Jump to content


 

Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to Get on Internet

Started by rcmutz , May 17 2012 07:49 AM

  • This topic is locked This topic is locked
9 replies to this topic

#1 rcmutz

rcmutz

    Member

  • Members
  • PipPip
  • 25 posts

Posted 17 May 2012 - 07:49 AM

I have a Dell desktop and am using the D-Link DWL-G510 PCI Adapter and wireless router. I have several other devices, a laptop, IPAD, and wireless printer that all work fine.

The desktop indicates that it is connected to the wifi, shows good connectivity. However, IE8 as well as several other programs, Turbo-tax and Malewarebytes that require internet access can not get out. I also noticed that my Windows Firewall is disabled and when I try to enable it, it indicates that the "Services can not run". I also have Microsoft Essentials loaded and it is running fine. Ran a scan using Malewarebytes, but no viruses found.

Should also mention that Xp SP3 APPEARS to have been loaded just before the problems started. Tried to go to a system RESTORE point, but nothing available prior to March when SP3 appears to have started to load. Many of the restore points from that time frame foward are associated with SP3 activity.

Edited by rcmutz, 17 May 2012 - 07:53 AM.

 

  • BC Ads
  • BleepingComputer.com

#2 cryptodan

cryptodan

    Bleepin Madman

  • Inactive Staff
  • PipPipPipPipPipPip
  • 19,032 posts
  • Gender:Male
  • Location:Catonsville, Md

Posted 17 May 2012 - 09:18 AM

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

#3 rcmutz

rcmutz

    Member

  • Members
  • PipPip
  • 25 posts

Posted 17 May 2012 - 07:21 PM

Here you go:

MiniToolBox by Farbar Version: 18-01-2012
Ran by Owner (administrator) on 17-05-2012 at 20:17:50
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



An internal error occurred: The request is not supported.



Please contact Microsoft Product Support Services for further help.



Additional information: Unable to query host name.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

D-Link AirPlus G DWL-G510 Wireless PCI Adapter(rev.B) = Wireless Network Connection 3 (Connected)
Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip



popd
# End of interface IP configuration




Windows IP Configuration



An internal error occurred: The request is not supported.



Please contact Microsoft Product Support Services for further help.



Additional information: Unable to query host name.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.

Unable to contact IP driver, error code 2,


========================= Event log errors: ===============================

Application errors:
==================
Error: (05/16/2012 09:52:14 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/16/2012 09:31:36 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/16/2012 09:12:51 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/16/2012 08:38:38 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/16/2012 07:46:27 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/16/2012 07:38:05 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/16/2012 07:06:19 PM) (Source: Application Error) (User: )
Description: Faulting application airgcfg.exe, version 3.3.2.62224, faulting module airgcfg.exe, version 3.3.2.62224, fault address 0x000069d4.
Processing media-specific event for [airgcfg.exe!ws!]

Error: (05/16/2012 07:03:55 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/16/2012 05:25:50 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/15/2012 10:17:04 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)


System errors:
=============
Error: (05/17/2012 08:17:58 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%1075

Error: (05/17/2012 08:17:58 PM) (Source: Service Control Manager) (User: )
Description: The TCP/IP Protocol Driver service depends on the following nonexistent service: IPSec

Error: (05/17/2012 08:17:57 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%1075

Error: (05/17/2012 08:17:57 PM) (Source: Service Control Manager) (User: )
Description: The TCP/IP Protocol Driver service depends on the following nonexistent service: IPSec

Error: (05/17/2012 08:17:57 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%1075

Error: (05/17/2012 08:17:57 PM) (Source: Service Control Manager) (User: )
Description: The TCP/IP Protocol Driver service depends on the following nonexistent service: IPSec

Error: (05/17/2012 08:17:56 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%1075

Error: (05/17/2012 08:17:56 PM) (Source: Service Control Manager) (User: )
Description: The TCP/IP Protocol Driver service depends on the following nonexistent service: IPSec

Error: (05/17/2012 08:17:56 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%1075

Error: (05/17/2012 08:17:56 PM) (Source: Service Control Manager) (User: )
Description: The TCP/IP Protocol Driver service depends on the following nonexistent service: IPSec


Microsoft Office Sessions:
=========================
Error: (05/16/2012 09:52:14 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/16/2012 09:31:36 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/16/2012 09:12:51 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/16/2012 08:38:38 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/16/2012 07:46:27 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/16/2012 07:38:05 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/16/2012 07:06:19 PM) (Source: Application Error)(User: )
Description: airgcfg.exe3.3.2.62224airgcfg.exe3.3.2.62224000069d4

Error: (05/16/2012 07:03:55 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/16/2012 05:25:50 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (05/15/2012 10:17:04 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)


=========================== Installed Programs ============================

Adobe Flash Player 10 Plugin (Version: 10.3.181.34)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.63)
Adobe Reader 8.3.1 (Version: 8.3.1)
AirPlus G DWL-G510
ANIO Service
ANIWZCS2 Service
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ArcSoft PhotoImpression
Ask Toolbar (Version: 1.13.1.0)
AviSynth 2.5
Bonjour (Version: 3.0.0.10)
Broadcom 440x 10/100 Integrated Controller (Version: 3.29)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Dell ResourceCD
Epson Connect
EPSON Copy Utility
Epson Customer Participation (Version: 1.0.0.0)
Epson Download Navigator (Version: 1.0.1)
Epson Event Manager (Version: 2.50.0001)
Epson FAX Utility (Version: 1.20.00)
Epson PC-FAX Driver
EPSON Photo Print
EPSON Printer Software
EPSON Scan
EPSON Smart Panel
EPSON TWAIN 5
EPSON User's Guide
EPSON WorkForce 545 Series Printer Uninstall
EpsonNet Print (Version: 2.4j)
File Type Assistant
GoZone iSync (Version: 2.0.0)
Haali Media Splitter
HP Photo Creations Meijer (Version: 1.0.0.6972)
InstallIQ Updater (Version: 1.4.3.0)
Intel® Extreme Graphics Driver
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office XP Professional (Version: 10.0.6626.0)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
PrintMaster Gold 4.00
QuickTime (Version: 7.71.80.42)
ScanToWeb
Silverlining3 v3.9US
SoundMAX
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.2783)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0449)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0211)
TurboTax 2011 wohiper (Version: 011.000.1474)
TurboTax 2011 wrapper (Version: 011.000.0121)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB908531) (Version: 2)
Update for Windows XP (KB910437) (Version: 1)
Update for Windows XP (KB911280) (Version: 2)
Update for Windows XP (KB914882) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
WebFldrs XP (Version: 9.50.6513)
Windows Installer 3.1 (KB893803) (Version: 3.1)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB873339 (Version: 20041117.092459)
Windows XP Hotfix - KB885835 (Version: 20041027.181713)
Windows XP Hotfix - KB885836 (Version: 20041028.173203)
Windows XP Hotfix - KB885884 (Version: 20040924.025457)
Windows XP Hotfix - KB888302 (Version: 20041207.111426)
Windows XP Hotfix - KB890859 (Version: 1)
Windows XP Hotfix - KB891781 (Version: 20050110.165439)

