Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think i'm infected. I think I know I am.


  • This topic is locked This topic is locked
16 replies to this topic

#1 marteny

marteny

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 12 January 2012 - 10:25 AM

I started out a couple of days ago having an annoying fake virus alert pop up on my computer. It disrupted all tasks on the computer with annoying boxes and redirection of the web browser. It had apparenty disabled Security Essentials. I now realize the Defender firewall is under its control as well.

What I did was to attempt to run Malwarebytes, but it would not let it run. I used a small program I have to stop some known malware processes. It popped up saying it had stopped 4 processes. I ran Malwarebytes (latest version) and it claimed to have deleted them. I had to uninstall Security Essentials and reinstall to get it to work again.

Today I noted the desktop icon was missing for Security Essentials. It was still listed with all the programs and still worked. I noticed the Defender firewall was not listed. I searched C:, found it (greyed out) and tried to start it up. The program is turned off box popped up, click here to turn it on. This pops up:

The specified service does not exist as an installed service. (Error Code 0x80070424)

I started going through a checklist to go about turning this firewall back on, and the computer blinked and shut down. When I restarted, I ran the small Rkill again and it terminated 3 processes. So now I am asking for help. *Help!(please)* -Marteny

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:48 AM

Posted 12 January 2012 - 10:28 AM

Can you post the logs from Malwarebytes?

#3 marteny

marteny
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 12 January 2012 - 10:30 AM

I forgot: Windows 7 Home Premium

#4 marteny

marteny
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 12 January 2012 - 10:36 AM

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.08.04

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Marty :: MARTY-PC [administrator]

1/12/2012 8:30:59 AM
mbam-log-2012-01-12 (08-30-59).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 175326
Time elapsed: 3 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#5 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:48 AM

Posted 12 January 2012 - 10:43 AM

You did not do anything unless that is a log after the infections were removed.

Can you run a complete scan?

#6 marteny

marteny
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 12 January 2012 - 11:42 AM

I have 2 logs- This is the first log (now that I found out where they are) from 1-8-2012 next log I just ran in next post

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.08.04

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Marty :: MARTY-PC [administrator]

1/8/2012 6:00:44 PM
mbam-log-2012-01-08 (18-00-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 175255
Time elapsed: 2 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| (Hijack.StartMenuInternet) -> Bad: ("C:\Users\Marty\AppData\Local\shh.exe" -a "C:\Program Files (x86)\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and repaired successfully.

Folders Detected: 1
C:\Program Files (x86)\Object (PUP.FCTPlugin) -> Quarantined and deleted successfully.

Files Detected: 6
C:\$Recycle.Bin\S-1-5-21-2562295627-109835281-1119266754-1001\$RKPEL0K.exe (Spyware.Agent) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-2562295627-109835281-1119266754-1001\$RRTHZCE.exe (Spyware.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\status.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\config.ini (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\enable.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Object\status2.txt (PUP.FCTPlugin) -> Quarantined and deleted successfully.

(end)

#7 marteny

marteny
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 12 January 2012 - 11:44 AM

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.08.04

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Marty :: MARTY-PC [administrator]

1/12/2012 8:45:04 AM
mbam-log-2012-01-12 (08-45-04).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 323442
Time elapsed: 50 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Z0 - MP3 Converter (Adware.Agent) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files (x86)\FoxTabAudioConverter\Uninstall\Uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.

(end)

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:48 AM

Posted 12 January 2012 - 07:29 PM

Skip malwarebytes:

Hello,

And welcome to BleepingComputer.com, before we can assist you with your question of: Am I infected? You will need to perform the following tasks and post the logs of each if you can.

Please download and run Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Malwarebytes Anti-Malware

NOTEMalwarebytes is now offering a free trial of their program, if you want to accept it you will need to enter some billing information, so that at the end of the trial you would be charged the cost of the product. Please decline this offer, if you are unable to provide billing information. If you want to try it out, then provide the billing information.

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


SUPERAntiSpyware:

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are unchecked (leave all others checked):
    • Ignore files larger then 4mb
    • Ignore non-executable files

    Now Perform the scan with SUPERAntiSpyware as follows:
    • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes" and reboot normally.
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.[list]
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

SAS Portable
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.

