Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Remove System Check


  • Please log in to reply
20 replies to this topic

#1 Missj149

Missj149

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:35 AM

Posted 20 January 2012 - 07:32 PM

Please see this guide for System Check Removal:

Remove System Check (Uninstall Guide)


AT the end of last year, I had the Win 7 virus; I followed the instructions on bleepingcomputer and the virus was gone.

On Wednesday, I got a new virus and it began by telling me that I had a hard disk problem and my system completely shut down. Some fake virus scan came up again just like with Win 7. I followed all the steps on bleeping computer regarding Remove System Check. I couldn't find any other topic that matched my problems. I ran rKill, TDSS, Malwarebites, and I uninstalled and installed McAffee so run a scan there. When I ran Malwarebites the first time, it found about 10 Trojans which were removed. When I installed McAffee again, after I thought my computer was free of viruses, I kept getting notifications that the program automatically deleted a Trojan from my computer.

Today, I tried turning on my computer and the entire system failed. I finally got it into Safe Mode with Networking and I ran Malwarebites and rKill again, but no viruses could be found. I'm not sure what exactly is going on - should I try ComboFix?

I'd appreciate any help I could get!!!! THX

Edited by Grinler, 27 January 2012 - 04:26 PM.


BC AdBot (Login to Remove)

 


#2 Jelerak

Jelerak

  • Members
  • 221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Phoenix,AZ, USA temp Dallas, TX
  • Local time:09:35 PM

Posted 20 January 2012 - 08:02 PM

Hello Missj149:

Sounds like you still have some infections. Would go here: http://www.bleepingcomputer.com/forums/topic34773.html and follow the directions.

Good Luck,
Jelerak

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:35 AM

Posted 20 January 2012 - 08:08 PM

Hello and welcome.
I moved this to Am I INfected. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. If needed we will ask for it.

You ran Rkill first?

Post your infected MBAM log please.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

>>>>Use Safe Mode with Networking
Do this again
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.


>>>>
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 Missj149

Missj149
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:35 AM

Posted 21 January 2012 - 03:19 PM

TDSS Killer - didn't need to be rebooted and didn't find any threats. Here are the report contents - Thank you for your help!!!

