Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Security center cannot start


  • Please log in to reply
10 replies to this topic

#1 4on4off

4on4off

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:14 AM

Posted 13 May 2012 - 08:23 PM

My sisters laptop is running Vista home premium.

She had a popup that said "this program needs to run this to continue" , not sure what program. It was made to look like an adobe update but she admitted it was a little different. She kept trying to cancel it but gave in and did clicked it. Instantly Security essentials went red and the security center cannot be started. I looked in services but I do not see the security center there.

I ran TDSS killer in safe and reg mode and found nothing. I ran malwarebytes in safe mode and it found 4 items and removed them. I ran malwarebytes in reg mode and it found nothing.

I have the logs for these but will wait till instucted to post them.

Thank you for any assistance.

4

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:14 AM

Posted 13 May 2012 - 08:32 PM

Hello please run these or like this.....

Post what MBAM removed..

Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.


>>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.

Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.


Open TDSS again...
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal/regular mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click [b]Re
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 4on4off

4on4off
  • Topic Starter

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:14 AM

Posted 13 May 2012 - 09:26 PM

Boopme,

Here is the log with the detected items from the first mwb scan:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.13.04

Windows Vista Service Pack 2 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Christine :: CHRISTINE-PC [administrator]

5/13/2012 1:41:52 PM
mbam-log-2012-05-13 (13-41-52).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 409971
Time elapsed: 1 hour(s), 9 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\Christine\AppData\Local\CyberLink\Citrix\fprpbuai.dll (Trojan.Happili.XGen) -> Quarantined and deleted successfully.
C:\Users\Christine\AppData\Local\Temp\0.6432714163055551 (Trojan.Happili) -> Quarantined and deleted successfully.
C:\Users\Christine\AppData\Local\Temp\nsd2B9B.tmp\fprpbuai.dll (Trojan.Happili.XGen) -> Quarantined and deleted successfully.
C:\Users\Christine\AppData\Local\Temp\nsd2B9B.tmp\tzsfv.dll (Trojan.Happili.XGen) -> Quarantined and deleted successfully.

(end)



Here is the log from the rkill:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 05/13/2012 at 19:07:44.
Operating System: Windows ™ Vista Home Premium


Processes terminated by Rkill or while it was running:



Rkill completed on 05/13/2012 at 19:07:47.

Here is the log from the tdsskiller scan with tdlfs file system selected:

