BleepingComputer.com: Internet connection not working after Antivirus 2012 removal

Jump to content

Forum Guidelines

Posted Image Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Posted Image Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.


Posted Image DO NOT RUN ComboFix unless requested to.


Posted Image Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


Posted Image When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Posted Image Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
  • 3 Pages +
  • 1
  • 2
  • 3
  • You cannot start a new topic
  • This topic is locked

Internet connection not working after Antivirus 2012 removal

#31 User is offline   CatByte 

  • Bleepin' curls!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 7,857
  • Joined: 09-November 08
  • Gender:Not Telling
  • Location:Canada

Posted 22 January 2012 - 07:11 PM

Hi

this is very puzzling as the logs show that the computer is connecting

Quote

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Also the nslookup returns the IP addresses:

Quote

Name: google.com
Addresses: 74.125.227.52, 74.125.227.48, 74.125.227.49, 74.125.227.50
74.125.227.51


The problem is that the system is not able to resolve the host name to an IP address:

Quote

Ping request could not find host Google.com. Please check the name and try again.


To test this > copy and paste the following into your address bar, it should give you your router's main webpage:

http://192.168.2.1


then typing the following should connect you to Bleeping Computer:

http://208.43.87.2


Then the following should give you Google:

http://74.125.227.51


try all of them, see if you can reach the web sites through the address bar.

Let's run TDSSKiller in case there is some left over infection:


Please download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • Press Start Scan
    • Only if Malicious objects are found then ensure Cure is selected
    • Then click Continue > Reboot now

  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)




NEXT


Uninstall SP3, use sfc /scannow to restore as many SP2 files as you can. Then re-install SP3 and see if it resolves the issue.




  • Click Start, click Run, copy/paste the following into the open run box:
    c:\windows\$NtServicePackUninstall$\spuninst\spuninst.exe then click OK.
  • When the Windows XP Service Pack 3 Removal Wizard starts, click Next.
  • Follow the instructions on the screen to remove Windows XP SP3.




To use System File Checker, follow these steps:

  • Click Start, click Run, type cmd.exe, and then click OK.
  • At the command prompt, type sfc /scannow, and then press ENTER.
    Note This command may take several minutes to finish. You may be prompted to provide Windows installation source files when you run the sfc /scannow command.
  • At the command prompt, type exit, and then press ENTER to close the command prompt.







Then go to MS to download and reinstall the service pack:

Download the latest Windows XP service pack from the Microsoft Download Center
You can download the stand-alone update package from the Download Center.
This page will say that this installation package is intended for IT professionals and developers. However, you can safely download this file.

http://www.microsoft.com/downloads/details...08-1E1555D4F3D4
The help you receive here is free. If you wish to show your appreciation, then you may Posted Image
Microsoft MVP - 2010, 2011

#32 User is offline   librarylady1 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 46
  • Joined: 01-December 11

Posted 22 January 2012 - 10:07 PM

Ok, I am in a pickle I think. I followed the directions with the following results:

I connected to the router--which connected and then it ran an auto detect problem program when it noticed an error (Centurylink). I let it try to diagnose the problem which told me to power cycle the modem--which I did--but the result was "connectivity test failed" it stated.

However, when I connected directly to Google--it connected with no problem.

Bleepingcomputer--would not connect--must be something still infected in there!! Tried a couple of times afraid I'd typed in the address wrong--nothing.

Next-ran TDSSKiller (I will paste log at end of the reply)--said it found nothing.