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 1278 MB
Available physical RAM: 745.91 MB
Total Pagefile: 2411.17 MB
Available Pagefile: 2075.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.24 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:37.21 GB) (Free:12.63 GB) NTFS

========================= Users: ========================================

User accounts for \\MUTZMAN

Administrator Guest HelpAssistant
Owner SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#4 cryptodan

cryptodan

    Bleepin Madman

  • Inactive Staff
  • PipPipPipPipPipPip
  • 19,032 posts
  • Gender:Male
  • Location:Catonsville, Md

Posted 17 May 2012 - 07:31 PM

Please download and run TDSS Killer. If it asks you to fix anything, then PLEASE DO NOT FIX ANYTHING. Just post the log that it generates.

#5 rcmutz

rcmutz

    Member

  • Members
  • PipPip
  • 25 posts

Posted 17 May 2012 - 07:58 PM

20:50:54.0359 3832 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
20:50:54.0375 3832 ============================================================
20:50:54.0375 3832 Current date / time: 2012/05/17 20:50:54.0375
20:50:54.0375 3832 SystemInfo:
20:50:54.0375 3832
20:50:54.0375 3832 OS Version: 5.1.2600 ServicePack: 2.0
20:50:54.0375 3832 Product type: Workstation
20:50:54.0375 3832 ComputerName: MUTZMAN
20:50:54.0375 3832 UserName: Owner
20:50:54.0375 3832 Windows directory: C:\WINDOWS
20:50:54.0375 3832 System windows directory: C:\WINDOWS
20:50:54.0375 3832 Processor architecture: Intel x86
20:50:54.0375 3832 Number of processors: 1
20:50:54.0375 3832 Page size: 0x1000
20:50:54.0375 3832 Boot type: Normal boot
20:50:54.0375 3832 ============================================================
20:50:59.0062 3832 Drive \Device\Harddisk0\DR0 - Size: 0x9502F9000 (37.25 Gb), SectorSize: 0x200, Cylinders: 0x12FF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:50:59.0109 3832 Drive \Device\Harddisk1\DR8 - Size: 0x1E8BE000 (0.48 Gb), SectorSize: 0x200, Cylinders: 0x3E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:50:59.0109 3832 ============================================================
20:50:59.0109 3832 \Device\Harddisk0\DR0:
20:50:59.0109 3832 MBR partitions:
20:50:59.0109 3832 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xFB04, BlocksNum 0x4A6DA7A
20:50:59.0109 3832 \Device\Harddisk1\DR8:
20:50:59.0109 3832 MBR partitions:
20:50:59.0109 3832 \Device\Harddisk1\DR8\Partition0: MBR, Type 0x6, StartLBA 0xE9, BlocksNum 0xF4117
20:50:59.0109 3832 ============================================================
20:50:59.0140 3832 C: <-> \Device\Harddisk0\DR0\Partition0
20:50:59.0140 3832 ============================================================
20:50:59.0140 3832 Initialize success
20:50:59.0140 3832 ============================================================
20:51:01.0375 3656 ============================================================
20:51:01.0375 3656 Scan started
20:51:01.0375 3656 Mode: Manual;
20:51:01.0375 3656 ============================================================
20:51:02.0812 3656 6to4 (f4024a93b64309bb3e66448b0cd92beb) C:\WINDOWS\System32\6to4svc.dll
20:51:02.0812 3656 6to4 - ok
20:51:02.0906 3656 A3AB (21af8e9c727c6d7643ad497268f55bf1) C:\WINDOWS\system32\DRIVERS\A3AB.sys
20:51:02.0937 3656 A3AB - ok
20:51:02.0953 3656 Abiosdsk - ok
20:51:02.0968 3656 abp480n5 - ok
20:51:03.0031 3656 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:51:03.0031 3656 ACPI - ok
20:51:03.0062 3656 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:51:03.0062 3656 ACPIEC - ok
20:51:03.0078 3656 adpu160m - ok
20:51:03.0125 3656 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
20:51:03.0125 3656 aeaudio - ok
20:51:03.0156 3656 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
20:51:03.0171 3656 aec - ok
20:51:03.0203 3656 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
20:51:03.0203 3656 AFD - ok
20:51:03.0218 3656 Aha154x - ok
20:51:03.0234 3656 aic78u2 - ok
20:51:03.0250 3656 aic78xx - ok
20:51:03.0296 3656 Alerter (c7ae0fd3867db0d42b03b73c18f3d671) C:\WINDOWS\system32\alrsvc.dll
20:51:03.0296 3656 Alerter - ok
20:51:03.0328 3656 ALG (f1958fbf86d5c004cf19a5951a9514b7) C:\WINDOWS\System32\alg.exe
20:51:03.0328 3656 ALG - ok
20:51:03.0359 3656 AliIde - ok
20:51:03.0359 3656 amsint - ok
20:51:03.0406 3656 ANIO (920298c7aef97d8168d219d35975d295) C:\WINDOWS\system32\ANIO.SYS
20:51:03.0421 3656 ANIO - ok
20:51:03.0500 3656 ANIWZCSdService (aa3d68f26b2a27f660afc46039b061a4) C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
20:51:03.0500 3656 ANIWZCSdService - ok
20:51:03.0734 3656 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:51:03.0734 3656 Apple Mobile Device - ok
20:51:03.0750 3656 AppMgmt - ok
20:51:03.0765 3656 asc - ok
20:51:03.0781 3656 asc3350p - ok
20:51:03.0796 3656 asc3550 - ok
20:51:03.0843 3656 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:51:03.0843 3656 AsyncMac - ok
20:51:03.0875 3656 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:51:03.0875 3656 atapi - ok
20:51:03.0890 3656 Atdisk - ok
20:51:03.0921 3656 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:51:03.0937 3656 Atmarpc - ok
