Help
This topic is locked
Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 100.00 0 K 16 K
System 4 0 K 212 K
Interrupts n/a < 0.01 0 K 0 K Hardware Interrupts and DPCs
smss.exe 584 168 K 424 K Windows NT Session Manager Microsoft Corporation
csrss.exe 632 1,660 K 4,052 K Client Server Runtime Process Microsoft Corporation
winlogon.exe 656 7,232 K 1,508 K Windows NT Logon Application Microsoft Corporation
services.exe 700 1,800 K 3,584 K Services and Controller app Microsoft Corporation
svchost.exe 912 3,100 K 5,224 K Generic Host Process for Win32 Services Microsoft Corporation
wmiprvse.exe 428 2,228 K 4,904 K WMI Microsoft Corporation
svchost.exe 980 1,852 K 4,596 K Generic Host Process for Win32 Services Microsoft Corporation
MsMpEng.exe 1080 112,932 K 78,804 K Antimalware Service Executable Microsoft Corporation
svchost.exe 1116 25,556 K 37,724 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1236 1,556 K 3,852 K Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1356 1,480 K 3,932 K Generic Host Process for Win32 Services Microsoft Corporation
spoolsv.exe 1508 5,172 K 7,624 K Spooler SubSystem App Microsoft Corporation
svchost.exe 420 1,300 K 3,836 K Generic Host Process for Win32 Services Microsoft Corporation
jqs.exe 528 2,224 K 1,396 K Java™ Quick Starter Service Sun Microsystems, Inc.
M4-Service.exe 784 4,116 K 6,116 K
M4-Capture.exe 2408 836 K 2,940 K
mbamservice.exe 1704 3,112 K 5,672 K Malwarebytes' Anti-Malware Malwarebytes Corporation
SMAgent.exe 1824 524 K 1,820 K SoundMAX service agent component Analog Devices, Inc.
svchost.exe 1976 2,460 K 4,360 K Generic Host Process for Win32 Services Microsoft Corporation
wdfmgr.exe 432 1,520 K 1,824 K Windows User Mode Driver Manager Microsoft Corporation
alg.exe 2436 1,156 K 3,652 K Application Layer Gateway Service Microsoft Corporation
lsass.exe 712 3,904 K 1,276 K LSA Shell (Export Version) Microsoft Corporation
explorer.exe 1864 16,732 K 25,008 K Windows Explorer Microsoft Corporation
SMTray.exe 2008 696 K 2,784 K SoundMAX System Tray Analog Devices, Inc.
DrvLsnr.exe 2016 1,760 K 2,448 K DrvLsnr adi
hkcmd.exe 2032 740 K 2,748 K hkcmd Module Intel Corporation
igfxpers.exe 2040 724 K 2,800 K persistence Module Intel Corporation
WinPatrol.exe 120 1,732 K 5,256 K WinPatrol System Monitor BillP Studios
msseces.exe 172 6,100 K 10,552 K Microsoft Security Client User Interface Microsoft Corporation
iexplore.exe 2376 9,292 K 4,448 K Internet Explorer Microsoft Corporation
iexplore.exe 3412 108,360 K 120,128 K Internet Explorer Microsoft Corporation
iexplore.exe 3760 141,648 K 156,064 K Internet Explorer Microsoft Corporation
procexp.exe 3272 11,308 K 11,492 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
ctfmon.exe 2796 988 K 3,820 K CTF Loader Microsoft Corporation
Forum Guidelines
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help
Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient. DO NOT RUN ComboFix unless requested to. Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
DDS log requested from "Am I infected..." forum IE 8 using lots of memory, creating multiple instances of iexplore.exe
Back to top
#17
- I know the drill!
