FC1D815968230458814EB8D ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
11:32:28.0328 1204 aswSP - ok
11:32:28.0375 1204 [ EC8EF1CE2D6CA1071BE8B7888FFA48C0 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
11:32:28.0406 1204 aswTdi - ok
11:32:28.0468 1204 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:32:28.0828 1204 AsyncMac - ok
11:32:28.0875 1204 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:32:29.0234 1204 atapi - ok
11:32:29.0281 1204 Atdisk - ok
11:32:29.0375 1204 [ DFEA480EE09BDEB7F51244900170E173 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
11:32:29.0484 1204 Ati HotKey Poller - ok
11:32:29.0609 1204 [ 2A6C99CFDC23C9C26D0E30B1C99748D4 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:32:29.0843 1204 ati2mtag - ok
11:32:29.0906 1204 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:32:30.0234 1204 Atmarpc - ok
11:32:30.0312 1204 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:32:30.0671 1204 AudioSrv - ok
11:32:30.0734 1204 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:32:31.0093 1204 audstub - ok
11:32:31.0250 1204 [ 61D3B90C1600165110470502835FB646 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
11:32:31.0281 1204 avast! Antivirus - ok
11:32:31.0312 1204 [ 61D3B90C1600165110470502835FB646 ] avast! Mail Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
11:32:31.0343 1204 avast! Mail Scanner - ok
11:32:31.0390 1204 [ 61D3B90C1600165110470502835FB646 ] avast! Web Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
11:32:31.0437 1204 avast! Web Scanner - ok
11:32:31.0546 1204 [ 2ACF06176B9D011567D7F25B83DDD066 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
11:32:31.0625 1204 b57w2k - ok
11:32:31.0843 1204 [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
11:32:32.0109 1204 BCM43XX - ok
11:32:32.0218 1204 [ 78123F44BE9E4768852A3A017E02D637 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
11:32:32.0281 1204 bcm4sbxp - ok
11:32:32.0390 1204 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:32:32.0734 1204 Beep - ok
11:32:32.0812 1204 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
11:32:33.0296 1204 BITS - ok
11:32:33.0390 1204 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:32:33.0453 1204 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
11:32:33.0453 1204 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
11:32:33.0531 1204 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
11:32:33.0671 1204 Browser - ok
11:32:33.0859 1204 catchme - ok
11:32:33.0953 1204 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:32:34.0296 1204 cbidf2k - ok
11:32:34.0359 1204 cd20xrnt - ok
11:32:34.0437 1204 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:32:34.0828 1204 Cdaudio - ok
11:32:34.0875 1204 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:32:35.0218 1204 Cdfs - ok
11:32:35.0281 1204 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:32:35.0640 1204 Cdrom - ok
11:32:35.0671 1204 Changer - ok
11:32:35.0765 1204 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:32:36.0109 1204 CiSvc - ok
11:32:36.0171 1204 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:32:36.0531 1204 ClipSrv - ok
11:32:36.0609 1204 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:32:36.0765 1204 clr_optimization_v2.0.50727_32 - ok
11:32:36.0812 1204 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:32:37.0171 1204 CmBatt - ok
11:32:37.0203 1204 CmdIde - ok
11:32:37.0265 1204 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:32:37.0625 1204 Compbatt - ok
11:32:37.0656 1204 COMSysApp - ok
11:32:37.0718 1204 Cpqarray - ok
11:32:37.0781 1204 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:32:38.0109 1204 CryptSvc - ok
11:32:38.0125 1204 dac2w2k - ok
11:32:38.0140 1204 dac960nt - ok
11:32:38.0250 1204 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:32:38.0421 1204 DcomLaunch - ok
11:32:38.0500 1204 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:32:38.0875 1204 Dhcp - ok
11:32:38.0921 1204 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:32:39.0296 1204 Disk - ok
11:32:39.0312 1204 dmadmin - ok
11:32:39.0406 1204 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:32:39.0875 1204 dmboot - ok
11:32:39.0921 1204 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:32:40.0312 1204 dmio - ok
11:32:40.0390 1204 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:32:40.0765 1204 dmload - ok
11:32:40.0812 1204 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:32:41.0156 1204 dmserver - ok
11:32:41.0218 1204 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:32:41.0578 1204 DMusic - ok
11:32:41.0640 1204 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:32:41.0843 1204 Dnscache - ok
11:32:41.0953 1204 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:32:42.0312 1204 Dot3svc - ok
