Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to access Google


  • Please log in to reply
7 replies to this topic

#1 hotblooded

hotblooded

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 17 August 2012 - 07:03 AM

Greetings!

I'm having a pesky problem with my machine. Every website loads EXCEPT Google. The browsers just give a generic "Cannot display web page" message. I have run multiple anti-malware programs, all of them have come up with something different, yet the problem persists. So far, I've run scans using:

rkill.exe
MalwareBytes
TDSKiller
Comodo Cleaning Essentials
Avira Anti-virus

A bunch of people said this stuff helped them:

http://answers.yahoo.com/question/index?qid=20120208224106AA2M1Ph

but I didn't have luck with that.

I updated Java and Flash. This same issue persists in IE8, Firefox 14, and Chrome. Running Windows XP SP3. I'm out of ideas as to what could be causing this issue.

Any thoughts?

Help would be much appreciated...thanks in advance!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:10 AM

Posted 17 August 2012 - 07:06 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 hotblooded

hotblooded
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 17 August 2012 - 08:32 PM

I guess I probably should've mentioned that I'm able to access everything google-related except for google.com. I can get to images.google.com, maps.google.com, and google.co.uk.

Anyway, here are the logs you were looking for:

TDSSkiller:


19:01:08.0968 1124 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
19:01:09.0312 1124 ============================================================
19:01:09.0312 1124 Current date / time: 2012/08/17 19:01:09.0312
19:01:09.0312 1124 SystemInfo:
19:01:09.0312 1124
19:01:09.0312 1124 OS Version: 5.1.2600 ServicePack: 3.0
19:01:09.0312 1124 Product type: Workstation
19:01:09.0312 1124 ComputerName: PETERS-5
19:01:09.0312 1124 UserName: Admin
19:01:09.0312 1124 Windows directory: C:\WINDOWS
19:01:09.0312 1124 System windows directory: C:\WINDOWS
19:01:09.0312 1124 Processor architecture: Intel x86
19:01:09.0312 1124 Number of processors: 1
19:01:09.0312 1124 Page size: 0x1000
19:01:09.0312 1124 Boot type: Normal boot
19:01:09.0312 1124 ============================================================
19:01:10.0625 1124 Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:01:10.0640 1124 ============================================================
19:01:10.0640 1124 \Device\Harddisk0\DR0:
19:01:10.0640 1124 MBR partitions:
19:01:10.0640 1124 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852C1
19:01:10.0640 1124 ============================================================
19:01:10.0671 1124 C: <-> \Device\Harddisk0\DR0\Partition1
19:01:10.0671 1124 ============================================================
19:01:10.0671 1124 Initialize success
19:01:10.0671 1124 ============================================================
19:01:51.0015 2108 ============================================================
19:01:51.0015 2108 Scan started
19:01:51.0015 2108 Mode: Manual; TDLFS;
19:01:51.0015 2108 ============================================================
19:01:51.0390 2108 ================ Scan services =============================
19:01:51.0578 2108 Abiosdsk - ok
19:01:51.0593 2108 abp480n5 - ok
19:01:51.0656 2108 [ 8fd99680a539792a30e97944fdaecf17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:01:51.0671 2108 ACPI - ok
19:01:51.0703 2108 [ 9859c0f6936e723e4892d7141b1327d5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:01:51.0703 2108 ACPIEC - ok
