Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Exploit:js/Blacole.BW - problem


  • This topic is locked This topic is locked
23 replies to this topic

#1 reggiereg

reggiereg

  • Members
  • 151 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:44 PM

Posted 16 February 2012 - 11:59 AM

Hi all,

I recently received a warning from my security software “Microsoft Security Essentials”, telling me that it had spotted the nasty “Exploit:js/Blacole.BW” to which it had removed the threat.

The file location was “file:C:\Users\Dom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6HFMP1OJ\google_co_uk[1].htm”

I updated all my security software, disabled all the real time protection, re booted in safe mode and proceeded to run scans, to which they found nothing.

Spybot search and destroy
Malwarebytes anti malware
Microsoft security essentials
SUPERAnti spyware – free edition
ESET free online scanner

I updated windows and ran TFC.exe to clear out any temp internet files.

I’m running windows 7, which appears to be running painfully slow now.

I’d appreciate it if someone could check if I’m clean?

Thanks in advance,

Reggie.

BC AdBot (Login to Remove)

 


#2 balon

balon

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Haven, CT
  • Local time:04:44 PM

Posted 16 February 2012 - 12:08 PM

Hi there! Welcome! - A moderator/malware response team person may take over this post at any time.

Lets get started..
 
Download Security Check
-Follow the instructions provided by Security Check
-A log/file with appear, please post the results here

 

Then.. Proceed to

Download aswMBR

Launch it, allow it to download latest Avast virus definitions

Click the Scan button to start the scan.
After scan finishes click on Save log

Post the log results here

 

And Lastly...

Download: Malwarebytes' Anti-Malware (MBAM) to your desktop.

Setup the program, and then make sure you update the virus definitions.
Download and install the latest version and of course any updated, then click on Perform Quick Scan, then click on Scan.

Once the scan is complete hit "OK" then Show Results

Make sure you select all the found viruses and hit Remove Selected.

Post the log here.

 

Please separate your logs by using [h-r] the bbcode for a line; remove the - so it just says hr.

I fully understand you already scanned with these items, but if you can produce logs, it will be much easier to see whats going on..

Edited by Balon, 16 February 2012 - 12:12 PM.


#3 reggiereg

reggiereg
  • Topic Starter

  • Members
  • 151 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:44 PM

Posted 18 February 2012 - 01:16 PM

Hi Balon,

Thanks for your quick responce.

I ran everything in safe mode, as everything, in none safe mode, is now so slow.

The information you asked for is below,

Thanks,

Reggie :wink:

 
aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-18 11:05:24
-----------------------------
11:05:24.159 OS Version: Windows x64 6.1.7600
11:05:24.159 Number of processors: 4 586 0x2505
11:05:24.159 ComputerName: VAIO UserName: Dom
11:05:25.703 Initialize success
11:05:31.585 AVAST engine defs: 12021800
11:05:43.222 The log file has been saved successfully to "C:\Users\Dom\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-18 11:14:39
-----------------------------
11:14:39.082 OS Version: Windows x64 6.1.7600
11:14:39.082 Number of processors: 4 586 0x2505
11:14:39.082 ComputerName: VAIO UserName: Dom
11:14:51.687 Initialize success
11:15:03.200 AVAST engine defs: 12021800
11:15:30.048 The log file has been saved successfully to "C:\Users\Dom\Desktop\aswMBR.txt"

 

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Disabled!
ESET Online Scanner v3
ZoneAlarm Firewall
ZoneAlarm Free
ZoneAlarm Security
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

