Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue Screen of Death Before Printing


  • Please log in to reply
16 replies to this topic

#1 Tritzim

Tritzim

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:10:46 PM

Posted 20 June 2012 - 11:55 AM

Hello,

I have a computer that was mismanaged for quite a while. I was trying to clean to from viruses, install windows updates, update other programs, clean temp files, clean the registry, etc.
My computer start working better/faster, but at some point I start getting these blue screen error messages (I'm not sure if this is the BSOD or something similar).
some other symptoms that might be associated is;
  • The CD/DVD drive is missing from the device manager so i cant read CD.
  • The computer is very slow at some points.
  • Now my speakers are not giving any sound.

I'm using windows XP SP3.

Thanks for helping me!
Tritzim.

Edited by Budapest, 20 June 2012 - 04:19 PM.
Moved from Virus, Trojan, Spyware, and Malware Removal Logs ~Budapest


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:46 AM

Posted 23 June 2012 - 01:30 PM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

Step 1

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Check the boxes next to Verify file digital signatures and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Step 2

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 3

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Step 4

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 Tritzim

Tritzim
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:10:46 PM

Posted 26 June 2012 - 11:40 AM

Thank you dev00790 for your help.
so far my computer didn't crash since i ask you for help. (maybe asking bleeping for help does alot...)
but still it could happen again, every time i press print i'm worried that i'll see the blue screen.

here are the 4 logs;