-
- Group: Malware Response Instructor
- Posts: 29,114
- Joined: 24-July 08
- Gender:Male
- Location:London, UK
Posted 17 October 2011 - 01:34 PM
Quote
iexplore.exe 2376 9,292 K 4,448 K Internet Explorer Microsoft Corporation
iexplore.exe 3412 108,360 K 120,128 K Internet Explorer Microsoft Corporation
iexplore.exe 3760 141,648 K 156,064 K Internet Explorer Microsoft Corporation
iexplore.exe 3412 108,360 K 120,128 K Internet Explorer Microsoft Corporation
iexplore.exe 3760 141,648 K 156,064 K Internet Explorer Microsoft Corporation
That looks pretty high. Please run MiniToolbox
Please download MiniToolBox, save it to your desktop and run it.
Checkmark following checkboxes:
- Flush DNS
- Report IE Proxy Settings
- Reset IE Proxy Settings
- List content of Hosts
- List IP configuration
- List last 10 Event Viewer log
- List Users, Partitions and Memory size.
- List Minidump Files.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
If I have helped you fix your PC then please donate. Thanks
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)
#18
- Member
-
- Group: Members
- Posts: 21
- Joined: 11-September 10
Posted 17 October 2011 - 06:33 PM
MiniToolBox by Farbar
Ran by Marty (administrator) on 17-10-2011 at 19:22:24
Microsoft Windows XP Service Pack 3 (X86)
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip
# Interface IP Configuration for "Local Area Connection"
set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
popd
# End of interface IP configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : marty-home
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet for hp
Physical Address. . . . . . . . . : 00-11-0A-32-3F-F1
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
71.242.0.12
Lease Obtained. . . . . . . . . . : Monday, October 17, 2011 4:33:20 PM
Lease Expires . . . . . . . . . . : Tuesday, October 18, 2011 4:33:20 PM
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1
Name: google.com
Addresses: 72.14.204.103, 72.14.204.99, 72.14.204.104, 72.14.204.147
72.14.204.105
Pinging google.com [72.14.204.147] with 32 bytes of data:
Reply from 72.14.204.147: bytes=32 time=10ms TTL=55
Reply from 72.14.204.147: bytes=32 time=14ms TTL=55
Ping statistics for 72.14.204.147:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 14ms, Average = 12ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1
Name: yahoo.com
Addresses: 72.30.2.43, 98.137.149.56, 98.139.180.149, 209.191.122.70
67.195.160.76
Pinging yahoo.com [98.139.180.149] with 32 bytes of data:
Reply from 98.139.180.149: bytes=32 time=240ms TTL=50
Reply from 98.139.180.149: bytes=32 time=26ms TTL=51
Ping statistics for 98.139.180.149:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 26ms, Maximum = 240ms, Average = 133ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 11 0a 32 3f f1 ...... Broadcom NetXtreme Gigabit Ethernet for hp - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.2 192.168.1.2 20
192.168.1.2 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.2 192.168.1.2 20
224.0.0.0 240.0.0.0 192.168.1.2 192.168.1.2 20
255.255.255.255 255.255.255.255 192.168.1.2 192.168.1.2 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Event log errors: ===============================
Application errors:
==================
Error: (10/15/2011 10:22:35 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
Error: (10/14/2011 06:52:31 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
Error: (10/13/2011 07:53:21 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (10/12/2011 11:07:07 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 0x80070670, P2 patchapplication, P3 am bdd, P4 10.3.1781.0, P5 mpsigstub.exe, P6 3.0.8402.0, P7 microsoft security essentials, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
Error: (10/11/2011 02:38:09 PM) (Source: Application Hang) (User: )
Description: Fault bucket -2070752520.
Error: (10/11/2011 02:37:54 PM) (Source: Application Hang) (User: )
Description: Hanging application MSPUB.EXE, version 12.0.6546.5000, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (10/07/2011 11:46:05 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (10/03/2011 04:35:49 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile, P4 3.0.8402.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
Error: (09/24/2011 01:33:00 PM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.