MVPS Hosts File
CloneSpy 2.61
Spybot - Search & Destroy
Secunia PSI (2.0.0.3003)
Duplicate Cleaner 2.1b
JavaFX 2.0.2
JavaFX 2.0.2 SDK
Java™ 6 Update 27
Java™ 7 Update 2
Java™ SE Development Kit 7 Update 2
Out of date Java installed!
Adobe Reader X (10.1.2)
Mozilla Firefox (x86 en-GB..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Microsoft Security Client Antimalware MsMpEng.exe
CheckPoint ZoneAlarm vsmon.exe
``````````End of Log````````````

 

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.18.03

Windows 7 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Dom :: VAIO [administrator]

18/02/2012 11:27:02
mbam-log-2012-02-18 (11-27-02).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 493349
Time elapsed: 3 hour(s), 41 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Edited by reggiereg, 18 February 2012 - 01:21 PM.


#4 balon

balon

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Haven, CT
  • Local time:04:44 PM

Posted 18 February 2012 - 01:21 PM

Ok; I just would like you to know I see your post and I am going to be instructing new things; Please stay around as I type up the next step of instructions...


Step 4 (Required)

Next..

Download: TDSSkiller

Launch it.

Click on Scan. Please post the LOG report(log will be located in C:\

You can cure all issues; but do NOT delete ANY of them without being advised to do so...

RESTART NOW!

 
Step 5 (Required)

I would like you to use a tool called UVK;

Link removed
That will run many scripts to reset and update things via your PC without having to have trouble.

What You need to do with UVK:
Images Removed
hp://www.carifred.com/uvk/help/welcome_screen.jpg

Click on >Run UVK Scripts

CLICK ON RUN FULL MAINTENANCE SCRIPT AND DELETE THE DEFRAG AND REBOOT OPTIONS...

hp://oi40.tinypic.com/k1dm5i.jpg

Once that is completed back to the MAIN MENU; click on Automatic anti-malware scans
Have it setup like below:

NOTE THAT RUN UVK SYSTEM REPAIR SCRIPT IS ON!!!!!!!! YOU MUST EDIT THAT BEFORE SCANNING (READ BELOW

hp://oi40.tinypic.com/flg5rr.jpg

Click on Repair Script Options

hp://oi43.tinypic.com/vfwlqg.jpg

Then set it up like this...

hp://oi39.tinypic.com/35nc57o.jpg

And then we hit save and click on:

hp://oi40.tinypic.com/30m73fk.jpg

There will be logs produced after every scan; please do NOT forget to post them here!

DO NOT RUN COMBOFIX; THERE IS AN OPTION -- DO NOT RUN IT!

Edited by boopme, 23 February 2012 - 07:45 PM.


#5 reggiereg

reggiereg
  • Topic Starter

  • Members
  • 151 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:44 PM

Posted 19 February 2012 - 06:08 AM

Hi Balon,

STEP 4

as you requested:

 

10:50:06.0755 1928 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
10:50:06.0957 1928 ============================================================
10:50:06.0957 1928 Current date / time: 2012/02/19 10:50:06.0957
10:50:06.0957 1928 SystemInfo:
10:50:06.0957 1928
10:50:06.0957 1928 OS Version: 6.1.7600 ServicePack: 0.0
10:50:06.0957 1928 Product type: Workstation
10:50:06.0957 1928 ComputerName: VAIO
10:50:06.0973 1928 UserName: Dom
10:50:06.0973 1928 Windows directory: C:\Windows
10:50:06.0973 1928 System windows directory: C:\Windows
10:50:06.0973 1928 Running under WOW64
10:50:06.0973 1928 Processor architecture: Intel x64
10:50:06.0973 1928 Number of processors: 4
10:50:06.0973 1928 Page size: 0x1000
10:50:06.0973 1928 Boot type: Safe boot with network
10:50:06.0973 1928 ============================================================
10:50:07.0410 1928 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:50:07.0410 1928 \Device\Harddisk0\DR0:
10:50:07.0410 1928 MBR used
10:50:07.0410 1928 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1AB4000, BlocksNum 0x32000
10:50:07.0410 1928 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1AE6000, BlocksNum 0x3889F830
10:50:07.0457 1928 Initialize success
10:50:07.0457 1928 ============================================================
10:50:09.0781 1684 ============================================================
10:50:09.0781 1684 Scan started
10:50:09.0781 1684 Mode: Manual;
10:50:09.0781 1684 ============================================================
10:50:10.0327 1684 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\Windows\system32\drivers\1394ohci.sys
10:50:10.0343 1684 1394ohci - ok
10:50:10.0389 1684 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
10:50:10.0389 1684 ACPI - ok
10:50:10.0483 1684 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
10:50:10.0483 1684 AcpiPmi - ok
10:50:10.0514 1684 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
10:50:10.0530 1684 adp94xx - ok
10:50:10.0561 1684 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
10:50:10.0577 1684 adpahci - ok
10:50:10.0670 1684 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
10:50:10.0670 1684 adpu320 - ok
10:50:10.0717 1684 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
10:50:10.0733 1684 AFD - ok
10:50:10.0826 1684 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:50:10.0826 1684 agp440 - ok
10:50:10.0857 1684 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:50:10.0857 1684 aliide - ok
10:50:10.0889 1684 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:50:10.0889 1684 amdide - ok
10:50:10.0982 1684 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
10:50:10.0982 1684 AmdK8 - ok
10:50:11.0169 1684 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
10:50:11.0325 1684 amdkmdag - ok
10:50:11.0435 1684 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys
10:50:11.0435 1684 amdkmdap - ok
10:50:11.0466 1684 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
10:50:11.0466 1684 AmdPPM - ok
10:50:11.0575 1684 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
10:50:11.0575 1684 amdsata - ok
10:50:11.0606 1684 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
10:50:11.0622 1684 amdsbs - ok
10:50:11.0700 1684 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
10:50:11.0700 1684 amdxata - ok
10:50:11.0731 1684 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys
10:50:11.0731 1684 ApfiltrService - ok