20:51:03.0968 3656 AudioSrv (db66db626e4882ebef55f136f12c1829) C:\WINDOWS\System32\audiosrv.dll
20:51:03.0984 3656 AudioSrv - ok
20:51:04.0015 3656 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:51:04.0015 3656 audstub - ok
20:51:04.0062 3656 bcm4sbxp (b60f57b4d9cdbc663cc03eb8af7ec34e) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
20:51:04.0062 3656 bcm4sbxp - ok
20:51:04.0109 3656 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:51:04.0109 3656 Beep - ok
20:51:04.0171 3656 BITS (2c69ec7e5a311334d10dd95f338fccea) C:\WINDOWS\System32\qmgr.dll
20:51:04.0203 3656 BITS - ok
20:51:04.0343 3656 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
20:51:04.0437 3656 Bonjour Service - ok
20:51:04.0484 3656 Browser (e3cfccdda4edd1d0dc9168b2e18f27b8) C:\WINDOWS\System32\browser.dll
20:51:04.0484 3656 Browser - ok
20:51:04.0500 3656 bxjbhhwx - ok
20:51:04.0546 3656 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:51:04.0546 3656 cbidf2k - ok
20:51:04.0546 3656 cd20xrnt - ok
20:51:04.0593 3656 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:51:04.0593 3656 Cdaudio - ok
20:51:04.0625 3656 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
20:51:04.0640 3656 Cdfs - ok
20:51:04.0671 3656 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:51:04.0671 3656 Cdrom - ok
20:51:04.0687 3656 Changer - ok
20:51:04.0734 3656 CiSvc (3192bd04d032a9c4a85a3278c268a13a) C:\WINDOWS\system32\cisvc.exe
20:51:04.0734 3656 CiSvc - ok
20:51:04.0750 3656 ClipSrv (c8dec22c4137d7a90f8bdf41ca4b82ae) C:\WINDOWS\system32\clipsrv.exe
20:51:04.0750 3656 ClipSrv - ok
20:51:05.0046 3656 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:51:05.0062 3656 clr_optimization_v4.0.30319_32 - ok
20:51:05.0078 3656 CmdIde - ok
20:51:05.0093 3656 COMSysApp - ok
20:51:05.0109 3656 Cpqarray - ok
20:51:05.0171 3656 CryptSvc (10654f9ddcea9c46cfb77554231be73b) C:\WINDOWS\System32\cryptsvc.dll
20:51:05.0171 3656 CryptSvc - ok
20:51:05.0187 3656 dac2w2k - ok
20:51:05.0203 3656 dac960nt - ok
20:51:05.0265 3656 DcomLaunch (01095febf33beea00c2a0730b9b3ec28) C:\WINDOWS\system32\rpcss.dll
20:51:05.0281 3656 DcomLaunch - ok
20:51:05.0343 3656 Dhcp (ef545e1a4b043da4c84e230dd471c55f) C:\WINDOWS\System32\dhcpcsvc.dll
20:51:05.0343 3656 Dhcp - ok
20:51:05.0359 3656 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
20:51:05.0359 3656 Disk - ok
20:51:05.0375 3656 dmadmin - ok
20:51:05.0437 3656 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
20:51:05.0468 3656 dmboot - ok
20:51:05.0500 3656 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
20:51:05.0500 3656 dmio - ok
20:51:05.0531 3656 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:51:05.0531 3656 dmload - ok
20:51:05.0578 3656 dmserver (1639d9964c9e1b2ecca95c8217d3e70d) C:\WINDOWS\System32\dmserver.dll
20:51:05.0578 3656 dmserver - ok
20:51:05.0625 3656 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
20:51:05.0625 3656 DMusic - ok
20:51:05.0656 3656 Dnscache (7379de06fd196e396a00aa97b990c00d) C:\WINDOWS\System32\dnsrslvr.dll
20:51:05.0656 3656 Dnscache - ok
20:51:05.0671 3656 dpti2o - ok
20:51:05.0703 3656 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
20:51:05.0703 3656 drmkaud - ok
20:51:05.0796 3656 EpsonBidirectionalService (cd64ce62be47df0e9a459fd9002221fe) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
20:51:05.0796 3656 EpsonBidirectionalService - ok
20:51:05.0890 3656 EpsonCustomerParticipation (b78436ca173ff723a1eace5cd4900375) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
20:51:05.0921 3656 EpsonCustomerParticipation - ok
20:51:05.0968 3656 EPSONStatusAgent2 (12cdb5dc7774298223099d6e41ed5ce7) C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
20:51:05.0968 3656 EPSONStatusAgent2 - ok
20:51:06.0000 3656 ERSvc (67dff7bbbd0e80aab7b3cf061448db8a) C:\WINDOWS\System32\ersvc.dll
20:51:06.0000 3656 ERSvc - ok
20:51:06.0015 3656 euyndlzr - ok
20:51:06.0062 3656 Eventlog (37561f8d4160d62da86d24ae41fae8de) C:\WINDOWS\system32\services.exe
20:51:06.0062 3656 Eventlog - ok
20:51:06.0109 3656 EventSystem (60d1a6342238378bfb7545c81ee3606c) C:\WINDOWS\System32\es.dll
20:51:06.0109 3656 EventSystem - ok
20:51:06.0156 3656 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
20:51:06.0156 3656 Fastfat - ok
20:51:06.0203 3656 FastUserSwitchingCompatibility (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS\System32\shsvcs.dll
20:51:06.0203 3656 FastUserSwitchingCompatibility - ok
20:51:06.0234 3656 FD (2e0ab335349b16ebb1a97fc82869ceb1) C:\WINDOWS\system32\drivers\FD.sys
20:51:06.0250 3656 FD - ok
20:51:06.0265 3656 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:51:06.0265 3656 Fdc - ok
20:51:06.0328 3656 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
20:51:06.0328 3656 Fips - ok
20:51:06.0343 3656 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:51:06.0343 3656 Flpydisk - ok
20:51:06.0390 3656 FltMgr (54fd90f0038f07920cb9fb6591bde82f) C:\WINDOWS\system32\drivers\fltmgr.sys
20:51:06.0390 3656 FltMgr - ok
20:51:06.0421 3656 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:51:06.0421 3656 Fs_Rec - ok