14:59:24.0803 6984 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
14:59:25.0525 6984 ============================================================
14:59:25.0526 6984 Current date / time: 2012/01/21 14:59:25.0525
14:59:25.0526 6984 SystemInfo:
14:59:25.0526 6984
14:59:25.0526 6984 OS Version: 6.1.7600 ServicePack: 0.0
14:59:25.0526 6984 Product type: Workstation
14:59:25.0526 6984 ComputerName: JUDITH-HP
14:59:25.0527 6984 UserName: Judith
14:59:25.0527 6984 Windows directory: C:\Windows
14:59:25.0527 6984 System windows directory: C:\Windows
14:59:25.0527 6984 Running under WOW64
14:59:25.0527 6984 Processor architecture: Intel x64
14:59:25.0527 6984 Number of processors: 2
14:59:25.0527 6984 Page size: 0x1000
14:59:25.0527 6984 Boot type: Normal boot
14:59:25.0527 6984 ============================================================
14:59:28.0005 6984 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:59:28.0257 6984 Initialize success
14:59:35.0336 5340 ============================================================
14:59:35.0336 5340 Scan started
14:59:35.0336 5340 Mode: Manual;
14:59:35.0336 5340 ============================================================
14:59:36.0637 5340 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
14:59:36.0643 5340 1394ohci - ok
14:59:36.0740 5340 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
14:59:36.0741 5340 Accelerometer - ok
14:59:37.0021 5340 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
14:59:37.0031 5340 ACPI - ok
14:59:37.0122 5340 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
14:59:37.0125 5340 AcpiPmi - ok
14:59:37.0187 5340 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:59:37.0225 5340 adp94xx - ok
14:59:37.0365 5340 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:59:37.0377 5340 adpahci - ok
14:59:37.0430 5340 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:59:37.0438 5340 adpu320 - ok
14:59:37.0612 5340 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
14:59:37.0636 5340 AFD - ok
14:59:37.0745 5340 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
14:59:37.0752 5340 agp440 - ok
14:59:37.0805 5340 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
14:59:37.0814 5340 aliide - ok
14:59:37.0934 5340 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
14:59:37.0937 5340 amdide - ok
14:59:37.0971 5340 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:59:37.0976 5340 AmdK8 - ok
14:59:38.0205 5340 amdkmdag (2e76d0a912ab09ca5586ab23e466a25f) C:\Windows\system32\DRIVERS\atikmdag.sys
14:59:38.0362 5340 amdkmdag - ok
14:59:38.0509 5340 amdkmdap (dd3c0c1b62da0736482501c4bcdcd1f8) C:\Windows\system32\DRIVERS\atikmpag.sys
14:59:38.0602 5340 amdkmdap - ok
14:59:38.0758 5340 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:59:38.0762 5340 AmdPPM - ok
14:59:38.0820 5340 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
14:59:38.0822 5340 amdsata - ok
14:59:38.0855 5340 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:59:38.0867 5340 amdsbs - ok
14:59:38.0885 5340 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
14:59:38.0886 5340 amdxata - ok
14:59:38.0930 5340 AmUStor (37ea167782af19301af9c05804948bb2) C:\Windows\system32\drivers\AmUStor.SYS
14:59:38.0931 5340 AmUStor - ok
14:59:38.0993 5340 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
14:59:39.0000 5340 AppID - ok
14:59:39.0119 5340 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:59:39.0124 5340 arc - ok
14:59:39.0134 5340 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:59:39.0143 5340 arcsas - ok
14:59:39.0182 5340 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:59:39.0187 5340 AsyncMac - ok
14:59:39.0197 5340 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
14:59:39.0197 5340 atapi - ok
14:59:39.0304 5340 athr (40734f3a5eec4c4ac6a1faf10b293714) C:\Windows\system32\DRIVERS\athrx.sys
14:59:39.0362 5340 athr - ok
14:59:39.0583 5340 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
14:59:39.0585 5340 AtiHdmiService - ok
14:59:39.0653 5340 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
14:59:39.0654 5340 AtiPcie - ok
14:59:39.0737 5340 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:59:39.0749 5340 b06bdrv - ok
14:59:39.0790 5340 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:59:39.0799 5340 b57nd60a - ok
14:59:39.0859 5340 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:59:39.0866 5340 Beep - ok
14:59:39.0923 5340 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:59:39.0931 5340 blbdrive - ok
14:59:39.0990 5340 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
14:59:40.0046 5340 bowser - ok
14:59:40.0055 5340 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:59:40.0060 5340 BrFiltLo - ok
14:59:40.0069 5340 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:59:40.0075 5340 BrFiltUp - ok
14:59:40.0147 5340 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
14:59:40.0152 5340 BridgeMP - ok
14:59:40.0196 5340 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:59:40.0205 5340 Brserid - ok
14:59:40.0214 5340 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:59:40.0221 5340 BrSerWdm - ok