10:50:11.0778 1684 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
10:50:11.0778 1684 AppID - ok
10:50:11.0856 1684 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
10:50:11.0856 1684 arc - ok
10:50:11.0887 1684 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
10:50:11.0887 1684 arcsas - ok
10:50:11.0934 1684 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
10:50:11.0934 1684 ArcSoftKsUFilter - ok
10:50:12.0012 1684 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:50:12.0012 1684 AsyncMac - ok
10:50:12.0043 1684 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:50:12.0043 1684 atapi - ok
10:50:12.0121 1684 athr (cca705cdf038d5bc243203ce4416b345) C:\Windows\system32\DRIVERS\athrx.sys
10:50:12.0137 1684 athr - ok
10:50:12.0402 1684 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
10:50:12.0433 1684 atikmdag - ok
10:50:12.0542 1684 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
10:50:12.0542 1684 b06bdrv - ok
10:50:12.0589 1684 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:50:12.0589 1684 b57nd60a - ok
10:50:12.0667 1684 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:50:12.0667 1684 Beep - ok
10:50:12.0698 1684 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
10:50:12.0698 1684 blbdrive - ok
10:50:12.0745 1684 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
10:50:12.0745 1684 bowser - ok
10:50:12.0823 1684 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
10:50:12.0823 1684 BrFiltLo - ok
10:50:12.0854 1684 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
10:50:12.0854 1684 BrFiltUp - ok
10:50:12.0917 1684 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:50:12.0917 1684 Brserid - ok
10:50:12.0995 1684 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:50:12.0995 1684 BrSerWdm - ok
10:50:13.0057 1684 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:50:13.0057 1684 BrUsbMdm - ok
10:50:13.0104 1684 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:50:13.0104 1684 BrUsbSer - ok
10:50:13.0197 1684 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
10:50:13.0197 1684 BthEnum - ok
10:50:13.0244 1684 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
10:50:13.0244 1684 BTHMODEM - ok
10:50:13.0260 1684 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
10:50:13.0260 1684 BthPan - ok
10:50:13.0353 1684 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\system32\Drivers\BTHport.sys
10:50:13.0369 1684 BTHPORT - ok
10:50:13.0463 1684 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\system32\Drivers\BTHUSB.sys
10:50:13.0463 1684 BTHUSB - ok
10:50:13.0509 1684 btwampfl (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys
10:50:13.0509 1684 btwampfl - ok
10:50:13.0587 1684 btwaudio (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys
10:50:13.0587 1684 btwaudio - ok
10:50:13.0619 1684 btwavdt (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\drivers\btwavdt.sys
10:50:13.0619 1684 btwavdt - ok
10:50:13.0697 1684 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
10:50:13.0697 1684 btwl2cap - ok
10:50:13.0728 1684 btwrchid (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys
10:50:13.0728 1684 btwrchid - ok
10:50:13.0821 1684 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:50:13.0821 1684 cdfs - ok
10:50:13.0837 1684 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
10:50:13.0837 1684 cdrom - ok
10:50:13.0915 1684 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
10:50:13.0931 1684 circlass - ok
10:50:13.0962 1684 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:50:13.0977 1684 CLFS - ok
10:50:14.0055 1684 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
10:50:14.0055 1684 CmBatt - ok
10:50:14.0102 1684 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:50:14.0102 1684 cmdide - ok
10:50:14.0196 1684 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
10:50:14.0196 1684 CNG - ok
10:50:14.0227 1684 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
10:50:14.0227 1684 Compbatt - ok
10:50:14.0321 1684 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
10:50:14.0321 1684 CompositeBus - ok
10:50:14.0383 1684 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
10:50:14.0383 1684 crcdisk - ok
10:50:14.0492 1684 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
10:50:14.0492 1684 DfsC - ok
10:50:14.0539 1684 dg_ssudbus (388039f99ce8769024ee0438352aca99) C:\Windows\system32\DRIVERS\ssudbus.sys
10:50:14.0539 1684 dg_ssudbus - ok
10:50:14.0633 1684 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:50:14.0633 1684 discache - ok
10:50:14.0664 1684 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
10:50:14.0664 1684 Disk - ok
10:50:14.0757 1684 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:50:14.0757 1684 drmkaud - ok
10:50:14.0804 1684 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
10:50:14.0820 1684 DXGKrnl - ok
10:50:14.0960 1684 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
10:50:15.0007 1684 ebdrv - ok
10:50:15.0116 1684 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
10:50:15.0116 1684 ElbyCDIO - ok
10:50:15.0179 1684 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
10:50:15.0179 1684 elxstor - ok
10:50:15.0257 1684 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:50:15.0257 1684 ErrDev - ok
10:50:15.0303 1684 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:50:15.0303 1684 exfat - ok
10:50:15.0319 1684 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:50:15.0319 1684 fastfat - ok
10:50:15.0413 1684 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
10:50:15.0413 1684 fdc - ok
10:50:15.0428 1684 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:50:15.0428 1684 FileInfo - ok
10:50:15.0553 1684 FileMonitor (2b609f74fa2884c36471743322652a16) C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
10:50:15.0553 1684 FileMonitor - ok
10:50:15.0631 1684 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:50:15.0631 1684 Filetrace - ok
10:50:15.0662 1684 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
10:50:15.0678 1684 flpydisk - ok