Uninstalled SP3

Ran scannow command--and now I am looking at a Windows File Protection window asking me to insert the XP Pro CD2. All I have is a System Recovery CD that came with this Gateway with the XP Media Center Edition 2005. I am afraid if I put it in, I will erase everything on my machine. Any recommendations? This is where I have stopped until further notice (I don't want to lose all my data--as I still have all of it right now).
Here is the log from Killer:
19:21:21.0796 1872 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
19:21:21.0796 1872 ============================================================
19:21:21.0796 1872 Current date / time: 2012/01/22 19:21:21.0796
19:21:21.0796 1872 SystemInfo:
19:21:21.0796 1872
19:21:21.0796 1872 OS Version: 5.1.2600 ServicePack: 3.0
19:21:21.0796 1872 Product type: Workstation
19:21:21.0796 1872 ComputerName: YOUR-E0685BB06C
19:21:21.0796 1872 UserName: Owner
19:21:21.0796 1872 Windows directory: C:\WINDOWS
19:21:21.0796 1872 System windows directory: C:\WINDOWS
19:21:21.0796 1872 Processor architecture: Intel x86
19:21:21.0796 1872 Number of processors: 2
19:21:21.0796 1872 Page size: 0x1000
19:21:21.0796 1872 Boot type: Normal boot
19:21:21.0796 1872 ============================================================
19:21:23.0281 1872 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:21:23.0406 1872 Drive \Device\Harddisk5\DR11 - Size: 0xEFBFFE00 (3.75 Gb), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:21:23.0531 1872 Initialize success
19:21:38.0562 3780 ============================================================
19:21:38.0562 3780 Scan started
19:21:38.0562 3780 Mode: Manual;
19:21:38.0562 3780 ============================================================
19:21:38.0906 3780 Abiosdsk - ok
19:21:38.0937 3780 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
19:21:38.0937 3780 abp480n5 - ok
19:21:39.0000 3780 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:21:39.0000 3780 ACPI - ok
19:21:39.0031 3780 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:21:39.0031 3780 ACPIEC - ok
19:21:39.0046 3780 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
19:21:39.0046 3780 adpu160m - ok
19:21:39.0078 3780 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:21:39.0078 3780 aec - ok
19:21:39.0140 3780 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
19:21:39.0140 3780 AFD - ok
19:21:39.0171 3780 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
19:21:39.0171 3780 agp440 - ok
19:21:39.0187 3780 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
19:21:39.0187 3780 agpCPQ - ok
19:21:39.0203 3780 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
19:21:39.0203 3780 Aha154x - ok
19:21:39.0203 3780 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
19:21:39.0218 3780 aic78u2 - ok
19:21:39.0218 3780 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
19:21:39.0218 3780 aic78xx - ok
19:21:39.0234 3780 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
19:21:39.0234 3780 AliIde - ok
19:21:39.0250 3780 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
19:21:39.0250 3780 alim1541 - ok
19:21:39.0265 3780 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
19:21:39.0265 3780 amdagp - ok
19:21:39.0281 3780 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
19:21:39.0281 3780 amsint - ok
19:21:39.0312 3780 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:21:39.0312 3780 Arp1394 - ok
19:21:39.0328 3780 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
19:21:39.0328 3780 asc - ok
19:21:39.0343 3780 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
19:21:39.0343 3780 asc3350p - ok
19:21:39.0343 3780 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
19:21:39.0343 3780 asc3550 - ok
19:21:39.0406 3780 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
19:21:39.0406 3780 ASCTRM - ok
19:21:39.0421 3780 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:21:39.0421 3780 AsyncMac - ok
19:21:39.0453 3780 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:21:39.0453 3780 atapi - ok
19:21:39.0453 3780 Atdisk - ok
19:21:39.0515 3780 ATIAVPCI (a42fa313df3937f9edf028ea0e153dce) C:\WINDOWS\system32\DRIVERS\atinavxx.sys
19:21:39.0515 3780 ATIAVPCI - ok
19:21:39.0546 3780 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:21:39.0546 3780 Atmarpc - ok
19:21:39.0593 3780 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:21:39.0593 3780 audstub - ok
19:21:39.0609 3780 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:21:39.0609 3780 Beep - ok
19:21:39.0625 3780 catchme - ok
19:21:39.0625 3780 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
19:21:39.0640 3780 cbidf - ok
19:21:39.0640 3780 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:21:39.0640 3780 cbidf2k - ok
19:21:39.0671 3780 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:21:39.0671 3780 CCDECODE - ok
19:21:39.0687 3780 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
19:21:39.0687 3780 cd20xrnt - ok