#9 marteny

marteny
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 12 January 2012 - 10:44 PM

Results of screen317's Security Check version 0.99.30
Windows 7 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 26
Java version out of date!
Adobe Reader X 10.1.0 Adobe Reader out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
Microsoft Security Client Antimalware NisSrv.exe
``````````End of Log````````````

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/12/2012 at 07:44 PM

Application Version : 5.0.1142

Core Rules Database Version : 8131
Trace Rules Database Version: 5943

Scan type : Complete Scan
Total Scan Time : 00:52:12

Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC On - Limited User

Memory items scanned : 478
Memory threats detected : 0
Registry items scanned : 70982
Registry threats detected : 5
File items scanned : 110133
File threats detected : 3

Adware.Zugo
(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D425283-D487-4337-BAB6-AB8354A81457}
(x86) HKU\S-1-5-21-2562295627-109835281-1119266754-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
(x86) HKLM\Software\Microsoft\Internet Explorer\Toolbar#{9D425283-D487-4337-BAB6-AB8354A81457}
(x86) HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}
(x86) HKU\S-1-5-21-2562295627-109835281-1119266754-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{9D425283-D487-4337-BAB6-AB8354A81457}
C:\PROGRAM FILES (X86)\SEARCH TOOLBAR\SEARCHTOOLBAR.DLL

Adware.Tracking Cookie
ad.insightexpressai.com [ C:\USERS\MARTY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\V6NK4ZT6 ]
secure-uk.imrworldwide.com [ C:\USERS\MARTY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\V6NK4ZT6 ]

GMER Says it found nothing.

#10 marteny

marteny
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 12 January 2012 - 10:45 PM

let me retry to save the gmer log.

#11 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:48 AM

Posted 12 January 2012 - 11:47 PM

Please download and run TDSS Killer, and if it asks you to fix anything then PLEASE DO NOT FIX ANYTHING post the resulting log that is generated in c:\

#12 marteny

marteny
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 13 January 2012 - 01:26 AM

23:22:21.0823 2336 TDSS rootkit removing tool 2.7.0.0 Jan 10 2012 09:14:26
23:22:22.0291 2336 ============================================================
23:22:22.0291 2336 Current date / time: 2012/01/12 23:22:22.0291
23:22:22.0291 2336 SystemInfo:
23:22:22.0291 2336
23:22:22.0291 2336 OS Version: 6.1.7600 ServicePack: 0.0
23:22:22.0291 2336 Product type: Workstation
23:22:22.0291 2336 ComputerName: MARTY-PC
23:22:22.0291 2336 UserName: Marty
23:22:22.0291 2336 Windows directory: C:\windows
23:22:22.0291 2336 System windows directory: C:\windows
23:22:22.0291 2336 Running under WOW64
23:22:22.0291 2336 Processor architecture: Intel x64
23:22:22.0291 2336 Number of processors: 1
23:22:22.0291 2336 Page size: 0x1000
23:22:22.0291 2336 Boot type: Normal boot
23:22:22.0291 2336 ============================================================
23:22:23.0134 2336 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000, SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000040
23:22:23.0181 2336 Initialize success
23:22:36.0815 1888 ============================================================
23:22:36.0815 1888 Scan started
23:22:36.0815 1888 Mode: Manual;
23:22:36.0815 1888 ============================================================
23:22:37.0267 1888 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\windows\system32\DRIVERS\1394ohci.sys
23:22:37.0267 1888 1394ohci - ok
23:22:37.0314 1888 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys
23:22:37.0314 1888 ACPI - ok
23:22:37.0345 1888 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
23:22:37.0345 1888 AcpiPmi - ok
23:22:37.0392 1888 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
23:22:37.0408 1888 adp94xx - ok
23:22:37.0439 1888 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
23:22:37.0439 1888 adpahci - ok
23:22:37.0470 1888 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
23:22:37.0470 1888 adpu320 - ok
23:22:37.0579 1888 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\windows\system32\drivers\afd.sys
23:22:37.0595 1888 AFD - ok
23:22:37.0642 1888 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
23:22:37.0642 1888 agp440 - ok
23:22:37.0673 1888 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
23:22:37.0673 1888 aliide - ok
23:22:37.0704 1888 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