TDSSKiller.2.7.42.0_26.06.2012_12.17.33_log.txt


12:17:33.0968 3268 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
12:17:34.0203 3268 ============================================================
12:17:34.0203 3268 Current date / time: 2012/06/26 12:17:34.0203
12:17:34.0203 3268 SystemInfo:
12:17:34.0203 3268
12:17:34.0203 3268 OS Version: 5.1.2600 ServicePack: 3.0
12:17:34.0203 3268 Product type: Workstation
12:17:34.0203 3268 ComputerName: GELB
12:17:34.0203 3268 UserName: Smartek
12:17:34.0203 3268 Windows directory: C:\WINDOWS
12:17:34.0203 3268 System windows directory: C:\WINDOWS
12:17:34.0203 3268 Processor architecture: Intel x86
12:17:34.0203 3268 Number of processors: 2
12:17:34.0203 3268 Page size: 0x1000
12:17:34.0203 3268 Boot type: Normal boot
12:17:34.0203 3268 ============================================================
12:17:37.0453 3268 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:17:41.0484 3268 Drive \Device\Harddisk1\DR3 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:17:41.0500 3268 ============================================================
12:17:41.0500 3268 \Device\Harddisk0\DR0:
12:17:41.0531 3268 MBR partitions:
12:17:41.0531 3268 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x94E7137
12:17:41.0531 3268 \Device\Harddisk1\DR3:
12:17:41.0531 3268 MBR partitions:
12:17:41.0531 3268 \Device\Harddisk1\DR3\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x2542D682
12:17:41.0531 3268 ============================================================
12:17:41.0718 3268 C: <-> \Device\Harddisk0\DR0\Partition0
12:17:41.0718 3268 D: <-> \Device\Harddisk1\DR3\Partition0
12:17:41.0718 3268 ============================================================
12:17:41.0718 3268 Initialize success
12:17:41.0718 3268 ============================================================
12:20:35.0468 4120 ============================================================
12:20:35.0468 4120 Scan started
12:20:35.0468 4120 Mode: Manual; SigCheck; TDLFS;
12:20:35.0468 4120 ============================================================
12:20:36.0343 4120 Abiosdsk - ok
12:20:36.0390 4120 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:20:37.0437 4120 abp480n5 - ok
12:20:37.0484 4120 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:20:37.0671 4120 ACPI - ok
12:20:37.0718 4120 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:20:37.0875 4120 ACPIEC - ok
12:20:37.0984 4120 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:20:38.0125 4120 AdobeFlashPlayerUpdateSvc - ok
12:20:38.0156 4120 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:20:38.0312 4120 adpu160m - ok
12:20:38.0359 4120 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:20:38.0812 4120 aec - ok
12:20:38.0906 4120 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:20:39.0140 4120 AFD - ok
12:20:39.0203 4120 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
12:20:39.0390 4120 agp440 - ok
12:20:39.0406 4120 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:20:39.0546 4120 agpCPQ - ok
12:20:39.0578 4120 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:20:39.0640 4120 Aha154x - ok
12:20:39.0640 4120 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:20:39.0796 4120 aic78u2 - ok
12:20:39.0828 4120 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:20:39.0968 4120 aic78xx - ok
12:20:40.0109 4120 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
12:20:40.0296 4120 Alerter - ok
12:20:40.0343 4120 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
12:20:40.0453 4120 ALG - ok
12:20:40.0515 4120 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
12:20:40.0718 4120 AliIde - ok
12:20:40.0750 4120 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:20:40.0890 4120 alim1541 - ok
12:20:40.0906 4120 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:20:41.0046 4120 amdagp - ok
12:20:41.0078 4120 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
12:20:41.0140 4120 amsint - ok
12:20:41.0156 4120 AppMgmt - ok
12:20:41.0187 4120 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
12:20:41.0328 4120 asc - ok
12:20:41.0359 4120 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:20:41.0421 4120 asc3350p - ok
12:20:41.0437 4120 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:20:41.0578 4120 asc3550 - ok
12:20:41.0734 4120 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:20:41.0781 4120 aspnet_state - ok
12:20:41.0812 4120 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:20:41.0953 4120 AsyncMac - ok
12:20:41.0984 4120 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:20:42.0109 4120 atapi - ok
12:20:42.0109 4120 Atdisk - ok
12:20:42.0140 4120 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:20:42.0343 4120 Atmarpc - ok
12:20:42.0390 4120 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
12:20:42.0531 4120 AudioSrv - ok
12:20:42.0578 4120 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:20:42.0718 4120 audstub - ok
12:20:42.0781 4120 bckd (5e27b4d15c7df6365c696dc9010187a4) C:\WINDOWS\system32\drivers\bckd.sys
12:20:42.0921 4120 bckd - ok
12:20:43.0031 4120 bckwfs (2a113172238eb26d09a91578a9443846) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
12:20:43.0218 4120 bckwfs - ok
12:20:43.0390 4120 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:20:43.0562 4120 Beep - ok
12:20:43.0609 4120 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
12:20:43.0796 4120 BITS - ok
12:20:43.0843 4120 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
12:20:44.0000 4120 Browser - ok
12:20:44.0046 4120 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
12:20:44.0171 4120 BrScnUsb - ok
12:20:44.0187 4120 BrSerIf (c121e10c64318182a6478acae1855ee0) C:\WINDOWS\system32\Drivers\BrSerIf.sys
12:20:44.0250 4120 BrSerIf - ok
12:20:44.0250 4120 BrUsbSer (7ac85cdc03befd78908b3b6a73d201d0) C:\WINDOWS\system32\Drivers\BrUsbSer.sys
12:20:44.0265 4120 BrUsbSer - ok
12:20:44.0562 4120 catchme - ok
12:20:44.0687 4120 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:20:44.0859 4120 cbidf - ok
12:20:44.0859 4120 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:20:45.0531 4120 cbidf2k - ok
12:20:45.0546 4120 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:20:45.0640 4120 cd20xrnt - ok
12:20:45.0656 4120 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:20:45.0828 4120 Cdaudio - ok
12:20:45.0843 4120 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:20:46.0062 4120 Cdfs - ok
12:20:46.0093 4120 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:20:46.0250 4120 Cdrom - ok
12:20:46.0250 4120 Changer - ok
12:20:46.0281 4120 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
12:20:46.0421 4120 CiSvc - ok
12:20:46.0453 4120 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
12:20:46.0578 4120 ClipSrv - ok
12:20:46.0734 4120 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:20:46.0828 4120 clr_optimization_v2.0.50727_32 - ok
12:20:46.0875 4120 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:20:46.0968 4120 clr_optimization_v4.0.30319_32 - ok
12:20:46.0984 4120 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:20:47.0125 4120 CmdIde - ok
12:20:47.0140 4120 COMSysApp - ok
12:20:47.0171 4120 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:20:47.0328 4120 Cpqarray - ok
12:20:47.0375 4120 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
12:20:47.0515 4120 CryptSvc - ok
12:20:47.0546 4120 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:20:47.0734 4120 dac2w2k - ok
12:20:47.0828 4120 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:20:48.0031 4120 dac960nt - ok
12:20:48.0187 4120 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
12:20:48.0359 4120 DcomLaunch - ok
12:20:48.0593 4120 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
12:20:48.0734 4120 Dhcp - ok
12:20:48.0781 4120 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:20:48.0937 4120 Disk - ok
12:20:48.0937 4120 dmadmin - ok
12:20:49.0015 4120 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:20:49.0171 4120 dmboot - ok
12:20:49.0203 4120 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:20:49.0359 4120 dmio - ok
12:20:49.0375 4120 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:20:49.0515 4120 dmload - ok
12:20:49.0562 4120 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
12:20:49.0703 4120 dmserver - ok
12:20:49.0734 4120 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:20:49.0890 4120 DMusic - ok
12:20:49.0937 4120 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
12:20:50.0078 4120 Dnscache - ok
12:20:50.0140 4120 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
12:20:50.0281 4120 Dot3svc - ok
12:20:50.0312 4120 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:20:50.0468 4120 dpti2o - ok
12:20:50.0484 4120 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:20:50.0640 4120 drmkaud - ok
12:20:50.0656 4120 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
12:20:50.0781 4120 E100B - ok
12:20:50.0828 4120 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
12:20:50.0890 4120 e1express - ok
12:20:50.0921 4120 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
12:20:51.0078 4120 EapHost - ok