11:32:42.0406 1204 [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] Dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
11:32:42.0765 1204 Dot4 - ok
11:32:42.0828 1204 [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
11:32:43.0218 1204 Dot4Print - ok
11:32:43.0250 1204 dpti2o - ok
11:32:43.0359 1204 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:32:43.0703 1204 drmkaud - ok
11:32:43.0765 1204 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:32:44.0109 1204 EapHost - ok
11:32:44.0187 1204 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:32:44.0515 1204 ERSvc - ok
11:32:44.0609 1204 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
11:32:44.0718 1204 Eventlog - ok
11:32:44.0812 1204 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
11:32:44.0906 1204 EventSystem - ok
11:32:45.0046 1204 [ 788C72B145C75A7EE5F5D6A32542D912 ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
11:32:45.0140 1204 EvtEng ( UnsignedFile.Multi.Generic ) - warning
11:32:45.0140 1204 EvtEng - detected UnsignedFile.Multi.Generic (1)
11:32:45.0187 1204 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:32:45.0562 1204 Fastfat - ok
11:32:45.0656 1204 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:32:45.0812 1204 FastUserSwitchingCompatibility - ok
11:32:45.0875 1204 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
11:32:46.0203 1204 Fdc - ok
11:32:46.0234 1204 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:32:46.0593 1204 Fips - ok
11:32:46.0828 1204 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:32:46.0953 1204 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
11:32:46.0953 1204 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
11:32:47.0156 1204 [ B8602C90D3C427D8A86CE60437615CF5 ] FlipShare Service C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
11:32:47.0234 1204 FlipShare Service - ok
11:32:47.0484 1204 [ AC5FB7094F31534594CAE48306972CBD ] FlipShareServer C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
11:32:47.0640 1204 FlipShareServer ( UnsignedFile.Multi.Generic ) - warning
11:32:47.0640 1204 FlipShareServer - detected UnsignedFile.Multi.Generic (1)
11:32:47.0703 1204 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
11:32:48.0062 1204 Flpydisk - ok
11:32:48.0140 1204 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:32:48.0515 1204 FltMgr - ok
11:32:48.0656 1204 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:32:48.0687 1204 FontCache3.0.0.0 - ok
11:32:48.0750 1204 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:32:49.0125 1204 Fs_Rec - ok
11:32:49.0187 1204 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:32:49.0546 1204 Ftdisk - ok
11:32:49.0640 1204 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:32:49.0671 1204 GEARAspiWDM - ok
11:32:49.0750 1204 [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
11:32:49.0781 1204 getPlusHelper - ok
11:32:49.0843 1204 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:32:50.0203 1204 Gpc - ok
11:32:50.0265 1204 [ B6B1F53F585B41091EB3586F8297A379 ] GTIPCI21 C:\WINDOWS\system32\DRIVERS\gtipci21.sys
11:32:50.0359 1204 GTIPCI21 - ok
11:32:50.0578 1204 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:32:50.0609 1204 gupdate - ok
11:32:50.0656 1204 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:32:50.0687 1204 gupdatem - ok
11:32:50.0718 1204 HidServ - ok
11:32:50.0812 1204 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:32:51.0156 1204 hkmsvc - ok
11:32:51.0171 1204 hpn - ok
11:32:51.0265 1204 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:32:51.0625 1204 HPZid412 - ok
11:32:51.0734 1204 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
11:32:51.0828 1204 HPZipr12 - ok
11:32:51.0890 1204 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:32:52.0046 1204 HPZius12 - ok
11:32:52.0109 1204 [ A84BBBDD125D370593004F6429F8445C ] HSFHWICH C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
11:32:52.0218 1204 HSFHWICH - ok
11:32:52.0390 1204 [ B678FA91CF4A1C19B462D8DB04CD02AB ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS
11:32:52.0531 1204 HSF_DPV - ok
11:32:52.0656 1204 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:32:52.0765 1204 HTTP - ok
11:32:52.0812 1204 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:32:53.0187 1204 HTTPFilter - ok
11:32:53.0234 1204 i2omgmt - ok
11:32:53.0265 1204 i2omp - ok
11:32:53.0359 1204 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:32:53.0718 1204 i8042prt - ok
11:32:53.0890 1204 [ 643162FBC619E35D3F1A90A095A5BB42 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
11:32:54.0140 1204 ialm - ok
11:32:54.0328 1204 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:32:54.0468 1204 idsvc - ok