23:22:37.0704 1888 amdide - ok
23:22:37.0767 1888 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
23:22:37.0767 1888 AmdK8 - ok
23:22:37.0798 1888 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
23:22:37.0798 1888 AmdPPM - ok
23:22:37.0860 1888 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys
23:22:37.0860 1888 amdsata - ok
23:22:37.0891 1888 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
23:22:37.0907 1888 amdsbs - ok
23:22:37.0938 1888 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys
23:22:37.0938 1888 amdxata - ok
23:22:37.0969 1888 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
23:22:37.0969 1888 AppID - ok
23:22:38.0032 1888 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
23:22:38.0032 1888 arc - ok
23:22:38.0063 1888 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
23:22:38.0063 1888 arcsas - ok
23:22:38.0094 1888 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
23:22:38.0094 1888 AsyncMac - ok
23:22:38.0141 1888 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
23:22:38.0141 1888 atapi - ok
23:22:38.0235 1888 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
23:22:38.0250 1888 b06bdrv - ok
23:22:38.0297 1888 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
23:22:38.0297 1888 b57nd60a - ok
23:22:38.0344 1888 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
23:22:38.0344 1888 Beep - ok
23:22:38.0406 1888 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
23:22:38.0406 1888 blbdrive - ok
23:22:38.0453 1888 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys
23:22:38.0453 1888 bowser - ok
23:22:38.0484 1888 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
23:22:38.0484 1888 BrFiltLo - ok
23:22:38.0515 1888 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
23:22:38.0515 1888 BrFiltUp - ok
23:22:38.0547 1888 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
23:22:38.0562 1888 Brserid - ok
23:22:38.0593 1888 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
23:22:38.0593 1888 BrSerWdm - ok
23:22:38.0625 1888 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
23:22:38.0640 1888 BrUsbMdm - ok
23:22:38.0656 1888 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
23:22:38.0671 1888 BrUsbSer - ok
23:22:38.0687 1888 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
23:22:38.0703 1888 BTHMODEM - ok
23:22:38.0734 1888 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
23:22:38.0749 1888 cdfs - ok
23:22:38.0781 1888 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
23:22:38.0781 1888 cdrom - ok
23:22:38.0827 1888 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
23:22:38.0827 1888 circlass - ok
23:22:38.0874 1888 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
23:22:38.0874 1888 CLFS - ok
23:22:38.0968 1888 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
23:22:38.0968 1888 CmBatt - ok
23:22:38.0999 1888 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
23:22:38.0999 1888 cmdide - ok
23:22:39.0046 1888 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\windows\system32\Drivers\cng.sys
23:22:39.0046 1888 CNG - ok
23:22:39.0077 1888 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
23:22:39.0077 1888 Compbatt - ok
23:22:39.0108 1888 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
23:22:39.0124 1888 CompositeBus - ok
23:22:39.0155 1888 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
23:22:39.0171 1888 crcdisk - ok
23:22:39.0249 1888 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys
23:22:39.0249 1888 DfsC - ok
23:22:39.0280 1888 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
23:22:39.0280 1888 discache - ok
23:22:39.0327 1888 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
23:22:39.0327 1888 Disk - ok
23:22:39.0389 1888 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
23:22:39.0389 1888 drmkaud - ok
23:22:39.0436 1888 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\windows\System32\drivers\dxgkrnl.sys
23:22:39.0451 1888 DXGKrnl - ok
23:22:39.0576 1888 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
23:22:39.0685 1888 ebdrv - ok
23:22:39.0748 1888 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
23:22:39.0748 1888 elxstor - ok
23:22:39.0779 1888 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
23:22:39.0779 1888 ErrDev - ok
23:22:39.0826 1888 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
23:22:39.0826 1888 exfat - ok
23:22:39.0857 1888 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
23:22:39.0857 1888 fastfat - ok
23:22:39.0904 1888 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