14:59:40.0242 5340 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:59:40.0246 5340 BrUsbMdm - ok
14:59:40.0257 5340 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:59:40.0261 5340 BrUsbSer - ok
14:59:40.0285 5340 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
14:59:40.0289 5340 BthEnum - ok
14:59:40.0309 5340 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:59:40.0315 5340 BTHMODEM - ok
14:59:40.0332 5340 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
14:59:40.0336 5340 BthPan - ok
14:59:40.0351 5340 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
14:59:40.0359 5340 BTHPORT - ok
14:59:40.0370 5340 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
14:59:40.0372 5340 BTHUSB - ok
14:59:40.0427 5340 catchme - ok
14:59:40.0458 5340 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:59:40.0469 5340 cdfs - ok
14:59:40.0526 5340 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
14:59:40.0536 5340 cdrom - ok
14:59:40.0696 5340 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
14:59:40.0697 5340 cfwids - ok
14:59:40.0773 5340 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:59:40.0777 5340 circlass - ok
14:59:40.0829 5340 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:59:40.0862 5340 CLFS - ok
14:59:41.0262 5340 clwvd (9573e8c7c3b3d1625fd941841fd0859c) C:\Windows\system32\DRIVERS\clwvd.sys
14:59:41.0263 5340 clwvd - ok
14:59:41.0302 5340 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:59:41.0310 5340 CmBatt - ok
14:59:41.0319 5340 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
14:59:41.0323 5340 cmdide - ok
14:59:41.0387 5340 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
14:59:41.0398 5340 CNG - ok
14:59:41.0451 5340 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:59:41.0457 5340 Compbatt - ok
14:59:41.0488 5340 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
14:59:41.0494 5340 CompositeBus - ok
14:59:41.0511 5340 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:59:41.0514 5340 crcdisk - ok
14:59:41.0686 5340 dc3d (76e02db615a03801d698199a2bc4a06a) C:\Windows\system32\DRIVERS\dc3d.sys
14:59:41.0688 5340 dc3d - ok
14:59:41.0807 5340 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
14:59:41.0894 5340 DfsC - ok
14:59:41.0950 5340 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:59:41.0957 5340 discache - ok
14:59:42.0020 5340 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:59:42.0027 5340 Disk - ok
14:59:42.0133 5340 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:59:42.0139 5340 drmkaud - ok
14:59:42.0155 5340 DVMIO (a298aea9fca253e7eff040a08c7c6376) C:\Windows\system32\DRIVERS\dvmio.sys
14:59:42.0157 5340 DVMIO - ok
14:59:42.0217 5340 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
14:59:42.0361 5340 DXGKrnl - ok
14:59:42.0465 5340 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:59:42.0571 5340 ebdrv - ok
14:59:42.0743 5340 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:59:42.0755 5340 elxstor - ok
14:59:42.0781 5340 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
14:59:42.0787 5340 ErrDev - ok
14:59:42.0824 5340 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:59:42.0833 5340 exfat - ok
14:59:42.0857 5340 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:59:42.0865 5340 fastfat - ok
14:59:42.0916 5340 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:59:42.0921 5340 fdc - ok
14:59:42.0973 5340 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:59:42.0976 5340 FileInfo - ok
14:59:42.0996 5340 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:59:43.0000 5340 Filetrace - ok
14:59:43.0039 5340 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:59:43.0044 5340 flpydisk - ok
14:59:43.0080 5340 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
14:59:43.0089 5340 FltMgr - ok
14:59:43.0141 5340 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:59:43.0150 5340 FsDepends - ok
14:59:43.0176 5340 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:59:43.0186 5340 Fs_Rec - ok
14:59:43.0302 5340 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:59:43.0394 5340 fvevol - ok
14:59:43.0440 5340 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:59:43.0448 5340 gagp30kx - ok
14:59:43.0651 5340 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:59:43.0655 5340 hcw85cir - ok
14:59:43.0715 5340 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
14:59:43.0723 5340 HdAudAddService - ok
14:59:43.0820 5340 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:59:43.0822 5340 HDAudBus - ok
14:59:43.0848 5340 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:59:43.0855 5340 HidBatt - ok
14:59:43.0870 5340 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:59:43.0875 5340 HidBth - ok
14:59:43.0885 5340 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:59:43.0889 5340 HidIr - ok
14:59:43.0937 5340 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
14:59:43.0943 5340 HidUsb - ok
14:59:44.0013 5340 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
14:59:44.0015 5340 hpdskflt - ok
14:59:44.0197 5340 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
14:59:44.0201 5340 HpSAMD - ok