11:32:54.0531 1204 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:32:54.0906 1204 Imapi - ok
11:32:54.0968 1204 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:32:55.0312 1204 ImapiService - ok
11:32:55.0343 1204 ini910u - ok
11:32:55.0406 1204 IntelIde - ok
11:32:55.0468 1204 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:32:55.0796 1204 intelppm - ok
11:32:55.0859 1204 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
11:32:56.0218 1204 ip6fw - ok
11:32:56.0312 1204 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:32:56.0687 1204 IpFilterDriver - ok
11:32:56.0750 1204 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:32:57.0093 1204 IpInIp - ok
11:32:57.0171 1204 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:32:57.0515 1204 IpNat - ok
11:32:57.0593 1204 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:32:57.0937 1204 IPSec - ok
11:32:57.0984 1204 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:32:58.0328 1204 IRENUM - ok
11:32:58.0406 1204 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:32:58.0765 1204 isapnp - ok
11:32:58.0968 1204 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
11:32:59.0015 1204 JavaQuickStarterService - ok
11:32:59.0078 1204 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:32:59.0421 1204 Kbdclass - ok
11:32:59.0468 1204 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:32:59.0843 1204 kmixer - ok
11:32:59.0937 1204 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:33:00.0078 1204 KSecDD - ok
11:33:00.0140 1204 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:33:00.0250 1204 lanmanserver - ok
11:33:00.0312 1204 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:33:00.0421 1204 lanmanworkstation - ok
11:33:00.0453 1204 lbrtfdc - ok
11:33:00.0546 1204 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:33:00.0890 1204 LmHosts - ok
11:33:00.0968 1204 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
11:33:01.0046 1204 mdmxsdk - ok
11:33:01.0109 1204 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:33:01.0453 1204 Messenger - ok
11:33:01.0593 1204 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
11:33:01.0625 1204 Microsoft Office Groove Audit Service - ok
11:33:01.0734 1204 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:33:02.0109 1204 mnmdd - ok
11:33:02.0171 1204 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
11:33:02.0500 1204 mnmsrvc - ok
11:33:02.0562 1204 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:33:02.0906 1204 Modem - ok
11:33:02.0953 1204 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:33:03.0328 1204 Mouclass - ok
11:33:03.0375 1204 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:33:03.0718 1204 MountMgr - ok
11:33:03.0828 1204 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:33:03.0875 1204 MozillaMaintenance - ok
11:33:03.0921 1204 mraid35x - ok
11:33:03.0984 1204 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:33:04.0343 1204 MRxDAV - ok
11:33:04.0453 1204 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:33:04.0609 1204 MRxSmb - ok
11:33:04.0687 1204 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
11:33:05.0015 1204 MSDTC - ok
11:33:05.0046 1204 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:33:05.0437 1204 Msfs - ok
11:33:05.0453 1204 MSIServer - ok
11:33:05.0484 1204 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:33:05.0843 1204 MSKSSRV - ok
11:33:05.0906 1204 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:33:06.0265 1204 MSPCLOCK - ok
11:33:06.0328 1204 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:33:06.0671 1204 MSPQM - ok
11:33:06.0718 1204 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:33:07.0031 1204 mssmbios - ok
11:33:07.0109 1204 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:33:07.0203 1204 Mup - ok
11:33:07.0265 1204 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:33:07.0640 1204 napagent - ok
11:33:07.0718 1204 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:33:08.0078 1204 NDIS - ok
11:33:08.0187 1204 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:33:08.0281 1204 NdisTapi - ok
11:33:08.0312 1204 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:33:08.0640 1204 Ndisuio - ok
11:33:08.0687 1204 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:33:09.0031 1204 NdisWan - ok
11:33:09.0125 1204 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:33:09.0218 1204 NDProxy - ok
11:33:09.0312 1204 [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
11:33:09.0343 1204 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:33:09.0343 1204 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:33:09.0390 1204 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:33:09.0734 1204 NetBIOS - ok
11:33:09.0812 1204 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:33:10.0187 1204 NetBT - ok