20:51:06.0453 3656 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:51:06.0453 3656 Ftdisk - ok
20:51:06.0500 3656 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:51:06.0500 3656 GEARAspiWDM - ok
20:51:06.0546 3656 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:51:06.0546 3656 Gpc - ok
20:51:06.0609 3656 helpsvc (8827911a8c37e40c027cbfc88e69d967) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:51:06.0609 3656 helpsvc - ok
20:51:06.0625 3656 HidServ - ok
20:51:06.0656 3656 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:51:06.0656 3656 HidUsb - ok
20:51:06.0671 3656 hpn - ok
20:51:06.0718 3656 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
20:51:06.0734 3656 HTTP - ok
20:51:06.0781 3656 HTTPFilter (064d8581adf77c25133e7d751d917d83) C:\WINDOWS\System32\w3ssl.dll
20:51:06.0781 3656 HTTPFilter - ok
20:51:06.0796 3656 i2omgmt - ok
20:51:06.0812 3656 i2omp - ok
20:51:06.0843 3656 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:51:06.0843 3656 i8042prt - ok
20:51:06.0890 3656 ialm (b076eb745ec3c669d4ae953225366f1d) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
20:51:06.0906 3656 ialm - ok
20:51:06.0937 3656 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:51:06.0937 3656 Imapi - ok
20:51:06.0984 3656 ImapiService (fa788520bcac0f5d9d5cde5615c0d931) C:\WINDOWS\System32\imapi.exe
20:51:06.0984 3656 ImapiService - ok
20:51:07.0015 3656 ini910u - ok
20:51:07.0046 3656 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:51:07.0046 3656 IntelIde - ok
20:51:07.0078 3656 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:51:07.0078 3656 intelppm - ok
20:51:07.0187 3656 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
20:51:07.0187 3656 IntuitUpdateServiceV4 - ok
20:51:07.0234 3656 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
20:51:07.0234 3656 ip6fw - ok
20:51:07.0281 3656 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:51:07.0281 3656 IpFilterDriver - ok
20:51:07.0328 3656 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:51:07.0328 3656 IpInIp - ok
20:51:07.0359 3656 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:51:07.0359 3656 IpNat - ok
20:51:07.0468 3656 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
20:51:07.0500 3656 iPod Service - ok
20:51:07.0546 3656 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:51:07.0546 3656 IRENUM - ok
20:51:07.0578 3656 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:51:07.0578 3656 isapnp - ok
20:51:07.0656 3656 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
20:51:07.0656 3656 JavaQuickStarterService - ok
20:51:07.0703 3656 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:51:07.0703 3656 Kbdclass - ok
20:51:07.0734 3656 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
20:51:07.0734 3656 kmixer - ok
20:51:07.0765 3656 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
20:51:07.0765 3656 KSecDD - ok
20:51:07.0812 3656 lanmanserver (0cb3af149a0bac0836022ca307c7a0f8) C:\WINDOWS\System32\srvsvc.dll
20:51:07.0812 3656 lanmanserver - ok
20:51:07.0843 3656 lanmanworkstation (e1f27cfcd114ec9f1e1f44674b2ff9f0) C:\WINDOWS\System32\wkssvc.dll
20:51:07.0859 3656 lanmanworkstation - ok
20:51:07.0875 3656 lbrtfdc - ok
20:51:07.0921 3656 LmHosts (b3eff6d938c572e90a07b3d87a3c7657) C:\WINDOWS\System32\lmhsvc.dll
20:51:07.0921 3656 LmHosts - ok
20:51:07.0953 3656 Messenger (95fd808e4ac22aba025a7b3eac0375d2) C:\WINDOWS\System32\msgsvc.dll
20:51:07.0953 3656 Messenger - ok
20:51:07.0984 3656 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:51:07.0984 3656 mnmdd - ok
20:51:08.0015 3656 mnmsrvc (f6415361201915b9fe3896b0e4e724ff) C:\WINDOWS\System32\mnmsrvc.exe
20:51:08.0031 3656 mnmsrvc - ok
20:51:08.0062 3656 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
20:51:08.0062 3656 Modem - ok
20:51:08.0093 3656 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:51:08.0093 3656 Mouclass - ok
20:51:08.0125 3656 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
20:51:08.0125 3656 MountMgr - ok
20:51:08.0171 3656 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
20:51:08.0187 3656 MpFilter - ok
20:51:08.0328 3656 MpKsl725f6daf (a69630d039c38018689190234f866d77) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{97889845-1071-450C-9E95-06D4F631373B}\MpKsl725f6daf.sys
20:51:08.0328 3656 MpKsl725f6daf - ok
20:51:08.0343 3656 mraid35x - ok
20:51:08.0390 3656 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:51:08.0406 3656 MRxDAV - ok
20:51:08.0468 3656 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:51:08.0484 3656 MRxSmb - ok
20:51:08.0546 3656 MSDTC (c7c3d89eb0a6f3dba622ea737fa335b1) C:\WINDOWS\System32\msdtc.exe
20:51:08.0546 3656 MSDTC - ok
20:51:08.0593 3656 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
20:51:08.0593 3656 Msfs - ok
20:51:08.0609 3656 MSIServer - ok
20:51:08.0625 3656 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:51:08.0625 3656 MSKSSRV - ok
20:51:08.0718 3656 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:51:08.0718 3656 MsMpSvc - ok
20:51:08.0750 3656 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:51:08.0750 3656 MSPCLOCK - ok
20:51:08.0781 3656 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