14:59:44.0300 5340 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
14:59:44.0317 5340 HTTP - ok
14:59:44.0340 5340 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
14:59:44.0345 5340 hwpolicy - ok
14:59:44.0398 5340 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
14:59:44.0405 5340 i8042prt - ok
14:59:44.0433 5340 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
14:59:44.0439 5340 iaStorV - ok
14:59:44.0587 5340 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:59:44.0719 5340 igfx - ok
14:59:44.0882 5340 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:59:44.0888 5340 iirsp - ok
14:59:44.0927 5340 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
14:59:44.0931 5340 intelide - ok
14:59:44.0959 5340 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:59:44.0966 5340 intelppm - ok
14:59:45.0027 5340 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:59:45.0033 5340 IpFilterDriver - ok
14:59:45.0084 5340 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:59:45.0091 5340 IPMIDRV - ok
14:59:45.0169 5340 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:59:45.0176 5340 IPNAT - ok
14:59:45.0220 5340 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:59:45.0224 5340 IRENUM - ok
14:59:45.0262 5340 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
14:59:45.0266 5340 isapnp - ok
14:59:45.0284 5340 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
14:59:45.0290 5340 iScsiPrt - ok
14:59:45.0339 5340 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:59:45.0347 5340 kbdclass - ok
14:59:45.0370 5340 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
14:59:45.0373 5340 kbdhid - ok
14:59:45.0515 5340 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
14:59:45.0520 5340 KSecDD - ok
14:59:45.0559 5340 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
14:59:45.0646 5340 KSecPkg - ok
14:59:45.0769 5340 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:59:45.0774 5340 ksthunk - ok
14:59:45.0969 5340 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:59:45.0975 5340 lltdio - ok
14:59:46.0256 5340 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:59:46.0305 5340 LSI_FC - ok
14:59:46.0455 5340 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:59:46.0459 5340 LSI_SAS - ok
14:59:46.0495 5340 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:59:46.0498 5340 LSI_SAS2 - ok
14:59:46.0591 5340 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:59:46.0596 5340 LSI_SCSI - ok
14:59:46.0653 5340 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:59:46.0657 5340 luafv - ok
14:59:46.0935 5340 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:59:46.0942 5340 megasas - ok
14:59:46.0976 5340 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:59:46.0991 5340 MegaSR - ok
14:59:47.0074 5340 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
14:59:47.0077 5340 mfeapfk - ok
14:59:47.0145 5340 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
14:59:47.0149 5340 mfeavfk - ok
14:59:47.0257 5340 mfeavfk01 - ok
14:59:47.0351 5340 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
14:59:47.0357 5340 mfefirek - ok
14:59:47.0479 5340 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
14:59:47.0486 5340 mfehidk - ok
14:59:47.0668 5340 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
14:59:47.0670 5340 mfenlfk - ok
14:59:47.0860 5340 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
14:59:47.0863 5340 mferkdet - ok
14:59:48.0085 5340 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
14:59:48.0089 5340 mfewfpk - ok
14:59:48.0179 5340 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:59:48.0182 5340 Modem - ok
14:59:48.0265 5340 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:59:48.0267 5340 monitor - ok
14:59:48.0293 5340 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:59:48.0299 5340 mouclass - ok
14:59:48.0317 5340 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:59:48.0328 5340 mouhid - ok
14:59:48.0368 5340 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
14:59:48.0374 5340 mountmgr - ok
14:59:48.0425 5340 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
14:59:48.0430 5340 mpio - ok
14:59:48.0560 5340 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:59:48.0567 5340 mpsdrv - ok
14:59:48.0730 5340 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
14:59:48.0736 5340 MRxDAV - ok
14:59:48.0907 5340 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:59:48.0998 5340 mrxsmb - ok
14:59:49.0208 5340 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:59:49.0268 5340 mrxsmb10 - ok
14:59:49.0468 5340 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:59:49.0551 5340 mrxsmb20 - ok
14:59:49.0745 5340 msahci (beb91d6213152c8c0ad875309f3c5494) C:\Windows\system32\DRIVERS\msahci.sys
14:59:49.0747 5340 msahci - ok
14:59:49.0948 5340 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
14:59:49.0955 5340 msdsm - ok
14:59:50.0167 5340 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:59:50.0169 5340 Msfs - ok
14:59:50.0363 5340 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:59:50.0369 5340 mshidkmdf - ok