19:21:39.0718 3780 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:21:39.0718 3780 Cdaudio - ok
19:21:39.0718 3780 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:21:39.0718 3780 Cdfs - ok
19:21:39.0750 3780 Cdr4_xp (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
19:21:39.0750 3780 Cdr4_xp - ok
19:21:39.0765 3780 Cdralw2k (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
19:21:39.0765 3780 Cdralw2k - ok
19:21:39.0796 3780 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:21:39.0796 3780 Cdrom - ok
19:21:39.0812 3780 Changer - ok
19:21:39.0828 3780 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
19:21:39.0828 3780 CmdIde - ok
19:21:39.0843 3780 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
19:21:39.0859 3780 Cpqarray - ok
19:21:39.0890 3780 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
19:21:39.0890 3780 dac2w2k - ok
19:21:39.0906 3780 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
19:21:39.0906 3780 dac960nt - ok
19:21:39.0953 3780 DcCam (1b269ed3eb2d81ec11cd5b0544e89962) C:\WINDOWS\system32\DRIVERS\DcCam.sys
19:21:39.0953 3780 DcCam - ok
19:21:39.0984 3780 DcFpoint (bd6ce20068159f9714ebe9e76decab2c) C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
19:21:40.0000 3780 DcFpoint - ok
19:21:40.0031 3780 DCFS2K (1315e0b5b6fc1fe930ee3498309700bd) C:\WINDOWS\system32\drivers\dcfs2k.sys
19:21:40.0031 3780 DCFS2K - ok
19:21:40.0171 3780 DcLps (5f5055efb3e0820f349924e7c5bd5af4) C:\WINDOWS\system32\DRIVERS\DcLps.sys
19:21:40.0171 3780 DcLps - ok
19:21:40.0218 3780 DcPTP (31689427da60a724b31a622b35ed21ec) C:\WINDOWS\system32\DRIVERS\DcPTP.sys
19:21:40.0218 3780 DcPTP - ok
19:21:40.0234 3780 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:21:40.0234 3780 Disk - ok
19:21:40.0281 3780 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
19:21:40.0296 3780 dmboot - ok
19:21:40.0328 3780 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
19:21:40.0343 3780 dmio - ok
19:21:40.0343 3780 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:21:40.0343 3780 dmload - ok
19:21:40.0375 3780 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:21:40.0375 3780 DMusic - ok
19:21:40.0390 3780 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
19:21:40.0390 3780 dpti2o - ok
19:21:40.0406 3780 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:21:40.0406 3780 drmkaud - ok
19:21:40.0468 3780 E100B (6ca101f9aa3d845ba31f6e13c01301a8) C:\WINDOWS\system32\DRIVERS\e100b325.sys
19:21:40.0468 3780 E100B - ok
19:21:40.0531 3780 Exportit (f85ffdeae43f9e9a7c3f4e3cc5ef09eb) C:\WINDOWS\system32\DRIVERS\exportit.sys
19:21:40.0531 3780 Exportit - ok
19:21:40.0593 3780 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:21:40.0593 3780 Fastfat - ok
19:21:40.0640 3780 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:21:40.0640 3780 Fdc - ok
19:21:40.0671 3780 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
19:21:40.0671 3780 Fips - ok
19:21:40.0718 3780 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:21:40.0718 3780 Flpydisk - ok
19:21:40.0765 3780 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:21:40.0765 3780 FltMgr - ok
19:21:40.0812 3780 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:21:40.0812 3780 Fs_Rec - ok
19:21:40.0828 3780 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:21:40.0828 3780 Ftdisk - ok
19:21:40.0890 3780 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
19:21:40.0890 3780 GEARAspiWDM - ok
19:21:40.0921 3780 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:21:40.0921 3780 Gpc - ok
19:21:41.0000 3780 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:21:41.0000 3780 HDAudBus - ok
19:21:41.0015 3780 HidIr (bb1a6fb7d35a91e599973fa74a619056) C:\WINDOWS\system32\DRIVERS\hidir.sys
19:21:41.0015 3780 HidIr - ok
19:21:41.0031 3780 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:21:41.0031 3780 HidUsb - ok
19:21:41.0046 3780 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
19:21:41.0046 3780 hpn - ok
19:21:41.0093 3780 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:21:41.0093 3780 HPZid412 - ok
19:21:41.0140 3780 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:21:41.0140 3780 HPZipr12 - ok
19:21:41.0187 3780 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:21:41.0187 3780 HPZius12 - ok
19:21:41.0250 3780 HSFHWBS2 (33dfc0afa95f9a2c753ff2adb7d4a21f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
19:21:41.0250 3780 HSFHWBS2 - ok
19:21:41.0406 3780 HSF_DP (b2dfc168d6f7512faea085253c5a37ad) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
19:21:41.0437 3780 HSF_DP - ok
19:21:41.0500 3780 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:21:41.0500 3780 HTTP - ok
19:21:41.0515 3780 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
19:21:41.0515 3780 i2omgmt - ok
19:21:41.0531 3780 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
19:21:41.0531 3780 i2omp - ok
19:21:41.0546 3780 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:21:41.0546 3780 i8042prt - ok