12:20:51.0125 4120 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
12:20:51.0250 4120 ERSvc - ok
12:20:51.0312 4120 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:20:51.0359 4120 Eventlog - ok
12:20:51.0406 4120 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
12:20:51.0578 4120 EventSystem - ok
12:20:51.0609 4120 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:20:51.0734 4120 Fastfat - ok
12:20:51.0906 4120 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:20:52.0062 4120 FastUserSwitchingCompatibility - ok
12:20:52.0187 4120 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
12:20:52.0375 4120 Fax - ok
12:20:52.0406 4120 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:20:52.0546 4120 Fdc - ok
12:20:52.0593 4120 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:20:53.0062 4120 Fips - ok
12:20:53.0109 4120 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:20:53.0328 4120 Flpydisk - ok
12:20:53.0390 4120 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:20:53.0515 4120 FltMgr - ok
12:20:53.0750 4120 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:20:53.0765 4120 FontCache3.0.0.0 - ok
12:20:53.0812 4120 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:20:53.0953 4120 Fs_Rec - ok
12:20:54.0000 4120 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:20:54.0140 4120 Ftdisk - ok
12:20:54.0187 4120 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:20:54.0343 4120 Gpc - ok
12:20:54.0500 4120 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
12:20:54.0515 4120 gupdate - ok
12:20:54.0515 4120 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
12:20:54.0531 4120 gupdatem - ok
12:20:54.0578 4120 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:20:54.0625 4120 gusvc - ok
12:20:54.0671 4120 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:20:54.0781 4120 HDAudBus - ok
12:20:54.0828 4120 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:20:54.0953 4120 helpsvc - ok
12:20:54.0968 4120 HidServ - ok
12:20:54.0968 4120 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:20:55.0109 4120 HidUsb - ok
12:20:55.0171 4120 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
12:20:55.0296 4120 hkmsvc - ok
12:20:55.0343 4120 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
12:20:55.0468 4120 hpn - ok
12:20:55.0515 4120 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:20:55.0578 4120 HTTP - ok
12:20:55.0625 4120 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
12:20:55.0765 4120 HTTPFilter - ok
12:20:55.0796 4120 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
12:20:55.0921 4120 i2omgmt - ok
12:20:55.0953 4120 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:20:56.0109 4120 i2omp - ok
12:20:56.0109 4120 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:20:56.0250 4120 i8042prt - ok
12:20:56.0531 4120 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
12:20:57.0015 4120 ialm - ok
12:20:57.0250 4120 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\drivers\iaStor.sys
12:20:57.0312 4120 iaStor - ok
12:20:57.0468 4120 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:20:57.0500 4120 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:20:57.0500 4120 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:20:57.0671 4120 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:20:57.0750 4120 idsvc - ok
12:20:57.0859 4120 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:20:58.0031 4120 Imapi - ok
12:20:58.0062 4120 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
12:20:58.0234 4120 ImapiService - ok
12:20:58.0375 4120 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:20:58.0562 4120 ini910u - ok
12:20:58.0843 4120 IntcAzAudAddService (17bbbabb21f86b650b2626045a9d016c) C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:20:59.0171 4120 IntcAzAudAddService - ok
12:20:59.0359 4120 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
12:20:59.0531 4120 IntelIde - ok
12:20:59.0578 4120 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:20:59.0703 4120 intelppm - ok
12:20:59.0734 4120 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:20:59.0875 4120 Ip6Fw - ok
12:20:59.0906 4120 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:21:00.0031 4120 IpFilterDriver - ok
12:21:00.0046 4120 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:21:00.0156 4120 IpInIp - ok
12:21:00.0187 4120 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:21:00.0328 4120 IpNat - ok
12:21:00.0359 4120 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:21:00.0531 4120 IPSec - ok
12:21:00.0546 4120 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:21:00.0609 4120 IRENUM - ok
12:21:00.0640 4120 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:21:00.0796 4120 isapnp - ok
12:21:01.0000 4120 JavaQuickStarterService (de5d05fd449798ef88cc34ad4b1e7f85) C:\Program Files\Java\jre6\bin\jqs.exe
12:21:01.0031 4120 JavaQuickStarterService - ok
12:21:01.0031 4120 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:21:01.0171 4120 Kbdclass - ok
12:21:01.0187 4120 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:21:01.0312 4120 kbdhid - ok
12:21:01.0359 4120 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:21:01.0546 4120 kmixer - ok
12:21:01.0578 4120 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:21:01.0703 4120 KSecDD - ok
12:21:01.0765 4120 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
12:21:01.0843 4120 lanmanserver - ok
12:21:01.0906 4120 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
12:21:01.0968 4120 lanmanworkstation - ok
12:21:01.0968 4120 lbrtfdc - ok
12:21:02.0000 4120 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
12:21:02.0156 4120 LmHosts - ok
12:21:02.0171 4120 lmimirr - ok
12:21:02.0281 4120 McAfee SiteAdvisor Service (6c3d154fff0a97a6c3d9f78d60c41655) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
12:21:02.0296 4120 McAfee SiteAdvisor Service - ok
12:21:02.0421 4120 McComponentHostService (22a7776c5d8eb5930edf9c8dd0884259) C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
12:21:02.0484 4120 McComponentHostService - ok
12:21:02.0593 4120 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
12:21:02.0656 4120 MDM - ok
12:21:02.0687 4120 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
12:21:02.0843 4120 Messenger - ok
12:21:02.0968 4120 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
12:21:02.0984 4120 Microsoft Office Groove Audit Service - ok
12:21:03.0046 4120 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:21:03.0156 4120 mnmdd - ok
12:21:03.0203 4120 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
12:21:03.0328 4120 mnmsrvc - ok
12:21:03.0390 4120 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:21:03.0546 4120 Modem - ok
12:21:03.0578 4120 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:21:03.0718 4120 Mouclass - ok
12:21:03.0765 4120 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:21:03.0906 4120 mouhid - ok
12:21:03.0937 4120 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:21:04.0078 4120 MountMgr - ok
12:21:04.0125 4120 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:21:04.0171 4120 MozillaMaintenance - ok
12:21:04.0218 4120 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
12:21:04.0250 4120 MpFilter - ok
12:21:04.0468 4120 MpKslf564e6e9 (a69630d039c38018689190234f866d77) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CF76B9BE-A615-4B83-8BC4-784A8E0A2285}\MpKslf564e6e9.sys
12:21:04.0484 4120 MpKslf564e6e9 - ok
12:21:04.0500 4120 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:21:04.0640 4120 mraid35x - ok
12:21:04.0687 4120 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:21:04.0812 4120 MRxDAV - ok
12:21:04.0859 4120 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:21:04.0984 4120 MRxSmb - ok
12:21:05.0031 4120 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:21:05.0156 4120 Msfs - ok
12:21:05.0171 4120 MSIServer - ok
12:21:05.0203 4120 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:21:05.0343 4120 MSKSSRV - ok
12:21:05.0484 4120 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:21:05.0500 4120 MsMpSvc - ok
12:21:05.0531 4120 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:21:05.0671 4120 MSPCLOCK - ok
12:21:05.0687 4120 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:21:05.0828 4120 MSPQM - ok
12:21:05.0890 4120 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:21:06.0015 4120 mssmbios - ok
12:21:06.0140 4120 MSSQL$ACT7 - ok
12:21:06.0156 4120 MSSQL$UPSBAT - ok
12:21:06.0187 4120 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
12:21:06.0203 4120 MSSQLServerADHelper - ok
12:21:06.0218 4120 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:21:06.0281 4120 Mup - ok
12:21:06.0328 4120 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
12:21:06.0515 4120 napagent - ok
12:21:06.0562 4120 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:21:06.0703 4120 NDIS - ok
12:21:06.0765 4120 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:21:06.0828 4120 NdisTapi - ok
12:21:06.0859 4120 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:21:07.0015 4120 Ndisuio - ok