23:22:39.0904 1888 fdc - ok
23:22:39.0951 1888 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
23:22:39.0951 1888 FileInfo - ok
23:22:39.0997 1888 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
23:22:39.0997 1888 Filetrace - ok
23:22:40.0029 1888 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
23:22:40.0044 1888 flpydisk - ok
23:22:40.0075 1888 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
23:22:40.0075 1888 FltMgr - ok
23:22:40.0122 1888 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
23:22:40.0122 1888 FsDepends - ok
23:22:40.0153 1888 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
23:22:40.0153 1888 Fs_Rec - ok
23:22:40.0200 1888 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys
23:22:40.0200 1888 fvevol - ok
23:22:40.0231 1888 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
23:22:40.0231 1888 gagp30kx - ok
23:22:40.0356 1888 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
23:22:40.0356 1888 hcw85cir - ok
23:22:40.0387 1888 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
23:22:40.0387 1888 HdAudAddService - ok
23:22:40.0434 1888 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
23:22:40.0434 1888 HDAudBus - ok
23:22:40.0465 1888 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
23:22:40.0465 1888 HidBatt - ok
23:22:40.0497 1888 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
23:22:40.0497 1888 HidBth - ok
23:22:40.0528 1888 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
23:22:40.0528 1888 HidIr - ok
23:22:40.0590 1888 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
23:22:40.0590 1888 HidUsb - ok
23:22:40.0653 1888 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
23:22:40.0653 1888 HpSAMD - ok
23:22:40.0699 1888 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
23:22:40.0699 1888 HTTP - ok
23:22:40.0731 1888 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
23:22:40.0731 1888 hwpolicy - ok
23:22:40.0777 1888 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
23:22:40.0777 1888 i8042prt - ok
23:22:40.0840 1888 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys
23:22:40.0840 1888 iaStorV - ok
23:22:40.0887 1888 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
23:22:40.0902 1888 iirsp - ok
23:22:40.0996 1888 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\windows\system32\drivers\RTKVHD64.sys
23:22:41.0011 1888 IntcAzAudAddService - ok
23:22:41.0043 1888 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
23:22:41.0043 1888 intelide - ok
23:22:41.0074 1888 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
23:22:41.0089 1888 intelppm - ok
23:22:41.0152 1888 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
23:22:41.0152 1888 IpFilterDriver - ok
23:22:41.0199 1888 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
23:22:41.0199 1888 IPMIDRV - ok
23:22:41.0230 1888 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
23:22:41.0230 1888 IPNAT - ok
23:22:41.0277 1888 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
23:22:41.0277 1888 IRENUM - ok
23:22:41.0308 1888 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
23:22:41.0308 1888 isapnp - ok
23:22:41.0355 1888 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
23:22:41.0370 1888 iScsiPrt - ok
23:22:41.0401 1888 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
23:22:41.0401 1888 kbdclass - ok
23:22:41.0433 1888 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
23:22:41.0433 1888 kbdhid - ok
23:22:41.0464 1888 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\windows\system32\Drivers\ksecdd.sys
23:22:41.0464 1888 KSecDD - ok
23:22:41.0511 1888 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\windows\system32\Drivers\ksecpkg.sys
23:22:41.0511 1888 KSecPkg - ok
23:22:41.0542 1888 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
23:22:41.0542 1888 ksthunk - ok
23:22:41.0620 1888 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
23:22:41.0620 1888 lltdio - ok
23:22:41.0698 1888 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
23:22:41.0698 1888 LSI_FC - ok
23:22:41.0729 1888 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
23:22:41.0729 1888 LSI_SAS - ok
23:22:41.0760 1888 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
23:22:41.0776 1888 LSI_SAS2 - ok
23:22:41.0807 1888 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
23:22:41.0807 1888 LSI_SCSI - ok
23:22:41.0838 1888 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
23:22:41.0838 1888 luafv - ok
23:22:41.0869 1888 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
23:22:41.0885 1888 megasas - ok