14:59:50.0569 5340 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
14:59:50.0573 5340 msisadrv - ok
14:59:50.0815 5340 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:59:50.0821 5340 MSKSSRV - ok
14:59:51.0028 5340 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:59:51.0033 5340 MSPCLOCK - ok
14:59:51.0261 5340 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:59:51.0264 5340 MSPQM - ok
14:59:51.0495 5340 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
14:59:51.0506 5340 MsRPC - ok
14:59:51.0706 5340 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
14:59:51.0707 5340 mssmbios - ok
14:59:51.0926 5340 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:59:51.0931 5340 MSTEE - ok
14:59:52.0128 5340 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:59:52.0133 5340 MTConfig - ok
14:59:52.0324 5340 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:59:52.0325 5340 Mup - ok
14:59:52.0557 5340 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:59:52.0568 5340 NativeWifiP - ok
14:59:52.0793 5340 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
14:59:52.0818 5340 NDIS - ok
14:59:53.0012 5340 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:59:53.0019 5340 NdisCap - ok
14:59:53.0212 5340 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:59:53.0216 5340 NdisTapi - ok
14:59:53.0429 5340 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
14:59:53.0434 5340 Ndisuio - ok
14:59:53.0626 5340 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:59:53.0635 5340 NdisWan - ok
14:59:53.0823 5340 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
14:59:53.0826 5340 NDProxy - ok
14:59:54.0037 5340 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:59:54.0043 5340 NetBIOS - ok
14:59:54.0244 5340 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
14:59:54.0249 5340 NetBT - ok
14:59:54.0484 5340 netr28x (b72bb9496a126fcfc7fc5945ded9b411) C:\Windows\system32\DRIVERS\netr28x.sys
14:59:54.0499 5340 netr28x - ok
14:59:54.0842 5340 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
14:59:54.0970 5340 netw5v64 - ok
14:59:55.0181 5340 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:59:55.0185 5340 nfrd960 - ok
14:59:55.0391 5340 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:59:55.0392 5340 Npfs - ok
14:59:55.0571 5340 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:59:55.0575 5340 nsiproxy - ok
14:59:55.0801 5340 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
14:59:55.0836 5340 Ntfs - ok
14:59:56.0017 5340 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:59:56.0024 5340 Null - ok
14:59:56.0264 5340 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
14:59:56.0270 5340 nvraid - ok
14:59:56.0635 5340 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
14:59:56.0663 5340 nvstor - ok
14:59:56.0885 5340 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
14:59:56.0904 5340 nv_agp - ok
14:59:57.0177 5340 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
14:59:57.0187 5340 ohci1394 - ok
14:59:57.0456 5340 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:59:57.0471 5340 Parport - ok
14:59:57.0726 5340 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
14:59:57.0733 5340 partmgr - ok
14:59:57.0969 5340 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
14:59:57.0977 5340 pci - ok
14:59:58.0213 5340 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
14:59:58.0214 5340 pciide - ok
14:59:58.0509 5340 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:59:58.0522 5340 pcmcia - ok
14:59:58.0769 5340 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:59:58.0774 5340 pcw - ok
14:59:59.0071 5340 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:59:59.0111 5340 PEAUTH - ok
14:59:59.0440 5340 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\Windows\system32\DRIVERS\point64.sys
14:59:59.0444 5340 Point64 - ok
14:59:59.0763 5340 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
14:59:59.0783 5340 PptpMiniport - ok
15:00:00.0066 5340 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:00:00.0074 5340 Processor - ok
15:00:00.0309 5340 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
15:00:00.0312 5340 Psched - ok
15:00:00.0624 5340 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:00:00.0743 5340 ql2300 - ok
15:00:01.0020 5340 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:00:01.0029 5340 ql40xx - ok
15:00:01.0252 5340 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:00:01.0258 5340 QWAVEdrv - ok
15:00:01.0548 5340 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:00:01.0557 5340 RasAcd - ok
15:00:01.0824 5340 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:00:01.0829 5340 RasAgileVpn - ok
15:00:02.0102 5340 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:00:02.0110 5340 Rasl2tp - ok
15:00:02.0352 5340 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:00:02.0359 5340 RasPppoe - ok
15:00:02.0627 5340 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:00:02.0633 5340 RasSstp - ok
15:00:02.0913 5340 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
15:00:02.0941 5340 rdbss - ok