10:50:15.0693 1684 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
10:50:15.0693 1684 FltMgr - ok
10:50:15.0787 1684 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:50:15.0787 1684 FsDepends - ok
10:50:15.0818 1684 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
10:50:15.0818 1684 fssfltr - ok
10:50:15.0896 1684 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:50:15.0896 1684 Fs_Rec - ok
10:50:15.0927 1684 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:50:15.0927 1684 fvevol - ok
10:50:15.0990 1684 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
10:50:16.0005 1684 gagp30kx - ok
10:50:16.0037 1684 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:50:16.0037 1684 GEARAspiWDM - ok
10:50:16.0083 1684 grmnusb (2ed7ff3e1ada4092632393781518b3a7) C:\Windows\system32\drivers\grmnusb.sys
10:50:16.0083 1684 grmnusb - ok
10:50:16.0177 1684 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:50:16.0193 1684 hcw85cir - ok
10:50:16.0208 1684 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
10:50:16.0208 1684 HdAudAddService - ok
10:50:16.0255 1684 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
10:50:16.0255 1684 HDAudBus - ok
10:50:16.0333 1684 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
10:50:16.0333 1684 HECIx64 - ok
10:50:16.0364 1684 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
10:50:16.0364 1684 HidBatt - ok
10:50:16.0442 1684 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
10:50:16.0442 1684 HidBth - ok
10:50:16.0473 1684 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
10:50:16.0473 1684 HidIr - ok
10:50:16.0551 1684 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
10:50:16.0551 1684 HidUsb - ok
10:50:16.0598 1684 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
10:50:16.0598 1684 HpSAMD - ok
10:50:16.0692 1684 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
10:50:16.0707 1684 HTTP - ok
10:50:16.0723 1684 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
10:50:16.0723 1684 hwpolicy - ok
10:50:16.0801 1684 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
10:50:16.0817 1684 i8042prt - ok
10:50:16.0863 1684 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
10:50:16.0863 1684 iaStor - ok
10:50:16.0957 1684 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
10:50:16.0957 1684 iaStorV - ok
10:50:17.0238 1684 igfx (2a22ab054f4630d2ef4bab2853f6d5f6) C:\Windows\system32\DRIVERS\igdkmd64.sys
10:50:17.0441 1684 igfx - ok
10:50:17.0534 1684 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
10:50:17.0534 1684 iirsp - ok
10:50:17.0597 1684 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
10:50:17.0597 1684 Impcd - ok
10:50:17.0675 1684 IntcAzAudAddService (526e482afb586cb1cdd687869decf686) C:\Windows\system32\drivers\RTKVHD64.sys
10:50:17.0690 1684 IntcAzAudAddService - ok
10:50:17.0784 1684 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
10:50:17.0784 1684 IntcDAud - ok
10:50:17.0815 1684 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:50:17.0815 1684 intelide - ok
10:50:17.0877 1684 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
10:50:17.0877 1684 intelppm - ok
10:50:17.0924 1684 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:50:17.0940 1684 IpFilterDriver - ok
10:50:17.0955 1684 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
10:50:17.0955 1684 IPMIDRV - ok
10:50:18.0033 1684 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:50:18.0033 1684 IPNAT - ok
10:50:18.0158 1684 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:50:18.0158 1684 IRENUM - ok
10:50:18.0189 1684 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:50:18.0189 1684 isapnp - ok
10:50:18.0267 1684 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
10:50:18.0267 1684 iScsiPrt - ok
10:50:18.0408 1684 ISWKL (bf65e6d039ae37c988d5b2b680e7d718) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
10:50:18.0408 1684 ISWKL - ok
10:50:18.0501 1684 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:50:18.0501 1684 kbdclass - ok
10:50:18.0517 1684 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
10:50:18.0517 1684 kbdhid - ok
10:50:18.0564 1684 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
10:50:18.0564 1684 KSecDD - ok
10:50:18.0642 1684 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
10:50:18.0657 1684 KSecPkg - ok
10:50:18.0689 1684 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:50:18.0689 1684 ksthunk - ok
10:50:18.0798 1684 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:50:18.0798 1684 lltdio - ok
10:50:18.0829 1684 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
10:50:18.0829 1684 LSI_FC - ok
10:50:18.0845 1684 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
10:50:18.0845 1684 LSI_SAS - ok
10:50:18.0938 1684 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
10:50:18.0938 1684 LSI_SAS2 - ok
10:50:18.0985 1684 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
10:50:18.0985 1684 LSI_SCSI - ok
10:50:19.0063 1684 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:50:19.0079 1684 luafv - ok
10:50:19.0110 1684 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
10:50:19.0110 1684 megasas - ok
10:50:19.0203 1684 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
10:50:19.0203 1684 MegaSR - ok
10:50:19.0235 1684 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:50:19.0235 1684 Modem - ok
10:50:19.0250 1684 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:50:19.0250 1684 monitor - ok
10:50:19.0344 1684 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:50:19.0344 1684 mouclass - ok
10:50:19.0344 1684 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:50:19.0344 1684 mouhid - ok
10:50:19.0375 1684 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
10:50:19.0375 1684 mountmgr - ok
10:50:19.0469 1684 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
10:50:19.0469 1684 MpFilter - ok
10:50:19.0484 1684 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
10:50:19.0500 1684 mpio - ok
10:50:19.0578 1684 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
10:50:19.0578 1684 MpNWMon - ok