20:51:08.0781 3656 MSPQM - ok
20:51:08.0812 3656 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:51:08.0812 3656 mssmbios - ok
20:51:08.0843 3656 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
20:51:08.0843 3656 Mup - ok
20:51:08.0890 3656 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
20:51:08.0890 3656 NDIS - ok
20:51:08.0921 3656 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:51:08.0921 3656 NdisTapi - ok
20:51:08.0953 3656 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:51:08.0953 3656 Ndisuio - ok
20:51:08.0984 3656 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:51:08.0984 3656 NdisWan - ok
20:51:09.0015 3656 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
20:51:09.0015 3656 NDProxy - ok
20:51:09.0046 3656 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:51:09.0046 3656 NetBIOS - ok
20:51:09.0078 3656 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:51:09.0078 3656 NetBT - ok
20:51:09.0125 3656 NetDDE (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
20:51:09.0125 3656 NetDDE - ok
20:51:09.0140 3656 NetDDEdsdm (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
20:51:09.0140 3656 NetDDEdsdm - ok
20:51:09.0187 3656 Netlogon (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\System32\lsass.exe
20:51:09.0203 3656 Netlogon - ok
20:51:09.0250 3656 Netman (36739b39267914ba69ad0610a0299732) C:\WINDOWS\System32\netman.dll
20:51:09.0265 3656 Netman - ok
20:51:09.0312 3656 Nla (097722f235a1fb698bf9234e01b52637) C:\WINDOWS\System32\mswsock.dll
20:51:09.0328 3656 Nla - ok
20:51:09.0359 3656 nm (60cf8c7192b3614f240838ddbaa4a245) C:\WINDOWS\system32\DRIVERS\NMnt.sys
20:51:09.0359 3656 nm - ok
20:51:09.0421 3656 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\NPF.sys
20:51:09.0421 3656 NPF - ok
20:51:09.0468 3656 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
20:51:09.0468 3656 Npfs - ok
20:51:09.0546 3656 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
20:51:09.0562 3656 Ntfs - ok
20:51:09.0578 3656 NtLmSsp (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\System32\lsass.exe
20:51:09.0578 3656 NtLmSsp - ok
20:51:09.0656 3656 NtmsSvc (b62f29c00ac55a761b2e45877d85ea0f) C:\WINDOWS\system32\ntmssvc.dll
20:51:09.0687 3656 NtmsSvc - ok
20:51:09.0734 3656 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:51:09.0734 3656 Null - ok
20:51:09.0765 3656 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:51:09.0765 3656 NwlnkFlt - ok
20:51:09.0796 3656 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:51:09.0796 3656 NwlnkFwd - ok
20:51:09.0828 3656 OMCI (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
20:51:09.0828 3656 OMCI - ok
20:51:09.0875 3656 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
20:51:09.0875 3656 Parport - ok
20:51:09.0890 3656 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
20:51:09.0890 3656 PartMgr - ok
20:51:09.0937 3656 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
20:51:09.0953 3656 ParVdm - ok
20:51:09.0984 3656 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
20:51:09.0984 3656 PCI - ok
20:51:10.0000 3656 PCIDump - ok
20:51:10.0046 3656 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:51:10.0046 3656 PCIIde - ok
20:51:10.0093 3656 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:51:10.0093 3656 Pcmcia - ok
20:51:10.0109 3656 PDCOMP - ok
20:51:10.0125 3656 PDFRAME - ok
20:51:10.0140 3656 PDRELI - ok
20:51:10.0156 3656 PDRFRAME - ok
20:51:10.0171 3656 perc2 - ok
20:51:10.0187 3656 perc2hib - ok
20:51:10.0265 3656 PlugPlay (37561f8d4160d62da86d24ae41fae8de) C:\WINDOWS\system32\services.exe
20:51:10.0265 3656 PlugPlay - ok
20:51:10.0281 3656 PolicyAgent (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\System32\lsass.exe
20:51:10.0281 3656 PolicyAgent - ok
20:51:10.0328 3656 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:51:10.0328 3656 PptpMiniport - ok
20:51:10.0375 3656 Processor (0d97d88720a4087ec93af7dbb303b30a) C:\WINDOWS\system32\DRIVERS\processr.sys
20:51:10.0375 3656 Processor - ok
20:51:10.0390 3656 ProtectedStorage (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
20:51:10.0390 3656 ProtectedStorage - ok
20:51:10.0421 3656 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
20:51:10.0421 3656 PSched - ok
20:51:10.0468 3656 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:51:10.0468 3656 Ptilink - ok
20:51:10.0484 3656 ql1080 - ok
20:51:10.0500 3656 Ql10wnt - ok
20:51:10.0515 3656 ql12160 - ok
20:51:10.0531 3656 ql1240 - ok
20:51:10.0546 3656 ql1280 - ok
20:51:10.0562 3656 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:51:10.0562 3656 RasAcd - ok
20:51:10.0609 3656 RasAuto (44db7a9bdd2fb58747d123fbf1d35adb) C:\WINDOWS\System32\rasauto.dll
20:51:10.0609 3656 RasAuto - ok
20:51:10.0640 3656 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:51:10.0640 3656 Rasl2tp - ok
20:51:10.0687 3656 RasMan (49b5eed5fb89d39456a2f616ccd8ba5d) C:\WINDOWS\System32\rasmans.dll
20:51:10.0703 3656 RasMan - ok
20:51:10.0734 3656 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:51:10.0734 3656 RasPppoe - ok