19:01:51.0765 2108 [ 6c40d5ed8951ab7b90d08af655224ee4 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:01:51.0781 2108 AdobeFlashPlayerUpdateSvc - ok
19:01:51.0812 2108 adpu160m - ok
19:01:51.0875 2108 [ 8bed39e3c35d6a489438b8141717a557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:01:51.0875 2108 aec - ok
19:01:51.0921 2108 [ 322d0e36693d6e24a2398bee62a268cd ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:01:51.0921 2108 AFD - ok
19:01:51.0937 2108 Aha154x - ok
19:01:51.0953 2108 aic78u2 - ok
19:01:51.0984 2108 aic78xx - ok
19:01:52.0015 2108 [ a9a3daa780ca6c9671a19d52456705b4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:01:52.0015 2108 Alerter - ok
19:01:52.0062 2108 [ 8c515081584a38aa007909cd02020b3d ] ALG C:\WINDOWS\System32\alg.exe
19:01:52.0062 2108 ALG - ok
19:01:52.0078 2108 AliIde - ok
19:01:52.0093 2108 amsint - ok
19:01:52.0281 2108 [ 0a1cc583e8147004e4ad4625d7fbf88c ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:01:52.0281 2108 AntiVirSchedulerService - ok
19:01:52.0328 2108 [ c9a36ef935aced86aedf93e97e606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:01:52.0328 2108 AntiVirService - ok
19:01:52.0375 2108 [ d8849f77c0b66226335a59d26cb4edc6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:01:52.0390 2108 AppMgmt - ok
19:01:52.0406 2108 asc - ok
19:01:52.0437 2108 asc3350p - ok
19:01:52.0437 2108 asc3550 - ok
19:01:52.0546 2108 [ d33c507942299753868204cc7642fa27 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:01:52.0546 2108 aspnet_state - ok
19:01:52.0593 2108 [ b153affac761e7f5fcfa822b9c4e97bc ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:01:52.0593 2108 AsyncMac - ok
19:01:52.0625 2108 [ 9f3a2f5aa6875c72bf062c712cfa2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:01:52.0625 2108 atapi - ok
19:01:52.0656 2108 Atdisk - ok
19:01:52.0703 2108 [ 60d2d92bd2390c50bce4106113f8b83b ] Ati HotKey Poller C:\WINDOWS\System32\Ati2evxx.exe
19:01:52.0718 2108 Ati HotKey Poller - ok
19:01:52.0765 2108 [ da05c02074349afe712042f52fec3436 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
19:01:52.0796 2108 ATI Smart - ok
19:01:52.0859 2108 [ 1bc00580219007683339b3a78b8f2232 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
19:01:52.0906 2108 ati2mtag - ok
19:01:52.0953 2108 [ 9916c1225104ba14794209cfa8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:01:52.0953 2108 Atmarpc - ok
19:01:53.0000 2108 [ def7a7882bec100fe0b2ce2549188f9d ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:01:53.0000 2108 AudioSrv - ok
19:01:53.0031 2108 [ d9f724aa26c010a217c97606b160ed68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:01:53.0031 2108 audstub - ok
19:01:53.0062 2108 [ d5541f0afb767e85fc412fc609d96a74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:01:53.0078 2108 avgntflt - ok
19:01:53.0109 2108 [ 7d967a682d4694df7fa57d63a2db01fe ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:01:53.0109 2108 avipbb - ok
19:01:53.0125 2108 [ 53e56450da16a1a7f0d002f511113f67 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:01:53.0125 2108 avkmgr - ok
19:01:53.0187 2108 [ da1f27d85e0d1525f6621372e7b685e9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:01:53.0187 2108 Beep - ok
19:01:53.0265 2108 [ 574738f61fca2935f5265dc4e5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
19:01:53.0281 2108 BITS - ok
19:01:53.0343 2108 [ a06ce3399d16db864f55faeb1f1927a9 ] Browser C:\WINDOWS\System32\browser.dll
19:01:53.0343 2108 Browser - ok
19:01:53.0390 2108 [ 90a673fc8e12a79afbed2576f6a7aaf9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:01:53.0390 2108 cbidf2k - ok
19:01:53.0406 2108 cd20xrnt - ok
19:01:53.0453 2108 [ c1b486a7658353d33a10cc15211a873b ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:01:53.0453 2108 Cdaudio - ok