19:09:22.0948 1892 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
19:09:23.0416 1892 ============================================================
19:09:23.0416 1892 Current date / time: 2012/05/13 19:09:23.0416
19:09:23.0416 1892 SystemInfo:
19:09:23.0416 1892
19:09:23.0416 1892 OS Version: 6.0.6002 ServicePack: 2.0
19:09:23.0416 1892 Product type: Workstation
19:09:23.0416 1892 ComputerName: CHRISTINE-PC
19:09:23.0416 1892 UserName: Christine
19:09:23.0416 1892 Windows directory: C:\Windows
19:09:23.0416 1892 System windows directory: C:\Windows
19:09:23.0416 1892 Running under WOW64
19:09:23.0416 1892 Processor architecture: Intel x64
19:09:23.0416 1892 Number of processors: 2
19:09:23.0416 1892 Page size: 0x1000
19:09:23.0416 1892 Boot type: Safe boot with network
19:09:23.0416 1892 ============================================================
19:09:24.0477 1892 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:09:24.0492 1892 ============================================================
19:09:24.0492 1892 \Device\Harddisk0\DR0:
19:09:24.0492 1892 MBR partitions:
19:09:24.0492 1892 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x11D16800
19:09:24.0492 1892 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13717000, BlocksNum 0x11600000
19:09:24.0492 1892 ============================================================
19:09:24.0508 1892 C: <-> \Device\Harddisk0\DR0\Partition0
19:09:24.0555 1892 D: <-> \Device\Harddisk0\DR0\Partition1
19:09:24.0555 1892 ============================================================
19:09:24.0555 1892 Initialize success
19:09:24.0555 1892 ============================================================
19:09:29.0484 1940 ============================================================
19:09:29.0484 1940 Scan started
19:09:29.0484 1940 Mode: Manual; TDLFS;
19:09:29.0484 1940 ============================================================
19:09:31.0419 1940 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
19:09:31.0434 1940 ACPI - ok
19:09:31.0481 1940 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
19:09:31.0481 1940 adp94xx - ok
19:09:31.0590 1940 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
19:09:31.0590 1940 adpahci - ok
19:09:31.0606 1940 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
19:09:31.0606 1940 adpu160m - ok
19:09:31.0622 1940 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
19:09:31.0622 1940 adpu320 - ok
19:09:31.0668 1940 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
19:09:31.0668 1940 AeLookupSvc - ok
19:09:31.0731 1940 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
19:09:31.0746 1940 AFD - ok
19:09:31.0778 1940 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
19:09:31.0778 1940 agp440 - ok
19:09:31.0824 1940 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
19:09:31.0824 1940 aic78xx - ok
19:09:31.0856 1940 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
19:09:31.0856 1940 ALG - ok
19:09:31.0856 1940 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
19:09:31.0856 1940 aliide - ok
19:09:31.0871 1940 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
19:09:31.0871 1940 amdide - ok
19:09:31.0871 1940 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
19:09:31.0887 1940 AmdK8 - ok
19:09:31.0934 1940 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
19:09:31.0934 1940 Appinfo - ok
19:09:31.0934 1940 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
19:09:31.0949 1940 arc - ok
19:09:31.0965 1940 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
19:09:31.0965 1940 arcsas - ok
19:09:32.0027 1940 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
19:09:32.0027 1940 AsyncMac - ok
19:09:32.0043 1940 atapi (1898fae8e07d97f2f6c2d5326c633fac) C:\Windows\system32\drivers\atapi.sys
19:09:32.0043 1940 atapi - ok
19:09:32.0105 1940 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
19:09:32.0105 1940 AudioEndpointBuilder - ok
19:09:32.0121 1940 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
19:09:32.0121 1940 AudioSrv - ok
19:09:32.0246 1940 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:09:32.0246 1940 BBSvc - ok
19:09:32.0324 1940 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
19:09:32.0370 1940 BFE - ok
19:09:32.0495 1940 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
19:09:32.0651 1940 BITS - ok
19:09:32.0698 1940 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
19:09:32.0698 1940 blbdrive - ok
19:09:32.0729 1940 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
19:09:32.0729 1940 bowser - ok
19:09:32.0745 1940 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
19:09:32.0760 1940 BrFiltLo - ok
19:09:32.0760 1940 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
19:09:32.0760 1940 BrFiltUp - ok
19:09:32.0807 1940 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
19:09:32.0807 1940 Browser - ok
19:09:32.0807 1940 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
19:09:32.0807 1940 Brserid - ok
19:09:32.0823 1940 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
19:09:32.0823 1940 BrSerWdm - ok
19:09:32.0823 1940 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
19:09:32.0823 1940 BrUsbMdm - ok
19:09:32.0838 1940 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
19:09:32.0838 1940 BrUsbSer - ok
19:09:32.0838 1940 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
19:09:32.0838 1940 BTHMODEM - ok
19:09:32.0932 1940 BUNAgentSvc (09e6affae6c0e9158bf05c7d08d0107a) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
19:09:32.0932 1940 BUNAgentSvc - ok
19:09:32.0979 1940 CAXHWAZL (cd69e6640bc4778eb4159d34a707106e) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
19:09:32.0979 1940 CAXHWAZL - ok
19:09:33.0010 1940 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
19:09:33.0010 1940 cdfs - ok
19:09:33.0041 1940 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
19:09:33.0041 1940 cdrom - ok
19:09:33.0072 1940 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
19:09:33.0072 1940 CertPropSvc - ok
19:09:33.0088 1940 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
19:09:33.0088 1940 circlass - ok
19:09:33.0135 1940 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
19:09:33.0150 1940 CLFS - ok
19:09:33.0213 1940 CLHNService (8b67044ae0621c005245ef62eef0746f) C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
19:09:33.0213 1940 CLHNService - ok
19:09:33.0291 1940 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:09:33.0306 1940 clr_optimization_v2.0.50727_32 - ok
19:09:33.0353 1940 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:09:33.0400 1940 clr_optimization_v2.0.50727_64 - ok
19:09:33.0494 1940 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:09:33.0525 1940 clr_optimization_v4.0.30319_32 - ok
19:09:33.0572 1940 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:09:33.0572 1940 clr_optimization_v4.0.30319_64 - ok
19:09:33.0618 1940 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
19:09:33.0618 1940 CmBatt - ok
19:09:33.0650 1940 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
19:09:33.0650 1940 cmdide - ok
19:09:33.0665 1940 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
19:09:33.0665 1940 Compbatt - ok
19:09:33.0665 1940 COMSysApp - ok
19:09:33.0821 1940 cpuz132 - ok
19:09:33.0837 1940 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
19:09:33.0852 1940 crcdisk - ok
19:09:33.0884 1940 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
19:09:33.0884 1940 CryptSvc - ok
19:09:33.0993 1940 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
19:09:33.0993 1940 ctxusbm - ok
19:09:34.0086 1940 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
19:09:34.0102 1940 DcomLaunch - ok
19:09:34.0149 1940 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
19:09:34.0149 1940 DfsC - ok
19:09:34.0367 1940 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
19:09:34.0430 1940 DFSR - ok
19:09:34.0554 1940 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
19:09:34.0554 1940 Dhcp - ok
19:09:34.0601 1940 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
19:09:34.0601 1940 disk - ok
19:09:34.0710 1940 DKbFltr (f655c320762177f39fcd9c85cfcd8bd8) C:\Windows\syswow64\Drivers\DKbFltr.sys
19:09:34.0710 1940 DKbFltr - ok
19:09:34.0773 1940 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
19:09:34.0773 1940 Dnscache - ok
19:09:34.0820 1940 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
19:09:34.0820 1940 dot3svc - ok
19:09:34.0851 1940 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
19:09:34.0851 1940 DPS - ok
19:09:34.0882 1940 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
19:09:34.0882 1940 drmkaud - ok
19:09:34.0944 1940 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
19:09:34.0960 1940 DXGKrnl - ok
19:09:35.0007 1940 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
19:09:35.0007 1940 E1G60 - ok
19:09:35.0038 1940 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
19:09:35.0054 1940 EapHost - ok
19:09:35.0085 1940 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
19:09:35.0085 1940 Ecache - ok
19:09:35.0210 1940 eDataSecurity Service (b1f2503e23425b386df0f3413b2596f3) C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
19:09:35.0210 1940 eDataSecurity Service - ok
19:09:35.0272 1940 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
19:09:35.0272 1940 ehRecvr - ok
19:09:35.0319 1940 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
19:09:35.0319 1940 ehSched - ok
19:09:35.0366 1940 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
19:09:35.0366 1940 ehstart - ok
19:09:35.0412 1940 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
19:09:35.0428 1940 elxstor - ok
19:09:35.0475 1940 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
19:09:35.0475 1940 EMDMgmt - ok
19:09:35.0506 1940 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
19:09:35.0506 1940 ErrDev - ok
19:09:35.0600 1940 ETService (f25247d0e011a643ee60052ce23be05e) C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
19:09:35.0615 1940 ETService - ok
19:09:35.0678 1940 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
19:09:35.0678 1940 EventSystem - ok
19:09:35.0724 1940 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
19:09:35.0724 1940 exfat - ok
19:09:35.0771 1940 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
19:09:35.0771 1940 fastfat - ok
19:09:35.0802 1940 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
19:09:35.0802 1940 fdc - ok
19:09:35.0834 1940 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
19:09:35.0834 1940 fdPHost - ok
19:09:35.0849 1940 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
19:09:35.0849 1940 FDResPub - ok
19:09:35.0880 1940 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
19:09:35.0880 1940 FileInfo - ok
19:09:35.0880 1940 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
19:09:35.0880 1940 Filetrace - ok
19:09:35.0880 1940 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:09:35.0896 1940 flpydisk - ok
19:09:35.0927 1940 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
19:09:35.0927 1940 FltMgr - ok
19:09:36.0052 1940 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
19:09:36.0068 1940 FontCache - ok
19:09:36.0146 1940 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:09:36.0146 1940 FontCache3.0.0.0 - ok
19:09:36.0177 1940 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
19:09:36.0177 1940 Fs_Rec - ok
19:09:36.0302 1940 FTSvc (09cc05748a6a8bd095780c4178248d06) C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\FantapperUpdateService.exe
19:09:36.0302 1940 FTSvc - ok
19:09:36.0348 1940 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
19:09:36.0348 1940 gagp30kx - ok
19:09:36.0442 1940 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
19:09:36.0458 1940 gpsvc - ok
19:09:36.0520 1940 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:09:36.0536 1940 gupdate - ok
19:09:36.0551 1940 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:09:36.0551 1940 gupdatem - ok
19:09:36.0598 1940 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:09:36.0598 1940 gusvc - ok
19:09:36.0660 1940 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
19:09:36.0660 1940 HdAudAddService - ok
19:09:36.0738 1940 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:09:36.0754 1940 HDAudBus - ok
19:09:36.0770 1940 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
19:09:36.0770 1940 HidBth - ok
19:09:36.0801 1940 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys
19:09:36.0801 1940 HidIr - ok
19:09:36.0816 1940 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
19:09:36.0816 1940 hidserv - ok
19:09:36.0832 1940 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
19:09:36.0832 1940 HidUsb - ok
19:09:36.0863 1940 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
19:09:36.0879 1940 hkmsvc - ok
19:09:36.0894 1940 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
19:09:36.0894 1940 HpCISSs - ok
19:09:36.0926 1940 HSFHWAZL (57ba73b5b321291e5114cb21350e1ea0) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
19:09:36.0957 1940 HSFHWAZL - ok
19:09:37.0050 1940 HSF_DPV (ebdba99c2362457be429f024396b63be) C:\Windows\system32\DRIVERS\CAX_DPV.sys
19:09:37.0082 1940 HSF_DPV - ok
19:09:37.0222 1940 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
19:09:37.0238 1940 HTTP - ok
19:09:37.0269 1940 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
19:09:37.0269 1940 i2omp - ok
19:09:37.0284 1940 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
19:09:37.0284 1940 i8042prt - ok
19:09:37.0362 1940 IAANTMON (3e42c4691aad4b1e8d0466f9cbf05cbe) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:09:37.0362 1940 IAANTMON - ok
19:09:37.0409 1940 iaStor (fc28e90f2204d8fd147fa9bfa8a51c01) C:\Windows\system32\DRIVERS\iaStor.sys
19:09:37.0409 1940 iaStor - ok
19:09:37.0440 1940 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
19:09:37.0440 1940 iaStorV - ok
19:09:37.0565 1940 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:09:37.0581 1940 idsvc - ok
19:09:38.0158 1940 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:09:38.0408 1940 igfx - ok
19:09:38.0532 1940 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
19:09:38.0532 1940 iirsp - ok
19:09:38.0579 1940 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
19:09:38.0595 1940 IKEEXT - ok
19:09:38.0688 1940 int15 (8c7fa71cb1ebcd3ede8958d27b1bf0b4) C:\Windows\SysWOW64\drivers\int15_64.sys
19:09:38.0688 1940 int15 - ok
19:09:38.0813 1940 IntcAzAudAddService (6fdf709500c20362ffc5057f0d1e0c8d) C:\Windows\system32\drivers\RTKVHD64.sys
19:09:38.0829 1940 IntcAzAudAddService - ok
19:09:38.0969 1940 IntcHdmiAddService (c7c9720a5b0fd2b974fc4f72e405204b) C:\Windows\system32\drivers\IntcHdmi.sys
19:09:38.0969 1940 IntcHdmiAddService - ok
19:09:39.0016 1940 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
19:09:39.0016 1940 intelide - ok
19:09:39.0016 1940 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
19:09:39.0016 1940 intelppm - ok
