Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FRST Drivers(Whitelisted) Log line no ServiceDLL


  • Please log in to reply
5 replies to this topic

#1 ec500

ec500

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 27 July 2017 - 01:44 PM

x64 windows 7

 

Can anyone help me understand what this line means?:

 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)

 

What i do understand from it is that U means the state of the service is undetermined and 5 means FRST couldn't determine the start type because i read the tutorial. I also kind of understand that svchost is some sort of windows thing for managing services but I want to know why FRSt is reporting ATTENTION and if it means i have some sort of svchost malware, I did some scans like DrWeb CureIt and malware bytes anti malware after running RKill (which found nothing to stop) and I ran Comodo Cleaning Essentials that didn't find anything either.

 

so I don't really think I have malware but this FRST report may mean otherwise since about a month ago when i ran FRSt it had this in place:

 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)


Edited by hamluis, 27 July 2017 - 02:18 PM.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,252 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:29 PM

Posted 27 July 2017 - 02:16 PM

My quwstion is...if you don't think that you have malware...why are you running tools designed for the sole purpose of assisting in neutraling malware?

 

Louis


Edited by hamluis, 27 July 2017 - 02:17 PM.


#3 Pimptech

Pimptech

  • Malware Study Hall Senior
  • 246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sao Paulo, Brazil
  • Local time:10:29 PM

Posted 27 July 2017 - 02:35 PM

x64 windows 7

 

Can anyone help me understand what this line means?:

 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)

 

What i do understand from it is that U means the state of the service is undetermined and 5 means FRST couldn't determine the start type because i read the tutorial. I also kind of understand that svchost is some sort of windows thing for managing services but I want to know why FRSt is reporting ATTENTION and if it means i have some sort of svchost malware, I did some scans like DrWeb CureIt and malware bytes anti malware after running RKill (which found nothing to stop) and I ran Comodo Cleaning Essentials that didn't find anything either.

 

so I don't really think I have malware but this FRST report may mean otherwise since about a month ago when i ran FRSt it had this in place:

 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

 

When you find some executable suspicious the good thing to do is to send it VirusTotal. 
You will can have some overview about the executable.

 

Try scan if you think you have malware:

 

If there is something wrong or you really want to dig deep into it.


Edited by Pimptech, 27 July 2017 - 02:36 PM.


#4 ec500

ec500
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 27 July 2017 - 02:42 PM

I don't know much at all about detecting if my computer is hacked or not so I just run tools sometimes just in case. also I have really outdated hardware/computers on my network so I figured my computers could be hacked somewhat easily & with the FRST log having something different with attention beside i figured it might mean malware



#5 Pimptech

Pimptech

  • Malware Study Hall Senior
  • 246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sao Paulo, Brazil
  • Local time:10:29 PM

Posted 27 July 2017 - 03:15 PM

I don't know much at all about detecting if my computer is hacked or not so I just run tools sometimes just in case. also I have really outdated hardware/computers on my network so I figured my computers could be hacked somewhat easily & with the FRST log having something different with attention beside i figured it might mean malware

 

Try to maintain all your services updated so as the Operation System.

Stop services that you are not using and be careful about old services installed and running.

 

Some steps that you can follow when there is unsafe computer on the network:



#6 ec500

ec500
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 27 July 2017 - 06:01 PM

Ok thanks for the info Pimptech, setting up a Guest network sounds like a good idea to me.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users