15:00:03.0187 5340 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:00:03.0196 5340 rdpbus - ok
15:00:03.0428 5340 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:00:03.0435 5340 RDPCDD - ok
15:00:03.0661 5340 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:00:03.0664 5340 RDPENCDD - ok
15:00:03.0942 5340 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:00:03.0944 5340 RDPREFMP - ok
15:00:04.0142 5340 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
15:00:04.0152 5340 RDPWD - ok
15:00:04.0428 5340 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
15:00:04.0449 5340 rdyboost - ok
15:00:04.0724 5340 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:00:04.0741 5340 RFCOMM - ok
15:00:05.0043 5340 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:00:05.0053 5340 rspndr - ok
15:00:05.0342 5340 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:00:05.0351 5340 RTL8167 - ok
15:00:05.0572 5340 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
15:00:05.0578 5340 sbp2port - ok
15:00:05.0806 5340 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
15:00:05.0813 5340 scfilter - ok
15:00:06.0007 5340 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
15:00:06.0014 5340 sdbus - ok
15:00:06.0220 5340 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:00:06.0228 5340 secdrv - ok
15:00:06.0452 5340 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:00:06.0457 5340 Serenum - ok
15:00:06.0698 5340 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:00:06.0707 5340 Serial - ok
15:00:06.0780 5340 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:00:06.0784 5340 sermouse - ok
15:00:06.0920 5340 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
15:00:06.0928 5340 sffdisk - ok
15:00:06.0942 5340 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:00:06.0950 5340 sffp_mmc - ok
15:00:06.0971 5340 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
15:00:07.0027 5340 sffp_sd - ok
15:00:07.0037 5340 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:00:07.0044 5340 sfloppy - ok
15:00:07.0144 5340 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
15:00:07.0248 5340 Sftfs - ok
15:00:07.0425 5340 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:00:07.0430 5340 Sftplay - ok
15:00:07.0472 5340 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:00:07.0473 5340 Sftredir - ok
15:00:07.0506 5340 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
15:00:07.0507 5340 Sftvol - ok
15:00:07.0724 5340 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:00:07.0729 5340 SiSRaid2 - ok
15:00:07.0815 5340 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:00:07.0829 5340 SiSRaid4 - ok
15:00:08.0027 5340 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:00:08.0036 5340 Smb - ok
15:00:08.0295 5340 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:00:08.0297 5340 spldr - ok
15:00:08.0410 5340 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
15:00:08.0416 5340 srv - ok
15:00:08.0690 5340 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
15:00:08.0792 5340 srv2 - ok
15:00:09.0051 5340 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:00:09.0061 5340 SrvHsfHDA - ok
15:00:09.0515 5340 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:00:09.0617 5340 SrvHsfV92 - ok
15:00:10.0000 5340 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:00:10.0035 5340 SrvHsfWinac - ok
15:00:10.0237 5340 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
15:00:10.0301 5340 srvnet - ok
15:00:10.0570 5340 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:00:10.0581 5340 stexstor - ok
15:00:10.0904 5340 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\Windows\system32\DRIVERS\stwrt64.sys
15:00:10.0914 5340 STHDA - ok
15:00:11.0176 5340 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:00:11.0183 5340 swenum - ok
15:00:11.0427 5340 SynTP (3a706a967295e16511e40842b1a2761d) C:\Windows\system32\DRIVERS\SynTP.sys
15:00:11.0431 5340 SynTP - ok
15:00:11.0699 5340 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
15:00:11.0724 5340 Tcpip - ok
15:00:12.0068 5340 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
15:00:12.0083 5340 TCPIP6 - ok
15:00:12.0316 5340 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
15:00:12.0322 5340 tcpipreg - ok
15:00:12.0505 5340 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:00:12.0512 5340 TDPIPE - ok
15:00:12.0775 5340 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
15:00:12.0779 5340 TDTCP - ok
15:00:12.0993 5340 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
15:00:12.0998 5340 tdx - ok
15:00:13.0181 5340 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
15:00:13.0190 5340 TermDD - ok
15:00:13.0452 5340 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:00:13.0456 5340 tssecsrv - ok
15:00:13.0718 5340 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
15:00:13.0737 5340 tunnel - ok
15:00:13.0993 5340 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:00:14.0003 5340 uagp35 - ok
15:00:14.0229 5340 udfs (c06e6f4679ceb8f430b90a51d76d8d3c) C:\Windows\system32\DRIVERS\udfs.sys
15:00:14.0238 5340 udfs - ok