19:01:53.0500 2108 [ c885b02847f5d2fd45a24e219ed93b32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:01:53.0515 2108 Cdfs - ok
19:01:53.0593 2108 [ 1f4260cc5b42272d71f79e570a27a4fe ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:01:53.0609 2108 Cdrom - ok
19:01:53.0625 2108 Changer - ok
19:01:53.0671 2108 [ 1cfe720eb8d93a7158a4ebc3ab178bde ] cisvc C:\WINDOWS\System32\cisvc.exe
19:01:53.0671 2108 cisvc - ok
19:01:53.0718 2108 [ 34cbe729f38138217f9c80212a2a0c82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:01:53.0718 2108 ClipSrv - ok
19:01:53.0765 2108 [ 3c4d595e7f9b747325aef28b4adcaae5 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:01:53.0765 2108 clr_optimization_v2.0.50727_32 - ok
19:01:53.0781 2108 CmdIde - ok
19:01:53.0796 2108 COMSysApp - ok
19:01:53.0828 2108 Cpqarray - ok
19:01:53.0859 2108 [ 3d4e199942e29207970e04315d02ad3b ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:01:53.0859 2108 CryptSvc - ok
19:01:53.0906 2108 [ 5fcd3a21a155beb3c7f75ed1a4ef4ec2 ] cusrvc C:\WINDOWS\system32\cusrvc.exe
19:01:53.0906 2108 cusrvc - ok
19:01:53.0906 2108 dac2w2k - ok
19:01:53.0921 2108 dac960nt - ok
19:01:54.0000 2108 [ 2589fe6015a316c0f5d5112b4da7b509 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:01:54.0015 2108 DcomLaunch - ok
19:01:54.0125 2108 [ a67b049cf2632d6550592f74adcb5045 ] DdsSched C:\Program Files\RDS\ddsschednt.exe
19:01:54.0125 2108 DdsSched - ok
19:01:54.0187 2108 [ 5e38d7684a49cacfb752b046357e0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:01:54.0187 2108 Dhcp - ok
19:01:54.0203 2108 [ 044452051f3e02e7963599fc8f4f3e25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:01:54.0218 2108 Disk - ok
19:01:54.0234 2108 dmadmin - ok
19:01:54.0343 2108 [ d992fe1274bde0f84ad826acae022a41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:01:54.0421 2108 dmboot - ok
19:01:54.0484 2108 [ 7c824cf7bbde77d95c08005717a95f6f ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:01:54.0484 2108 dmio - ok
19:01:54.0515 2108 [ e9317282a63ca4d188c0df5e09c6ac5f ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:01:54.0515 2108 dmload - ok
19:01:54.0562 2108 [ 57edec2e5f59f0335e92f35184bc8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:01:54.0562 2108 dmserver - ok
19:01:54.0609 2108 [ 8a208dfcf89792a484e76c40e5f50b45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:01:54.0609 2108 DMusic - ok
19:01:54.0625 2108 [ 474b4dc3983173e4b4c9740b0dac98a6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:01:54.0640 2108 Dnscache - ok
19:01:54.0671 2108 [ 0f0f6e687e5e15579ef4da8dd6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:01:54.0687 2108 Dot3svc - ok
19:01:54.0703 2108 dpti2o - ok
19:01:54.0734 2108 [ 8f5fcff8e8848afac920905fbd9d33c8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:01:54.0734 2108 drmkaud - ok
19:01:54.0796 2108 [ 2187855a7703adef0cef9ee4285182cc ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:01:54.0796 2108 EapHost - ok
19:01:54.0843 2108 [ bc93b4a066477954555966d77fec9ecb ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:01:54.0843 2108 ERSvc - ok
19:01:54.0890 2108 [ 0e776ed5f7cc9f94299e70461b7b8185 ] Eventlog C:\WINDOWS\system32\services.exe
19:01:54.0890 2108 Eventlog - ok
19:01:54.0953 2108 [ 19a799805b24990867b00c120d300c3a ] EventSystem C:\WINDOWS\System32\es.dll
19:01:54.0968 2108 EventSystem - ok
19:01:55.0031 2108 [ 38d332a6d56af32635675f132548343e ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:01:55.0031 2108 Fastfat - ok
19:01:55.0093 2108 [ 1926899bf9ffe2602b63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:01:55.0093 2108 FastUserSwitchingCompatibility - ok