19:21:41.0625 3780 ialm (d95eb1c9b3a5c2f6fdeab05dd03736fe) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
19:21:41.0640 3780 ialm - ok
19:21:41.0671 3780 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:21:41.0671 3780 Imapi - ok
19:21:41.0687 3780 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
19:21:41.0687 3780 ini910u - ok
19:21:41.0703 3780 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
19:21:41.0703 3780 IntelIde - ok
19:21:41.0750 3780 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:21:41.0750 3780 intelppm - ok
19:21:41.0781 3780 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:21:41.0781 3780 Ip6Fw - ok
19:21:41.0796 3780 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:21:41.0796 3780 IpFilterDriver - ok
19:21:41.0812 3780 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:21:41.0812 3780 IpInIp - ok
19:21:41.0843 3780 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:21:41.0843 3780 IpNat - ok
19:21:41.0906 3780 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:21:41.0906 3780 IPSec - ok
19:21:41.0937 3780 IrBus (b43b36b382aea10861f7c7a37f9d4ae2) C:\WINDOWS\system32\DRIVERS\IrBus.sys
19:21:41.0937 3780 IrBus - ok
19:21:41.0968 3780 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:21:41.0968 3780 IRENUM - ok
19:21:42.0015 3780 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:21:42.0015 3780 isapnp - ok
19:21:42.0031 3780 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:21:42.0031 3780 Kbdclass - ok
19:21:42.0046 3780 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:21:42.0062 3780 kbdhid - ok
19:21:42.0109 3780 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:21:42.0109 3780 kmixer - ok
19:21:42.0140 3780 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:21:42.0140 3780 KSecDD - ok
19:21:42.0156 3780 lbrtfdc - ok
19:21:42.0203 3780 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:21:42.0203 3780 mdmxsdk - ok
19:21:42.0250 3780 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
19:21:42.0250 3780 MHNDRV - ok
19:21:42.0281 3780 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:21:42.0281 3780 mnmdd - ok
19:21:42.0328 3780 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
19:21:42.0328 3780 Modem - ok
19:21:42.0343 3780 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:21:42.0343 3780 Mouclass - ok
19:21:42.0453 3780 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:21:42.0453 3780 mouhid - ok
19:21:42.0484 3780 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:21:42.0484 3780 MountMgr - ok
19:21:42.0531 3780 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
19:21:42.0531 3780 MPE - ok
19:21:42.0578 3780 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
19:21:42.0578 3780 mraid35x - ok
19:21:42.0625 3780 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:21:42.0625 3780 MRxDAV - ok
19:21:42.0656 3780 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:21:42.0671 3780 MRxSmb - ok
19:21:42.0703 3780 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:21:42.0703 3780 Msfs - ok
19:21:42.0718 3780 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:21:42.0718 3780 MSKSSRV - ok
19:21:42.0734 3780 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:21:42.0734 3780 MSPCLOCK - ok
19:21:42.0781 3780 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:21:42.0781 3780 MSPQM - ok
19:21:42.0796 3780 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:21:42.0796 3780 mssmbios - ok
19:21:42.0812 3780 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:21:42.0812 3780 MSTEE - ok
19:21:42.0875 3780 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:21:42.0875 3780 Mup - ok
19:21:42.0906 3780 mxnic (e1cdf20697d992cf83ff86dd04df1285) C:\WINDOWS\system32\DRIVERS\mxnic.sys
19:21:42.0906 3780 mxnic - ok
19:21:42.0937 3780 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:21:42.0937 3780 NABTSFEC - ok
19:21:42.0984 3780 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:21:42.0984 3780 NDIS - ok
19:21:43.0015 3780 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:21:43.0015 3780 NdisIP - ok
19:21:43.0078 3780 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:21:43.0078 3780 NdisTapi - ok
19:21:43.0093 3780 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:21:43.0093 3780 Ndisuio - ok
19:21:43.0140 3780 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:21:43.0140 3780 NdisWan - ok
19:21:43.0171 3780 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:21:43.0171 3780 NDProxy - ok
19:21:43.0187 3780 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:21:43.0187 3780 NetBIOS - ok
19:21:43.0218 3780 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:21:43.0234 3780 NetBT - ok
19:21:43.0281 3780 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:21:43.0281 3780 NIC1394 - ok
19:21:43.0296 3780 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:21:43.0296 3780 Npfs - ok