12:21:07.0031 4120 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:21:07.0156 4120 NdisWan - ok
12:21:07.0203 4120 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:21:07.0312 4120 NDProxy - ok
12:21:07.0343 4120 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:21:07.0500 4120 NetBIOS - ok
12:21:07.0515 4120 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:21:07.0625 4120 NetBT - ok
12:21:07.0671 4120 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:21:07.0859 4120 NetDDE - ok
12:21:07.0859 4120 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:21:07.0968 4120 NetDDEdsdm - ok
12:21:08.0015 4120 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:21:08.0156 4120 Netlogon - ok
12:21:08.0203 4120 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
12:21:08.0343 4120 Netman - ok
12:21:08.0468 4120 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:21:08.0484 4120 NetTcpPortSharing - ok
12:21:08.0656 4120 NitroReaderDriverReadSpool2 (437c106207e0bc176504516c600a5302) C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
12:21:08.0671 4120 NitroReaderDriverReadSpool2 - ok
12:21:08.0734 4120 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
12:21:08.0812 4120 Nla - ok
12:21:08.0812 4120 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:21:08.0937 4120 Npfs - ok
12:21:09.0000 4120 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:21:09.0187 4120 Ntfs - ok
12:21:09.0187 4120 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:21:09.0312 4120 NtLmSsp - ok
12:21:09.0343 4120 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
12:21:09.0500 4120 NtmsSvc - ok
12:21:09.0546 4120 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:21:09.0687 4120 Null - ok
12:21:09.0796 4120 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:21:10.0000 4120 nv - ok
12:21:10.0171 4120 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:21:10.0312 4120 NwlnkFlt - ok
12:21:10.0312 4120 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:21:10.0484 4120 NwlnkFwd - ok
12:21:10.0640 4120 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:21:10.0671 4120 odserv - ok
12:21:10.0781 4120 OPHE DCS Loader (0bd1bea5f2a2d6696ba44d4f25b24a93) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHELDCS.EXE
12:21:10.0843 4120 OPHE DCS Loader - ok
12:21:10.0875 4120 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:21:10.0890 4120 ose - ok
12:21:10.0968 4120 PalmUSBD (240c0d4049a833b16b63b636acf01672) C:\WINDOWS\system32\drivers\PalmUSBD.sys
12:21:11.0109 4120 PalmUSBD ( UnsignedFile.Multi.Generic ) - warning
12:21:11.0109 4120 PalmUSBD - detected UnsignedFile.Multi.Generic (1)
12:21:11.0390 4120 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
12:21:11.0531 4120 Parport - ok
12:21:11.0546 4120 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:21:11.0687 4120 PartMgr - ok
12:21:11.0718 4120 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:21:11.0843 4120 ParVdm - ok
12:21:11.0875 4120 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:21:12.0031 4120 PCI - ok
12:21:12.0031 4120 PCIDump - ok
12:21:12.0031 4120 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:21:12.0156 4120 PCIIde - ok
12:21:12.0171 4120 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:21:12.0296 4120 Pcmcia - ok
12:21:12.0296 4120 PDCOMP - ok
12:21:12.0296 4120 PDFRAME - ok
12:21:12.0312 4120 PDRELI - ok
12:21:12.0312 4120 PDRFRAME - ok
12:21:12.0343 4120 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
12:21:12.0468 4120 perc2 - ok
12:21:12.0484 4120 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:21:12.0625 4120 perc2hib - ok
12:21:12.0687 4120 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:21:12.0703 4120 PlugPlay - ok
12:21:12.0734 4120 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:21:12.0843 4120 PolicyAgent - ok
12:21:12.0875 4120 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:21:13.0015 4120 PptpMiniport - ok
12:21:13.0031 4120 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:21:13.0140 4120 ProtectedStorage - ok
12:21:13.0156 4120 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:21:13.0265 4120 PSched - ok
12:21:13.0281 4120 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:21:13.0421 4120 Ptilink - ok
12:21:13.0484 4120 QBCFMonitorService (933d92f0bd1d7a9835cd8a8b1235a11e) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
12:21:13.0500 4120 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning
12:21:13.0500 4120 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1)
12:21:13.0578 4120 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
12:21:13.0578 4120 QBFCService ( UnsignedFile.Multi.Generic ) - warning
12:21:13.0578 4120 QBFCService - detected UnsignedFile.Multi.Generic (1)
12:21:13.0734 4120 QBVSS (0c7b65c8743442a37152fcfac5f7d16a) C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
12:21:13.0828 4120 QBVSS ( UnsignedFile.Multi.Generic ) - warning
12:21:13.0828 4120 QBVSS - detected UnsignedFile.Multi.Generic (1)
12:21:14.0000 4120 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:21:14.0140 4120 ql1080 - ok
12:21:14.0187 4120 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:21:14.0328 4120 Ql10wnt - ok
12:21:14.0343 4120 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:21:14.0453 4120 ql12160 - ok
12:21:14.0468 4120 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:21:14.0578 4120 ql1240 - ok
12:21:14.0593 4120 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:21:14.0703 4120 ql1280 - ok
12:21:14.0703 4120 Suspicious service (NoAccess): RapportCerberus_29574
12:21:14.0718 4120 Suspicious service (NoAccess): RapportEI
12:21:14.0718 4120 Suspicious service (NoAccess): RapportKELL
12:21:14.0718 4120 Suspicious service (NoAccess): RapportMgmtService
12:21:14.0718 4120 Suspicious service (NoAccess): RapportPG
12:21:14.0750 4120 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:21:14.0875 4120 RasAcd - ok
12:21:14.0921 4120 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
12:21:15.0046 4120 RasAuto - ok
12:21:15.0093 4120 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:21:15.0203 4120 Rasl2tp - ok
12:21:15.0265 4120 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
12:21:15.0406 4120 RasMan - ok
12:21:15.0406 4120 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:21:15.0531 4120 RasPppoe - ok
12:21:15.0546 4120 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:21:15.0656 4120 Raspti - ok
12:21:15.0718 4120 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:21:15.0843 4120 Rdbss - ok
12:21:15.0875 4120 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:21:15.0984 4120 RDPCDD - ok
12:21:16.0015 4120 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:21:16.0187 4120 rdpdr - ok
12:21:16.0218 4120 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
12:21:16.0343 4120 RDPWD - ok
12:21:16.0390 4120 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
12:21:16.0515 4120 RDSessMgr - ok
12:21:16.0562 4120 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:21:16.0703 4120 redbook - ok
12:21:16.0734 4120 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
12:21:16.0890 4120 RemoteAccess - ok
12:21:16.0921 4120 RimUsb - ok
12:21:16.0968 4120 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
12:21:17.0015 4120 RimVSerPort - ok
12:21:17.0046 4120 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
12:21:17.0203 4120 ROOTMODEM - ok
12:21:17.0343 4120 RoxLiveShare9 - ok
12:21:17.0375 4120 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
12:21:17.0500 4120 RpcLocator - ok
12:21:17.0562 4120 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
12:21:17.0578 4120 RpcSs - ok
12:21:17.0625 4120 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
12:21:17.0750 4120 RSVP - ok
12:21:17.0796 4120 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:21:17.0906 4120 SamSs - ok
12:21:17.0953 4120 SbieDrv (408d5defd7d919c03f9f47386c830fe5) C:\Program Files\Sandboxie\SbieDrv.sys
12:21:17.0984 4120 SbieDrv - ok
12:21:18.0000 4120 SbieSvc (64911f6ed2e3edde7aff9be754e8d0de) C:\Program Files\Sandboxie\SbieSvc.exe
12:21:18.0015 4120 SbieSvc - ok
12:21:18.0046 4120 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
12:21:18.0171 4120 SCardSvr - ok
12:21:18.0234 4120 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
12:21:18.0390 4120 Schedule - ok
12:21:18.0406 4120 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:21:18.0484 4120 Secdrv - ok
12:21:18.0531 4120 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
12:21:18.0656 4120 seclogon - ok
12:21:18.0687 4120 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
12:21:18.0812 4120 SENS - ok
12:21:18.0859 4120 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:21:18.0984 4120 serenum - ok
12:21:19.0015 4120 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
12:21:19.0140 4120 Serial - ok
12:21:19.0218 4120 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:21:19.0343 4120 Sfloppy - ok
12:21:19.0390 4120 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
12:21:19.0578 4120 SharedAccess - ok
12:21:19.0625 4120 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:21:19.0640 4120 ShellHWDetection - ok
