Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 Home Premium Problem


  • This topic is locked This topic is locked
3 replies to this topic

#1 temo2324

temo2324

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:14 AM

Posted 02 June 2014 - 07:40 PM

After I log into my laptop with windows 7 Home Premium, I get a black screen with only the mouse pointer mooving. I use  Karspesky recovery disk with no positive results, I also try FRST.exe and this is what i got in the two files that i attach, I don't have the windows 7 CD the system was already installed in my laptop (e-mechanics) I only have a repair disk for the system, but is only good to get me into the repair window, any help?

 

Mod Edit:  Pasted FRST data into post - Hamluis.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014 01
Ran by SYSTEM on MININT-JA7GBUJ on 01-06-2014 14:25:31
Running from G:\
Platform: Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [306472 2009-11-12] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [Standby] => C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe [105632 2009-11-10] (Corel)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1157128 2009-08-18] (Dritek System Inc.)
HKLM-x32\...\Run: [CPMonitor] => C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe [84464 2010-08-25] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [162336 2009-07-21] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [162336 2009-07-21] ()
HKU\TEMO\...\Run: [GameServer52B] => "C:\Users\TEMO\AppData\Roaming\codeblocks\WIN7ED0.exe"
HKU\TEMO\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-11-05] (Google Inc.)

==================== Services (Whitelisted) =================

S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457200 2009-06-02] ()
S2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [39408 2010-09-13] ()
S2 ePowerSvc; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [844320 2009-09-30] (Acer Incorporated)
S4 GameConsoleService; C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe [250616 2009-05-22] (WildTangent, Inc.)
S4 Greg_Service; C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
S2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4492776 2014-03-13] (iolo technologies, LLC)
S4 RoxMediaDB13; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [1099248 2010-07-16] (Sonic Solutions)
S3 RoxMediaDBVHS; C:\Program Files (x86)\Common Files\Roxio Shared\VHStoDVD\SharedCOM\RoxMediaDBVHS.exe [1116656 2010-02-19] (Sonic Solutions)
S2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [240160 2009-07-03] (Acer)
S2 vseamps; C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe [121696 2012-08-24] (Commtouch, Inc.)
S2 vsedsps; C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe [119136 2012-08-24] (Commtouch, Inc.)
S3 vseqrts; C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe [181600 2012-08-24] (Commtouch, Inc.)
S2 DcomLaunch; %SystemRoot%\system32\rpcss.dll [X]
S2 RpcSs; %SystemRoot%\system32\rpcss.dll [X]

==================== Drivers (Whitelisted) ====================

S2 AMP; C:\Windows\system32\Drivers\amp.sys [173408 2012-08-24] (Commtouch, Inc.)
S2 AMPSE; C:\Windows\system32\Drivers\ampse.sys [1504608 2012-08-24] (Commtouch, Inc.)
S3 dvdfab; C:\Windows\System32\drivers\dvdfab.sys [69504 2010-09-14] (Fengtao Software Inc.)
S1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [23464 2009-11-11] (EldoS Corporation)
S1 FileDisk; C:\Windows\SysWow64\Drivers\FileDisk.sys [9341 2010-06-29] (iolo technologies, LLC (based on original work by Bo Brantén))
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-05-31] ()
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-01] (Realtek Semiconductor Corp.)
S3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-01-17] (Jungo)