19:21:43.0328 3780 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:21:43.0343 3780 Ntfs - ok
19:21:43.0390 3780 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:21:43.0406 3780 Null - ok
19:21:43.0609 3780 nv (55310bbf289cdc07d1a8bdbe3432abbf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:21:43.0703 3780 nv - ok
19:21:43.0750 3780 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:21:43.0750 3780 NwlnkFlt - ok
19:21:43.0750 3780 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:21:43.0750 3780 NwlnkFwd - ok
19:21:43.0781 3780 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:21:43.0781 3780 ohci1394 - ok
19:21:43.0812 3780 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
19:21:43.0812 3780 P3 - ok
19:21:43.0828 3780 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
19:21:43.0828 3780 Parport - ok
19:21:43.0875 3780 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:21:43.0875 3780 PartMgr - ok
19:21:43.0921 3780 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:21:43.0921 3780 ParVdm - ok
19:21:43.0968 3780 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
19:21:43.0968 3780 PCI - ok
19:21:43.0984 3780 PCIDump - ok
19:21:44.0000 3780 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:21:44.0000 3780 PCIIde - ok
19:21:44.0031 3780 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:21:44.0031 3780 Pcmcia - ok
19:21:44.0046 3780 PDCOMP - ok
19:21:44.0046 3780 PDFRAME - ok
19:21:44.0062 3780 PDRELI - ok
19:21:44.0078 3780 PDRFRAME - ok
19:21:44.0093 3780 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
19:21:44.0093 3780 perc2 - ok
19:21:44.0125 3780 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
19:21:44.0125 3780 perc2hib - ok
19:21:44.0156 3780 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:21:44.0156 3780 PptpMiniport - ok
19:21:44.0171 3780 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:21:44.0171 3780 PSched - ok
19:21:44.0187 3780 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:21:44.0187 3780 Ptilink - ok
19:21:44.0218 3780 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:21:44.0218 3780 PxHelp20 - ok
19:21:44.0250 3780 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
19:21:44.0250 3780 ql1080 - ok
19:21:44.0265 3780 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
19:21:44.0265 3780 Ql10wnt - ok
19:21:44.0281 3780 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
19:21:44.0281 3780 ql12160 - ok
19:21:44.0296 3780 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
19:21:44.0296 3780 ql1240 - ok
19:21:44.0296 3780 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
19:21:44.0312 3780 ql1280 - ok
19:21:44.0328 3780 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:21:44.0328 3780 RasAcd - ok
19:21:44.0343 3780 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:21:44.0343 3780 Rasl2tp - ok
19:21:44.0359 3780 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:21:44.0359 3780 RasPppoe - ok
19:21:44.0375 3780 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:21:44.0375 3780 Raspti - ok
19:21:44.0390 3780 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:21:44.0390 3780 Rdbss - ok
19:21:44.0421 3780 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:21:44.0421 3780 RDPCDD - ok
19:21:44.0437 3780 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:21:44.0453 3780 rdpdr - ok
19:21:44.0500 3780 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
19:21:44.0500 3780 RDPWD - ok
19:21:44.0562 3780 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:21:44.0562 3780 redbook - ok
19:21:44.0609 3780 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:21:44.0609 3780 Secdrv - ok
19:21:44.0625 3780 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:21:44.0625 3780 Serenum - ok
19:21:44.0656 3780 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
19:21:44.0671 3780 Serial - ok
19:21:44.0671 3780 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:21:44.0671 3780 Sfloppy - ok
19:21:44.0734 3780 sfng32 (cecdd7cb5db385775790d30fa10f0507) C:\WINDOWS\system32\drivers\sfng32.sys
19:21:44.0734 3780 sfng32 - ok
19:21:44.0750 3780 Simbad - ok
19:21:44.0781 3780 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
19:21:44.0781 3780 sisagp - ok
19:21:44.0796 3780 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:21:44.0796 3780 SLIP - ok
19:21:44.0828 3780 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
19:21:44.0828 3780 Sparrow - ok
19:21:44.0859 3780 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:21:44.0859 3780 splitter - ok
19:21:44.0906 3780 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
19:21:44.0906 3780 sr - ok
19:21:44.0953 3780 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:21:44.0953 3780 Srv - ok
19:21:45.0046 3780 STHDA (e459a674c2fccfbc69bfd86800791a5d) C:\WINDOWS\system32\drivers\sthda.sys
19:21:45.0062 3780 STHDA - ok
19:21:45.0109 3780 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:21:45.0109 3780 streamip - ok