20:51:10.0765 3656 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:51:10.0765 3656 Raspti - ok
20:51:10.0796 3656 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:51:10.0812 3656 Rdbss - ok
20:51:10.0843 3656 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:51:10.0843 3656 RDPCDD - ok
20:51:10.0890 3656 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
20:51:10.0906 3656 RDPWD - ok
20:51:10.0937 3656 RDSessMgr (729798e0933076b8fcfcd9934698f164) C:\WINDOWS\system32\sessmgr.exe
20:51:10.0937 3656 RDSessMgr - ok
20:51:10.0968 3656 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:51:10.0968 3656 redbook - ok
20:51:11.0000 3656 RemoteAccess (3046db917e3cfa040632799dd9b14865) C:\WINDOWS\System32\mprdim.dll
20:51:11.0000 3656 RemoteAccess - ok
20:51:11.0062 3656 RpcLocator (793f04a09b15e7c6c11dbdffaf06c0ab) C:\WINDOWS\System32\locator.exe
20:51:11.0062 3656 RpcLocator - ok
20:51:11.0125 3656 RpcSs (01095febf33beea00c2a0730b9b3ec28) C:\WINDOWS\system32\rpcss.dll
20:51:11.0125 3656 RpcSs - ok
20:51:11.0171 3656 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
20:51:11.0171 3656 RSVP - ok
20:51:11.0218 3656 SamSs (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
20:51:11.0218 3656 SamSs - ok
20:51:11.0265 3656 SCardSvr (25d8de134df108e3dbc8d7d23b1aa58e) C:\WINDOWS\System32\SCardSvr.exe
20:51:11.0281 3656 SCardSvr - ok
20:51:11.0328 3656 Schedule (92360854316611f6cc471612213c3d92) C:\WINDOWS\system32\schedsvc.dll
20:51:11.0328 3656 Schedule - ok
20:51:11.0375 3656 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:51:11.0375 3656 Secdrv - ok
20:51:11.0421 3656 seclogon (b1e0ce09895376871746f36dc5773b4f) C:\WINDOWS\System32\seclogon.dll
20:51:11.0421 3656 seclogon - ok
20:51:11.0453 3656 SENS (dfd9870cf39c791d86c4c209da9fa919) C:\WINDOWS\system32\sens.dll
20:51:11.0453 3656 SENS - ok
20:51:11.0500 3656 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:51:11.0500 3656 serenum - ok
20:51:11.0531 3656 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
20:51:11.0531 3656 Serial - ok
20:51:11.0578 3656 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:51:11.0578 3656 Sfloppy - ok
20:51:11.0640 3656 SharedAccess (36cc8c01b5e50163037bef56cb96deff) C:\WINDOWS\System32\ipnathlp.dll
20:51:11.0656 3656 SharedAccess - ok
20:51:11.0718 3656 ShellHWDetection (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS\System32\shsvcs.dll
20:51:11.0718 3656 ShellHWDetection - ok
20:51:11.0734 3656 Simbad - ok
20:51:11.0812 3656 smwdm (31fd0707c7dbe715234f2823b27214fe) C:\WINDOWS\system32\drivers\smwdm.sys
20:51:11.0828 3656 smwdm - ok
20:51:11.0843 3656 Sparrow - ok
20:51:11.0875 3656 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
20:51:11.0890 3656 splitter - ok
20:51:11.0921 3656 Spooler (da81ec57acd4cdc3d4c51cf3d409af9f) C:\WINDOWS\system32\spoolsv.exe
20:51:11.0921 3656 Spooler - ok
20:51:11.0968 3656 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
20:51:11.0968 3656 sr - ok
20:51:12.0015 3656 srservice (92bdf74f12d6cbec43c94d4b7f804838) C:\WINDOWS\System32\srsvc.dll
20:51:12.0031 3656 srservice - ok
20:51:12.0093 3656 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
20:51:12.0109 3656 Srv - ok
20:51:12.0156 3656 SSDPSRV (4b8d61792f7175bed48859cc18ce4e38) C:\WINDOWS\System32\ssdpsrv.dll
20:51:12.0171 3656 SSDPSRV - ok
20:51:12.0218 3656 stisvc (d9f6c4f6b1e188adafc42b561d9bc2e6) C:\WINDOWS\system32\wiaservc.dll
20:51:12.0250 3656 stisvc - ok
20:51:12.0281 3656 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:51:12.0281 3656 swenum - ok
20:51:12.0312 3656 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
20:51:12.0328 3656 swmidi - ok
20:51:12.0343 3656 SwPrv - ok
20:51:12.0359 3656 symc810 - ok
20:51:12.0375 3656 symc8xx - ok
20:51:12.0390 3656 sym_hi - ok
20:51:12.0406 3656 sym_u3 - ok
20:51:12.0453 3656 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
20:51:12.0453 3656 sysaudio - ok
20:51:12.0500 3656 SysmonLog (8b54aa346d1b1b113ffaa75501b8b1b2) C:\WINDOWS\system32\smlogsvc.exe
20:51:12.0500 3656 SysmonLog - ok
20:51:12.0546 3656 TapiSrv (fb78839b36025aa286a51289ed28b73e) C:\WINDOWS\System32\tapisrv.dll
20:51:12.0562 3656 TapiSrv - ok
20:51:12.0625 3656 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:51:12.0656 3656 Tcpip - ok
20:51:12.0703 3656 Tcpip6 (be4007ab8c9b62e3688fc2f469b98190) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
20:51:12.0703 3656 Tcpip6 - ok
20:51:12.0734 3656 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:51:12.0734 3656 TDPIPE - ok
20:51:12.0765 3656 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
20:51:12.0765 3656 TDTCP - ok
20:51:12.0796 3656 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:51:12.0796 3656 TermDD - ok
20:51:12.0859 3656 TermService (b60c877d16d9c880b952fda04adf16e6) C:\WINDOWS\System32\termsrv.dll
20:51:12.0859 3656 TermService - ok
20:51:12.0906 3656 Themes (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS\System32\shsvcs.dll
20:51:12.0906 3656 Themes - ok
20:51:12.0921 3656 TosIde - ok
20:51:12.0953 3656 TrkWks (6d9ac544b30f96c57f8206566c1fb6a1) C:\WINDOWS\system32\trkwks.dll
20:51:12.0968 3656 TrkWks - ok