Error: (09/24/2011 01:32:58 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
System errors:
=============
Error: (10/17/2011 04:33:39 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/17/2011 03:38:08 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/17/2011 02:51:21 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/17/2011 01:55:27 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/16/2011 09:23:36 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/16/2011 09:10:36 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/16/2011 01:28:11 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/16/2011 01:12:14 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/15/2011 04:47:15 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/15/2011 02:14:05 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Microsoft Office Sessions:
=========================
========================= Memory info: ===================================
Percentage of memory in use: 49%
Total physical RAM: 1015.48 MB
Available physical RAM: 512.66 MB
Total Pagefile: 1678.08 MB
Available Pagefile: 1286.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1993.91 MB
========================= Partitions: =====================================
2 Drive c: (Marty's C Drive) (Fixed) (Total:232.88 GB) (Free:133.25 GB) NTFS
========================= Users: ========================================
User accounts for \\MARTY-HOME
Administrator Guest HelpAssistant
Marty SUPPORT_388945a0 VUSR_MARTY-HOME
========================= Minidump Files ==================================
No minidump file found
**** End of log ****
Ran by Marty (administrator) on 17-10-2011 at 19:22:24
Microsoft Windows XP Service Pack 3 (X86)
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip
# Interface IP Configuration for "Local Area Connection"
set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
popd
# End of interface IP configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : marty-home
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet for hp
Physical Address. . . . . . . . . : 00-11-0A-32-3F-F1
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
71.242.0.12
Lease Obtained. . . . . . . . . . : Monday, October 17, 2011 4:33:20 PM
Lease Expires . . . . . . . . . . : Tuesday, October 18, 2011 4:33:20 PM
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1
Name: google.com
Addresses: 72.14.204.103, 72.14.204.99, 72.14.204.104, 72.14.204.147
72.14.204.105
Pinging google.com [72.14.204.147] with 32 bytes of data:
Reply from 72.14.204.147: bytes=32 time=10ms TTL=55
Reply from 72.14.204.147: bytes=32 time=14ms TTL=55
Ping statistics for 72.14.204.147:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 14ms, Average = 12ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1
Name: yahoo.com
Addresses: 72.30.2.43, 98.137.149.56, 98.139.180.149, 209.191.122.70
67.195.160.76
Pinging yahoo.com [98.139.180.149] with 32 bytes of data:
Reply from 98.139.180.149: bytes=32 time=240ms TTL=50
Reply from 98.139.180.149: bytes=32 time=26ms TTL=51
Ping statistics for 98.139.180.149:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 26ms, Maximum = 240ms, Average = 133ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 11 0a 32 3f f1 ...... Broadcom NetXtreme Gigabit Ethernet for hp - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.2 192.168.1.2 20
192.168.1.2 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.2 192.168.1.2 20
224.0.0.0 240.0.0.0 192.168.1.2 192.168.1.2 20
255.255.255.255 255.255.255.255 192.168.1.2 192.168.1.2 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Event log errors: ===============================
Application errors:
==================
Error: (10/15/2011 10:22:35 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
Error: (10/14/2011 06:52:31 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
Error: (10/13/2011 07:53:21 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (10/12/2011 11:07:07 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 0x80070670, P2 patchapplication, P3 am bdd, P4 10.3.1781.0, P5 mpsigstub.exe, P6 3.0.8402.0, P7 microsoft security essentials, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
Error: (10/11/2011 02:38:09 PM) (Source: Application Hang) (User: )
Description: Fault bucket -2070752520.
Error: (10/11/2011 02:37:54 PM) (Source: Application Hang) (User: )
Description: Hanging application MSPUB.EXE, version 12.0.6546.5000, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (10/07/2011 11:46:05 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (10/03/2011 04:35:49 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile, P4 3.0.8402.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.
Error: (09/24/2011 01:33:00 PM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.
Error: (09/24/2011 01:32:58 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
System errors:
=============
Error: (10/17/2011 04:33:39 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/17/2011 03:38:08 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/17/2011 02:51:21 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/17/2011 01:55:27 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/16/2011 09:23:36 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/16/2011 09:10:36 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/16/2011 01:28:11 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/16/2011 01:12:14 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/15/2011 04:47:15 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Error: (10/15/2011 02:14:05 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
i8042prt
Microsoft Office Sessions:
=========================
========================= Memory info: ===================================
Percentage of memory in use: 49%
Total physical RAM: 1015.48 MB
Available physical RAM: 512.66 MB
Total Pagefile: 1678.08 MB
Available Pagefile: 1286.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1993.91 MB
========================= Partitions: =====================================
2 Drive c: (Marty's C Drive) (Fixed) (Total:232.88 GB) (Free:133.25 GB) NTFS
========================= Users: ========================================
User accounts for \\MARTY-HOME
Administrator Guest HelpAssistant
Marty SUPPORT_388945a0 VUSR_MARTY-HOME
========================= Minidump Files ==================================
No minidump file found
**** End of log ****
#19
- I know the drill!