19:21:45.0156 3780 SunkFilt (86ca1a5c15a5a98d5533945fb1120b05) C:\WINDOWS\System32\Drivers\sunkfilt.sys
19:21:45.0156 3780 SunkFilt - ok
19:21:45.0187 3780 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:21:45.0203 3780 swenum - ok
19:21:45.0234 3780 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:21:45.0234 3780 swmidi - ok
19:21:45.0250 3780 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
19:21:45.0265 3780 symc810 - ok
19:21:45.0265 3780 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
19:21:45.0265 3780 symc8xx - ok
19:21:45.0281 3780 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
19:21:45.0281 3780 sym_hi - ok
19:21:45.0296 3780 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
19:21:45.0296 3780 sym_u3 - ok
19:21:45.0312 3780 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:21:45.0312 3780 sysaudio - ok
19:21:45.0390 3780 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:21:45.0390 3780 Tcpip - ok
19:21:45.0437 3780 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:21:45.0437 3780 TDPIPE - ok
19:21:45.0437 3780 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:21:45.0437 3780 TDTCP - ok
19:21:45.0484 3780 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:21:45.0484 3780 TermDD - ok
19:21:45.0515 3780 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
19:21:45.0531 3780 TosIde - ok
19:21:45.0578 3780 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:21:45.0578 3780 Udfs - ok
19:21:45.0640 3780 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
19:21:45.0640 3780 ultra - ok
19:21:45.0703 3780 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:21:45.0718 3780 Update - ok
19:21:45.0781 3780 USBAAPL (f340199e8cb097e1acd58a967c665919) C:\WINDOWS\system32\Drivers\usbaapl.sys
19:21:45.0781 3780 USBAAPL - ok
19:21:45.0828 3780 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:21:45.0828 3780 usbccgp - ok
19:21:45.0875 3780 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:21:45.0875 3780 usbehci - ok
19:21:45.0921 3780 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:21:45.0921 3780 usbhub - ok
19:21:45.0968 3780 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:21:45.0968 3780 usbprint - ok
19:21:46.0000 3780 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:21:46.0000 3780 usbscan - ok
19:21:46.0031 3780 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:21:46.0031 3780 USBSTOR - ok
19:21:46.0046 3780 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:21:46.0046 3780 usbuhci - ok
19:21:46.0062 3780 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:21:46.0062 3780 VgaSave - ok
19:21:46.0078 3780 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
19:21:46.0078 3780 viaagp - ok
19:21:46.0093 3780 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
19:21:46.0093 3780 ViaIde - ok
19:21:46.0109 3780 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
19:21:46.0109 3780 VolSnap - ok
19:21:46.0140 3780 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:21:46.0140 3780 Wanarp - ok
19:21:46.0218 3780 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
19:21:46.0218 3780 wanatw - ok
19:21:46.0218 3780 WDICA - ok
19:21:46.0250 3780 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:21:46.0265 3780 wdmaud - ok
19:21:46.0343 3780 winachsf (2dc7c0b6175a0a8ed84a4f70199c93b5) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:21:46.0359 3780 winachsf - ok
19:21:46.0421 3780 WpdUsb (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\Drivers\wpdusb.sys
19:21:46.0421 3780 WpdUsb - ok
19:21:46.0437 3780 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:21:46.0437 3780 WS2IFSL - ok
19:21:46.0468 3780 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:21:46.0468 3780 WSTCODEC - ok
19:21:46.0484 3780 MBR (0x1B8) (b20939cd98b7710036274839082ae757) \Device\Harddisk0\DR0
19:21:46.0515 3780 \Device\Harddisk0\DR0 - ok
19:21:46.0515 3780 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk5\DR11
19:21:46.0531 3780 \Device\Harddisk5\DR11 - ok
19:21:46.0562 3780 Boot (0x1200) (c6a79770f18e6621ce02f063c9d9fb53) \Device\Harddisk0\DR0\Partition0
19:21:46.0562 3780 \Device\Harddisk0\DR0\Partition0 - ok
19:21:46.0562 3780 Boot (0x1200) (495a79d6d6d2007b0d69c9943e2e3b65) \Device\Harddisk0\DR0\Partition1
19:21:46.0562 3780 \Device\Harddisk0\DR0\Partition1 - ok
19:21:46.0562 3780 Boot (0x1200) (fe58dbb0a9e1a5bc7d29a436f8ff895d) \Device\Harddisk5\DR11\Partition0
19:21:46.0562 3780 \Device\Harddisk5\DR11\Partition0 - ok
19:21:46.0562 3780 ============================================================
19:21:46.0562 3780 Scan finished
19:21:46.0562 3780 ============================================================
19:21:46.0578 2992 Detected object count: 0
19:21:46.0578 2992 Actual detected object count: 0
19:23:17.0703 2316 Deinitialize success
Thanks!! We can give up on this thing and I take it somewhere if I need to. It just really frustrates me but I don't want to take up too much of your time!!