19:09:39.0063 1940 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
19:09:39.0063 1940 IPBusEnum - ok
19:09:39.0094 1940 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:09:39.0094 1940 IpFilterDriver - ok
19:09:39.0125 1940 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
19:09:39.0141 1940 iphlpsvc - ok
19:09:39.0141 1940 IpInIp - ok
19:09:39.0141 1940 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
19:09:39.0156 1940 IPMIDRV - ok
19:09:39.0172 1940 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
19:09:39.0172 1940 IPNAT - ok
19:09:39.0188 1940 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
19:09:39.0188 1940 IRENUM - ok
19:09:39.0203 1940 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
19:09:39.0203 1940 isapnp - ok
19:09:39.0250 1940 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
19:09:39.0250 1940 iScsiPrt - ok
19:09:39.0266 1940 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
19:09:39.0266 1940 iteatapi - ok
19:09:39.0266 1940 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
19:09:39.0266 1940 iteraid - ok
19:09:39.0281 1940 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
19:09:39.0281 1940 kbdclass - ok
19:09:39.0312 1940 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
19:09:39.0312 1940 kbdhid - ok
19:09:39.0359 1940 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:09:39.0359 1940 KeyIso - ok
19:09:39.0468 1940 Kodak AiO Network Discovery Service (27277a11db52fefae5b01dc8fb570b28) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
19:09:39.0484 1940 Kodak AiO Network Discovery Service - ok
19:09:39.0546 1940 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
19:09:39.0562 1940 KSecDD - ok
19:09:39.0578 1940 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
19:09:39.0578 1940 ksthunk - ok
19:09:39.0640 1940 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
19:09:39.0640 1940 KtmRm - ok
19:09:39.0687 1940 L1E (0cb2c609dc8769ec2fc7ed50379064b9) C:\Windows\system32\DRIVERS\L1E60x64.sys
19:09:39.0687 1940 L1E - ok
19:09:39.0718 1940 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
19:09:39.0749 1940 LanmanServer - ok
19:09:39.0812 1940 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
19:09:39.0827 1940 LanmanWorkstation - ok
19:09:39.0905 1940 LightScribeService (793ff718477345cd5d232c50bed1e452) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:09:39.0905 1940 LightScribeService - ok
19:09:39.0921 1940 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
19:09:39.0921 1940 lltdio - ok
19:09:39.0968 1940 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
19:09:39.0968 1940 lltdsvc - ok
19:09:39.0999 1940 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
19:09:39.0999 1940 lmhosts - ok
19:09:40.0046 1940 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
19:09:40.0046 1940 LSI_FC - ok
19:09:40.0046 1940 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
19:09:40.0046 1940 LSI_SAS - ok
19:09:40.0077 1940 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
19:09:40.0077 1940 LSI_SCSI - ok
19:09:40.0092 1940 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
19:09:40.0092 1940 luafv - ok
19:09:40.0170 1940 lxdvCATSCustConnectService (b6d3b963adf91ea2f7c5e7c54ec7930b) C:\Windows\system32\spool\DRIVERS\x64\3\\lxdvserv.exe
19:09:40.0170 1940 lxdvCATSCustConnectService - ok
19:09:40.0186 1940 lxdv_device - ok
19:09:40.0217 1940 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
19:09:40.0217 1940 Mcx2Svc - ok
19:09:40.0248 1940 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:09:40.0248 1940 mdmxsdk - ok
19:09:40.0280 1940 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
19:09:40.0280 1940 megasas - ok
19:09:40.0311 1940 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
19:09:40.0311 1940 MegaSR - ok
19:09:40.0342 1940 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
19:09:40.0342 1940 MMCSS - ok
19:09:40.0373 1940 MobilityService - ok
19:09:40.0373 1940 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
19:09:40.0373 1940 Modem - ok
19:09:40.0420 1940 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
19:09:40.0420 1940 monitor - ok
19:09:40.0436 1940 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
19:09:40.0436 1940 mouclass - ok
19:09:40.0467 1940 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
19:09:40.0467 1940 mouhid - ok
19:09:40.0482 1940 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
19:09:40.0498 1940 MountMgr - ok
19:09:40.0545 1940 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
19:09:40.0545 1940 MpFilter - ok
19:09:40.0576 1940 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
19:09:40.0576 1940 mpio - ok
19:09:40.0592 1940 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
19:09:40.0592 1940 mpsdrv - ok
19:09:40.0654 1940 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
19:09:40.0654 1940 MpsSvc - ok
19:09:40.0685 1940 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
19:09:40.0685 1940 Mraid35x - ok
19:09:40.0716 1940 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
19:09:40.0716 1940 MRxDAV - ok
19:09:40.0763 1940 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:09:40.0763 1940 mrxsmb - ok
19:09:40.0826 1940 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:09:40.0841 1940 mrxsmb10 - ok
19:09:40.0888 1940 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:09:40.0888 1940 mrxsmb20 - ok
19:09:40.0935 1940 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
19:09:40.0935 1940 msahci - ok
19:09:40.0950 1940 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
19:09:40.0950 1940 msdsm - ok
19:09:40.0982 1940 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
19:09:40.0982 1940 MSDTC - ok
19:09:41.0013 1940 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
19:09:41.0013 1940 Msfs - ok
19:09:41.0028 1940 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
19:09:41.0028 1940 msisadrv - ok
19:09:41.0060 1940 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
19:09:41.0060 1940 MSiSCSI - ok
19:09:41.0075 1940 msiserver - ok
19:09:41.0091 1940 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
19:09:41.0091 1940 MSKSSRV - ok
19:09:41.0106 1940 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
19:09:41.0122 1940 MSPCLOCK - ok
19:09:41.0138 1940 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
19:09:41.0138 1940 MSPQM - ok
19:09:41.0169 1940 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
19:09:41.0184 1940 MsRPC - ok
19:09:41.0216 1940 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
19:09:41.0216 1940 mssmbios - ok
19:09:41.0231 1940 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
19:09:41.0231 1940 MSTEE - ok
19:09:41.0247 1940 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
19:09:41.0247 1940 Mup - ok
19:09:41.0309 1940 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
19:09:41.0309 1940 napagent - ok
19:09:41.0356 1940 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
19:09:41.0356 1940 NativeWifiP - ok
19:09:41.0434 1940 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
19:09:41.0450 1940 NDIS - ok
19:09:41.0481 1940 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
19:09:41.0481 1940 NdisTapi - ok
19:09:41.0496 1940 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
19:09:41.0496 1940 Ndisuio - ok
19:09:41.0528 1940 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
19:09:41.0528 1940 NdisWan - ok
19:09:41.0559 1940 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
19:09:41.0559 1940 NDProxy - ok
19:09:41.0574 1940 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
19:09:41.0574 1940 NetBIOS - ok
19:09:41.0621 1940 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
19:09:41.0621 1940 netbt - ok
19:09:41.0668 1940 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:09:41.0668 1940 Netlogon - ok
19:09:41.0715 1940 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
19:09:41.0715 1940 Netman - ok
19:09:41.0746 1940 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
19:09:41.0746 1940 netprofm - ok
19:09:41.0808 1940 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:09:41.0808 1940 NetTcpPortSharing - ok
19:09:42.0089 1940 NETw5v64 (93915c41a0dbbd121a0fad2835e43776) C:\Windows\system32\DRIVERS\NETw5v64.sys
19:09:42.0167 1940 NETw5v64 - ok
19:09:42.0276 1940 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
19:09:42.0292 1940 nfrd960 - ok
19:09:42.0323 1940 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:09:42.0323 1940 NisDrv - ok
19:09:42.0994 1940 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
19:09:43.0088 1940 NisSrv - ok
19:09:43.0275 1940 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
19:09:43.0290 1940 NlaSvc - ok
19:09:43.0322 1940 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
19:09:43.0322 1940 Npfs - ok
19:09:43.0353 1940 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
19:09:43.0353 1940 nsi - ok
19:09:43.0368 1940 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
19:09:43.0368 1940 nsiproxy - ok
19:09:43.0509 1940 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
19:09:43.0540 1940 Ntfs - ok
19:09:43.0618 1940 NTIBackupSvc (a2b6583a5652a385dff5e4f49ad48761) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
19:09:43.0618 1940 NTIBackupSvc - ok
19:09:43.0743 1940 NTIDrvr (7d397449aaf52b0e7c79b64f6ad4473e) C:\Windows\system32\Drivers\NTIDrvr.sys
19:09:43.0743 1940 NTIDrvr - ok
19:09:43.0774 1940 NTISchedulerSvc (40b87fe8a1a9a5ac9e5a91d96f212bcd) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
19:09:43.0774 1940 NTISchedulerSvc - ok
19:09:43.0774 1940 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
19:09:43.0774 1940 Null - ok
19:09:43.0805 1940 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
19:09:43.0805 1940 nvraid - ok
19:09:43.0821 1940 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
19:09:43.0821 1940 nvstor - ok
19:09:43.0821 1940 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
19:09:43.0821 1940 nv_agp - ok
19:09:43.0836 1940 NwlnkFlt - ok
19:09:43.0836 1940 NwlnkFwd - ok
19:09:43.0961 1940 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:09:43.0977 1940 odserv - ok
19:09:44.0008 1940 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys
19:09:44.0008 1940 ohci1394 - ok
19:09:44.0024 1940 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:09:44.0039 1940 ose - ok
19:09:44.0117 1940 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:09:44.0117 1940 p2pimsvc - ok
19:09:44.0133 1940 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:09:44.0133 1940 p2psvc - ok
19:09:44.0164 1940 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
19:09:44.0164 1940 Parport - ok
19:09:44.0211 1940 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
19:09:44.0211 1940 partmgr - ok
19:09:44.0242 1940 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
19:09:44.0242 1940 PcaSvc - ok
19:09:44.0289 1940 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
19:09:44.0289 1940 pci - ok
19:09:44.0304 1940 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
19:09:44.0304 1940 pciide - ok
19:09:44.0320 1940 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
19:09:44.0320 1940 pcmcia - ok
19:09:44.0382 1940 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
19:09:44.0398 1940 PEAUTH - ok
19:09:44.0476 1940 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
19:09:44.0538 1940 PerfHost - ok
19:09:44.0694 1940 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
19:09:44.0726 1940 pla - ok
19:09:44.0772 1940 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
19:09:44.0772 1940 PlugPlay - ok
19:09:44.0850 1940 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:09:44.0866 1940 PNRPAutoReg - ok
19:09:44.0866 1940 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:09:44.0882 1940 PNRPsvc - ok
19:09:44.0928 1940 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
19:09:44.0944 1940 PolicyAgent - ok
19:09:45.0006 1940 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
19:09:45.0006 1940 PptpMiniport - ok
19:09:45.0038 1940 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
19:09:45.0038 1940 Processor - ok
19:09:45.0084 1940 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
19:09:45.0084 1940 ProfSvc - ok
19:09:45.0116 1940 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:09:45.0116 1940 ProtectedStorage - ok
19:09:45.0162 1940 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
19:09:45.0162 1940 PSched - ok
19:09:45.0178 1940 PSDFilter (2cfd31d41cde75328acaeee2d4f4b836) C:\Windows\system32\DRIVERS\psdfilter.sys
19:09:45.0178 1940 PSDFilter - ok
19:09:45.0194 1940 PSDNServ (51a585f999672d8bb07f22ae12b40846) C:\Windows\system32\DRIVERS\PSDNServ.sys
19:09:45.0194 1940 PSDNServ - ok
19:09:45.0209 1940 psdvdisk (db50d3f5c31b1a848b04f7f2a6ff2709) C:\Windows\system32\DRIVERS\PSDVdisk.sys
19:09:45.0225 1940 psdvdisk - ok
19:09:45.0303 1940 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
19:09:45.0318 1940 ql2300 - ok
19:09:45.0334 1940 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
19:09:45.0334 1940 ql40xx - ok
19:09:45.0365 1940 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
19:09:45.0365 1940 QWAVE - ok
19:09:45.0381 1940 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
19:09:45.0381 1940 QWAVEdrv - ok
19:09:45.0412 1940 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
19:09:45.0412 1940 RasAcd - ok
19:09:45.0428 1940 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
19:09:45.0428 1940 RasAuto - ok
19:09:45.0474 1940 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:09:45.0474 1940 Rasl2tp - ok
19:09:45.0506 1940 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
19:09:45.0506 1940 RasMan - ok
19:09:45.0552 1940 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
19:09:45.0552 1940 RasPppoe - ok
19:09:45.0584 1940 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
19:09:45.0584 1940 RasSstp - ok
19:09:45.0615 1940 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
19:09:45.0615 1940 rdbss - ok
19:09:45.0662 1940 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:09:45.0662 1940 RDPCDD - ok
19:09:45.0693 1940 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
19:09:45.0708 1940 rdpdr - ok
19:09:45.0708 1940 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
19:09:45.0708 1940 RDPENCDD - ok
19:09:45.0771 1940 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys
19:09:45.0771 1940 RDPWD - ok
19:09:45.0802 1940 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
19:09:45.0802 1940 RemoteAccess - ok
19:09:45.0849 1940 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
19:09:45.0849 1940 RemoteRegistry - ok
19:09:45.0927 1940 RichVideo (17e0bef5ca5c9ce52cc8082ac6ebc449) C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
19:09:45.0927 1940 RichVideo - ok
19:09:45.0942 1940 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
19:09:45.0958 1940 RpcLocator - ok
19:09:46.0020 1940 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