========================== Drivers MD5 =======================

C:\Windows\system32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ACPI.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys DB9D6C6B2CD95A9CA414D045B627422E
C:\Windows\system32\DRIVERS\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\aliide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\system32\Drivers\amp.sys 34304E34A1769A1DF7C2564B1C06E3D6
C:\Windows\system32\Drivers\ampse.sys 392CF9E9D2245347DA81C147B26FFFC6
C:\Windows\System32\DRIVERS\Apfiltr.sys C79C86A0395689045710E24D64E5E086
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys B44879610F2DC4A046B14BEFA3AE72DE
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 937BEB186A735ACA91D717044A49D17E
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\SysWOW64\Drivers\DKbFltr.sys D5BCB77BE83CF99F508943945D46343D
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dvdfab.sys 6A3ECF099048D7FD3021193F71078E6E
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\ElRawDsk.sys D38A883309E04B9FBFFE1ACA60EA3BBF
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\hitmanpro37.sys FCE2251FE4464DCAA2F4684F19A8EE9B
C:\Windows\system32\DRIVERS\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys BE7D72FCF442C26975942007E0831241
C:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\igdkmd64.sys 2D18C9E1F23970DE32D78D3B1CDDA0A7
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 16C1B906FC5EAD84769F90B736B6BF0E
C:\Windows\System32\Drivers\ksecpkg.sys 0B711550C56444879D71C7DAABDA6C83
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys 2377EC4CC3E356655B996F39B43486B6
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb10.sys F0067552F8F9B33D7C59403AB808A3CB
C:\Windows\System32\DRIVERS\mrxsmb20.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NBVol.sys 7B2D90BBBBED11C8DFBA441D34AE901E
C:\Windows\System32\DRIVERS\NBVolUp.sys 4FE7B5757279D82C4D171E9F7FD52A75
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\NTIDrvr.sys 64DDD0DEE976302F4BD93E5EFCC2F013
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\Drivers\pcouffin.sys AF7CE12C4F3DC8CB2B07685C916BBCFE
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\PDFsFilter.sys 8570C04D9DBFDDD2CCF655DEB4D84715
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\Drivers\PxHlpa64.sys 87B04878A6D59D6C79251DC960C674C1
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys DB30AA4DAA0D492FA5D7717D8181FFA1
C:\Windows\SysWOW64\Drivers\RtsUStor.sys DB30AA4DAA0D492FA5D7717D8181FFA1
C:\Windows\System32\Drivers\Sahdad64.sys 27DB9153D259D632D15483DEEAB799ED
C:\Windows\System32\Drivers\Saibad64.sys F77849D909B90BCACFCF7295AECF299B
C:\Windows\System32\Drivers\SaibVdAd64.sys 704D415290A568F68DE20942DAC23F7E
C:\Windows\system32\DRIVERS\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srvnet.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys F18F56EFC0BFB9C87BA01C37B27F4DA5
C:\Windows\System32\DRIVERS\tcpip.sys F18F56EFC0BFB9C87BA01C37B27F4DA5
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\system32\drivers\UBHelper.sys 2E22C1FD397A5A9FFEF55E9D1FC96C00
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\emBDA64.sys 1E1786E15F91183BE26732E89ADC1817
C:\Windows\System32\DRIVERS\emOEM64.sys E97F0E00ADBC1BCEF691C71DBEE77041
C:\Windows\System32\drivers\usbaudio.sys 77B01BC848298223A95D4EC23E1785A1
C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbhub.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbser.sys 0F0C72A657C622286013788B886968AD
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\vmwvusb.sys F9D116EF357C1026B4F6BF670541426A
C:\Windows\System32\DRIVERS\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\drivers\windrvr6.sys C0B0103A7CF640D77FE9337AE5A6EAA8
C:\Windows\System32\DRIVERS\WinUsb.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-01 14:19 - 2014-06-01 14:25 - 00000000 ____D () C:\FRST
2014-05-31 14:42 - 2014-05-31 15:01 - 00032512 _____ () C:\Windows\System32\Drivers\hitmanpro37.sys
2014-05-29 19:15 - 2014-05-29 19:15 - 00000000 ____D () C:\Windows\System32\config\bakup
2014-05-29 18:51 - 2014-05-29 18:53 - 00000000 ____D () C:\Windows\System32\config\backup
2014-05-29 09:05 - 2014-05-29 09:05 - 00001830 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-05-29 05:52 - 2014-05-29 05:52 - 00009992 ____N () C:\bootsqm.dat
2014-05-29 05:31 - 2014-05-29 05:31 - 00210794 _____ () C:\ProgramData\1401369857.bdinstall.bin
2014-05-29 05:30 - 2014-05-29 05:30 - 00002185 _____ () C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2014-05-29 05:30 - 2014-05-29 05:30 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-05-29 05:30 - 2014-05-29 05:30 - 00000000 _____ () C:\Windows\System32\Drivers\avchv.sys
2014-05-29 05:30 - 2013-04-17 11:59 - 00718840 _____ (BitDefender) C:\Windows\System32\Drivers\avc3.sys
2014-05-29 05:30 - 2013-04-17 11:59 - 00593144 _____ (BitDefender) C:\Windows\System32\Drivers\avckf.sys
2014-05-29 05:25 - 2014-05-29 05:30 - 00000000 ____D () C:\Program Files\Bitdefender
2014-05-29 05:24 - 2014-05-29 05:25 - 00000000 ____D () C:\Users\TEMO\AppData\Roaming\QuickScan
2014-05-29 05:24 - 2013-05-28 09:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\System32\Drivers\trufos.sys
2014-05-29 05:24 - 2013-04-22 10:21 - 00148696 _____ (BitDefender LLC) C:\Windows\System32\Drivers\gzflt.sys
2014-05-28 17:21 - 2014-05-28 17:21 - 00000000 ____D () C:\Users\TEMO\AppData\Roaming\25898
2014-05-28 13:53 - 2014-05-28 13:53 - 00000000 ____D () C:\Users\TEMO\AppData\Roaming\17896
2014-05-09 20:55 - 2014-05-09 21:01 - 00000000 ____D () C:\Users\TEMO\Desktop\NEW ERIKA FOLDER