15:00:14.0493 5340 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
15:00:14.0499 5340 uliagpkx - ok
15:00:14.0750 5340 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
15:00:14.0758 5340 umbus - ok
15:00:14.0961 5340 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:00:14.0967 5340 UmPass - ok
15:00:15.0207 5340 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
15:00:15.0210 5340 usbccgp - ok
15:00:15.0419 5340 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
15:00:15.0425 5340 usbcir - ok
15:00:15.0519 5340 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\DRIVERS\usbehci.sys
15:00:15.0521 5340 usbehci - ok
15:00:15.0775 5340 usbfilter (dc2b306861f42eeeb92ef525f4119f08) C:\Windows\system32\DRIVERS\usbfilter.sys
15:00:15.0777 5340 usbfilter - ok
15:00:16.0014 5340 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
15:00:16.0020 5340 usbhub - ok
15:00:16.0279 5340 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\DRIVERS\usbohci.sys
15:00:16.0282 5340 usbohci - ok
15:00:16.0429 5340 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:00:16.0437 5340 usbprint - ok
15:00:16.0587 5340 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:00:16.0609 5340 USBSTOR - ok
15:00:16.0808 5340 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
15:00:16.0810 5340 usbuhci - ok
15:00:17.0111 5340 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
15:00:17.0251 5340 usbvideo - ok
15:00:17.0583 5340 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
15:00:17.0587 5340 usb_rndisx - ok
15:00:17.0777 5340 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
15:00:17.0779 5340 vdrvroot - ok
15:00:18.0022 5340 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:00:18.0027 5340 vga - ok
15:00:18.0346 5340 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:00:18.0354 5340 VgaSave - ok
15:00:18.0536 5340 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
15:00:18.0546 5340 vhdmp - ok
15:00:18.0891 5340 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
15:00:18.0897 5340 viaide - ok
15:00:19.0048 5340 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
15:00:19.0050 5340 volmgr - ok
15:00:19.0278 5340 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
15:00:19.0291 5340 volmgrx - ok
15:00:19.0589 5340 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
15:00:19.0597 5340 volsnap - ok
15:00:19.0822 5340 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:00:19.0833 5340 vsmraid - ok
15:00:20.0124 5340 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:00:20.0129 5340 vwifibus - ok
15:00:20.0308 5340 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:00:20.0324 5340 vwififlt - ok
15:00:20.0544 5340 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:00:20.0552 5340 WacomPen - ok
15:00:20.0953 5340 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:00:20.0957 5340 WANARP - ok
15:00:20.0981 5340 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:00:20.0984 5340 Wanarpv6 - ok
15:00:21.0299 5340 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:00:21.0314 5340 Wd - ok
15:00:21.0507 5340 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:00:21.0516 5340 Wdf01000 - ok
15:00:21.0796 5340 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:00:21.0799 5340 WfpLwf - ok
15:00:21.0908 5340 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:00:21.0912 5340 WIMMount - ok
15:00:22.0333 5340 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
15:00:22.0339 5340 WinUsb - ok
15:00:22.0723 5340 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:00:22.0735 5340 WmiAcpi - ok
15:00:23.0008 5340 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:00:23.0012 5340 ws2ifsl - ok
15:00:23.0379 5340 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
15:00:23.0394 5340 WSDPrintDevice - ok
15:00:23.0641 5340 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
15:00:23.0660 5340 WudfPf - ok
15:00:23.0900 5340 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:00:23.0907 5340 WUDFRd - ok
15:00:24.0187 5340 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
15:00:24.0215 5340 yukonw7 - ok
15:00:24.0303 5340 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
15:00:24.0669 5340 \Device\Harddisk0\DR0 - ok
15:00:24.0683 5340 Boot (0x1200) (1a5d3feda103555e14175e3a91aa2050) \Device\Harddisk0\DR0\Partition0
15:00:24.0684 5340 \Device\Harddisk0\DR0\Partition0 - ok
15:00:24.0702 5340 Boot (0x1200) (e9b31f9ac1757b08d357a81f6991fd11) \Device\Harddisk0\DR0\Partition1
15:00:24.0703 5340 \Device\Harddisk0\DR0\Partition1 - ok
15:00:24.0767 5340 Boot (0x1200) (6d232b8df0faefbcc8225d47a46aa544) \Device\Harddisk0\DR0\Partition2
15:00:24.0769 5340 \Device\Harddisk0\DR0\Partition2 - ok
15:00:24.0888 5340 Boot (0x1200) (95fb8096a0663b7ec68f55f43882e8dc) \Device\Harddisk0\DR0\Partition3
15:00:24.0952 5340 \Device\Harddisk0\DR0\Partition3 - ok
15:00:24.0956 5340 ============================================================
15:00:24.0957 5340 Scan finished
15:00:24.0957 5340 ============================================================
15:00:24.0979 5336 Detected object count: 0
15:00:24.0979 5336 Actual detected object count: 0