10:50:19.0609 1684 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:50:19.0609 1684 mpsdrv - ok
10:50:19.0687 1684 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
10:50:19.0687 1684 MRxDAV - ok
10:50:19.0718 1684 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:50:19.0734 1684 mrxsmb - ok
10:50:19.0812 1684 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:50:19.0812 1684 mrxsmb10 - ok
10:50:19.0859 1684 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:50:19.0859 1684 mrxsmb20 - ok
10:50:19.0937 1684 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
10:50:19.0937 1684 msahci - ok
10:50:19.0968 1684 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
10:50:19.0968 1684 msdsm - ok
10:50:20.0061 1684 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:50:20.0061 1684 Msfs - ok
10:50:20.0093 1684 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:50:20.0093 1684 mshidkmdf - ok
10:50:20.0108 1684 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:50:20.0108 1684 msisadrv - ok
10:50:20.0202 1684 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:50:20.0202 1684 MSKSSRV - ok
10:50:20.0217 1684 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:50:20.0233 1684 MSPCLOCK - ok
10:50:20.0233 1684 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:50:20.0233 1684 MSPQM - ok
10:50:20.0264 1684 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
10:50:20.0264 1684 MsRPC - ok
10:50:20.0358 1684 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:50:20.0358 1684 mssmbios - ok
10:50:20.0389 1684 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:50:20.0389 1684 MSTEE - ok
10:50:20.0420 1684 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
10:50:20.0420 1684 MTConfig - ok
10:50:20.0498 1684 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:50:20.0498 1684 Mup - ok
10:50:20.0561 1684 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:50:20.0561 1684 NativeWifiP - ok
10:50:20.0654 1684 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
10:50:20.0654 1684 NDIS - ok
10:50:20.0685 1684 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:50:20.0685 1684 NdisCap - ok
10:50:20.0763 1684 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:50:20.0763 1684 NdisTapi - ok
10:50:20.0779 1684 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
10:50:20.0795 1684 Ndisuio - ok
10:50:20.0810 1684 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:50:20.0810 1684 NdisWan - ok
10:50:20.0904 1684 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
10:50:20.0904 1684 NDProxy - ok
10:50:20.0919 1684 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:50:20.0919 1684 NetBIOS - ok
10:50:21.0013 1684 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
10:50:21.0029 1684 NetBT - ok
10:50:21.0138 1684 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
10:50:21.0138 1684 nfrd960 - ok
10:50:21.0169 1684 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:50:21.0169 1684 NisDrv - ok
10:50:21.0263 1684 nmwcd (88f2f2cb9faee2e14bccf384f4c88061) C:\Windows\system32\drivers\ccdcmbx64.sys
10:50:21.0278 1684 nmwcd - ok
10:50:21.0309 1684 nmwcdc (31c1fac4ae14fb2f8771c59ba3f90bad) C:\Windows\system32\drivers\ccdcmbox64.sys
10:50:21.0309 1684 nmwcdc - ok
10:50:21.0387 1684 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:50:21.0387 1684 Npfs - ok
10:50:21.0403 1684 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:50:21.0403 1684 nsiproxy - ok
10:50:21.0465 1684 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
10:50:21.0481 1684 Ntfs - ok
10:50:21.0575 1684 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:50:21.0575 1684 Null - ok
10:50:21.0621 1684 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
10:50:21.0621 1684 nvraid - ok
10:50:21.0731 1684 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
10:50:21.0746 1684 nvstor - ok
10:50:21.0777 1684 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:50:21.0777 1684 nv_agp - ok
10:50:21.0871 1684 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:50:21.0871 1684 ohci1394 - ok
10:50:21.0918 1684 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
10:50:21.0918 1684 Parport - ok
10:50:22.0011 1684 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
10:50:22.0011 1684 partmgr - ok
10:50:22.0058 1684 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
10:50:22.0058 1684 pccsmcfd - ok
10:50:22.0152 1684 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
10:50:22.0152 1684 pci - ok
10:50:22.0183 1684 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:50:22.0183 1684 pciide - ok
10:50:22.0261 1684 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
10:50:22.0261 1684 pcmcia - ok
10:50:22.0292 1684 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:50:22.0292 1684 pcw - ok
10:50:22.0386 1684 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:50:22.0401 1684 PEAUTH - ok
10:50:22.0495 1684 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
10:50:22.0495 1684 PptpMiniport - ok
10:50:22.0526 1684 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
10:50:22.0526 1684 Processor - ok
10:50:22.0620 1684 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
10:50:22.0620 1684 Psched - ok
10:50:22.0729 1684 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
10:50:22.0729 1684 PSI - ok
10:50:22.0760 1684 PxHlpa64 (fbf4db6d53585437e41a113300002a2b) C:\Windows\system32\Drivers\PxHlpa64.sys
10:50:22.0760 1684 PxHlpa64 - ok
10:50:22.0807 1684 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
10:50:22.0823 1684 ql2300 - ok
10:50:22.0916 1684 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
10:50:22.0916 1684 ql40xx - ok
10:50:22.0947 1684 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:50:22.0947 1684 QWAVEdrv - ok
10:50:23.0025 1684 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:50:23.0025 1684 RasAcd - ok
10:50:23.0057 1684 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:50:23.0057 1684 RasAgileVpn - ok
10:50:23.0135 1684 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:50:23.0150 1684 Rasl2tp - ok
10:50:23.0166 1684 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:50:23.0166 1684 RasPppoe - ok