12:21:19.0640 4120 Simbad - ok
12:21:19.0687 4120 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:21:19.0796 4120 sisagp - ok
12:21:19.0843 4120 SmartSource (9a9c6b1963ef1827322c572fd859f908) C:\WINDOWS\system32\drivers\SmartSource.sys
12:21:20.0000 4120 SmartSource ( UnsignedFile.Multi.Generic ) - warning
12:21:20.0000 4120 SmartSource - detected UnsignedFile.Multi.Generic (1)
12:21:20.0046 4120 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:21:20.0125 4120 Sparrow - ok
12:21:20.0140 4120 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:21:20.0281 4120 splitter - ok
12:21:20.0296 4120 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
12:21:20.0343 4120 Spooler - ok
12:21:20.0562 4120 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
12:21:20.0609 4120 SQLBrowser - ok
12:21:20.0640 4120 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:21:20.0656 4120 SQLWriter - ok
12:21:20.0687 4120 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:21:20.0765 4120 sr - ok
12:21:20.0812 4120 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
12:21:20.0875 4120 srservice - ok
12:21:20.0953 4120 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:21:21.0015 4120 Srv - ok
12:21:21.0046 4120 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
12:21:21.0125 4120 SSDPSRV - ok
12:21:21.0187 4120 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
12:21:21.0312 4120 StillCam - ok
12:21:21.0375 4120 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
12:21:21.0531 4120 stisvc - ok
12:21:21.0578 4120 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:21:21.0718 4120 swenum - ok
12:21:21.0765 4120 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:21:21.0906 4120 swmidi - ok
12:21:21.0906 4120 SwPrv - ok
12:21:21.0937 4120 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
12:21:22.0046 4120 symc810 - ok
12:21:22.0062 4120 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:21:22.0218 4120 symc8xx - ok
12:21:22.0234 4120 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:21:22.0359 4120 sym_hi - ok
12:21:22.0375 4120 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:21:22.0500 4120 sym_u3 - ok
12:21:22.0515 4120 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:21:22.0640 4120 sysaudio - ok
12:21:22.0671 4120 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
12:21:22.0781 4120 SysmonLog - ok
12:21:22.0796 4120 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
12:21:22.0906 4120 TapiSrv - ok
12:21:22.0953 4120 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:21:23.0031 4120 Tcpip - ok
12:21:23.0062 4120 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:21:23.0187 4120 TDPIPE - ok
12:21:23.0218 4120 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:21:23.0328 4120 TDTCP - ok
12:21:23.0359 4120 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:21:23.0500 4120 TermDD - ok
12:21:23.0531 4120 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
12:21:23.0734 4120 TermService - ok
12:21:23.0781 4120 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:21:23.0796 4120 Themes - ok
12:21:23.0859 4120 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
12:21:23.0984 4120 TosIde - ok
12:21:24.0046 4120 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
12:21:24.0171 4120 TrkWks - ok
12:21:24.0203 4120 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:21:24.0312 4120 Udfs - ok
12:21:24.0359 4120 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
12:21:24.0406 4120 ultra - ok
12:21:24.0500 4120 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:21:24.0656 4120 Update - ok
12:21:24.0687 4120 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
12:21:24.0765 4120 upnphost - ok
12:21:24.0812 4120 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
12:21:24.0937 4120 UPS - ok
12:21:24.0984 4120 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:21:25.0093 4120 usbccgp - ok
12:21:25.0109 4120 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:21:25.0218 4120 usbehci - ok
12:21:25.0218 4120 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:21:25.0359 4120 usbhub - ok
12:21:25.0406 4120 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:21:25.0531 4120 usbprint - ok
12:21:25.0562 4120 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:21:25.0671 4120 usbscan - ok
12:21:25.0703 4120 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:21:25.0843 4120 USBSTOR - ok
12:21:25.0890 4120 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:21:26.0015 4120 usbuhci - ok
12:21:26.0046 4120 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:21:26.0171 4120 VgaSave - ok
12:21:26.0203 4120 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:21:26.0328 4120 viaagp - ok
12:21:26.0343 4120 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
12:21:26.0468 4120 ViaIde - ok
12:21:26.0515 4120 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:21:26.0656 4120 VolSnap - ok
12:21:26.0703 4120 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
12:21:26.0765 4120 VSS - ok
12:21:26.0812 4120 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
12:21:26.0953 4120 w32time - ok
12:21:26.0984 4120 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:21:27.0109 4120 Wanarp - ok
12:21:27.0125 4120 WDICA - ok
12:21:27.0156 4120 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:21:27.0265 4120 wdmaud - ok
12:21:27.0296 4120 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
12:21:27.0421 4120 WebClient - ok
12:21:27.0500 4120 WinDriver6 (64b40219c99e2a2f1590516287bee5ca) C:\WINDOWS\system32\drivers\windrvr6.sys
12:21:27.0578 4120 WinDriver6 - ok
12:21:27.0687 4120 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:21:27.0796 4120 winmgmt - ok
12:21:27.0875 4120 WinRM (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll
12:21:27.0984 4120 WinRM - ok
12:21:28.0046 4120 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
12:21:28.0109 4120 WmdmPmSN - ok
12:21:28.0140 4120 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:21:28.0265 4120 WmiApSrv - ok
12:21:28.0421 4120 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
12:21:28.0515 4120 WMPNetworkSvc - ok
12:21:28.0609 4120 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
12:21:28.0640 4120 WpdUsb - ok
12:21:28.0921 4120 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:21:29.0000 4120 WPFFontCache_v0400 - ok
12:21:29.0031 4120 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:21:29.0140 4120 WS2IFSL - ok
12:21:29.0187 4120 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
12:21:29.0328 4120 wscsvc - ok
12:21:29.0328 4120 WSearch - ok
12:21:29.0390 4120 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
12:21:29.0500 4120 wuauserv - ok
12:21:29.0531 4120 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:21:29.0578 4120 WudfPf - ok
12:21:29.0609 4120 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:21:29.0640 4120 WudfRd - ok
12:21:29.0656 4120 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
12:21:29.0703 4120 WudfSvc - ok
12:21:29.0765 4120 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
12:21:29.0906 4120 WZCSVC - ok
12:21:29.0937 4120 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
12:21:30.0046 4120 xmlprov - ok
12:21:30.0171 4120 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:21:30.0203 4120 YahooAUService - ok
12:21:30.0265 4120 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:21:30.0765 4120 \Device\Harddisk0\DR0 - ok
12:21:30.0765 4120 MBR (0x1B8) (8464d19686910a2e5d0e5c28c70a95ab) \Device\Harddisk1\DR3
12:21:31.0281 4120 \Device\Harddisk1\DR3 - ok
12:21:31.0281 4120 Boot (0x1200) (07fbdc2fb1bb652de8e792431d46e6f3) \Device\Harddisk0\DR0\Partition0
12:21:31.0296 4120 \Device\Harddisk0\DR0\Partition0 - ok
12:21:31.0296 4120 Boot (0x1200) (c8609cb3736bfce074fcb6d5715f5489) \Device\Harddisk1\DR3\Partition0
12:21:31.0296 4120 \Device\Harddisk1\DR3\Partition0 - ok
12:21:31.0296 4120 ============================================================
12:21:31.0296 4120 Scan finished
12:21:31.0296 4120 ============================================================
12:21:31.0406 5196 Detected object count: 6
12:21:31.0421 5196 Actual detected object count: 6
12:22:25.0140 5196 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:22:25.0140 5196 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:22:25.0140 5196 PalmUSBD ( UnsignedFile.Multi.Generic ) - skipped by user
12:22:25.0140 5196 PalmUSBD ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:22:25.0140 5196 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user
12:22:25.0140 5196 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:22:25.0140 5196 QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user
12:22:25.0140 5196 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:22:25.0140 5196 QBVSS ( UnsignedFile.Multi.Generic ) - skipped by user
12:22:25.0140 5196 QBVSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:22:25.0140 5196 SmartSource ( UnsignedFile.Multi.Generic ) - skipped by user
12:22:25.0140 5196 SmartSource ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:22:46.0000 2532 Deinitialize success