11:33:10.0281 1204 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
11:33:10.0640 1204 NetDDE - ok
11:33:10.0656 1204 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:33:11.0015 1204 NetDDEdsdm - ok
11:33:11.0078 1204 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:33:11.0421 1204 Netlogon - ok
11:33:11.0484 1204 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
11:33:11.0828 1204 Netman - ok
11:33:11.0906 1204 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:33:11.0953 1204 NetTcpPortSharing - ok
11:33:12.0015 1204 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:33:12.0359 1204 NIC1394 - ok
11:33:12.0453 1204 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
11:33:12.0546 1204 Nla - ok
11:33:12.0609 1204 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:33:12.0984 1204 Npfs - ok
11:33:13.0078 1204 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:33:13.0468 1204 Ntfs - ok
11:33:13.0500 1204 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
11:33:13.0843 1204 NtLmSsp - ok
11:33:13.0937 1204 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:33:14.0359 1204 NtmsSvc - ok
11:33:14.0406 1204 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:33:14.0796 1204 Null - ok
11:33:14.0890 1204 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:33:15.0265 1204 NwlnkFlt - ok
11:33:15.0343 1204 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:33:15.0703 1204 NwlnkFwd - ok
11:33:15.0921 1204 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:33:16.0015 1204 odserv - ok
11:33:16.0062 1204 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:33:16.0406 1204 ohci1394 - ok
11:33:16.0484 1204 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:33:16.0546 1204 ose - ok
11:33:16.0625 1204 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:33:16.0953 1204 Parport - ok
11:33:17.0015 1204 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:33:17.0359 1204 PartMgr - ok
11:33:17.0437 1204 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:33:17.0812 1204 ParVdm - ok
11:33:17.0859 1204 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:33:18.0187 1204 PCI - ok
11:33:18.0218 1204 PCIDump - ok
11:33:18.0296 1204 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:33:18.0656 1204 PCIIde - ok
11:33:18.0734 1204 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:33:19.0078 1204 Pcmcia - ok
11:33:19.0171 1204 [ 167B2FEA66DDE6925766D1A81A1AFFC0 ] PCTCore C:\WINDOWS\system32\drivers\PCTCore.sys
11:33:19.0234 1204 PCTCore - ok
11:33:19.0250 1204 PDCOMP - ok
11:33:19.0281 1204 PDFRAME - ok
11:33:19.0312 1204 PDRELI - ok
11:33:19.0343 1204 PDRFRAME - ok
11:33:19.0375 1204 perc2 - ok
11:33:19.0406 1204 perc2hib - ok
11:33:19.0671 1204 [ F042EE4C8D66248D9B86DCF52ABAE416 ] PEVSystemStart C:\ComboFix\pev.3XE
11:33:19.0765 1204 PEVSystemStart ( UnsignedFile.Multi.Generic ) - warning
11:33:19.0765 1204 PEVSystemStart - detected UnsignedFile.Multi.Generic (1)
11:33:19.0859 1204 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
11:33:19.0890 1204 PlugPlay - ok
11:33:19.0953 1204 [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
11:33:20.0015 1204 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:33:20.0015 1204 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:33:20.0078 1204 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:33:20.0406 1204 PolicyAgent - ok
11:33:20.0468 1204 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:33:20.0812 1204 PptpMiniport - ok
11:33:20.0875 1204 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
11:33:21.0218 1204 Processor - ok
11:33:21.0250 1204 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:33:21.0578 1204 ProtectedStorage - ok
11:33:21.0656 1204 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:33:22.0000 1204 PSched - ok
11:33:22.0078 1204 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:33:22.0468 1204 Ptilink - ok
11:33:22.0484 1204 ql1080 - ok
11:33:22.0515 1204 Ql10wnt - ok
11:33:22.0562 1204 ql12160 - ok
11:33:22.0593 1204 ql1240 - ok
11:33:22.0625 1204 ql1280 - ok
11:33:22.0703 1204 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:33:23.0046 1204 RasAcd - ok
11:33:23.0125 1204 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:33:23.0484 1204 RasAuto - ok
11:33:23.0531 1204 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:33:23.0875 1204 Rasl2tp - ok
11:33:23.0937 1204 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:33:24.0296 1204 RasMan - ok
11:33:24.0359 1204 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:33:24.0671 1204 RasPppoe - ok
11:33:24.0734 1204 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:33:25.0093 1204 Raspti - ok
11:33:25.0187 1204 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:33:25.0562 1204 Rdbss - ok