20:51:13.0015 3656 tunmp (87a0e9e18c10a9e454238e3330e2a26d) C:\WINDOWS\system32\DRIVERS\tunmp.sys
20:51:13.0015 3656 tunmp - ok
20:51:13.0046 3656 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
20:51:13.0046 3656 Udfs - ok
20:51:13.0062 3656 ultra - ok
20:51:13.0093 3656 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
20:51:13.0109 3656 Update - ok
20:51:13.0171 3656 uploadmgr (8827911a8c37e40c027cbfc88e69d967) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:51:13.0171 3656 uploadmgr - ok
20:51:13.0218 3656 upnphost (0546477bde979e33294fe97f6b3de84a) C:\WINDOWS\System32\upnphost.dll
20:51:13.0234 3656 upnphost - ok
20:51:13.0265 3656 UPS (3f5df65b0758675f95a2d43918a740a3) C:\WINDOWS\System32\ups.exe
20:51:13.0265 3656 UPS - ok
20:51:13.0312 3656 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
20:51:13.0312 3656 USBAAPL - ok
20:51:13.0359 3656 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:51:13.0359 3656 usbccgp - ok
20:51:13.0390 3656 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:51:13.0406 3656 usbehci - ok
20:51:13.0421 3656 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:51:13.0421 3656 usbhub - ok
20:51:13.0453 3656 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:51:13.0453 3656 usbprint - ok
20:51:13.0484 3656 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:51:13.0484 3656 usbscan - ok
20:51:13.0515 3656 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:51:13.0515 3656 USBSTOR - ok
20:51:13.0546 3656 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:51:13.0546 3656 usbuhci - ok
20:51:13.0578 3656 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
20:51:13.0578 3656 VgaSave - ok
20:51:13.0593 3656 ViaIde - ok
20:51:13.0625 3656 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
20:51:13.0625 3656 VolSnap - ok
20:51:13.0687 3656 VSS (3ee00364ae0fd8d604f46cbaf512838a) C:\WINDOWS\System32\vssvc.exe
20:51:13.0687 3656 VSS - ok
20:51:13.0734 3656 W32Time (2b281958f5d0cf99ed626e3ef39d5c8d) C:\WINDOWS\System32\w32time.dll
20:51:13.0734 3656 W32Time - ok
20:51:13.0765 3656 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:51:13.0765 3656 Wanarp - ok
20:51:13.0781 3656 WDICA - ok
20:51:13.0828 3656 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
20:51:13.0828 3656 wdmaud - ok
20:51:13.0875 3656 WebClient (265f534ef76832435afbf771ec97176d) C:\WINDOWS\System32\webclnt.dll
20:51:13.0890 3656 WebClient - ok
20:51:13.0984 3656 winmgmt (f399242a80c4066fd155efa4cf96658e) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:51:14.0000 3656 winmgmt - ok
20:51:14.0046 3656 WmdmPmSN (c086483e3dba8c1c0a687ec8d5b3d4c1) C:\WINDOWS\system32\mspmsnsv.dll
20:51:14.0046 3656 WmdmPmSN - ok
20:51:14.0109 3656 WmiApSrv (ba8cecc3e813e1f7c441b20393d4f86c) C:\WINDOWS\System32\wbem\wmiapsrv.exe
20:51:14.0109 3656 WmiApSrv - ok
20:51:14.0234 3656 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
20:51:14.0265 3656 WMPNetworkSvc - ok
20:51:14.0718 3656 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:51:14.0828 3656 WPFFontCache_v0400 - ok
20:51:14.0984 3656 wscsvc (4d59daa66c60858cdf4f67a900f42d4a) C:\WINDOWS\system32\wscsvc.dll
20:51:14.0984 3656 wscsvc - ok
20:51:15.0031 3656 wuauserv (13d72740963cba12d9ff76a7f218bcd8) C:\WINDOWS\system32\wuauserv.dll
20:51:15.0031 3656 wuauserv - ok
20:51:15.0078 3656 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:51:15.0093 3656 WudfPf - ok
20:51:15.0140 3656 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:51:15.0140 3656 WudfRd - ok
20:51:15.0171 3656 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:51:15.0171 3656 WudfSvc - ok
20:51:15.0234 3656 WZCSVC (5a91e6feab9f901302fa7ff768c0120f) C:\WINDOWS\System32\wzcsvc.dll
20:51:15.0250 3656 WZCSVC - ok
20:51:15.0312 3656 xmlprov (eef46dab68229a14da3d8e73c99e2959) C:\WINDOWS\System32\xmlprov.dll
20:51:15.0312 3656 xmlprov - ok
20:51:15.0375 3656 {6080A529-897E-4629-A488-ABA0C29B635E} (61002db7b6efb5711685b9d79b8e8ce6) C:\WINDOWS\system32\drivers\ialmsbw.sys
20:51:15.0375 3656 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
20:51:15.0421 3656 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (35ce2baa708ea038ab72359de87bab87) C:\WINDOWS\system32\drivers\ialmkchw.sys
20:51:15.0437 3656 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
20:51:15.0468 3656 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
20:51:15.0953 3656 \Device\Harddisk0\DR0 - ok
20:51:15.0968 3656 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR8
20:51:15.0984 3656 \Device\Harddisk1\DR8 - ok
20:51:16.0015 3656 Boot (0x1200) (a69a8b7fd3fdc1f6b30b4c7d402e1417) \Device\Harddisk0\DR0\Partition0
20:51:16.0031 3656 \Device\Harddisk0\DR0\Partition0 - ok
20:51:16.0031 3656 Boot (0x1200) (a4f676b341f50965d6855effaf39bfed) \Device\Harddisk1\DR8\Partition0
20:51:16.0046 3656 \Device\Harddisk1\DR8\Partition0 - ok
20:51:16.0046 3656 ============================================================
20:51:16.0046 3656 Scan finished
20:51:16.0046 3656 ============================================================
20:51:16.0062 1252 Detected object count: 0
20:51:16.0062 1252 Actual detected object count: 0
20:54:41.0656 1180 Deinitialize success