10:50:23.0166 1684 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:50:23.0181 1684 RasSstp - ok
10:50:23.0197 1684 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
10:50:23.0197 1684 rdbss - ok
10:50:23.0291 1684 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
10:50:23.0291 1684 rdpbus - ok
10:50:23.0322 1684 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:50:23.0322 1684 RDPCDD - ok
10:50:23.0384 1684 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:50:23.0384 1684 RDPENCDD - ok
10:50:23.0400 1684 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:50:23.0400 1684 RDPREFMP - ok
10:50:23.0447 1684 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
10:50:23.0447 1684 RDPWD - ok
10:50:23.0540 1684 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
10:50:23.0540 1684 rdyboost - ok
10:50:23.0665 1684 RegFilter (8ccf1201a14d5ad7568e192b835abb7e) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
10:50:23.0665 1684 RegFilter - ok
10:50:23.0759 1684 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
10:50:23.0759 1684 RFCOMM - ok
10:50:23.0790 1684 rimspci (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys
10:50:23.0790 1684 rimspci - ok
10:50:23.0883 1684 risdsnpe (8f8539a7f5c117d4407b2985995671f2) C:\Windows\system32\drivers\risdsne64.sys
10:50:23.0883 1684 risdsnpe - ok
10:50:23.0930 1684 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:50:23.0930 1684 rspndr - ok
10:50:24.0024 1684 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys
10:50:24.0024 1684 RTHDMIAzAudService - ok
10:50:24.0086 1684 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
10:50:24.0086 1684 SASDIFSV - ok
10:50:24.0102 1684 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
10:50:24.0102 1684 SASKUTIL - ok
10:50:24.0180 1684 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
10:50:24.0180 1684 sbp2port - ok
10:50:24.0227 1684 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
10:50:24.0227 1684 scfilter - ok
10:50:24.0305 1684 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\DRIVERS\sdbus.sys
10:50:24.0305 1684 sdbus - ok
10:50:24.0336 1684 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:50:24.0336 1684 secdrv - ok
10:50:24.0445 1684 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
10:50:24.0445 1684 Serenum - ok
10:50:24.0492 1684 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
10:50:24.0492 1684 Serial - ok
10:50:24.0570 1684 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
10:50:24.0570 1684 sermouse - ok
10:50:24.0617 1684 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
10:50:24.0617 1684 SFEP - ok
10:50:24.0710 1684 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:50:24.0726 1684 sffdisk - ok
10:50:24.0741 1684 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:50:24.0757 1684 sffp_mmc - ok
10:50:24.0835 1684 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys
10:50:24.0835 1684 sffp_sd - ok
10:50:24.0866 1684 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
10:50:24.0866 1684 sfloppy - ok
10:50:24.0975 1684 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
10:50:24.0975 1684 SiSRaid2 - ok
10:50:25.0022 1684 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
10:50:25.0022 1684 SiSRaid4 - ok
10:50:25.0163 1684 SmartDefragDriver (94ce7845af6a2065b829e0126cd56236) C:\Windows\system32\Drivers\SmartDefragDriver.sys
10:50:25.0163 1684 SmartDefragDriver - ok
10:50:25.0194 1684 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:50:25.0194 1684 Smb - ok
10:50:25.0303 1684 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:50:25.0303 1684 spldr - ok
10:50:25.0365 1684 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
10:50:25.0365 1684 srv - ok
10:50:25.0443 1684 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
10:50:25.0443 1684 srv2 - ok
10:50:25.0490 1684 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
10:50:25.0490 1684 srvnet - ok
10:50:25.0615 1684 ssudmdm (ad42ca614e086bcadbd53fffc404ac24) C:\Windows\system32\DRIVERS\ssudmdm.sys
10:50:25.0615 1684 ssudmdm - ok
10:50:25.0646 1684 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
10:50:25.0646 1684 stexstor - ok
10:50:25.0740 1684 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:50:25.0740 1684 swenum - ok
10:50:25.0771 1684 tbhsd (93f0f5ef8a4ca261372df98b31b2bd05) C:\Windows\system32\drivers\tbhsd.sys
10:50:25.0771 1684 tbhsd - ok
10:50:25.0833 1684 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
10:50:25.0849 1684 Tcpip - ok
10:50:25.0989 1684 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
10:50:25.0989 1684 TCPIP6 - ok
10:50:26.0083 1684 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
10:50:26.0083 1684 tcpipreg - ok
10:50:26.0099 1684 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:50:26.0099 1684 TDPIPE - ok
10:50:26.0114 1684 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
10:50:26.0114 1684 TDTCP - ok
10:50:26.0130 1684 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
10:50:26.0130 1684 tdx - ok
10:50:26.0223 1684 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
10:50:26.0223 1684 TermDD - ok
10:50:26.0286 1684 truecrypt (8de922cd4fea6f83b10805df965b9a08) C:\Windows\system32\drivers\truecrypt.sys
10:50:26.0286 1684 truecrypt - ok
10:50:26.0348 1684 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:50:26.0364 1684 tssecsrv - ok
10:50:26.0379 1684 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
10:50:26.0379 1684 tunnel - ok
10:50:26.0411 1684 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
10:50:26.0411 1684 uagp35 - ok
10:50:26.0426 1684 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
10:50:26.0442 1684 udfs - ok
10:50:26.0520 1684 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:50:26.0520 1684 uliagpkx - ok
10:50:26.0567 1684 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
10:50:26.0567 1684 umbus - ok
10:50:26.0598 1684 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:50:26.0598 1684 UmPass - ok
10:50:26.0691 1684 upperdev (fbd861e69e1f583bec906fcd04e4f84e) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