23:22:41.0901 1888 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
23:22:41.0916 1888 MegaSR - ok
23:22:41.0963 1888 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
23:22:41.0963 1888 Modem - ok
23:22:41.0994 1888 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
23:22:41.0994 1888 monitor - ok
23:22:42.0041 1888 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
23:22:42.0041 1888 mouclass - ok
23:22:42.0072 1888 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
23:22:42.0072 1888 mouhid - ok
23:22:42.0103 1888 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
23:22:42.0103 1888 mountmgr - ok
23:22:42.0166 1888 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\windows\system32\DRIVERS\MpFilter.sys
23:22:42.0166 1888 MpFilter - ok
23:22:42.0197 1888 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
23:22:42.0213 1888 mpio - ok
23:22:42.0244 1888 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\windows\system32\DRIVERS\MpNWMon.sys
23:22:42.0244 1888 MpNWMon - ok
23:22:42.0275 1888 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
23:22:42.0275 1888 mpsdrv - ok
23:22:42.0306 1888 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
23:22:42.0322 1888 MRxDAV - ok
23:22:42.0353 1888 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys
23:22:42.0369 1888 mrxsmb - ok
23:22:42.0415 1888 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys
23:22:42.0415 1888 mrxsmb10 - ok
23:22:42.0447 1888 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys
23:22:42.0447 1888 mrxsmb20 - ok
23:22:42.0493 1888 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys
23:22:42.0493 1888 msahci - ok
23:22:42.0525 1888 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
23:22:42.0525 1888 msdsm - ok
23:22:42.0587 1888 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
23:22:42.0587 1888 Msfs - ok
23:22:42.0634 1888 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
23:22:42.0634 1888 mshidkmdf - ok
23:22:42.0681 1888 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
23:22:42.0681 1888 msisadrv - ok
23:22:42.0743 1888 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
23:22:42.0743 1888 MSKSSRV - ok
23:22:42.0790 1888 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
23:22:42.0790 1888 MSPCLOCK - ok
23:22:42.0805 1888 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
23:22:42.0805 1888 MSPQM - ok
23:22:42.0868 1888 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
23:22:42.0868 1888 MsRPC - ok
23:22:42.0899 1888 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
23:22:42.0899 1888 mssmbios - ok
23:22:42.0946 1888 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
23:22:42.0946 1888 MSTEE - ok
23:22:42.0977 1888 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
23:22:42.0977 1888 MTConfig - ok
23:22:43.0008 1888 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
23:22:43.0008 1888 Mup - ok
23:22:43.0055 1888 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
23:22:43.0055 1888 NativeWifiP - ok
23:22:43.0117 1888 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys
23:22:43.0133 1888 NDIS - ok
23:22:43.0164 1888 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
23:22:43.0164 1888 NdisCap - ok
23:22:43.0211 1888 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
23:22:43.0211 1888 NdisTapi - ok
23:22:43.0242 1888 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys
23:22:43.0242 1888 Ndisuio - ok
23:22:43.0273 1888 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys
23:22:43.0273 1888 NdisWan - ok
23:22:43.0305 1888 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
23:22:43.0305 1888 NDProxy - ok
23:22:43.0351 1888 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
23:22:43.0351 1888 NetBIOS - ok
23:22:43.0398 1888 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys
23:22:43.0398 1888 NetBT - ok
23:22:43.0523 1888 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
23:22:43.0523 1888 nfrd960 - ok
23:22:43.0585 1888 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\windows\system32\DRIVERS\NisDrvWFP.sys
23:22:43.0585 1888 NisDrv - ok
23:22:43.0632 1888 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
23:22:43.0632 1888 Npfs - ok
23:22:43.0679 1888 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
23:22:43.0679 1888 nsiproxy - ok
23:22:43.0773 1888 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys
23:22:43.0819 1888 Ntfs - ok
23:22:43.0835 1888 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
23:22:43.0851 1888 Null - ok