#6 cryptodan

cryptodan

    Bleepin Madman

  • Inactive Staff
  • PipPipPipPipPipPip
  • 19,032 posts
  • Gender:Male
  • Location:Catonsville, Md

Posted 17 May 2012 - 08:02 PM

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

#7 rcmutz

rcmutz

    Member

  • Members
  • PipPip
  • 25 posts

Posted 17 May 2012 - 08:11 PM

Farbar Service Scanner Version: 17-05-2012
Ran by Owner (administrator) on 17-05-2012 at 21:10:39
Running from "C:\Documents and Settings\Owner\Desktop"
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.

IpSec Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open IpSec registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open IpSec registry key. The service key does not exist.


Connection Status:
==============
Localhost is blocked.
There is no connection to network.
Attempt to access Google IP returned error: Other errors
Attempt to access Yahoo IP returned error: Other errors


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2011-05-17 18:45] - [2006-05-19 08:59] - 0111616 ____A (Microsoft Corporation) EF545E1A4B043DA4C84E230DD471C55F

C:\WINDOWS\system32\Drivers\afd.sys
[2011-05-17 18:45] - [2008-08-14 05:51] - 0138368 ____A (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\system32\Drivers\netbt.sys
[2011-05-17 18:45] - [2004-08-04 02:14] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[2011-05-17 18:45] - [2008-06-20 06:45] - 0360320 ____A (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\system32\Drivers\ipsec.sys
[2011-05-17 18:45] - [2004-08-04 02:14] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[2003-07-16 16:27] - [2004-08-04 03:56] - 0045568 ____A (Microsoft Corporation) 7379DE06FD196E396A00AA97B990C00D

C:\WINDOWS\system32\ipnathlp.dll
[2003-07-16 16:30] - [2004-08-04 03:56] - 0331264 ____A (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF

C:\WINDOWS\system32\netman.dll
[2005-08-22 14:36] - [2005-08-22 14:29] - 0197632 ____A (Microsoft Corporation) 36739B39267914BA69AD0610A0299732

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2011-05-14 21:17] - [2004-08-04 03:56] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\srsvc.dll
[2011-05-14 21:19] - [2004-08-04 03:56] - 0170496 ____A (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838

C:\WINDOWS\system32\Drivers\sr.sys
[2011-05-17 18:45] - [2004-08-04 02:06] - 0073472 ____A (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24

C:\WINDOWS\system32\wscsvc.dll
[2004-08-04 03:56] - [2004-08-04 03:56] - 0081408 ____A (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2011-05-14 21:17] - [2004-08-04 03:56] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\wuauserv.dll
[2011-05-14 21:17] - [2004-08-04 03:56] - 0006656 ____A (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8

C:\WINDOWS\system32\qmgr.dll
[2011-05-17 18:46] - [2004-08-04 03:56] - 0382464 ____A (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA

C:\WINDOWS\system32\es.dll
[2005-07-26 00:31] - [2008-07-07 16:32] - 0253952 ____A (Microsoft Corporation) 60D1A6342238378BFB7545C81EE3606C

C:\WINDOWS\system32\cryptsvc.dll
[2003-07-16 16:26] - [2004-08-04 03:56] - 0060416 ____A (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B

C:\WINDOWS\system32\svchost.exe
[2003-07-16 16:47] - [2004-08-04 03:56] - 0014336 ____A (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll
[2005-07-26 00:31] - [2009-02-09 06:20] - 0399360 ____A (Microsoft Corporation) 01095FEBF33BEEA00C2A0730B9B3EC28

C:\WINDOWS\system32\services.exe
[2011-05-17 18:45] - [2009-02-06 13:14] - 0110592 ____A (Microsoft Corporation) 37561F8D4160D62DA86D24AE41FAE8DE


Extra List:
=======
Gpc(3) NetBT(6) PSched(7) Tcpip(4) Tcpip6(8)
0x080000000500000001000000020000000300000004000000060000000700000008000000
ATTENTION!=====> IpSec Tag value should be 5. ATTENTION!=====> IpSec Tag value is missing and it should be 5.

**** End of log ****

#8 cryptodan

cryptodan

    Bleepin Madman

  • Inactive Staff
  • PipPipPipPipPipPip
  • 19,032 posts
  • Gender:Male
  • Location:Catonsville, Md

Posted 17 May 2012 - 08:16 PM

Please follow the instructions in ==>This Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

#9 rcmutz

rcmutz

    Member

  • Members
  • PipPip
  • 25 posts

Posted 19 May 2012 - 09:19 AM

Logs have been posted to the other forum at the location:

http://www.bleepingcomputer.com/forums/topic454082.html

#10 rigel

rigel

    FD-BC

  • BC Advisor
  • PipPipPipPipPipPip
  • 12,936 posts
  • Gender:Male
  • Location:South Carolina - USA

Posted 19 May 2012 - 01:40 PM

Hi rcmutz,

As you has successfully opened a new malware topic, this topic will now be closed. You are in good hands. :thumbup2:

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. – Will Smith

Back to Windows XP Home and Professional


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Operating Systems
  3. Windows XP Home and Professional
  4. Privacy Policy
  5. Rules ·