19:09:46.0036 1940 RpcSs - ok
19:09:46.0083 1940 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
19:09:46.0098 1940 rspndr - ok
19:09:46.0130 1940 RTSTOR (e8851db71b1a33be35dace8f26780cde) C:\Windows\system32\drivers\RTSTOR64.SYS
19:09:46.0130 1940 RTSTOR - ok
19:09:46.0145 1940 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:09:46.0145 1940 SamSs - ok
19:09:46.0161 1940 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
19:09:46.0161 1940 sbp2port - ok
19:09:46.0208 1940 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
19:09:46.0208 1940 SCardSvr - ok
19:09:46.0286 1940 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
19:09:46.0286 1940 Schedule - ok
19:09:46.0317 1940 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
19:09:46.0317 1940 SCPolicySvc - ok
19:09:46.0364 1940 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
19:09:46.0379 1940 SDRSVC - ok
19:09:46.0488 1940 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:09:46.0488 1940 SeaPort - ok
19:09:46.0582 1940 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:09:46.0582 1940 secdrv - ok
19:09:46.0598 1940 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
19:09:46.0598 1940 seclogon - ok
19:09:46.0629 1940 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
19:09:46.0629 1940 SENS - ok
19:09:46.0660 1940 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
19:09:46.0660 1940 Serenum - ok
19:09:46.0676 1940 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
19:09:46.0676 1940 Serial - ok
19:09:46.0691 1940 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
19:09:46.0691 1940 sermouse - ok
19:09:46.0707 1940 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
19:09:46.0707 1940 SessionEnv - ok
19:09:46.0722 1940 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
19:09:46.0722 1940 sffdisk - ok
19:09:46.0722 1940 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
19:09:46.0722 1940 sffp_mmc - ok
19:09:46.0722 1940 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
19:09:46.0738 1940 sffp_sd - ok
19:09:46.0738 1940 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
19:09:46.0738 1940 sfloppy - ok
19:09:46.0785 1940 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
19:09:46.0785 1940 SharedAccess - ok
19:09:46.0832 1940 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
19:09:46.0832 1940 ShellHWDetection - ok
19:09:46.0847 1940 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
19:09:46.0847 1940 SiSRaid2 - ok
19:09:46.0863 1940 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
19:09:46.0863 1940 SiSRaid4 - ok
19:09:47.0019 1940 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
19:09:47.0066 1940 slsvc - ok
19:09:47.0159 1940 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
19:09:47.0159 1940 SLUINotify - ok
19:09:47.0222 1940 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
19:09:47.0222 1940 Smb - ok
19:09:47.0253 1940 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
19:09:47.0253 1940 SNMPTRAP - ok
19:09:47.0284 1940 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
19:09:47.0284 1940 spldr - ok
19:09:47.0346 1940 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
19:09:47.0346 1940 Spooler - ok
19:09:47.0424 1940 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
19:09:47.0424 1940 srv - ok
19:09:47.0487 1940 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
19:09:47.0487 1940 srv2 - ok
19:09:47.0502 1940 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
19:09:47.0518 1940 srvnet - ok
19:09:47.0565 1940 sscdbus (1612881760c9df7fbb09b6cf1d3ba0df) C:\Windows\system32\DRIVERS\sscdbus.sys
19:09:47.0565 1940 sscdbus - ok
19:09:47.0596 1940 sscdmdfl (d7803a687e85189ea2b525cc22093521) C:\Windows\system32\DRIVERS\sscdmdfl.sys
19:09:47.0612 1940 sscdmdfl - ok
19:09:47.0643 1940 sscdmdm (06db3d5eb2444083c7f5af7874765505) C:\Windows\system32\DRIVERS\sscdmdm.sys
19:09:47.0643 1940 sscdmdm - ok
19:09:47.0658 1940 sscdserd (23ebb395609d9cdb8b1074a12254119b) C:\Windows\system32\DRIVERS\sscdserd.sys
19:09:47.0658 1940 sscdserd - ok
19:09:47.0705 1940 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
19:09:47.0705 1940 SSDPSRV - ok
19:09:47.0736 1940 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
19:09:47.0736 1940 SstpSvc - ok
19:09:47.0783 1940 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys
19:09:47.0783 1940 StillCam - ok
19:09:47.0846 1940 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
19:09:47.0846 1940 stisvc - ok
19:09:47.0861 1940 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
19:09:47.0861 1940 swenum - ok
19:09:47.0924 1940 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
19:09:47.0924 1940 swprv - ok
19:09:47.0939 1940 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
19:09:47.0955 1940 Symc8xx - ok
19:09:47.0955 1940 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
19:09:47.0955 1940 Sym_hi - ok
19:09:47.0970 1940 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
19:09:47.0970 1940 Sym_u3 - ok
19:09:48.0017 1940 SynTP (0f2e5efdf6730780afea6ec6bf8aacb0) C:\Windows\system32\DRIVERS\SynTP.sys
19:09:48.0017 1940 SynTP - ok
19:09:48.0095 1940 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
19:09:48.0111 1940 SysMain - ok
19:09:48.0158 1940 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
19:09:48.0158 1940 TabletInputService - ok
19:09:48.0204 1940 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
19:09:48.0204 1940 TapiSrv - ok
19:09:48.0236 1940 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
19:09:48.0236 1940 TBS - ok
19:09:48.0407 1940 Tcpip (ac8d5728e6ad6a7c4819d9a67008337a) C:\Windows\system32\drivers\tcpip.sys
19:09:48.0423 1940 Tcpip - ok
19:09:48.0610 1940 Tcpip6 (ac8d5728e6ad6a7c4819d9a67008337a) C:\Windows\system32\DRIVERS\tcpip.sys
19:09:48.0610 1940 Tcpip6 - ok
19:09:48.0657 1940 tcpipreg (fd8fde859e38e40a20085ebb0c22b416) C:\Windows\system32\drivers\tcpipreg.sys
19:09:48.0672 1940 tcpipreg - ok
19:09:48.0704 1940 TcUsb (cbd13e809e81b07116c8d51aa199f69b) C:\Windows\system32\Drivers\tcusb.sys
19:09:48.0704 1940 TcUsb - ok
19:09:48.0719 1940 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
19:09:48.0719 1940 TDPIPE - ok
19:09:48.0719 1940 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
19:09:48.0719 1940 TDTCP - ok
19:09:48.0750 1940 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
19:09:48.0750 1940 tdx - ok
19:09:48.0782 1940 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
19:09:48.0782 1940 TermDD - ok
19:09:48.0844 1940 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
19:09:48.0860 1940 TermService - ok
19:09:48.0891 1940 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
19:09:48.0906 1940 Themes - ok
19:09:48.0922 1940 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
19:09:48.0922 1940 THREADORDER - ok
19:09:48.0953 1940 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
19:09:48.0953 1940 TrkWks - ok
19:09:49.0016 1940 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
19:09:49.0016 1940 TrustedInstaller - ok
19:09:49.0047 1940 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:09:49.0047 1940 tssecsrv - ok
19:09:49.0062 1940 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
19:09:49.0062 1940 tunmp - ok
19:09:49.0109 1940 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
19:09:49.0109 1940 tunnel - ok
19:09:49.0109 1940 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
19:09:49.0109 1940 uagp35 - ok
19:09:49.0125 1940 UBHelper (00c8ce31657624a125fdb90efd554371) C:\Windows\system32\drivers\UBHelper.sys
19:09:49.0125 1940 UBHelper - ok
19:09:49.0172 1940 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
19:09:49.0172 1940 udfs - ok
19:09:49.0203 1940 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
19:09:49.0203 1940 UI0Detect - ok
19:09:49.0234 1940 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
19:09:49.0234 1940 uliagpkx - ok
19:09:49.0250 1940 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
19:09:49.0250 1940 uliahci - ok
19:09:49.0265 1940 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
19:09:49.0281 1940 UlSata - ok
19:09:49.0281 1940 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
19:09:49.0296 1940 ulsata2 - ok
19:09:49.0312 1940 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
19:09:49.0312 1940 umbus - ok
19:09:49.0343 1940 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
19:09:49.0359 1940 upnphost - ok
19:09:49.0406 1940 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
19:09:49.0406 1940 usbccgp - ok
19:09:49.0421 1940 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
19:09:49.0421 1940 usbcir - ok
19:09:49.0452 1940 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
19:09:49.0452 1940 usbehci - ok
19:09:49.0468 1940 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
19:09:49.0468 1940 usbhub - ok
19:09:49.0499 1940 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
19:09:49.0499 1940 usbohci - ok
19:09:49.0530 1940 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
19:09:49.0530 1940 usbprint - ok
19:09:49.0562 1940 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
19:09:49.0577 1940 usbscan - ok
19:09:49.0608 1940 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:09:49.0608 1940 USBSTOR - ok
19:09:49.0624 1940 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
19:09:49.0624 1940 usbuhci - ok
19:09:49.0655 1940 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
19:09:49.0655 1940 usbvideo - ok
19:09:49.0686 1940 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
19:09:49.0686 1940 UxSms - ok
19:09:49.0749 1940 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
19:09:49.0749 1940 vds - ok
19:09:49.0780 1940 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
19:09:49.0796 1940 vga - ok
19:09:49.0811 1940 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
19:09:49.0811 1940 VgaSave - ok
19:09:49.0811 1940 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
19:09:49.0811 1940 viaide - ok
19:09:49.0842 1940 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
19:09:49.0858 1940 volmgr - ok
19:09:49.0905 1940 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
19:09:49.0905 1940 volmgrx - ok
19:09:49.0967 1940 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
19:09:49.0967 1940 volsnap - ok
19:09:50.0014 1940 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
19:09:50.0014 1940 vsmraid - ok
19:09:50.0108 1940 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
19:09:50.0139 1940 VSS - ok
19:09:50.0186 1940 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
19:09:50.0186 1940 W32Time - ok
19:09:50.0248 1940 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
19:09:50.0248 1940 WacomPen - ok
19:09:50.0295 1940 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:09:50.0295 1940 Wanarp - ok
19:09:50.0310 1940 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:09:50.0310 1940 Wanarpv6 - ok
19:09:50.0373 1940 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
19:09:50.0373 1940 wcncsvc - ok
19:09:50.0420 1940 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
19:09:50.0420 1940 WcsPlugInService - ok
19:09:50.0435 1940 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
19:09:50.0435 1940 Wd - ok
19:09:50.0498 1940 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
19:09:50.0498 1940 Wdf01000 - ok
19:09:50.0544 1940 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
19:09:50.0544 1940 WdiServiceHost - ok
19:09:50.0544 1940 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
19:09:50.0544 1940 WdiSystemHost - ok
19:09:50.0591 1940 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
19:09:50.0591 1940 WebClient - ok
19:09:50.0638 1940 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
19:09:50.0638 1940 Wecsvc - ok
19:09:50.0669 1940 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
19:09:50.0669 1940 wercplsupport - ok
19:09:50.0700 1940 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
19:09:50.0700 1940 WerSvc - ok
19:09:50.0778 1940 winachsf (9e6c63f94d2c3d884a8936e448b1028b) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
19:09:50.0794 1940 winachsf - ok
19:09:50.0825 1940 winbondcir (54d68b92dc59fbba95919c804a7c3e07) C:\Windows\system32\DRIVERS\winbondcir.sys
19:09:50.0825 1940 winbondcir - ok
19:09:50.0825 1940 WinHttpAutoProxySvc - ok
19:09:50.0888 1940 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
19:09:50.0919 1940 Winmgmt - ok
19:09:51.0044 1940 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
19:09:51.0075 1940 WinRM - ok
19:09:51.0215 1940 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
19:09:51.0215 1940 Wlansvc - ok
19:09:51.0434 1940 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:09:51.0465 1940 wlidsvc - ok
19:09:51.0574 1940 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:09:51.0574 1940 WmiAcpi - ok
19:09:51.0636 1940 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
19:09:51.0636 1940 wmiApSrv - ok
19:09:51.0683 1940 WMPNetworkSvc - ok
19:09:51.0714 1940 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
19:09:51.0714 1940 WPCSvc - ok
19:09:51.0761 1940 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
19:09:51.0761 1940 WPDBusEnum - ok
19:09:51.0808 1940 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
19:09:51.0808 1940 WpdUsb - ok
19:09:51.0964 1940 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:09:51.0980 1940 WPFFontCache_v0400 - ok
19:09:52.0011 1940 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
19:09:52.0011 1940 ws2ifsl - ok
19:09:52.0011 1940 WSearch - ok
19:09:52.0182 1940 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
19:09:52.0214 1940 wuauserv - ok
19:09:52.0354 1940 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:09:52.0354 1940 WUDFRd - ok
19:09:52.0385 1940 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
19:09:52.0385 1940 wudfsvc - ok
19:09:52.0432 1940 XAudio (f22e443518bc599d12888daf292a56d8) C:\Windows\system32\DRIVERS\xaudio64.sys
19:09:52.0432 1940 XAudio - ok
19:09:52.0463 1940 XAudioService (963c27034bba4ac52a13f7a3c657c708) C:\Windows\system32\DRIVERS\xaudio64.exe
19:09:52.0479 1940 XAudioService - ok
19:09:52.0510 1940 MBR (0x1B8) (bb9d3a6a13c5010348da7c900bb6af50) \Device\Harddisk0\DR0
19:09:53.0181 1940 \Device\Harddisk0\DR0 - ok
19:09:53.0212 1940 Boot (0x1200) (74d556e5e12fe5381a20e2e15f76e0fe) \Device\Harddisk0\DR0\Partition0
19:09:53.0212 1940 \Device\Harddisk0\DR0\Partition0 - ok
19:09:53.0228 1940 Boot (0x1200) (b4125ccd1dbd86f4e5a80bf4eae53934) \Device\Harddisk0\DR0\Partition1
19:09:53.0228 1940 \Device\Harddisk0\DR0\Partition1 - ok
19:09:53.0228 1940 ============================================================
19:09:53.0228 1940 Scan finished
19:09:53.0228 1940 ============================================================
19:09:53.0243 1800 Detected object count: 0
19:09:53.0243 1800 Actual detected object count: 0
19:11:04.0096 1120 Deinitialize success