11:33:25.0656 1204 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:33:26.0015 1204 RDPCDD - ok
11:33:26.0109 1204 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:33:26.0468 1204 rdpdr - ok
11:33:26.0609 1204 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:33:26.0703 1204 RDPWD - ok
11:33:26.0781 1204 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:33:27.0140 1204 RDSessMgr - ok
11:33:27.0218 1204 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:33:27.0562 1204 redbook - ok
11:33:27.0640 1204 [ D8894ACEFE1A607DE7D0E628285BFFF4 ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
11:33:27.0718 1204 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
11:33:27.0718 1204 RegSrvc - detected UnsignedFile.Multi.Generic (1)
11:33:27.0796 1204 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:33:28.0156 1204 RemoteAccess - ok
11:33:28.0250 1204 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:33:28.0625 1204 RemoteRegistry - ok
11:33:28.0687 1204 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
11:33:29.0015 1204 RpcLocator - ok
11:33:29.0078 1204 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
11:33:29.0125 1204 RpcSs - ok
11:33:29.0203 1204 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
11:33:29.0562 1204 RSVP - ok
11:33:29.0656 1204 [ C17C3A529CE14012F9731A6E264C1911 ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
11:33:29.0781 1204 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
11:33:29.0781 1204 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
11:33:29.0843 1204 [ DAEF68FC328342D219DE928C8EE610B2 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
11:33:29.0859 1204 s24trans ( UnsignedFile.Multi.Generic ) - warning
11:33:29.0859 1204 s24trans - detected UnsignedFile.Multi.Generic (1)
11:33:29.0890 1204 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
11:33:30.0218 1204 SamSs - ok
11:33:30.0312 1204 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:33:30.0687 1204 SCardSvr - ok
11:33:30.0734 1204 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:33:31.0109 1204 Schedule - ok
11:33:31.0203 1204 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:33:31.0546 1204 Secdrv - ok
11:33:31.0640 1204 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:33:32.0015 1204 seclogon - ok
11:33:32.0109 1204 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
11:33:32.0453 1204 SENS - ok
11:33:32.0546 1204 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
11:33:32.0890 1204 serenum - ok
11:33:32.0937 1204 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
11:33:33.0281 1204 Serial - ok
11:33:33.0421 1204 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:33:33.0765 1204 Sfloppy - ok
11:33:33.0843 1204 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:33:34.0218 1204 SharedAccess - ok
11:33:34.0281 1204 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:33:34.0328 1204 ShellHWDetection - ok
11:33:34.0359 1204 Simbad - ok
11:33:34.0484 1204 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\program files\skype\Updater\Updater.exe
11:33:34.0515 1204 SkypeUpdate - ok
11:33:34.0562 1204 Sparrow - ok
11:33:34.0640 1204 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:33:34.0968 1204 splitter - ok
11:33:35.0031 1204 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:33:35.0093 1204 Spooler - ok
11:33:35.0140 1204 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:33:35.0484 1204 sr - ok
11:33:35.0562 1204 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
11:33:35.0906 1204 srservice - ok
11:33:36.0015 1204 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:33:36.0156 1204 Srv - ok
11:33:36.0234 1204 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:33:36.0593 1204 SSDPSRV - ok
11:33:36.0671 1204 [ 305CC42945A713347F978D78566113F3 ] STAC97 C:\WINDOWS\system32\drivers\STAC97.sys
11:33:36.0796 1204 STAC97 - ok
11:33:36.0875 1204 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:33:37.0296 1204 stisvc - ok
11:33:37.0375 1204 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:33:37.0734 1204 swenum - ok
11:33:37.0828 1204 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:33:38.0187 1204 swmidi - ok
11:33:38.0203 1204 SwPrv - ok
11:33:38.0250 1204 symc810 - ok
11:33:38.0281 1204 symc8xx - ok
11:33:38.0328 1204 sym_hi - ok
11:33:38.0359 1204 sym_u3 - ok
11:33:38.0406 1204 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:33:38.0734 1204 sysaudio - ok
11:33:38.0812 1204 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:33:39.0156 1204 SysmonLog - ok
11:33:39.0203 1204 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:33:39.0546 1204 TapiSrv - ok
11:33:39.0625 1204 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:33:39.0750 1204 Tcpip - ok