checkup.txt


Results of screen317's Security Check version 0.99.42
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
McAfee Security Scan Plus
Microsoft Security Essentials
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
McAfee SiteAdvisor
Malwarebytes Anti-Malware version 1.61.0.1400
CCleaner
Java™ 6 Update 33
Java version out of Date!
Adobe Flash Player 11.3.300.262
Mozilla Firefox (for.)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 9%
````````````````````End of Log``````````````````````


FSS.txt

Farbar Service Scanner Version: 25-06-2012 01
Ran by Smartek (administrator) on 26-06-2012 at 12:28:35
Running from "C:\Documents and Settings\Smartek\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit


**** End of log ****


Result.txt


MiniToolBox by Farbar Version: 25-06-2012
Ran by Smartek (administrator) on 26-06-2012 at 12:30:31
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15212 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : Gelb

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection

Physical Address. . . . . . . . . : 00-1A-A0-90-09-3C

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.19

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 209.18.47.61

209.18.47.62

Lease Obtained. . . . . . . . . . : Tuesday, June 26, 2012 12:10:24 PM

Lease Expires . . . . . . . . . . : Tuesday, June 26, 2012 1:10:24 PM

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 74.125.228.69, 74.125.228.70, 74.125.228.71, 74.125.228.72
74.125.228.73, 74.125.228.78, 74.125.228.64, 74.125.228.65, 74.125.228.66
74.125.228.67, 74.125.228.68



Pinging google.com [74.125.228.6] with 32 bytes of data:



Reply from 74.125.228.6: bytes=32 time=15ms TTL=54

Reply from 74.125.228.6: bytes=32 time=14ms TTL=54



Ping statistics for 74.125.228.6:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 14ms, Maximum = 15ms, Average = 14ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=71ms TTL=49

Reply from 98.139.183.24: bytes=32 time=59ms TTL=50



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 59ms, Maximum = 71ms, Average = 65ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1a a0 90 09 3c ...... Intel® 82562V-2 10/100 Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.19 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.19 192.168.0.19 20
192.168.0.19 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.19 192.168.0.19 20
224.0.0.0 240.0.0.0 192.168.0.19 192.168.0.19 20
255.255.255.255 255.255.255.255 192.168.0.19 192.168.0.19 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/26/2012 11:35:26 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "Intuit QuickBooks Enterprise Solutions: Manufacturing and Wholesale 12.0":
ExcelHelper::SetCustomPropertyString - Cannot add variable to excel : QBENDDATE

Error: (06/26/2012 11:35:26 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "Intuit QuickBooks Enterprise Solutions: Manufacturing and Wholesale 12.0":
ExcelHelper::WriteExcelVariable Com Error#: 800a03ec

Error: (06/26/2012 11:35:26 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "Intuit QuickBooks Enterprise Solutions: Manufacturing and Wholesale 12.0":
ExcelHelper::SetCustomPropertyString - Cannot add variable to excel : QBSTARTDATE

Error: (06/26/2012 11:35:26 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "Intuit QuickBooks Enterprise Solutions: Manufacturing and Wholesale 12.0":
ExcelHelper::WriteExcelVariable Com Error#: 800a03ec

Error: (06/26/2012 11:35:26 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "Intuit QuickBooks Enterprise Solutions: Manufacturing and Wholesale 12.0":
ExcelHelper::SetCustomPropertyString - Cannot add variable to excel : QBSUBSTORAGE

Error: (06/26/2012 11:35:26 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "Intuit QuickBooks Enterprise Solutions: Manufacturing and Wholesale 12.0":
ExcelHelper::WriteExcelVariable Com Error#: 800a03ec

Error: (06/26/2012 11:35:00 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "Intuit QuickBooks Enterprise Solutions: Manufacturing and Wholesale 12.0":
ExcelHelper::SetCustomPropertyString - Cannot add variable to excel : QBENDDATE

Error: (06/26/2012 11:35:00 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "Intuit QuickBooks Enterprise Solutions: Manufacturing and Wholesale 12.0":
ExcelHelper::WriteExcelVariable Com Error#: 800a03ec

Error: (06/26/2012 11:35:00 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "Intuit QuickBooks Enterprise Solutions: Manufacturing and Wholesale 12.0":
ExcelHelper::SetCustomPropertyString - Cannot add variable to excel : QBSTARTDATE

Error: (06/26/2012 11:35:00 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "Intuit QuickBooks Enterprise Solutions: Manufacturing and Wholesale 12.0":
ExcelHelper::WriteExcelVariable Com Error#: 800a03ec


System errors:
=============
Error: (06/22/2012 09:38:40 AM) (Source: 0) (User: )
Description: \Device\LanmanServer

Error: (06/22/2012 09:38:40 AM) (Source: 0) (User: )
Description: \Device\LanmanServer

Error: (06/22/2012 09:38:40 AM) (Source: 0) (User: )
Description: \Device\LanmanServer

Error: (06/22/2012 09:38:40 AM) (Source: 0) (User: )
Description: \Device\LanmanServer

Error: (06/22/2012 09:38:40 AM) (Source: 0) (User: )
Description: \Device\LanmanServer

Error: (06/22/2012 09:38:39 AM) (Source: 0) (User: )
Description: \Device\LanmanServer

Error: (06/22/2012 09:38:39 AM) (Source: 0) (User: )
Description: \Device\LanmanServer

Error: (06/22/2012 09:38:39 AM) (Source: 0) (User: )
Description: \Device\LanmanServer

Error: (06/22/2012 09:38:39 AM) (Source: 0) (User: )
Description: \Device\LanmanServer

Error: (06/22/2012 09:38:39 AM) (Source: 0) (User: )
Description: \Device\LanmanServer


Microsoft Office Sessions:
=========================
Error: (06/13/2012 01:25:26 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7239 seconds with 720 seconds of active time. This session ended with a crash.

Error: (06/06/2012 04:04:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 24044 seconds with 6420 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Adobe Acrobat 6.0 Standard (Version: 006.000.000)
Adobe AIR (Version: 3.0.0.4080)
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
All Orders by NumberCruncher (Version: 6.1.0.38)
Blue Coat K9 Web Protection (Version: 4.3.188)
Brother MFL-Pro Suite (Version: 1.00.000)
Browse For Change
CCleaner (Version: 3.19)
Chinese Simplified Fonts Support For Adobe Reader X (Version: 10.0.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Dell Driver Reset Tool (Version: 1.02.0000)
Dropbox (Version: 1.4.7)
Free File Viewer 2011
Google Chrome (Version: 19.0.1084.56)
Google Talk (remove only)
Google Talk Plugin (Version: 3.1.4.8140)
Google Toolbar for Firefox (Version: 3.0.20070525)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections 12.1.8.0 (Version: )
InterActual Player
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 33 (Version: 6.0.330)
join.me (Version: 1.3.1.431)
Madison Merchant Program (Version: 6.0.789.0)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
McAfee Security Scan Plus (Version: 3.0.207.4)
McAfee SiteAdvisor (Version: 3.4.195)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Primary Interop Assemblies (Version: 11.0.6553.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Outlook Personal Folders Backup (Version: 1.10.0.0)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Backward compatibility (Version: 8.05.1704)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Express Edition (ACT7) (Version: 9.4.5000.00)
Microsoft SQL Server 2005 Express Edition (UPSBAT) (Version: 9.4.5000.00)
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
MyVisionX (Version: 2.35.1.4 - WHQL)
Nitro Reader 2 (Version: 2.3.1.7)
OKI LPR Utility
PaperPort (Version: 9.02.0827)
PowerDVD (Version: 7.0)
Profit Stars RDC - Vision X ALT (Version: 1.00.0000)
QualxServ Service Agreement (Version: 1.11.0000)
QuickBooks (Version: 22.0.4008.2206)
QuickBooks Enterprise Solutions: Mfg and Whsle Edition 12.0 (Version: 22.0.4008.2206)
QuickBooks Pro Edition 2003
RealPlayer
Realtek High Definition Audio Driver
Sandboxie 3.68 (32-bit) (Version: 3.68)
Searchqu Toolbar (Version: 3.0.0.122375)
Segoe UI (Version: 14.0.4327.805)
SmartSource
SupportSoft Assisted Service (Version: 15)
swMSM (Version: 12.0.0.1)
TeamViewer 6 (Version: 6.0.10511)
TellerScan Driver v2.1 Certified (Version: 2.10.0000)
Tweak UI
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Visual Studio 2005 Tools for Office Second Edition Runtime
WebEx
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - Digital Check Corporation (TSUSB2) USB (01/08/2007 1.10.0000) (Version: 01/08/2007 1.10.0000)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0 (Version: 04.00.6001.503)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinDriver6 USB Driver
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 66%
Total physical RAM: 1013.1 MB
Available physical RAM: 343.73 MB
Total Pagefile: 2434.86 MB
Available Pagefile: 1478.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1973.12 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:74.45 GB) (Free:36.53 GB) NTFS
2 Drive d: (My Passport) (Fixed) (Total:298.02 GB) (Free:185.34 GB) FAT32
3 Drive z: () (Network) (Total:55.89 GB) (Free:13.02 GB) NTFS