Here is the mwb quick scan:


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.13.04

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Christine :: CHRISTINE-PC [administrator]

5/13/2012 7:15:30 PM
mbam-log-2012-05-13 (19-15-30).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P


Thank you again for your assistance.

4
Objects scanned: 211019
Time elapsed: 7 minute(s), 44 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:14 AM

Posted 13 May 2012 - 09:53 PM

Is the security center still down?


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 4on4off

4on4off
  • Topic Starter

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:14 AM

Posted 14 May 2012 - 12:15 AM

Boopme,

Sorry, that scan took awhile.

The security center is still down.

Here is the log from the ESET online scanner:

C:\ProgramData\Spybot - Search & Destroy\Recovery\FunWebProducts460.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch1.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch114.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch115.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch116.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch117.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch118.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch14.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch15.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch164.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch19.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch21.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch710.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\Christine\AppData\Local\Temp\tdsp.dll Win32/Sirefef.EY trojan cleaned by deleting - quarantined
C:\Users\Christine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\7bec11ca-5f7283ea Java/Exploit.CVE-2011-3544.F trojan deleted - quarantined
C:\Users\Christine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\16431a4d-2c1f988b Java/Exploit.CVE-2011-3544.F trojan deleted - quarantined
C:\Users\Christine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\504e4dd6-4162c3da a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\Christine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\1b0b81d-2fea8a4c multiple threats deleted - quarantined
C:\Users\Christine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\20c7501e-49b7faff a variant of Java/Exploit.Blacole.AI trojan deleted - quarantined
C:\Users\Christine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\478d18df-5615b517 Win32/Sirefef.EY trojan cleaned by deleting - quarantined
C:\Users\Christine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\1b6211a6-1f8febfe Java/Exploit.CVE-2011-3544.F trojan deleted - quarantined
C:\Users\Christine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\4d809ea6-29f3e0ca multiple threats deleted - quarantined
C:\Users\Christine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\2452a8e7-5d42801c multiple threats deleted - quarantined
C:\Users\Christine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\4757cf9-6bf6c02e a variant of Java/Exploit.Blacole.AI trojan deleted - quarantined
C:\Users\Christine\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\69928a3d-60c5a9e7 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined


That looks nasty!

4

#6 4on4off

4on4off
  • Topic Starter

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:14 AM

Posted 14 May 2012 - 10:32 AM

Boopme,

Update:

I forgot I had a zip stashed away that replaces the missing security center service. I ran it and reinstalled security essentials as well. Both are working now.

That doesn't address the results of the ESET scan though. Do you think I am in the clear after running it?

Thanks again for your assistance.

4

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:14 AM

Posted 14 May 2012 - 04:21 PM

Ok, this is good.. The bad stuff is removed..
Win32/Bagle family are usually distributed as attachments of spammed e-mail messages.

Lets look at your system a minute for exploits..

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 4on4off

4on4off
  • Topic Starter

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:14 AM

Posted 14 May 2012 - 04:28 PM

Boopme,

Here is the result of the minitoolbox:

MiniToolBox by Farbar Version: 18-01-2012
Ran by Christine (administrator) on 14-05-2012 at 14:26:39
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Christine-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.wa.comcast.net.

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.wa.comcast.net.
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-21-6B-10-B4-4A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8ff:f0fd:c945:42aa%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.150(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, May 14, 2012 9:44:30 AM
Lease Expires . . . . . . . . . . : Monday, May 21, 2012 12:14:04 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 301998443
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-2A-67-3D-00-23-8B-78-CE-49
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
Physical Address. . . . . . . . . : 00-23-8B-78-CE-49
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{C30D4AFC-C980-4E95-BE67-ED267D42A84D}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.wa.comcast.net.
Description . . . . . . . . . . . : isatap.hsd1.wa.comcast.net.
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:4b3:1b9d:3f57:fd69(Preferred)
Link-local IPv6 Address . . . . . : fe80::4b3:1b9d:3f57:fd69%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 173.194.33.14
173.194.33.2
173.194.33.9
173.194.33.5
173.194.33.4
173.194.33.1
173.194.33.8
173.194.33.7
173.194.33.0
173.194.33.3
173.194.33.6



Pinging google.com [173.194.33.33] with 32 bytes of data:

Reply from 173.194.33.33: bytes=32 time=36ms TTL=50

Reply from 173.194.33.33: bytes=32 time=36ms TTL=50



Ping statistics for 173.194.33.33:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 36ms, Maximum = 36ms, Average = 36ms

Server: UnKnown
Address: 192.168.2.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=66ms TTL=51

Reply from 209.191.122.70: bytes=32 time=66ms TTL=51



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 66ms, Maximum = 66ms, Average = 66ms

Server: UnKnown
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 21 6b 10 b4 4a ...... Intel® WiFi Link 5100 AGN
10 ...00 23 8b 78 ce 49 ...... Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
1 ........................... Software Loopback Interface 1
14 ...00 00 00 00 00 00 00 e0 isatap.{C30D4AFC-C980-4E95-BE67-ED267D42A84D}
13 ...00 00 00 00 00 00 00 e0 isatap.hsd1.wa.comcast.net.
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.150 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.150 281
192.168.2.150 255.255.255.255 On-link 192.168.2.150 281
192.168.2.255 255.255.255.255 On-link 192.168.2.150 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.150 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.150 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 18 ::/0 On-link
1 306 ::1/128 On-link
12 18 2001::/32 On-link
12 266 2001:0:4137:9e76:4b3:1b9d:3f57:fd69/128
On-link
11 281 fe80::/64 On-link
12 266 fe80::/64 On-link
12 266 fe80::4b3:1b9d:3f57:fd69/128
On-link
11 281 fe80::8ff:f0fd:c945:42aa/128
On-link
1 306 ff00::/8 On-link
12 266 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/14/2012 02:26:48 PM) (Source: Linkury) (User: )
Description: Timestamp: 5/14/2012 9:26:48 PM
Message: Tracing to LogSource 'General' failed. Processing for other sources will continue. See summary information below for more information. Should this problem persist, stop the service and check the configuration file(s) for possible error(s) in the configuration of the categories and sinks.