#33 User is offline   CatByte 

  • Bleepin' curls!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 7,857
  • Joined: 09-November 08
  • Gender:Not Telling
  • Location:Canada

Posted 22 January 2012 - 10:16 PM

Do you have an i386 folder on your C:\ drive? (it may be hidden)

were you able to uninstall SP3?

there are instructions here, that show how to point sfc to look for the needed files in the i386 folder


http://www.bleepingcomputer.com/forums/topic43051.html/page__view__findpost__p__368666
The help you receive here is free. If you wish to show your appreciation, then you may Posted Image
Microsoft MVP - 2010, 2011

#34 User is offline   librarylady1 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 46
  • Joined: 01-December 11

Posted 22 January 2012 - 11:43 PM

I was able to uninstall SP3 but I am in the middle of the scannow with message windows open and afraid to do anything else for fear of losing everything! I have two Window message boxes open in front of the command prompt window that ran scannow. First says "Files that are required for Windows to run properly have been replaced by unrecognized versions. To maintain system stability, Windows must restore the original versions of these files. Insert your Windows XP CD now"

When I tried to cancel that one, the following popped up "You chose not to restore the original versions of the files. This mayaffect Windows stability. Are you sure you want to keep these unrecognized file versions? Yes or No?

Not sure where to go or how to answer-yes or no. I read the link you gave me and I will have to get out of all of the above Windows in order to look for the i386 files or even set a system retore point. Please advise.

#35 User is offline   librarylady1 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 46
  • Joined: 01-December 11

Posted 23 January 2012 - 07:00 AM

Well, I got up this morning and the computer has rebooted itself with missing files. I restarted in Safe Mode, so now I guess I am looking for an i386 folder and trying to install SP2 again? Wondering if I should just try a system restore to yesterday (if available) and give up the ship and take it to a computer tech (although I'm not sure where around here). The i386 makes me a little nervous when I read the directions!

#36 User is offline   CatByte 

  • Bleepin' curls!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 7,857
  • Joined: 09-November 08
  • Gender:Not Telling
  • Location:Canada

Posted 23 January 2012 - 08:20 AM

Hi,

Skip the sfc /scannow
Just download and reinstall Service Pack 3

hopefully that will be enough to replace any corrupt/missing files

then see if you are able to create a connection.
The help you receive here is free. If you wish to show your appreciation, then you may Posted Image
Microsoft MVP - 2010, 2011

#37 User is offline   librarylady1 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 46
  • Joined: 01-December 11

Posted 23 January 2012 - 11:01 PM

I downloaded Service Pack 3 on my flash drive and then installed it on the computer. I was forced to install in Safe Mode as the computer goes into a reboot loop when I try to boot in normal mode (after I uninstalled SP3). Service Pack 3 installed but now the problems are more complicated. Upon reboot, the machine still goes into the reboot loop when trying to reboot into normal mode and I am forced to go into Safe Mode and now I have lost all Internet connectivity--I no longer have a green light on the port and my modem light goes out when I plug into the computer.