11:33:39.0843 1204 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:33:40.0187 1204 TDPIPE - ok
11:33:40.0234 1204 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:33:40.0562 1204 TDTCP - ok
11:33:40.0593 1204 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:33:40.0921 1204 TermDD - ok
11:33:40.0968 1204 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
11:33:41.0359 1204 TermService - ok
11:33:41.0406 1204 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
11:33:41.0453 1204 Themes - ok
11:33:41.0500 1204 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
11:33:41.0875 1204 TlntSvr - ok
11:33:41.0906 1204 TosIde - ok
11:33:42.0000 1204 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:33:42.0359 1204 TrkWks - ok
11:33:42.0437 1204 [ 81532F3628F8ACC80FD1264095960C3A ] TrueSight C:\WINDOWS\system32\drivers\TrueSight.sys
11:33:42.0468 1204 TrueSight ( UnsignedFile.Multi.Generic ) - warning
11:33:42.0468 1204 TrueSight - detected UnsignedFile.Multi.Generic (1)
11:33:42.0546 1204 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:33:42.0890 1204 Udfs - ok
11:33:42.0921 1204 UIUSys - ok
11:33:42.0953 1204 ultra - ok
11:33:43.0062 1204 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:33:43.0484 1204 Update - ok
11:33:43.0531 1204 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:33:43.0890 1204 upnphost - ok
11:33:43.0953 1204 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
11:33:44.0312 1204 UPS - ok
11:33:44.0375 1204 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:33:44.0703 1204 usbccgp - ok
11:33:44.0750 1204 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:33:45.0093 1204 usbehci - ok
11:33:45.0171 1204 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:33:45.0531 1204 usbhub - ok
11:33:45.0625 1204 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:33:45.0968 1204 usbprint - ok
11:33:46.0015 1204 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:33:46.0343 1204 usbscan - ok
11:33:46.0375 1204 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:33:46.0734 1204 USBSTOR - ok
11:33:46.0765 1204 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:33:47.0109 1204 usbuhci - ok
11:33:47.0203 1204 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:33:47.0515 1204 VgaSave - ok
11:33:47.0531 1204 ViaIde - ok
11:33:47.0593 1204 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:33:47.0937 1204 VolSnap - ok
11:33:48.0015 1204 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
11:33:48.0406 1204 VSS - ok
11:33:48.0593 1204 [ 5BB5E2C30D920CA172DB3AB5B0D42F43 ] w29n51 C:\WINDOWS\system32\DRIVERS\w29n51.sys
11:33:48.0921 1204 w29n51 - ok
11:33:48.0968 1204 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
11:33:49.0343 1204 W32Time - ok
11:33:49.0437 1204 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:33:49.0796 1204 Wanarp - ok
11:33:49.0828 1204 WDICA - ok
11:33:49.0890 1204 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:33:50.0234 1204 wdmaud - ok
11:33:50.0312 1204 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:33:50.0671 1204 WebClient - ok
11:33:50.0859 1204 [ 0C5B9CF1BDF998750D9C5EEB5F8C55AC ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
11:33:50.0953 1204 winachsf - ok
11:33:51.0046 1204 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:33:51.0375 1204 winmgmt - ok
11:33:51.0500 1204 [ 22516ED8E0D89323D4E0D9CCC2848819 ] WLANKEEPER C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
11:33:51.0562 1204 WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning
11:33:51.0562 1204 WLANKEEPER - detected UnsignedFile.Multi.Generic (1)
11:33:51.0828 1204 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:33:52.0078 1204 wlidsvc - ok
11:33:52.0093 1204 wltrysvc - ok
11:33:52.0156 1204 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
11:33:52.0484 1204 WmdmPmSN - ok
11:33:52.0593 1204 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
11:33:52.0750 1204 Wmi - ok
11:33:52.0859 1204 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
11:33:53.0203 1204 WmiApSrv - ok
11:33:53.0281 1204 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:33:53.0640 1204 WS2IFSL - ok
11:33:53.0703 1204 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:33:54.0046 1204 wscsvc - ok
11:33:54.0109 1204 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:33:54.0500 1204 wuauserv - ok
11:33:54.0578 1204 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:33:55.0000 1204 WZCSVC - ok
11:33:55.0046 1204 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:33:55.0484 1204 xmlprov - ok
11:33:55.0656 1204 ================ Scan global ===============================
11:33:55.0734 1204 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:33:55.0828 1204 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:33:55.0890 1204 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:33:55.0937 1204 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