========================= Users: ========================================

User accounts for \\GELB

Administrator ASPNET Guest
HelpAssistant QBDataServiceUser19 QBDataServiceUser22
Smartek SUPPORT_388945a0

========================= Minidump Files ==================================

C:\WINDOWS\Minidump\Mini051112-01.dmp
C:\WINDOWS\Minidump\Mini051412-01.dmp
C:\WINDOWS\Minidump\Mini051412-02.dmp
C:\WINDOWS\Minidump\Mini051512-01.dmp
C:\WINDOWS\Minidump\Mini051812-01.dmp
C:\WINDOWS\Minidump\Mini052512-01.dmp
C:\WINDOWS\Minidump\Mini060712-01.dmp
C:\WINDOWS\Minidump\Mini061212-01.dmp
C:\WINDOWS\Minidump\Mini061812-01.dmp
========================= Restore Points ==================================

30-05-2012 14:22:35 Installed Madison Merchant Program
30-05-2012 14:42:32 Removed Madison Merchant Program
30-05-2012 14:43:48 Software Distribution Service 3.0
30-05-2012 14:46:26 Installed Madison Merchant Program
30-05-2012 15:01:51 Removed Madison Merchant Program
30-05-2012 15:06:25 Installed Madison Merchant Program
31-05-2012 17:28:58 Software Distribution Service 3.0
31-05-2012 20:53:18 Installed TuneUp Utilities 2012
01-06-2012 15:32:27 Removed TuneUp Utilities 2012
01-06-2012 15:33:29 Removed TuneUp Utilities Language Pack (en-US)
01-06-2012 16:48:07 Software Distribution Service 3.0
04-06-2012 13:43:19 System Checkpoint
04-06-2012 15:19:26 Restore Operation
04-06-2012 15:23:15 Restore Operation
04-06-2012 15:23:52 Restore Operation
04-06-2012 15:50:42 Software Distribution Service 3.0
04-06-2012 20:32:43 Software Distribution Service 3.0
05-06-2012 16:49:37 Software Distribution Service 3.0
06-06-2012 17:23:16 Software Distribution Service 3.0
07-06-2012 13:10:26 Software Distribution Service 3.0
07-06-2012 17:14:48 Software Distribution Service 3.0
08-06-2012 16:37:02 Software Distribution Service 3.0
08-06-2012 18:51:15 Removed Google Earth Plug-in.
08-06-2012 18:52:05 Removed Madison Merchant Program
10-06-2012 15:13:37 Software Distribution Service 3.0
11-06-2012 15:14:40 Software Distribution Service 3.0
12-06-2012 15:14:25 Software Distribution Service 3.0
12-06-2012 19:19:31 Removed Microsoft Download Manager
12-06-2012 19:25:48 Removed Scanner Controller Web Client
13-06-2012 14:27:53 Installed Madison Merchant Program
13-06-2012 14:33:46 Installed MyVisionX
13-06-2012 17:14:34 Software Distribution Service 3.0
13-06-2012 18:08:04 Software Distribution Service 3.0
14-06-2012 16:38:03 Software Distribution Service 3.0
15-06-2012 13:17:12 Software Distribution Service 3.0
15-06-2012 16:38:55 Software Distribution Service 3.0
16-06-2012 13:16:43 Software Distribution Service 3.0
16-06-2012 16:36:35 Software Distribution Service 3.0
17-06-2012 13:16:23 Software Distribution Service 3.0
17-06-2012 16:37:40 Software Distribution Service 3.0
18-06-2012 13:21:08 Software Distribution Service 3.0
18-06-2012 17:13:01 Software Distribution Service 3.0
18-06-2012 18:50:11 Printer Driver Send To Microsoft OneNote Driver Installed
18-06-2012 19:00:50 Installed Java™ 6 Update 33
19-06-2012 13:24:56 Removed Chinese Simplified Fonts Support For Adobe Reader 8
19-06-2012 13:25:12 Installed Chinese Simplified Fonts Support For Adobe Reader X.
19-06-2012 17:07:23 Software Distribution Service 3.0
19-06-2012 21:20:35 Restore Operation
19-06-2012 21:34:24 Software Distribution Service 3.0
20-06-2012 16:58:55 Software Distribution Service 3.0
21-06-2012 13:25:27 Software Distribution Service 3.0
21-06-2012 16:58:33 Software Distribution Service 3.0
22-06-2012 13:24:33 Software Distribution Service 3.0
22-06-2012 17:13:18 Software Distribution Service 3.0
23-06-2012 13:53:10 Software Distribution Service 3.0
24-06-2012 13:51:48 Software Distribution Service 3.0
25-06-2012 13:52:24 Software Distribution Service 3.0
25-06-2012 22:13:43 nt backup
26-06-2012 15:53:32 Installed Microsoft Outlook Personal Folders Backup

**** End of log ****


and agian thanks for your time and help!
Tritzim.

#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:46 AM

Posted 30 June 2012 - 04:22 PM

Hi

Sorry for the delay in getting back to you.

Step 1


every time i press print i'm worried that i'll see the blue screen.


Without actually pressing the print button you mention, I'ld like you to take a screenshot of it via the below:

  • Please take a screenshot of the problem (How to take a screenshot)
  • Save it as a picture file (eg .jpg / .gif) to your desktop using e.g. Paint.
  • Upload the file saved on your desktop to a site like Mediafire
  • Please post the link to the file in your next reply.

Note:
The reasons I ask you to upload the file to a site like Mediafire, instead of posting the picture on BC instead:

1) It would take up a significant portion of your storage allowance.
2) If the picture is subsequently deleted from BC storage, then it would not show in this post anymore.


Step 2

We need to analyse the BSOD:

Download BlueScreenView (in Zip file) to your desktop.

  • No installation required.
  • Unzip downloaded file to your desktop
  • Double click on BlueScreenView.exe file to run the program and When scanning is done, go to Edit > Select All.
  • Then go to File > Save Selected Items, and save the report as BSOD.txt.
  • Open BSOD.txt in Notepad
  • Copy all content, and paste it into your next reply.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 Tritzim

Tritzim
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:10:46 PM

Posted 02 July 2012 - 01:09 PM

Thank you for replying, you don't have to be sorry for the delay, you are doing me a favor.

Step 1

I used Drop-box for the print screen the link is:
https://www.dropbox.com/sh/dzmr7h578hbflwe/lThtJ8-fnk#/
if drop-box won't work for you, just let me know and i'll redo it.

Let me explain you better the situation, I'm printing all day long I can say more then 50 times a day.
At some point when I pressed the final print button i got the Blue screen, since then it happened again a few times as you can see below on the log.
This happened when I printed to my regular printer, and even when I printed an excel file to PDF. this means that the problem is not my printer its at a previous stop probably in the spool process.

step 2

BSOD.txt

==================================================
Dump File : Mini061812-01.dmp
Crash Time : 6/18/2012 11:19:57 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000016
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x804fa292
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+2a061
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address : ntoskrnl.exe+23292
Stack Address 1 : tcpip.sys+2a061
Stack Address 2 : tcpip.sys+2a195
Stack Address 3 : tcpip.sys+67b6
Computer Name :
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================

==================================================
Dump File : Mini061212-01.dmp
Crash Time : 6/12/2012 3:03:38 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000016
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x804fa292
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+2a061
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address : ntoskrnl.exe+23292
Stack Address 1 : tcpip.sys+2a061
Stack Address 2 : tcpip.sys+2a195
Stack Address 3 : tcpip.sys+67b6
Computer Name :
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================

==================================================
Dump File : Mini060712-01.dmp
Crash Time : 6/7/2012 4:55:36 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000016
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x804fa292
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+2a061
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address : ntoskrnl.exe+23292
Stack Address 1 : tcpip.sys+2a061
Stack Address 2 : tcpip.sys+2a195
Stack Address 3 : tcpip.sys+67b6
Computer Name :
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================

==================================================
Dump File : Mini052512-01.dmp
Crash Time : 5/25/2012 1:23:08 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000016
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x804fa292
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+2a061
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address : ntoskrnl.exe+23292
Stack Address 1 : tcpip.sys+2a061
Stack Address 2 : tcpip.sys+2a195
Stack Address 3 : tcpip.sys+67b6
Computer Name :
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================

==================================================
Dump File : Mini051812-01.dmp
Crash Time : 5/18/2012 1:03:04 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000016
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x804fa292
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+2a061
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address : ntoskrnl.exe+23292
Stack Address 1 : tcpip.sys+2a061
Stack Address 2 : tcpip.sys+2a195
Stack Address 3 : tcpip.sys+67b6
Computer Name :
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================

==================================================
Dump File : Mini051512-01.dmp
Crash Time : 5/15/2012 3:38:18 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000016
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x804fa292
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+2a061