10:50:26.0707 1684 upperdev - ok
10:50:26.0816 1684 UrlFilter (1aa6ca6b150f85f07804cba5f814d9b2) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
10:50:26.0816 1684 UrlFilter - ok
10:50:26.0910 1684 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
10:50:26.0910 1684 USBAAPL64 - ok
10:50:26.0941 1684 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
10:50:26.0941 1684 usbccgp - ok
10:50:26.0988 1684 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:50:26.0988 1684 usbcir - ok
10:50:27.0066 1684 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
10:50:27.0066 1684 usbehci - ok
10:50:27.0081 1684 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
10:50:27.0097 1684 usbhub - ok
10:50:27.0159 1684 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
10:50:27.0159 1684 usbohci - ok
10:50:27.0191 1684 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:50:27.0191 1684 usbprint - ok
10:50:27.0253 1684 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
10:50:27.0253 1684 usbscan - ok
10:50:27.0347 1684 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:50:27.0347 1684 USBSTOR - ok
10:50:27.0378 1684 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
10:50:27.0378 1684 usbuhci - ok
10:50:27.0456 1684 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
10:50:27.0456 1684 usbvideo - ok
10:50:27.0503 1684 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
10:50:27.0503 1684 usb_rndisx - ok
10:50:27.0596 1684 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
10:50:27.0596 1684 VClone - ok
10:50:27.0643 1684 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:50:27.0643 1684 vdrvroot - ok
10:50:27.0705 1684 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:50:27.0705 1684 vga - ok
10:50:27.0721 1684 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:50:27.0721 1684 VgaSave - ok
10:50:27.0783 1684 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
10:50:27.0783 1684 vhdmp - ok
10:50:27.0846 1684 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:50:27.0846 1684 viaide - ok
10:50:27.0893 1684 vmm (21c96aa588d3993191761a08dbaabb15) C:\Windows\system32\Drivers\vmm.sys
10:50:27.0893 1684 vmm - ok
10:50:27.0986 1684 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
10:50:27.0986 1684 volmgr - ok
10:50:28.0017 1684 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
10:50:28.0033 1684 volmgrx - ok
10:50:28.0111 1684 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
10:50:28.0111 1684 volsnap - ok
10:50:28.0236 1684 Vsdatant (239d8d72730226cd460bdc8ca0a23d43) C:\Windows\system32\DRIVERS\vsdatant.sys
10:50:28.0236 1684 Vsdatant - ok
10:50:28.0345 1684 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
10:50:28.0345 1684 vsmraid - ok
10:50:28.0470 1684 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:50:28.0470 1684 vwifibus - ok
10:50:28.0485 1684 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:50:28.0485 1684 vwififlt - ok
10:50:28.0563 1684 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
10:50:28.0563 1684 vwifimp - ok
10:50:28.0595 1684 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
10:50:28.0610 1684 WacomPen - ok
10:50:28.0626 1684 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
10:50:28.0626 1684 WANARP - ok
10:50:28.0641 1684 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
10:50:28.0641 1684 Wanarpv6 - ok
10:50:28.0735 1684 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
10:50:28.0735 1684 Wd - ok
10:50:28.0782 1684 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:50:28.0782 1684 Wdf01000 - ok
10:50:28.0875 1684 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:50:28.0875 1684 WfpLwf - ok
10:50:28.0891 1684 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:50:28.0891 1684 WIMMount - ok
10:50:28.0969 1684 WINUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.SYS
10:50:28.0969 1684 WINUSB - ok
10:50:29.0094 1684 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:50:29.0094 1684 WmiAcpi - ok
10:50:29.0219 1684 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:50:29.0219 1684 ws2ifsl - ok
10:50:29.0250 1684 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
10:50:29.0250 1684 WSDPrintDevice - ok
10:50:29.0265 1684 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys
10:50:29.0265 1684 WSDScan - ok
10:50:29.0375 1684 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
10:50:29.0375 1684 WudfPf - ok
10:50:29.0406 1684 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:50:29.0406 1684 WUDFRd - ok
10:50:29.0484 1684 xpvcom - ok
10:50:29.0531 1684 yukonw7 (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys
10:50:29.0531 1684 yukonw7 - ok
10:50:29.0562 1684 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:50:29.0609 1684 \Device\Harddisk0\DR0 - ok
10:50:29.0624 1684 Boot (0x1200) (eb9f2889c6e5620c02def63407d8693c) \Device\Harddisk0\DR0\Partition0
10:50:29.0624 1684 \Device\Harddisk0\DR0\Partition0 - ok
10:50:29.0640 1684 Boot (0x1200) (d44949342773d26772e9b6a3e6a18a9f) \Device\Harddisk0\DR0\Partition1
10:50:29.0640 1684 \Device\Harddisk0\DR0\Partition1 - ok
10:50:29.0640 1684 ============================================================
10:50:29.0640 1684 Scan finished
10:50:29.0640 1684 ============================================================
10:50:29.0655 2520 Detected object count: 0
10:50:29.0655 2520 Actual detected object count: 0

 

STEP 5

My security software doesn't like UVK and tells me not to run it.


I did a search on http://virusscan.jotti.org and it came back
with "Trojan-Downloader.Autoit.gen" from VBA32 virus checker,
when submitting the file "UVKportable.exe"


Could you please advise why this might be the case?

Thanks in advance,

Reggie.

Edited by reggiereg, 19 February 2012 - 06:10 AM.


#6 balon

balon

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Haven, CT
  • Local time:04:44 PM

Posted 19 February 2012 - 01:09 PM

Do not use UVK; as it is not approved by the BC community; therefore I cannot instruct you to use it.