23:22:43.0882 1888 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\windows\system32\DRIVERS\nvm62x64.sys
23:22:43.0897 1888 NVENETFD - ok
23:22:44.0272 1888 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\windows\system32\DRIVERS\nvlddmkm.sys
23:22:44.0381 1888 nvlddmkm - ok
23:22:44.0428 1888 NVNET (0ad267a4674805b61a5d7b911d2a978a) C:\windows\system32\DRIVERS\nvmf6264.sys
23:22:44.0428 1888 NVNET - ok
23:22:44.0490 1888 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys
23:22:44.0490 1888 nvraid - ok
23:22:44.0521 1888 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys
23:22:44.0521 1888 nvstor - ok
23:22:44.0568 1888 nvstor64 (7c7eef51979658ce15bbc04f96a77d56) C:\windows\system32\DRIVERS\nvstor64.sys
23:22:44.0568 1888 nvstor64 - ok
23:22:44.0615 1888 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys
23:22:44.0615 1888 nv_agp - ok
23:22:44.0662 1888 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
23:22:44.0662 1888 ohci1394 - ok
23:22:44.0709 1888 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
23:22:44.0709 1888 Parport - ok
23:22:44.0740 1888 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys
23:22:44.0740 1888 partmgr - ok
23:22:44.0771 1888 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys
23:22:44.0771 1888 pci - ok
23:22:44.0802 1888 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
23:22:44.0802 1888 pciide - ok
23:22:44.0833 1888 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
23:22:44.0833 1888 pcmcia - ok
23:22:44.0865 1888 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
23:22:44.0865 1888 pcw - ok
23:22:44.0896 1888 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
23:22:44.0911 1888 PEAUTH - ok
23:22:45.0052 1888 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
23:22:45.0052 1888 PptpMiniport - ok
23:22:45.0099 1888 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
23:22:45.0099 1888 Processor - ok
23:22:45.0145 1888 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
23:22:45.0145 1888 Psched - ok
23:22:45.0208 1888 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
23:22:45.0239 1888 ql2300 - ok
23:22:45.0270 1888 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
23:22:45.0270 1888 ql40xx - ok
23:22:45.0317 1888 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
23:22:45.0317 1888 QWAVEdrv - ok
23:22:45.0348 1888 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
23:22:45.0348 1888 RasAcd - ok
23:22:45.0379 1888 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
23:22:45.0379 1888 RasAgileVpn - ok
23:22:45.0411 1888 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
23:22:45.0426 1888 Rasl2tp - ok
23:22:45.0457 1888 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
23:22:45.0457 1888 RasPppoe - ok
23:22:45.0489 1888 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
23:22:45.0489 1888 RasSstp - ok
23:22:45.0520 1888 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
23:22:45.0520 1888 rdbss - ok
23:22:45.0551 1888 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
23:22:45.0551 1888 rdpbus - ok
23:22:45.0582 1888 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
23:22:45.0582 1888 RDPCDD - ok
23:22:45.0629 1888 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
23:22:45.0629 1888 RDPENCDD - ok
23:22:45.0645 1888 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
23:22:45.0660 1888 RDPREFMP - ok
23:22:45.0691 1888 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys
23:22:45.0691 1888 RDPWD - ok
23:22:45.0723 1888 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys
23:22:45.0738 1888 rdyboost - ok
23:22:45.0816 1888 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
23:22:45.0816 1888 rspndr - ok
23:22:45.0894 1888 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
23:22:45.0894 1888 SASDIFSV - ok
23:22:45.0957 1888 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
23:22:45.0957 1888 SASKUTIL - ok
23:22:45.0988 1888 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
23:22:45.0988 1888 sbp2port - ok
23:22:46.0035 1888 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
23:22:46.0035 1888 scfilter - ok
23:22:46.0097 1888 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
23:22:46.0097 1888 secdrv - ok
23:22:46.0144 1888 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
23:22:46.0159 1888 Serenum - ok
23:22:46.0191 1888 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
23:22:46.0191 1888 Serial - ok
23:22:46.0222 1888 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
23:22:46.0222 1888 sermouse - ok
23:22:46.0284 1888 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