==================== One Month Modified Files and Folders =======

2014-06-01 14:25 - 2014-06-01 14:19 - 00000000 ____D () C:\FRST
2014-05-31 15:01 - 2014-05-31 14:42 - 00032512 _____ () C:\Windows\System32\Drivers\hitmanpro37.sys
2014-05-29 19:15 - 2014-05-29 19:15 - 00000000 ____D () C:\Windows\System32\config\bakup
2014-05-29 18:53 - 2014-05-29 18:51 - 00000000 ____D () C:\Windows\System32\config\backup
2014-05-29 10:25 - 2010-03-01 08:50 - 00000000 ____D () C:\Users\TEMO\AppData\Local\Temp
2014-05-29 10:25 - 2010-03-01 08:50 - 00000000 ____D () C:\users\TEMO
2014-05-29 10:25 - 2009-07-13 16:00 - 00514048 _____ (Microsoft Corporation) C:\Windows\System32\rpcss.dll.224815.gzquar
2014-05-29 09:05 - 2014-05-29 09:05 - 00001830 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-05-29 09:05 - 2013-05-11 04:15 - 00000000 ____D () C:\Program Files\HitmanPro
2014-05-29 06:05 - 2009-11-05 10:17 - 00243080 _____ () C:\Windows\PFRO.log
2014-05-29 05:52 - 2014-05-29 05:52 - 00009992 ____N () C:\bootsqm.dat
2014-05-29 05:44 - 2010-01-22 17:21 - 01321044 _____ () C:\Windows\WindowsUpdate.log
2014-05-29 05:31 - 2014-05-29 05:31 - 00210794 _____ () C:\ProgramData\1401369857.bdinstall.bin
2014-05-29 05:30 - 2014-05-29 05:30 - 00002185 _____ () C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2014-05-29 05:30 - 2014-05-29 05:30 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-05-29 05:30 - 2014-05-29 05:30 - 00000000 _____ () C:\Windows\System32\Drivers\avchv.sys
2014-05-29 05:30 - 2014-05-29 05:25 - 00000000 ____D () C:\Program Files\Bitdefender
2014-05-29 05:30 - 2012-12-17 07:37 - 00000000 ____D () C:\Users\TEMO\AppData\Roaming\codeblocks
2014-05-29 05:30 - 2009-07-13 20:51 - 00097161 _____ () C:\Windows\setupact.log
2014-05-29 05:25 - 2014-05-29 05:24 - 00000000 ____D () C:\Users\TEMO\AppData\Roaming\QuickScan
2014-05-29 05:24 - 2009-07-13 20:45 - 00009920 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-29 05:24 - 2009-07-13 20:45 - 00009920 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-29 05:23 - 2010-03-05 09:07 - 00000000 ____D () C:\Users\TEMO\Desktop\PROGRAMS-2010
2014-05-29 05:20 - 2009-07-13 21:13 - 00726316 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-05-29 05:19 - 2010-05-11 13:46 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-28 17:21 - 2014-05-28 17:21 - 00000000 ____D () C:\Users\TEMO\AppData\Roaming\25898
2014-05-28 14:19 - 2014-02-17 16:15 - 00000075 _____ () C:\Windows\System32\dqzu.xop
2014-05-28 14:12 - 2010-05-11 13:45 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-28 14:10 - 2013-10-09 15:46 - 00000448 _____ () C:\Windows\SysWOW64\iolo.ini
2014-05-28 14:10 - 2013-10-09 15:46 - 00000448 _____ () C:\Windows\System32\iolo.ini
2014-05-28 14:10 - 2013-05-21 07:57 - 00000429 _____ () C:\Windows\SysWOW64\iolo.ini.txt
2014-05-28 14:09 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-28 14:02 - 2013-05-07 12:18 - 00000000 ____D () C:\Users\TEMO\Documents\DVDFab9
2014-05-28 14:01 - 2013-12-05 10:08 - 00001008 _____ () C:\Users\Public\Desktop\DVDFab 9.lnk
2014-05-28 14:01 - 2012-12-04 12:51 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9
2014-05-28 13:53 - 2014-05-28 13:53 - 00000000 ____D () C:\Users\TEMO\AppData\Roaming\17896
2014-05-28 13:41 - 2010-07-19 05:04 - 00000000 ____D () C:\Users\TEMO\Desktop\RIELES
2014-05-28 13:40 - 2010-07-19 04:09 - 00000000 ____D () C:\ProgramData\DVD Shrink
2014-05-17 19:21 - 2014-02-21 18:49 - 00000000 ____D () C:\Users\TEMO\Desktop\pa revelar
2014-05-17 13:25 - 2013-11-21 18:30 - 00000000 ____D () C:\Users\TEMO\Desktop\mus
2014-05-17 13:23 - 2011-12-05 15:38 - 00000000 ____D () C:\Users\TEMO\Desktop\MUSICAL
2014-05-10 14:07 - 2010-05-11 13:46 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 14:07 - 2010-05-11 13:45 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 21:01 - 2014-05-09 20:55 - 00000000 ____D () C:\Users\TEMO\Desktop\NEW ERIKA FOLDER