So you know I was not trying to infect you, UVK is a program which makes serious registry changes when requested, uses many antivirus programs to wipe viruses off your computer, has a process manager, and lastly has UVK scripts which auto-update, change your winstock entries, can register dlls, ect... It is a powerful tool which is why it may have been caught.

It is not a virus; if you would like to do what I had instructed that is up to you; but that post will be removed by an Admin pretty soon, as I did not know I couldn't use it, I was just informed it will be removed because scripts can be powerful.


Virus Total Report...
SHA256: 1215f824e02beb68d89e0f9106619cd312e5296950fdcd0784f63a4b84d87661
File name: UVKPortable.exe
Detection ratio: 0 / 40
Analysis date: 2012-02-19 18:04:45 UTC ( 2 minutes ago )

AhnLab-V3 - 20120213
AntiVir - 20120213
Antiy-AVL - 20120213
Avast - 20120214
AVG - 20120213
BitDefender - 20120214
CAT-QuickHeal - 20120213
ClamAV - 20120214
Commtouch - 20120213
Comodo - 20120213
Emsisoft - 20120214
eSafe - 20120213
eTrust-Vet - 20120213
F-Prot - 20120213
F-Secure - 20120214
Fortinet - 20120214
GData - 20120214
Ikarus - 20120214
Jiangmin - 20120213
K7AntiVirus - 20120213
Kaspersky - 20120214
McAfee - 20120214
McAfee-GW-Edition - 20120213
NOD32 - 20120214
Norman - 20120213
nProtect - 20120213
Panda - 20120213
PCTools - 20120207
Prevx - 20120219
Rising - 20120213
Sophos - 20120214
SUPERAntiSpyware - 20120206
Symantec - 20120214
TheHacker - 20120213
TrendMicro - 20120213
TrendMicro-HouseCall - 20120214
VBA32 - 20120213
VIPRE - 20120214
ViRobot - 20120213
VirusBuster - 20120213


Edited by Balon, 19 February 2012 - 01:09 PM.


#7 reggiereg

reggiereg
  • Topic Starter

  • Members
  • 151 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:44 PM

Posted 21 February 2012 - 09:03 AM

Thanks Balon for your reassurance on the UVK tool, it looks good. I may read more about it before I give it a go. I've been looking for a tool to update and run all my protection software automatically and it appears as though this could do just that.

Do I have to do anything with this post, or just sit tight until someone has had a chance to check my logs for any nasties?

My computer is still painfully slow and its unusable at the moment.

Thanks again,

Reggie.

#8 balon

balon

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Haven, CT
  • Local time:04:44 PM

Posted 21 February 2012 - 11:22 AM

Everything Is looking clean so far; As I have reviewed the logs...

Lets try this;

TFC Temp File Cleaner;
TFC Closes all running programs and may ask you to restart when complete.


Tell me how the computer is running after that


 

Then please re-run aswMBR, Make sure you scan with it; the last log does not look like you scanned... I just noticed that now; wait until it says scan complete then post the logs here..

Edited by Balon, 21 February 2012 - 11:24 AM.


#9 reggiereg

reggiereg
  • Topic Starter

  • Members
  • 151 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:44 PM

Posted 21 February 2012 - 01:08 PM

Hi Balon,

I run aswMBR.exe and it starts OK, but after about 5 mins the computer blue screens and reboots. This is why I didn't post a log.

I didn't realise this until I sat and watched it. I thought it was part of the process that the computer re booted, but evidently not.

Any ideas on how to find out why, short of pointing a video camera at the screen?

Reggie.

#10 balon

balon

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Haven, CT
  • Local time:04:44 PM

Posted 21 February 2012 - 03:36 PM

Hi Balon,

I run aswMBR.exe and it starts OK, but after about 5 mins the computer blue screens and reboots. This is why I didn't post a log.

I didn't realise this until I sat and watched it. I thought it was part of the process that the computer re booted, but evidently not.

Any ideas on how to find out why, short of pointing a video camera at the screen?

Reggie.



Please try running that in Safe-Mode

#11 reggiereg

reggiereg
  • Topic Starter

  • Members
  • 151 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:44 PM

Posted 21 February 2012 - 04:08 PM

It's the same in safe mode too.

#12 balon

balon

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Haven, CT
  • Local time:04:44 PM

Posted 21 February 2012 - 05:15 PM

RUN TFC yet?

#13 reggiereg

reggiereg
  • Topic Starter

  • Members
  • 151 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:44 PM

Posted 22 February 2012 - 03:19 AM

Yes i have run TFC in safe and none safe mode. I'll try again.

#14 balon

balon

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Haven, CT
  • Local time:04:44 PM

Posted 22 February 2012 - 07:50 AM

Ok, I would like to know did TFC work?

ALSO Can you re-run aswMBR; this time please watch it, and pay attention to where it stops just before it causes a BSOD.

 


Step 6 (Required)

Next..

Download: MiniToolBox

Launch it.

Check the Following:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Then post a log here.



 

Step 7 (Required)

Please Run ESET Online

-Disable all antivirus software.

-Accept TOS and click start; allow anything browser wise then click on Scan Archives.

-Start the scans, when it finishes it will have a List of found threats.

-Click on Export Text-File and save the file to your desktop.


*If ESET does not find any threats it will not have a log.*

Please post this in your next report.

Edited by Balon, 22 February 2012 - 07:51 AM.


#15 balon

balon

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Haven, CT
  • Local time:04:44 PM

Posted 22 February 2012 - 08:10 AM

Hi there!

I would like to inform you it seems you were not infected with the Exploit:js/Blacole.BW

After doing some minor research on this, MSE reported a False-Positive file.

It shows you got this virus right off google, which is what would be basically strange, nor expected.

Microsoft Summary

This does not make sense though why your computer is running extremely slow, please continue to follow the steps I have issued to you as I suspect an issue much greater then this.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users