23:22:46.0300 1888 sffdisk - ok
23:22:46.0315 1888 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
23:22:46.0331 1888 sffp_mmc - ok
23:22:46.0347 1888 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys
23:22:46.0362 1888 sffp_sd - ok
23:22:46.0378 1888 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
23:22:46.0393 1888 sfloppy - ok
23:22:46.0440 1888 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
23:22:46.0440 1888 SiSRaid2 - ok
23:22:46.0471 1888 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
23:22:46.0471 1888 SiSRaid4 - ok
23:22:46.0503 1888 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
23:22:46.0503 1888 Smb - ok
23:22:46.0565 1888 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
23:22:46.0565 1888 spldr - ok
23:22:46.0643 1888 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys
23:22:46.0643 1888 srv - ok
23:22:46.0737 1888 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys
23:22:46.0768 1888 srv2 - ok
23:22:46.0908 1888 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys
23:22:46.0908 1888 srvnet - ok
23:22:47.0002 1888 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
23:22:47.0002 1888 stexstor - ok
23:22:47.0033 1888 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
23:22:47.0033 1888 swenum - ok
23:22:47.0158 1888 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\drivers\tcpip.sys
23:22:47.0205 1888 Tcpip - ok
23:22:47.0267 1888 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\DRIVERS\tcpip.sys
23:22:47.0283 1888 TCPIP6 - ok
23:22:47.0314 1888 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
23:22:47.0314 1888 tcpipreg - ok
23:22:47.0345 1888 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
23:22:47.0345 1888 TDPIPE - ok
23:22:47.0392 1888 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
23:22:47.0392 1888 TDTCP - ok
23:22:47.0423 1888 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
23:22:47.0423 1888 tdx - ok
23:22:47.0454 1888 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
23:22:47.0454 1888 TermDD - ok
23:22:47.0517 1888 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
23:22:47.0517 1888 tssecsrv - ok
23:22:47.0563 1888 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
23:22:47.0563 1888 tunnel - ok
23:22:47.0610 1888 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
23:22:47.0610 1888 uagp35 - ok
23:22:47.0641 1888 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys
23:22:47.0641 1888 udfs - ok
23:22:47.0704 1888 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
23:22:47.0704 1888 uliagpkx - ok
23:22:47.0735 1888 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
23:22:47.0735 1888 umbus - ok
23:22:47.0766 1888 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
23:22:47.0766 1888 UmPass - ok
23:22:47.0844 1888 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\windows\system32\drivers\usbaudio.sys
23:22:47.0844 1888 usbaudio - ok
23:22:47.0891 1888 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\windows\system32\DRIVERS\usbccgp.sys
23:22:47.0891 1888 usbccgp - ok
23:22:47.0938 1888 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
23:22:47.0938 1888 usbcir - ok
23:22:47.0985 1888 usbehci (92969ba5ac44e229c55a332864f79677) C:\windows\system32\DRIVERS\usbehci.sys
23:22:47.0985 1888 usbehci - ok
23:22:48.0016 1888 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\windows\system32\DRIVERS\usbhub.sys
23:22:48.0031 1888 usbhub - ok
23:22:48.0063 1888 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\windows\system32\DRIVERS\usbohci.sys
23:22:48.0063 1888 usbohci - ok
23:22:48.0125 1888 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
23:22:48.0125 1888 usbprint - ok
23:22:48.0172 1888 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
23:22:48.0172 1888 usbscan - ok
23:22:48.0219 1888 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS
23:22:48.0219 1888 USBSTOR - ok
23:22:48.0265 1888 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\windows\system32\drivers\usbuhci.sys
23:22:48.0265 1888 usbuhci - ok
23:22:48.0328 1888 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
23:22:48.0328 1888 vdrvroot - ok
23:22:48.0359 1888 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
23:22:48.0359 1888 vga - ok
23:22:48.0390 1888 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
23:22:48.0390 1888 VgaSave - ok
23:22:48.0437 1888 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
23:22:48.0437 1888 vhdmp - ok
23:22:48.0453 1888 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