Summary for Enterprise Library Distributor Service:
======================================
-->
Message:
Timestamp: 5/14/2012 9:26:48 PM
Message: HandlingInstanceID: 1978beb6-2368-4c54-8460-8f63c9793264
An exception of type 'System.Net.WebException' occurred and was caught.
-----------------------------------------------------------------------
05/14/2012 14:26:48
Type : System.Net.WebException, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : The request failed with HTTP status 404: Not Found.
Source : System.Web.Services
Help link :
Status : ProtocolError
Response : System.Net.HttpWebResponse
Data : System.Collections.ListDictionaryInternal
TargetSite : System.Object[] ReadResponse(System.Web.Services.Protocols.SoapClientMessage, System.Net.WebResponse, System.IO.Stream, Boolean)
Stack Trace : at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Linkury.Resources.HistoryAndStatsWrapper.HistoryWrapperService.HistoryWrapperService.logUserDataList(UpdateUserDataRequest[] request)
at Linkury.Resources.HistoryAndStatsWrapper.TaskQueue`2.Consume()

Additional Info:

MachineName : CHRISTINE-PC
TimeStamp : 5/14/2012 9:26:48 PM
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
AppDomainName : Linkury.exe
ThreadIdentity :
WindowsIdentity : Christine-PC\Christine

Category: General
Priority: 0
EventId: 100
Severity: Error
Title:Enterprise Library Exception Handling
Machine: CHRISTINE-PC
App Domain: Linkury.exe
ProcessId: 3292
Process Name: C:\Program Files (x86)\Linkury\Linkury.exe
Thread Name:
Win32 ThreadId:2680
Extended Properties:
--> MachineName: CHRISTINE-PC
--> TimeStamp: 5/14/2012 9:26:48 PM
--> FullName: Microsoft.Practices.EnterpriseLibrary.Logging, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
--> AppDomainName: Linkury.exe
--> WindowsIdentity: Christine-PC\Christine

Exception Information Details:
======================================
Exception Type: System.NullReferenceException
Message: Object reference not set to an instance of an object.
Data: System.Collections.ListDictionaryInternal
TargetSite: Void TraceData(System.Diagnostics.TraceEventCache, System.String, System.Diagnostics.TraceEventType, Int32, System.Object)
HelpLink: NULL
Source: System

StackTrace Information Details:
======================================
at System.Diagnostics.EventLogTraceListener.TraceData(TraceEventCache eventCache, String source, TraceEventType severity, Int32 id, Object data)
at Microsoft.Practices.EnterpriseLibrary.Logging.LogSource.TraceData(TraceEventType eventType, Int32 id, LogEntry logEntry, TraceListenerFilter traceListenerFilter)
at Microsoft.Practices.EnterpriseLibrary.Logging.LogWriter.ProcessLog(LogEntry log)
Category:
Priority: -1
EventId: 6352
Severity: Error
Title:
Machine: CHRISTINE-PC
Application Domain: Linkury.exe
Process Id: 3292
Process Name: C:\Program Files (x86)\Linkury\Linkury.exe
Win32 Thread Id: 2680
Thread Name:
Extended Properties: <Error: property not found>

Error: (05/14/2012 02:26:48 PM) (Source: Linkury) (User: )
Description: Timestamp: 5/14/2012 9:26:48 PM
Message: HandlingInstanceID: 1978beb6-2368-4c54-8460-8f63c9793264
An exception of type 'System.Net.WebException' occurred and was caught.
-----------------------------------------------------------------------
05/14/2012 14:26:48
Type : System.Net.WebException, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : The request failed with HTTP status 404: Not Found.
Source : System.Web.Services
Help link :
Status : ProtocolError
Response : System.Net.HttpWebResponse
Data : System.Collections.ListDictionaryInternal
TargetSite : System.Object[] ReadResponse(System.Web.Services.Protocols.SoapClientMessage, System.Net.WebResponse, System.IO.Stream, Boolean)
Stack Trace : at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Linkury.Resources.HistoryAndStatsWrapper.HistoryWrapperService.HistoryWrapperService.logUserDataList(UpdateUserDataRequest[] request)
at Linkury.Resources.HistoryAndStatsWrapper.TaskQueue`2.Consume()

Additional Info:

MachineName : CHRISTINE-PC
TimeStamp : 5/14/2012 9:26:48 PM
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
AppDomainName : Linkury.exe
ThreadIdentity :
WindowsIdentity : Christine-PC\Christine

Category: General
Priority: 0
EventId: 100
Severity: Error
Title:Enterprise Library Exception Handling
Machine: CHRISTINE-PC
Application Domain: Linkury.exe
Process Id: 3292
Process Name: C:\Program Files (x86)\Linkury\Linkury.exe
Win32 Thread Id: 2680
Thread Name:
Extended Properties: <Error: property not found>

Error: (05/14/2012 02:26:18 PM) (Source: Linkury) (User: )
Description: Timestamp: 5/14/2012 9:26:18 PM
Message: Tracing to LogSource 'General' failed. Processing for other sources will continue. See summary information below for more information. Should this problem persist, stop the service and check the configuration file(s) for possible error(s) in the configuration of the categories and sinks.


Summary for Enterprise Library Distributor Service:
======================================
-->
Message:
Timestamp: 5/14/2012 9:26:18 PM
Message: HandlingInstanceID: b968cdb4-21f9-45ee-8365-147a818285f3
An exception of type 'System.Net.WebException' occurred and was caught.
-----------------------------------------------------------------------
05/14/2012 14:26:18
Type : System.Net.WebException, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : The request failed with HTTP status 404: Not Found.
Source : System.Web.Services
Help link :
Status : ProtocolError
Response : System.Net.HttpWebResponse
Data : System.Collections.ListDictionaryInternal
TargetSite : System.Object[] ReadResponse(System.Web.Services.Protocols.SoapClientMessage, System.Net.WebResponse, System.IO.Stream, Boolean)
Stack Trace : at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Linkury.Resources.HistoryAndStatsWrapper.HistoryWrapperService.HistoryWrapperService.logUserDataList(UpdateUserDataRequest[] request)
at Linkury.Resources.HistoryAndStatsWrapper.TaskQueue`2.Consume()

Additional Info:

MachineName : CHRISTINE-PC
TimeStamp : 5/14/2012 9:26:18 PM
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
AppDomainName : Linkury.exe
ThreadIdentity :
WindowsIdentity : Christine-PC\Christine

Category: General
Priority: 0
EventId: 100
Severity: Error
Title:Enterprise Library Exception Handling
Machine: CHRISTINE-PC
App Domain: Linkury.exe
ProcessId: 3292
Process Name: C:\Program Files (x86)\Linkury\Linkury.exe
Thread Name:
Win32 ThreadId:2680
Extended Properties:
--> MachineName: CHRISTINE-PC
--> TimeStamp: 5/14/2012 9:26:18 PM
--> FullName: Microsoft.Practices.EnterpriseLibrary.Logging, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
--> AppDomainName: Linkury.exe
--> WindowsIdentity: Christine-PC\Christine

Exception Information Details:
======================================
Exception Type: System.NullReferenceException
Message: Object reference not set to an instance of an object.
Data: System.Collections.ListDictionaryInternal
TargetSite: Void TraceData(System.Diagnostics.TraceEventCache, System.String, System.Diagnostics.TraceEventType, Int32, System.Object)
HelpLink: NULL
Source: System

StackTrace Information Details:
======================================
at System.Diagnostics.EventLogTraceListener.TraceData(TraceEventCache eventCache, String source, TraceEventType severity, Int32 id, Object data)
at Microsoft.Practices.EnterpriseLibrary.Logging.LogSource.TraceData(TraceEventType eventType, Int32 id, LogEntry logEntry, TraceListenerFilter traceListenerFilter)
at Microsoft.Practices.EnterpriseLibrary.Logging.LogWriter.ProcessLog(LogEntry log)
Category:
Priority: -1
EventId: 6352
Severity: Error
Title:
Machine: CHRISTINE-PC
Application Domain: Linkury.exe
Process Id: 3292
Process Name: C:\Program Files (x86)\Linkury\Linkury.exe
Win32 Thread Id: 2680
Thread Name:
Extended Properties: <Error: property not found>