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address : ntoskrnl.exe+23292
Stack Address 1 : tcpip.sys+2a061
Stack Address 2 : tcpip.sys+2a195
Stack Address 3 : tcpip.sys+67b6
Computer Name :
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================

==================================================
Dump File : Mini051412-02.dmp
Crash Time : 5/14/2012 5:44:47 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000016
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x804fa292
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+2a061
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address : ntoskrnl.exe+23292
Stack Address 1 : tcpip.sys+2a061
Stack Address 2 : tcpip.sys+2a195
Stack Address 3 : tcpip.sys+67b6
Computer Name :
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================

==================================================
Dump File : Mini051412-01.dmp
Crash Time : 5/14/2012 10:19:46 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000016
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x804fa292
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+2a061
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address : ntoskrnl.exe+23292
Stack Address 1 : tcpip.sys+2a061
Stack Address 2 : tcpip.sys+2a195
Stack Address 3 : tcpip.sys+67b6
Computer Name :
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================

==================================================
Dump File : Mini051112-01.dmp
Crash Time : 5/11/2012 9:19:31 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000016
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x804fa292
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+2a061
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address : ntoskrnl.exe+23292
Stack Address 1 : tcpip.sys+2a061
Stack Address 2 : tcpip.sys+2a195
Stack Address 3 : tcpip.sys+67b6
Computer Name :
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================

Thank you for your help!
Tritzim.

P.S.
you are writing in your signature that "If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM." but I don't really know how to send a PM (I actually don't know what PM is...).

#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:46 AM

Posted 02 July 2012 - 02:21 PM

Hi

Please run Farbar Service Scanner.
Type the following in the edit box after "Search:".

tcpip.sys

Click Search Files button and post the log (FSS.txt) it makes in your next reply.

Edited by dev00790, 02 July 2012 - 02:22 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 Tritzim

Tritzim
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:10:46 PM

Posted 02 July 2012 - 03:46 PM

where do I get the "Farbar Service Scanner"?

#8 Tritzim

Tritzim
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:10:46 PM

Posted 02 July 2012 - 03:47 PM

got it!

#9 Tritzim

Tritzim
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:10:46 PM

Posted 02 July 2012 - 03:50 PM

Farbar Service Scanner Version: 25-06-2012 01
Ran by Smartek (administrator) on 02-07-2012 at 16:48:30
Microsoft Windows XP Home Edition Service Pack 3 (X86)

************************************************
======== Search: "tcpip.sys" =========

C:\WINDOWS\system32\drivers\tcpip.sys
[2004-08-10 13:51] - [2008-06-20 07:51] - 0361600 ____A (Microsoft Corporation) 9AEFA14BD6B182D61E3119FA5F436D3D

C:\WINDOWS\system32\dllcache\tcpip.sys
[2008-06-20 07:51] - [2008-06-20 07:51] - 0361600 ____N (Microsoft Corporation) 9AEFA14BD6B182D61E3119FA5F436D3D

C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008-09-17 20:07] - [2008-04-13 15:20] - 0361344 ____N (Microsoft Corporation) 93EA8D04EC73A85DB02EB8805988F733

C:\WINDOWS\ERDNT\cache\tcpip.sys
[2012-02-23 20:42] - [2008-06-20 07:51] - 0361600 ____A (Microsoft Corporation) 9AEFA14BD6B182D61E3119FA5F436D3D

C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008-07-10 03:00] - [2007-10-30 13:20] - 0360064 ____C (Microsoft Corporation) 90CAFF4B094573449A0872A0F919B178

C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2010-02-12 10:33] - [2008-04-13 15:20] - 0361344 ____C (Microsoft Corporation) 93EA8D04EC73A85DB02EB8805988F733

C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008-01-09 11:08] - [2006-04-20 07:51] - 0359808 ____C (Microsoft Corporation) 1DBF125862891817F374F407626967F4

C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2007-10-24 08:04] - [2004-08-04 06:00] - 0359040 ____C (Microsoft Corporation) 9F4B36614A0FC234525BA224957DE55C

C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2010-02-12 10:18] - [2008-06-20 06:45] - 0360320 ____C (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2008-06-20 07:59] - [2008-06-20 07:59] - 0361600 ____A (Microsoft Corporation) AD978A1B783B5719720CFF204B666C8E

C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008-06-20 07:51] - [2008-06-20 07:51] - 0361600 ____A (Microsoft Corporation) 9AEFA14BD6B182D61E3119FA5F436D3D

C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008-06-20 06:44] - [2008-06-20 06:44] - 0360960 ____A (Microsoft Corporation) 744E57C99232201AE98C49168B918F48

C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2007-10-30 12:53] - [2007-10-30 12:53] - 0360832 ____A (Microsoft Corporation) 64798ECFA43D78C7178375FCDD16D8C8

C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[2006-04-20 08:18] - [2006-04-20 08:18] - 0360576 ____A (Microsoft Corporation) B2220C618B42A2212A59D91EBD6FC4B4

C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008-06-20 07:59] - [2008-06-20 07:59] - 0361600 ____A (Microsoft Corporation) AD978A1B783B5719720CFF204B666C8E

====== End Of Search ======

#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:46 AM

Posted 02 July 2012 - 05:38 PM

Hi

A "PM" as abbreviation for Private Message :)

The file tcpip.sys [in C:\WINDOWS\system32\drivers] seems to be legit.

Does the Blue Screen happen only after you press the "print" button in the screenshot you linked earlier?
Or does it happen when trying to print from other software also - eg notepad?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 Tritzim

Tritzim
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:10:46 PM

Posted 02 July 2012 - 06:46 PM

The file tcpip.sys [in C:\WINDOWS\system32\drivers] seems to be legit.

What does the tcpip.sys do for the computer? I never heard of that file.

The problem happened in several programs
1. while printing in google chrome (as the screeshot)
2. when I printed from Quick Books to my paper printer,
3. Quick Books have a button that takes the current window save it as a PDF and attach it to an email, one time when I used that commend it crashed down.
4. When I printed an Excel file.
And it could be more, I just don't remamber all on hand.

It could be that it happaned (in addition) because the computer was heavy in use, like a few programs just started, or when I click print in a multi-second efter opening the printing window.

After reboot windows is asking me to send them the error report, then it shows me a window with possible solutions to the problem, like uninstall recent hardware, uninstall recent programs, update hardware, or system restore.

#12 Tritzim

Tritzim
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:10:46 PM

Posted 02 July 2012 - 06:52 PM

Sometimes after the crash the CD/DVD tray opens up, and don't want to close. I closed it with tape, if I would take of the tape it will open again, after a few days its stays closed but no CD/DVD drive is found in the hardware list.

But today I suddenly found the drive back in my system, I don't know how, that might be a possible reason for the crash.

#13 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:46 AM

Posted 02 July 2012 - 07:06 PM

What does the tcpip.sys do for the computer? I never heard of that file.

tcpip.sys

The problem happened in several programs
1. while printing in google chrome (as the screeshot)
2. when I printed from Quick Books to my paper printer,
3. Quick Books have a button that takes the current window save it as a PDF and attach it to an email, one time when I used that commend it crashed down.
4. When I printed an Excel file.
And it could be more, I just don't remamber all on hand.

It could be that it happaned (in addition) because the computer was heavy in use, like a few programs just started, or when I click print in a multi-second efter opening the printing window.

After reboot windows is asking me to send them the error report, then it shows me a window with possible solutions to the problem, like uninstall recent hardware, uninstall recent programs, update hardware, or system restore.

Does the problem still happen now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#14 Tritzim

Tritzim
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:10:46 PM

Posted 02 July 2012 - 07:37 PM

As you can see on the log the last crash was 2 weeks ago.
But now - as I mentioned - everytime before I press print I'm waiting a few seconds to make sure it doesn't crash. Maybe this helps.
But I'm still have some times, that the computer runs completely slow.

#15 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:46 AM

Posted 03 July 2012 - 01:58 AM

Hi

We need to have a deeper look..

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users