23:22:48.0453 1888 viaide - ok
23:22:48.0484 1888 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
23:22:48.0499 1888 volmgr - ok
23:22:48.0515 1888 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
23:22:48.0531 1888 volmgrx - ok
23:22:48.0562 1888 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
23:22:48.0562 1888 volsnap - ok
23:22:48.0609 1888 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
23:22:48.0609 1888 vsmraid - ok
23:22:48.0655 1888 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\System32\drivers\vwifibus.sys
23:22:48.0655 1888 vwifibus - ok
23:22:48.0718 1888 w4shwdrv - ok
23:22:48.0780 1888 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
23:22:48.0780 1888 WacomPen - ok
23:22:48.0843 1888 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
23:22:48.0843 1888 WANARP - ok
23:22:48.0874 1888 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
23:22:48.0874 1888 Wanarpv6 - ok
23:22:48.0936 1888 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
23:22:48.0936 1888 Wd - ok
23:22:48.0999 1888 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
23:22:48.0999 1888 Wdf01000 - ok
23:22:49.0077 1888 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
23:22:49.0077 1888 WfpLwf - ok
23:22:49.0123 1888 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
23:22:49.0123 1888 WIMMount - ok
23:22:49.0233 1888 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
23:22:49.0233 1888 WmiAcpi - ok
23:22:49.0295 1888 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
23:22:49.0295 1888 ws2ifsl - ok
23:22:49.0342 1888 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys
23:22:49.0342 1888 WudfPf - ok
23:22:49.0389 1888 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys
23:22:49.0389 1888 WUDFRd - ok
23:22:49.0435 1888 MBR (0x1B8) (8c9f9e03865c35f0f3829a23cda42f5d) \Device\Harddisk0\DR0
23:22:53.0382 1888 \Device\Harddisk0\DR0 - ok
23:22:53.0413 1888 Boot (0x1200) (9bd5c3b340de1b468b0bc8feb3f4b05e) \Device\Harddisk0\DR0\Partition0
23:22:53.0413 1888 \Device\Harddisk0\DR0\Partition0 - ok
23:22:53.0429 1888 Boot (0x1200) (584ab476d51143070de508a6f37e6601) \Device\Harddisk0\DR0\Partition1
23:22:53.0429 1888 \Device\Harddisk0\DR0\Partition1 - ok
23:22:53.0429 1888 ============================================================
23:22:53.0429 1888 Scan finished
23:22:53.0429 1888 ============================================================
23:22:53.0445 2652 Detected object count: 0
23:22:53.0460 2652 Actual detected object count: 0

#13 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:48 AM

Posted 13 January 2012 - 01:12 PM

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Check "Include All Files" option.
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


#14 marteny

marteny
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 13 January 2012 - 02:35 PM

Farbar Service Scanner
Ran by Marty (administrator) on 13-01-2012 at 12:34:36
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.

mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
===========

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 17:09] - [2009-07-13 18:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll
[2009-07-13 17:09] - [2009-07-13 18:40] - 0703488 ____A (Microsoft Corporation) 4992C609A6315671463E30F6512BC022

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 16:36] - [2009-07-13 18:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe
[2009-07-13 16:39] - [2009-07-13 18:39] - 1598976 ____A (Microsoft Corporation) 787898BF9FB6D7BD87A36E2D95C899BA

C:\Windows\System32\wscsvc.dll
[2011-02-08 19:29] - [2010-12-20 23:16] - 0097280 ____A (Microsoft Corporation) 8F9F3969933C02DA96EB0F84576DB43E

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2009-07-13 17:36] - [2009-07-13 18:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

C:\Windows\System32\qmgr.dll
[2009-07-13 16:46] - [2009-07-13 18:41] - 0848384 ____A (Microsoft Corporation) 7F0C323FE3DA28AA4AA1BDA3F575707F

C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2009-07-13 16:49] - [2009-07-13 18:40] - 0175104 ____A (Microsoft Corporation) 8C57411B66282C01533CB776F98AD384

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#15 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:48 AM

Posted 13 January 2012 - 03:10 PM

Please follow the instructions in ==>Malware Removal and Log Section Preparation Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

Most importantly please be patient till you get a reply to your topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users