Error: (05/14/2012 02:26:18 PM) (Source: Linkury) (User: )
Description: Timestamp: 5/14/2012 9:26:18 PM
Message: HandlingInstanceID: b968cdb4-21f9-45ee-8365-147a818285f3
An exception of type 'System.Net.WebException' occurred and was caught.
-----------------------------------------------------------------------
05/14/2012 14:26:18
Type : System.Net.WebException, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : The request failed with HTTP status 404: Not Found.
Source : System.Web.Services
Help link :
Status : ProtocolError
Response : System.Net.HttpWebResponse
Data : System.Collections.ListDictionaryInternal
TargetSite : System.Object[] ReadResponse(System.Web.Services.Protocols.SoapClientMessage, System.Net.WebResponse, System.IO.Stream, Boolean)
Stack Trace : at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Linkury.Resources.HistoryAndStatsWrapper.HistoryWrapperService.HistoryWrapperService.logUserDataList(UpdateUserDataRequest[] request)
at Linkury.Resources.HistoryAndStatsWrapper.TaskQueue`2.Consume()

Additional Info:

MachineName : CHRISTINE-PC
TimeStamp : 5/14/2012 9:26:18 PM
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
AppDomainName : Linkury.exe
ThreadIdentity :
WindowsIdentity : Christine-PC\Christine

Category: General
Priority: 0
EventId: 100
Severity: Error
Title:Enterprise Library Exception Handling
Machine: CHRISTINE-PC
Application Domain: Linkury.exe
Process Id: 3292
Process Name: C:\Program Files (x86)\Linkury\Linkury.exe
Win32 Thread Id: 2680
Thread Name:
Extended Properties: <Error: property not found>

Error: (05/14/2012 02:25:47 PM) (Source: Linkury) (User: )
Description: Timestamp: 5/14/2012 9:25:47 PM
Message: Tracing to LogSource 'General' failed. Processing for other sources will continue. See summary information below for more information. Should this problem persist, stop the service and check the configuration file(s) for possible error(s) in the configuration of the categories and sinks.


Summary for Enterprise Library Distributor Service:
======================================
-->
Message:
Timestamp: 5/14/2012 9:25:47 PM
Message: HandlingInstanceID: 12045f6c-826c-4c51-966e-65051432fa3a
An exception of type 'System.Net.WebException' occurred and was caught.
-----------------------------------------------------------------------
05/14/2012 14:25:47
Type : System.Net.WebException, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : The request failed with HTTP status 404: Not Found.
Source : System.Web.Services
Help link :
Status : ProtocolError
Response : System.Net.HttpWebResponse
Data : System.Collections.ListDictionaryInternal
TargetSite : System.Object[] ReadResponse(System.Web.Services.Protocols.SoapClientMessage, System.Net.WebResponse, System.IO.Stream, Boolean)
Stack Trace : at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Linkury.Resources.HistoryAndStatsWrapper.HistoryWrapperService.HistoryWrapperService.logUserDataList(UpdateUserDataRequest[] request)
at Linkury.Resources.HistoryAndStatsWrapper.TaskQueue`2.Consume()

Additional Info:

MachineName : CHRISTINE-PC
TimeStamp : 5/14/2012 9:25:47 PM
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
AppDomainName : Linkury.exe
ThreadIdentity :
WindowsIdentity : Christine-PC\Christine

Category: General
Priority: 0
EventId: 100
Severity: Error
Title:Enterprise Library Exception Handling
Machine: CHRISTINE-PC
App Domain: Linkury.exe
ProcessId: 3292
Process Name: C:\Program Files (x86)\Linkury\Linkury.exe
Thread Name:
Win32 ThreadId:2680
Extended Properties:
--> MachineName: CHRISTINE-PC
--> TimeStamp: 5/14/2012 9:25:47 PM
--> FullName: Microsoft.Practices.EnterpriseLibrary.Logging, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
--> AppDomainName: Linkury.exe
--> WindowsIdentity: Christine-PC\Christine

Exception Information Details:
======================================
Exception Type: System.NullReferenceException
Message: Object reference not set to an instance of an object.
Data: System.Collections.ListDictionaryInternal
TargetSite: Void TraceData(System.Diagnostics.TraceEventCache, System.String, System.Diagnostics.TraceEventType, Int32, System.Object)
HelpLink: NULL
Source: System

StackTrace Information Details:
======================================
at System.Diagnostics.EventLogTraceListener.TraceData(TraceEventCache eventCache, String source, TraceEventType severity, Int32 id, Object data)
at Microsoft.Practices.EnterpriseLibrary.Logging.LogSource.TraceData(TraceEventType eventType, Int32 id, LogEntry logEntry, TraceListenerFilter traceListenerFilter)
at Microsoft.Practices.EnterpriseLibrary.Logging.LogWriter.ProcessLog(LogEntry log)
Category:
Priority: -1
EventId: 6352
Severity: Error
Title:
Machine: CHRISTINE-PC
Application Domain: Linkury.exe
Process Id: 3292
Process Name: C:\Program Files (x86)\Linkury\Linkury.exe
Win32 Thread Id: 2680
Thread Name:
Extended Properties: <Error: property not found>

Error: (05/14/2012 02:25:47 PM) (Source: Linkury) (User: )
Description: Timestamp: 5/14/2012 9:25:47 PM
Message: HandlingInstanceID: 12045f6c-826c-4c51-966e-65051432fa3a
An exception of type 'System.Net.WebException' occurred and was caught.
-----------------------------------------------------------------------
05/14/2012 14:25:47
Type : System.Net.WebException, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : The request failed with HTTP status 404: Not Found.
Source : System.Web.Services
Help link :
Status : ProtocolError
Response : System.Net.HttpWebResponse
Data : System.Collections.ListDictionaryInternal
TargetSite : System.Object[] ReadResponse(System.Web.Services.Protocols.SoapClientMessage, System.Net.WebResponse, System.IO.Stream, Boolean)
Stack Trace : at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Linkury.Resources.HistoryAndStatsWrapper.HistoryWrapperService.HistoryWrapperService.logUserDataList(UpdateUserDataRequest[] request)
at Linkury.Resources.HistoryAndStatsWrapper.TaskQueue`2.Consume()

Additional Info:

MachineName : CHRISTINE-PC
TimeStamp : 5/14/2012 9:25:47 PM
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
AppDomainName : Linkury.exe
ThreadIdentity :
WindowsIdentity : Christine-PC\Christine

Category: General
Priority: 0
EventId: 100
Severity: Error
Title:Enterprise Library Exception Handling
Machine: CHRISTINE-PC
Application Domain: Linkury.exe
Process Id: 3292
Process Name: C:\Program Files (x86)\Linkury\Linkury.exe
Win32 Thread Id: 2680
Thread Name:
Extended Properties: <Error: property not found>

Error: (05/14/2012 02:25:17 PM) (Source: Linkury) (User: )
Description: Timestamp: 5/14/2012 9:25:17 PM
Message: Tracing to LogSource 'General' failed. Processing for other sources will continue. See summary information below for more information. Should this problem persist, stop the service and check the configuration file(s) for possible error(s) in the configuration of the categories and sinks.


Summary for Enterprise Library Distributor Service:
======================================
-->
Message:
Timestamp: 5/14/2012 9:25:17 PM
Message: HandlingInstanceID: 4c91cd34-3934-49fd-a8fa-f75643f54c63
An exception of type 'System.Net.WebException' occurred and was caught.
-----------------------------------------------------------------------
05/14/2012 14:25:17
Type : System.Net.WebException, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : The request failed with HTTP status 404: Not Found.
Source : System.Web.Services
Help link :
Status : ProtocolError
Response : System.Net.HttpWebResponse
Data : System.Collections.ListDictionaryInternal
TargetSite : System.Object[] ReadResponse(System.Web.Services.Protocols.SoapClientMessage, System.Net.WebResponse, System.IO.Stream, Boolean)
Stack Trace : at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Linkury.Resources.HistoryAndStatsWrapper.HistoryWrapperService.HistoryWrapperService.logUserDataList(UpdateUserDataRequest[] request)
at Linkury.Resources.HistoryAndStatsWrapper.TaskQueue`2.Consume()

Additional Info:

MachineName : CHRISTINE-PC
TimeStamp : 5/14/2012 9:25:17 PM
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
AppDomainName : Linkury.exe
ThreadIdentity :
WindowsIdentity : Christine-PC\Christine

Category: General
Priority: 0
EventId: 100
Severity: Error
Title:Enterprise Library Exception Handling
Machine: CHRISTINE-PC
App Domain: Linkury.exe
ProcessId: 3292
Process Name: C:\Program Files (x86)\Linkury\Linkury.exe
Thread Name:
Win32 ThreadId:2680
Extended Properties:
--> MachineName: CHRISTINE-PC
--> TimeStamp: 5/14/2012 9:25:17 PM
--> FullName: Microsoft.Practices.EnterpriseLibrary.Logging, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
--> AppDomainName: Linkury.exe
--> WindowsIdentity: Christine-PC\Christine

Exception Information Details:
======================================
Exception Type: System.NullReferenceException
Message: Object reference not set to an instance of an object.
Data: System.Collections.ListDictionaryInternal
TargetSite: Void TraceData(System.Diagnostics.TraceEventCache, System.String, System.Diagnostics.TraceEventType, Int32, System.Object)
HelpLink: NULL
Source: System

StackTrace Information Details:
======================================
at System.Diagnostics.EventLogTraceListener.TraceData(TraceEventCache eventCache, String source, TraceEventType severity, Int32 id, Object data)
at Microsoft.Practices.EnterpriseLibrary.Logging.LogSource.TraceData(TraceEventType eventType, Int32 id, LogEntry logEntry, TraceListenerFilter traceListenerFilter)
at Microsoft.Practices.EnterpriseLibrary.Logging.LogWriter.ProcessLog(LogEntry log)
Category:
Priority: -1
EventId: 6352
Severity: Error
Title:
Machine: CHRISTINE-PC
Application Domain: Linkury.exe
Process Id: 3292
Process Name: C:\Program Files (x86)\Linkury\Linkury.exe
Win32 Thread Id: 2680
Thread Name:
Extended Properties: <Error: property not found>