-
- Group: Malware Response Instructor
- Posts: 29,114
- Joined: 24-July 08
- Gender:Male
- Location:London, UK
Posted 17 October 2011 - 08:26 PM
Nothing malicious there and I think it's probably now a system issue. The error message points to a problem with your mouse.
This driver file is failing, http://www.file.net/process/i8042prt.sys.html
I would run sfc/ scannow and see what it can find
Go to the Run box on the Start Menu and type in:
sfc /scannow
Press Enter
More info on this process can be found here.
Please post back to let me know if that went okay.
This driver file is failing, http://www.file.net/process/i8042prt.sys.html
I would run sfc/ scannow and see what it can find
Go to the Run box on the Start Menu and type in:
sfc /scannow
Press Enter
More info on this process can be found here.
Please post back to let me know if that went okay.
If I have helped you fix your PC then please donate. Thanks
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)
#20
- I know the drill!
-
- Group: Malware Response Instructor
- Posts: 29,114
- Joined: 24-July 08
- Gender:Male
- Location:London, UK
Posted 20 October 2011 - 07:36 PM
You still there, MartyL?
If I have helped you fix your PC then please donate. Thanks
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)
#21
- Member
-
- Group: Members
- Posts: 21
- Joined: 11-September 10
Posted 21 October 2011 - 09:45 AM
Please forgive me for not getting back to you sooner. I ran into a major issue with my vehicle and have been in the process of tearing down the engine since Monday. I will do sfc /scannow today and post by this evening. Thank you in advance for your continued help and patience. It is appreciated.
Marty
Marty
#22
- Member
-
- Group: Members
- Posts: 21
- Joined: 11-September 10
Posted 21 October 2011 - 10:28 AM
Hi m0le,
This finished faster than I thought and I had a break in for a little bit so... The results of sfc were that it requested the XP CD and it was spinning at least for the first 5 minutes sfc ran. It completed with no more dialogs.
Marty
This finished faster than I thought and I had a break in for a little bit so... The results of sfc were that it requested the XP CD and it was spinning at least for the first 5 minutes sfc ran. It completed with no more dialogs.
Marty
#23
- I know the drill!
-
- Group: Malware Response Instructor
- Posts: 29,114
- Joined: 24-July 08
- Gender:Male
- Location:London, UK
Posted 21 October 2011 - 06:17 PM
That looks as far as I can go on this forum, MartyL.
Are there any issues left now?
Are there any issues left now?
If I have helped you fix your PC then please donate. Thanks
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)
#24
- Member
-
- Group: Members
- Posts: 21
- Joined: 11-September 10
Posted 21 October 2011 - 07:49 PM
Hi m0le,
IE still acts the same as it did before but I guess that is how Microsoft wants it. Thank you kindly for all of your efforts.
Sincerely,
Marty
IE still acts the same as it did before but I guess that is how Microsoft wants it. Thank you kindly for all of your efforts.
Sincerely,
Marty
#25
- I know the drill!
-
- Group: Malware Response Instructor
- Posts: 29,114
- Joined: 24-July 08
- Gender:Male
- Location:London, UK
Posted 21 October 2011 - 08:22 PM
If I have helped you fix your PC then please donate. Thanks
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)
#26
- I know the drill!
-
- Group: Malware Response Instructor
- Posts: 29,114
- Joined: 24-July 08
- Gender:Male
- Location:London, UK
Posted 24 October 2011 - 06:53 PM
It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
If I have helped you fix your PC then please donate. Thanks
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)