#5 Missj149

Missj149
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:35 AM

Posted 21 January 2012 - 04:00 PM

I didn't have my infected MBAM log anymore, so I ran it again after doing rKill and no infections were found. For some reason my computer seems fine right now, but it is still running slow and when I turned it back on, I still seem to be having hard drive problems. I will scan my computer with ESET online scan now.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:35 AM

Posted 21 January 2012 - 08:26 PM

OK, most likely a Hardware issue . If ESET is clean then you should open a topic in WIN7
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Missj149

Missj149
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:35 AM

Posted 22 January 2012 - 12:12 AM

ESET actually found four issues:

C:\Qoobox\Quarantine\C\Program Files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe.vir Win32/Toolbar.Zugo application deleted - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\StartNow Toolbar\ToOLbar32.dll.vir a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Default\khkbgelgokokdalfhpbiddpbndicfdgi\contentscript.js Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:35 AM

Posted 22 January 2012 - 02:28 PM

You are fortunate the the machine did not shut down whenyou ran ComboFix.. The Tracur infection was etill there. How is it now?

You need to change your passwords as they have been harvested,
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Missj149

Missj149
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:35 AM

Posted 22 January 2012 - 09:47 PM

It seems to be running fine right now. I think when I had my Win7 virus, it was never really fixed, that's why it may have come back. How come my McAffee virus program wasn't able to detect and remove the trojan?

So you suggest that I change my password for any websites I have used while I had the virus?

Thank you again for all your help, this has been extremely helpful.

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:35 AM

Posted 22 January 2012 - 10:03 PM

Yes change them,espcially any banking. It's hard to say why. Most like the script in this infection sliped the downloader in. In other words an infected page.
C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Default\khkbgelgokokdalfhpbiddpbndicfdgi\contentscript.js Win32/TrojanDownloader.Tracur.F trojan
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Missj149

Missj149
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:35 AM

Posted 22 January 2012 - 11:12 PM

Ok, thank you. I just did. Is there anything else I should do or should I be virus free now? I ran McAffee again and it didn't find any infections.

#12 Missj149

Missj149
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:35 AM

Posted 23 January 2012 - 02:23 PM

One last thing, my windows firewall is still down and it continues giving me an error message when I click on "use recommended settings." Do you know how to fix this problem?

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:35 AM

Posted 23 January 2012 - 07:58 PM

Lets see if we can.

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 Missj149

Missj149
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:35 AM

Posted 23 January 2012 - 10:25 PM

Here is the log:

Farbar Service Scanner Version: 18-01-2012 01
Ran by Judith (administrator) on 23-01-2012 at 22:23:38
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.

mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 16:09] - [2009-07-13 17:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll
[2009-07-13 16:09] - [2009-07-13 17:40] - 0703488 ____A (Microsoft Corporation) 4992C609A6315671463E30F6512BC022

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 15:36] - [2009-07-13 17:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe
[2009-07-13 15:39] - [2009-07-13 17:39] - 1598976 ____A (Microsoft Corporation) 787898BF9FB6D7BD87A36E2D95C899BA

C:\Windows\System32\wscsvc.dll
[2011-02-09 09:26] - [2010-12-20 22:16] - 0097280 ____A (Microsoft Corporation) 8F9F3969933C02DA96EB0F84576DB43E

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2009-07-13 16:36] - [2009-07-13 17:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

C:\Windows\System32\qmgr.dll
[2009-07-13 15:46] - [2009-07-13 17:41] - 0848384 ____A (Microsoft Corporation) 7F0C323FE3DA28AA4AA1BDA3F575707F

C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2009-07-13 15:49] - [2009-07-13 17:40] - 0175104 ____A (Microsoft Corporation) 8C57411B66282C01533CB776F98AD384

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:35 AM

Posted 23 January 2012 - 11:24 PM

Hello,,

missing registry keys:

Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking LEGACY_MpsSvc: Attention! Unable to open LEGACY_MpsSvc\0000 registry key. The key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.
Checking LEGACY_bfe: Attention! Unable to open LEGACY_bfe\0000 registry key. The key does not exist.

Unfortunately those keys are computer specific and they can't be transferred from another Vista computer.

You have two choices:
- reinstall Windows
- install 3rd party firewall like Comodo free firewall: http://personalfirewall.comodo.com/free-download.html

Let me know which way you want to go.
I personally use Comodo.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users