11:33:55.0953 1204 [Global] - ok
11:33:55.0953 1204 ================ Scan MBR ==================================
11:33:56.0000 1204 [ 5F8B5082F3482CC06B72EC5806598AE9 ] \Device\Harddisk0\DR0
11:33:56.0250 1204 \Device\Harddisk0\DR0 - ok
11:33:56.0265 1204 ================ Scan VBR ==================================
11:33:56.0281 1204 [ 9241770DD836927CFA4462E88873DCED ] \Device\Harddisk0\DR0\Partition1
11:33:56.0281 1204 \Device\Harddisk0\DR0\Partition1 - ok
11:33:56.0296 1204 ============================================================
11:33:56.0296 1204 Scan finished
11:33:56.0296 1204 ============================================================
11:33:56.0453 1196 Detected object count: 14
11:33:56.0453 1196 Actual detected object count: 14
11:35:36.0765 1196 a2free ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:36.0765 1196 a2free ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:36.0765 1196 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:36.0765 1196 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:36.0765 1196 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:36.0781 1196 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:36.0781 1196 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:36.0781 1196 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:36.0796 1196 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:36.0796 1196 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:36.0812 1196 FlipShareServer ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:36.0812 1196 FlipShareServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:36.0828 1196 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:36.0828 1196 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:36.0843 1196 PEVSystemStart ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:36.0843 1196 PEVSystemStart ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:36.0859 1196 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:36.0859 1196 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:36.0875 1196 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:36.0875 1196 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:36.0890 1196 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:36.0890 1196 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:36.0890 1196 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:36.0890 1196 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:36.0906 1196 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:36.0906 1196 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:36.0921 1196 WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:36.0921 1196 WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:37:07.0421 0748 Deinitialize success

Kansas City Mo area - Central time zone 

Dell D620 Laptop    -   Operating System:  Windows XP Professional 32-bit SP3     -     CPU:  Intel Core Duo T2300E @ 1.66GHz 51 °C     -  Yonah 65nm Technology

RAM:  1.00GB Dual-Channel DDR2 @ 267MHz (4-4-4-12)    -     Motherboard:  Dell Inc. 53 °C     -     Graphics:  Plug and Play Monitor (1280x720@60Hz)
Storage:  74GB SAMSUNG HM080HI (SATA) 36 °C     -     Optical Drives:  TSSTcorp CDRW/DVD TSL462C     -     Audio:  SigmaTel High Definition Audio CODEC
PAE Enabled - Installation Date: 3/20/2009     -     Plug and Play Monitor (1280x720@60Hz)     -     Intel Mobile Intel 945GM Express Chipset Family (Dell)
 

#15 brigg

brigg
  • Topic Starter

  • Members
  • 457 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:24 AM

Posted 25 December 2012 - 01:00 PM

I was in Safe Mode because everything seemed so jacked up.
I did a quick scan in Safe Mode - it found 6 items. I removed them following the instructions on the screen.
I restarted to normal mode and am followeing the instructions in your most recent post from the beginning.
I'll post those logs when I'm done (I hope I can make it all the way through!)

Kansas City Mo area - Central time zone 

Dell D620 Laptop    -   Operating System:  Windows XP Professional 32-bit SP3     -     CPU:  Intel Core Duo T2300E @ 1.66GHz 51 °C     -  Yonah 65nm Technology

RAM:  1.00GB Dual-Channel DDR2 @ 267MHz (4-4-4-12)    -     Motherboard:  Dell Inc. 53 °C     -     Graphics:  Plug and Play Monitor (1280x720@60Hz)
Storage:  74GB SAMSUNG HM080HI (SATA) 36 °C     -     Optical Drives:  TSSTcorp CDRW/DVD TSL462C     -     Audio:  SigmaTel High Definition Audio CODEC
PAE Enabled - Installation Date: 3/20/2009     -     Plug and Play Monitor (1280x720@60Hz)     -     Intel Mobile Intel 945GM Express Chipset Family (Dell)
 




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users