I am determined to get this thing going (I was tired and cranky last night) so I would appreicate any ideas as to where to go from here. Whatever we do must be in Safe mode!
Thanks!

#38 User is offline   librarylady1 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 46
  • Joined: 01-December 11

Posted 23 January 2012 - 11:01 PM

I downloaded Service Pack 3 on my flash drive and then installed it on the computer. I was forced to install in Safe Mode as the computer goes into a reboot loop when I try to boot in normal mode (after I uninstalled SP3). Service Pack 3 installed but now the problems are more complicated. Upon reboot, the machine still goes into the reboot loop when trying to reboot into normal mode and I am forced to go into Safe Mode and now I have lost all Internet connectivity--I no longer have a green light on the port and my modem light goes out when I plug into the computer.

I am determined to get this thing going (I was tired and cranky last night) so I would appreicate any ideas as to where to go from here. Whatever we do must be in Safe mode!
Thanks!

#39 User is offline   CatByte 

  • Bleepin' curls!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 7,857
  • Joined: 09-November 08
  • Gender:Not Telling
  • Location:Canada

Posted 24 January 2012 - 06:52 PM

This article may be related to what you are experiencing

http://h10025.www1.hp.com/ewfrf/wc/document?lc=en&dlc=en&cc=us&docname=c01457284

If the solution there does not resolve the issue, then there may be too much corruption on your machine and a repair install may be in order, failing that, you may have to reformat.

All your files were failing signature check so your cryptographic service wasn't running or your catroot was busted, either that, or some dependent services were not started, which could be more driver corruption.

Let me know if you have any luck with the first solution

here's some info on a repair install and reformatting:

http://www.michaelstevenstech.com/XPrepairinstall.htm
http://www.ehow.com/how_6026_format-hard-drive.html
http://support.microsoft.com/kb/313348
The help you receive here is free. If you wish to show your appreciation, then you may Posted Image
Microsoft MVP - 2010, 2011

#40 User is offline   librarylady1 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 46
  • Joined: 01-December 11

Posted 24 January 2012 - 07:48 PM

Didn't proceed with first option as I have an Intel and it states not to use that unless you are using an AMD processor--so I guess I aj out of luck there--couldn't find option with Intel processor--do you know if there is one? It sounds like what I am experiencing, but I don't get an error message just a reboot loop. I backed up all my photos and documents on a flash drive so I am ready to work on it. As a result, I guess I will have to try a repair install?? If so, I will wait until I have a full day to work on it and not start tonight.

Going backwards won't help me will it? Going back to uninstall sp3 again and trying to locate the i386 file and work foward again? OR would a system restore point get me back before the SP3 deletion?

#41 User is offline   CatByte 

  • Bleepin' curls!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 7,857
  • Joined: 09-November 08
  • Gender:Not Telling
  • Location:Canada

Posted 24 January 2012 - 07:54 PM

you can try a system restore point, or uninstall SP3 and download it again and try reinstalling it again, but from the symptoms you have described I think a repair install would be more successful, and if that fails, then you really would be better off wiping the hard drive and reinstalling, then at least you know you would have a clean machine that you can trust and all the connection issues should be resolved with a fresh install,

If it were my machine, I would be reformatting, as much as it is time consuming, once you get going with it, it really doesn't take that long, it's just all the updating that needs doing, but it sounds as though you have all your important documents and pictures saved, so it might be time to buckle down and do it, it can be done in a day and here we've been trying to resolve the issues for a week or more now. I'm afraid the infection you had has just corrupted so many of your system files that some programs may not perform properly and you won't find that out till you go to use a certain function of a program only to find it wont work.
The help you receive here is free. If you wish to show your appreciation, then you may Posted Image
Microsoft MVP - 2010, 2011

#42 User is offline   CatByte 

  • Bleepin' curls!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 7,857
  • Joined: 09-November 08
  • Gender:Not Telling
  • Location:Canada

Posted 04 February 2012 - 07:36 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
The help you receive here is free. If you wish to show your appreciation, then you may Posted Image
Microsoft MVP - 2010, 2011

Share this topic:


  • 3 Pages +
  • 1
  • 2
  • 3
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users