Files to move or delete:
====================
C:\Users\TEMO\alg.exe
C:\Users\TEMO\jqs.exe
C:\Users\TEMO\mstsc.exe
C:\Users\TEMO\opera.exe
C:\Users\TEMO\skype.exe

Some content of TEMP:
====================
C:\Users\TEMO\AppData\Local\Temp\hiimaaa.exe

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll IS MISSING <==== ATTENTION!.
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=Y:
path                    \bootmgr
description             Windows Boot Manager
locale                  en-US
default                 {default}
displayorder            {default}
timeout                 30

Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7 Home Premium
locale                  en-US
osdevice                partition=C:
systemroot              \Windows
resumeobject            {7e71d399-e8f4-11e3-bbbd-806e6f6e6963}

Windows Boot Loader
-------------------
identifier              {6914d203-e90d-11e3-bcf1-ec3256cbf882}
device                  ramdisk=[C:]\Recovery\65051e1f-07bc-11df-b2a0-e48e264a932d\Winre.wim,{6914d204-e90d-11e3-bcf1-ec3256cbf882}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment (recovered)
locale                 
osdevice                ramdisk=[C:]\Recovery\65051e1f-07bc-11df-b2a0-e48e264a932d\Winre.wim,{6914d204-e90d-11e3-bcf1-ec3256cbf882}
systemroot              \windows
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {7e71d399-e8f4-11e3-bbbd-806e6f6e6963}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows 7 Home Premium
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US

Device options
--------------
identifier              {6914d204-e90d-11e3-bcf1-ec3256cbf882}
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\65051e1f-07bc-11df-b2a0-e48e264a932d\boot.sdi

==================== Memory info ===========================

Percentage of memory in use: 21%
Total physical RAM: 3001.98 MB
Available physical RAM: 2346.02 MB
Total Pagefile: 3000.13 MB
Available Pagefile: 2342.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: (eMachines) (Fixed) (Total:220.78 GB) (Free:10.22 GB) NTFS
Drive e: (PQSERVICE) (Fixed) (Total:12 GB) (Free:1.65 GB) NTFS
Drive f: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.25 GB) (Free:0 GB) UDF
Drive g: (ART07) (Removable) (Total:7.25 GB) (Free:7.25 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 88415094)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=221 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 8A42D4B3)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)

LastRegBack: 2014-05-22 17:03

==================== End Of Log ============================

Attached Files


Edited by hamluis, 03 June 2014 - 07:46 AM.
Moved from Win 7 to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,043 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:11:14 AM

Posted 07 June 2014 - 10:27 AM

Greetings and :welcome: to BleepingComputer,
My name is xXToffeeXx, but feel free to call me Toffee if it is easier for you. I will be helping you with your malware problems.
 
A few points to cover before we start:

  • Do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the "Follow this topic" button, and make sure a tick is in the "receive notifications" and is set to "Instantly". Any replies should be made in this topic by clicking the "Reply to this topic" button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will attempt to reply as soon as possible, and normally within 24 hours of your reply. If this is not possible or I have a delay then I will let you know.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. If you need more time than this please let me know.
  • Lets get going now :thumbup2:

==========================
 
Hi temo2324,

On a clean machine, please download Farbar Recovery Scan Tool and save it to a flash drive (if you already have it downloaded then you do not need to repeat this step).
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html



To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

==========

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt


Select Command Prompt

==========


Once in the Command Prompt:

  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • In the search box, type rpcss.dll
  • Press Search File(s) button.
  • It will make a log (Search.txt) on the flash drive. Please copy and paste it to your reply.

--------------

To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • Search.txt log

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#3 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,043 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:11:14 AM

Posted 10 June 2014 - 01:07 PM

Hi temo2324,
 
This is a 3 day bump:
 
It has been 3 days since my last post.

  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#4 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,043 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:11:14 AM

Posted 13 June 2014 - 10:26 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users