Error: (05/14/2012 02:25:17 PM) (Source: Linkury) (User: )
Description: Timestamp: 5/14/2012 9:25:17 PM
Message: HandlingInstanceID: 4c91cd34-3934-49fd-a8fa-f75643f54c63
An exception of type 'System.Net.WebException' occurred and was caught.
-----------------------------------------------------------------------
05/14/2012 14:25:17
Type : System.Net.WebException, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : The request failed with HTTP status 404: Not Found.
Source : System.Web.Services
Help link :
Status : ProtocolError
Response : System.Net.HttpWebResponse
Data : System.Collections.ListDictionaryInternal
TargetSite : System.Object[] ReadResponse(System.Web.Services.Protocols.SoapClientMessage, System.Net.WebResponse, System.IO.Stream, Boolean)
Stack Trace : at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Linkury.Resources.HistoryAndStatsWrapper.HistoryWrapperService.HistoryWrapperService.logUserDataList(UpdateUserDataRequest[] request)
at Linkury.Resources.HistoryAndStatsWrapper.TaskQueue`2.Consume()

Additional Info:

MachineName : CHRISTINE-PC
TimeStamp : 5/14/2012 9:25:17 PM
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
AppDomainName : Linkury.exe
ThreadIdentity :
WindowsIdentity : Christine-PC\Christine

Category: General
Priority: 0
EventId: 100
Severity: Error
Title:Enterprise Library Exception Handling
Machine: CHRISTINE-PC
Application Domain: Linkury.exe
Process Id: 3292
Process Name: C:\Program Files (x86)\Linkury\Linkury.exe
Win32 Thread Id: 2680
Thread Name:
Extended Properties: <Error: property not found>

Error: (05/14/2012 02:24:47 PM) (Source: Linkury) (User: )
Description: Timestamp: 5/14/2012 9:24:47 PM
Message: Tracing to LogSource 'General' failed. Processing for other sources will continue. See summary information below for more information. Should this problem persist, stop the service and check the configuration file(s) for possible error(s) in the configuration of the categories and sinks.


Summary for Enterprise Library Distributor Service:
======================================
-->
Message:
Timestamp: 5/14/2012 9:24:47 PM
Message: HandlingInstanceID: 84be4dac-a568-46a6-9abf-4c04c11dc3ad
An exception of type 'System.Net.WebException' occurred and was caught.
-----------------------------------------------------------------------
05/14/2012 14:24:47
Type : System.Net.WebException, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : The request failed with HTTP status 404: Not Found.
Source : System.Web.Services
Help link :
Status : ProtocolError
Response : System.Net.HttpWebResponse
Data : System.Collections.ListDictionaryInternal
TargetSite : System.Object[] ReadResponse(System.Web.Services.Protocols.SoapClientMessage, System.Net.WebResponse, System.IO.Stream, Boolean)
Stack Trace : at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Linkury.Resources.HistoryAndStatsWrapper.HistoryWrapperService.HistoryWrapperService.logUserDataList(UpdateUserDataRequest[] request)
at Linkury.Resources.HistoryAndStatsWrapper.TaskQueue`2.Consume()

Additional Info:

MachineName : CHRISTINE-PC
TimeStamp : 5/14/2012 9:24:47 PM
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
AppDomainName : Linkury.exe
ThreadIdentity :
WindowsIdentity : Christine-PC\Christine

Category: General
Priority: 0
EventId: 100
Severity: Error
Title:Enterprise Library Exception Handling
Machine: CHRISTINE-PC
App Domain: Linkury.exe
ProcessId: 3292
Process Name: C:\Program Files (x86)\Linkury\Linkury.exe
Thread Name:
Win32 ThreadId:2680
Extended Properties:
--> MachineName: CHRISTINE-PC
--> TimeStamp: 5/14/2012 9:24:47 PM
--> FullName: Microsoft.Practices.EnterpriseLibrary.Logging, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
--> AppDomainName: Linkury.exe
--> WindowsIdentity: Christine-PC\Christine

Exception Information Details:
======================================
Exception Type: System.NullReferenceException
Message: Object reference not set to an instance of an object.
Data: System.Collections.ListDictionaryInternal
TargetSite: Void TraceData(System.Diagnostics.TraceEventCache, System.String, System.Diagnostics.TraceEventType, Int32, System.Object)
HelpLink: NULL
Source: System

StackTrace Information Details:
======================================
at System.Diagnostics.EventLogTraceListener.TraceData(TraceEventCache eventCache, String source, TraceEventType severity, Int32 id, Object data)
at Microsoft.Practices.EnterpriseLibrary.Logging.LogSource.TraceData(TraceEventType eventType, Int32 id, LogEntry logEntry, TraceListenerFilter traceListenerFilter)
at Microsoft.Practices.EnterpriseLibrary.Logging.LogWriter.ProcessLog(LogEntry log)
Category:
Priority: -1
EventId: 6352
Severity: Error
Title:
Machine: CHRISTINE-PC
Application Domain: Linkury.exe
Process Id: 3292
Process Name: C:\Program Files (x86)\Linkury\Linkury.exe
Win32 Thread Id: 2680
Thread Name:
Extended Properties: <Error: property not found>

Error: (05/14/2012 02:24:47 PM) (Source: Linkury) (User: )
Description: Timestamp: 5/14/2012 9:24:47 PM
Message: HandlingInstanceID: 84be4dac-a568-46a6-9abf-4c04c11dc3ad
An exception of type 'System.Net.WebException' occurred and was caught.
-----------------------------------------------------------------------
05/14/2012 14:24:47
Type : System.Net.WebException, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : The request failed with HTTP status 404: Not Found.
Source : System.Web.Services
Help link :
Status : ProtocolError
Response : System.Net.HttpWebResponse
Data : System.Collections.ListDictionaryInternal
TargetSite : System.Object[] ReadResponse(System.Web.Services.Protocols.SoapClientMessage, System.Net.WebResponse, System.IO.Stream, Boolean)
Stack Trace : at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Linkury.Resources.HistoryAndStatsWrapper.HistoryWrapperService.HistoryWrapperService.logUserDataList(UpdateUserDataRequest[] request)
at Linkury.Resources.HistoryAndStatsWrapper.TaskQueue`2.Consume()

Additional Info:

MachineName : CHRISTINE-PC
TimeStamp : 5/14/2012 9:24:47 PM
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
AppDomainName : Linkury.exe
ThreadIdentity :
WindowsIdentity : Christine-PC\Christine

Category: General
Priority: 0
EventId: 100
Severity: Error
Title:Enterprise Library Exception Handling
Machine: CHRISTINE-PC
Application Domain: Linkury.exe
Process Id: 3292
Process Name: C:\Program Files (x86)\Linkury\Linkury.exe
Win32 Thread Id: 2680
Thread Name:
Extended Properties: <Error: property not found>


System errors:
=============
Error: (05/14/2012 10:05:03 AM) (Source: DCOM) (User: Christine)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Christine-PCChristineS-1-5-21-2500476794-746789267-3394293824-1000LocalHost (Using LRPC)

Error: (05/14/2012 09:11:42 AM) (Source: Service Control Manager) (User: )
Description: lxdvCATSCustConnectService%%1053

Error: (05/14/2012 09:11:42 AM) (Source: Service Control Manager) (User: )
Description: 30000lxdvCATSCustConnectService

Error: (05/14/2012 08:57:21 AM) (Source: Service Control Manager) (User: )
Description: lxdvCATSCustConnectService%%1053

Error: (05/14/2012 08:57:21 AM) (Source: Service Control Manager) (User: )
Description: 30000lxdvCATSCustConnectService

Error: (05/14/2012 08:10:47 AM) (Source: Service Control Manager) (User: )
Description: lxdvCATSCustConnectService%%1053

Error: (05/14/2012 08:10:47 AM) (Source: Service Control Manager) (User: )
Description: 30000lxdvCATSCustConnectService

Error: (05/14/2012 07:50:17 AM) (Source: Service Control Manager) (User: )
Description: lxdvCATSCustConnectService%%1053

Error: (05/14/2012 07:50:17 AM) (Source: Service Control Manager) (User: )
Description: 30000lxdvCATSCustConnectService

Error: (05/14/2012 05:07:44 AM) (Source: Service Control Manager) (User: )
Description: lxdvCATSCustConnectService%%1053


Microsoft Office Sessions:
=========================
Error: (01/27/2012 05:18:28 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 243 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.73.00.52)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Kodak AIO Printer (Version: 7.3.4.0)
Lexmark X5400 Series
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Move Media Player
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Synaptics Pointing Device Driver (Version: 11.1.4.0)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 3995.93 MB
Available physical RAM: 2177.01 MB
Total Pagefile: 8195.15 MB
Available Pagefile: 6267.15 MB
Total Virtual: 4095.88 MB
Available Virtual: 3992.67 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:142.54 GB) (Free:55.85 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:139 GB) (Free:138.9 GB) NTFS

========================= Users: ========================================

User accounts for \\CHRISTINE-PC

Administrator Christine Guest


**** End of log ****

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:14 AM

Posted 14 May 2012 - 08:37 PM

Ok, this all looks good from a malware point of view.You do have errors with Enterprise Library .

I do not know about that program. Is it running properly? If not ask in Vista unless it's easy enough to just reinstall it..


If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 4on4off

4on4off
  • Topic Starter

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:14 AM

Posted 14 May 2012 - 08:47 PM

Boopme,

Thank you so much for your help. I will look into the disable autorun and read up on the enterprise library.

Thank you again so so much.

4

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:14 AM

Posted 14 May 2012 - 09:36 PM

You're welcome!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users