19:01:55.0140 2108 [ 92cdd60b6730b9f50f6a1a0c1f8cdc81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:01:55.0140 2108 Fdc - ok
19:01:55.0187 2108 [ d45926117eb9fa946a6af572fbe1caa3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:01:55.0187 2108 Fips - ok
19:01:55.0218 2108 [ 9d27e7b80bfcdf1cdd9b555862d5e7f0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:01:55.0218 2108 Flpydisk - ok
19:01:55.0296 2108 [ b2cf4b0786f8212cb92ed2b50c6db6b0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:01:55.0296 2108 FltMgr - ok
19:01:55.0343 2108 [ 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:01:55.0343 2108 Fs_Rec - ok
19:01:55.0375 2108 [ 6ac26732762483366c3969c9e4d2259d ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:01:55.0375 2108 Ftdisk - ok
19:01:55.0421 2108 [ 0a02c63c8b144bd8c86b103dee7c86a2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:01:55.0437 2108 Gpc - ok
19:01:55.0500 2108 [ 573c7d0a32852b48f3058cfd8026f511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:01:55.0500 2108 HDAudBus - ok
19:01:55.0578 2108 [ 4fcca060dfe0c51a09dd5c3843888bcd ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:01:55.0578 2108 helpsvc - ok
19:01:55.0593 2108 HidServ - ok
19:01:55.0640 2108 [ 47eece68857817f39c8c6f33a7e5e76c ] hitmanpro36 C:\WINDOWS\system32\drivers\hitmanpro36.sys
19:01:55.0640 2108 hitmanpro36 - ok
19:01:55.0671 2108 [ 8878bd685e490239777bfe51320b88e9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:01:55.0671 2108 hkmsvc - ok
19:01:55.0687 2108 hpn - ok
19:01:55.0703 2108 hpt3xx - ok
19:01:55.0796 2108 [ f6aacf5bce2893e0c1754afeb672e5c9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:01:55.0796 2108 HTTP - ok
19:01:55.0828 2108 [ 6100a808600f44d999cebdef8841c7a3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:01:55.0828 2108 HTTPFilter - ok
19:01:55.0843 2108 i2omgmt - ok
19:01:55.0890 2108 i2omp - ok
19:01:55.0937 2108 [ 4a0b06aa8943c1e332520f7440c0aa30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:01:55.0937 2108 i8042prt - ok
19:01:55.0968 2108 [ 083a052659f5310dd8b6a6cb05edcf8e ] Imapi C:\WINDOWS\system32\drivers\Imapi.sys
19:01:55.0968 2108 Imapi - ok
19:01:56.0000 2108 [ 30deaf54a9755bb8546168cfe8a6b5e1 ] ImapiService C:\WINDOWS\System32\imapi.exe
19:01:56.0015 2108 ImapiService - ok
19:01:56.0031 2108 ini910u - ok
19:01:56.0234 2108 [ 27b220620a480e54bf57e4750ca9b65f ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:01:56.0328 2108 IntcAzAudAddService - ok
19:01:56.0343 2108 IntelIde - ok
19:01:56.0406 2108 [ 8c953733d8f36eb2133f5bb58808b66b ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:01:56.0406 2108 intelppm - ok
19:01:56.0421 2108 [ 3bb22519a194418d5fec05d800a19ad0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:01:56.0421 2108 ip6fw - ok
19:01:56.0468 2108 [ 731f22ba402ee4b62748adaf6363c182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:01:56.0468 2108 IpFilterDriver - ok
19:01:56.0500 2108 [ b87ab476dcf76e72010632b5550955f5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:01:56.0500 2108 IpInIp - ok
19:01:56.0546 2108 [ cc748ea12c6effde940ee98098bf96bb ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:01:56.0546 2108 IpNat - ok
19:01:56.0609 2108 [ 23c74d75e36e7158768dd63d92789a91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:01:56.0609 2108 IPSec - ok
19:01:56.0656 2108 [ c93c9ff7b04d772627a3646d89f7bf89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:01:56.0671 2108 IRENUM - ok
19:01:56.0703 2108 [ 05a299ec56e52649b1cf2fc52d20f2d7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:01:56.0718 2108 isapnp - ok
19:01:56.0875 2108 [ 0ab63d5785991f9cb362d82deff1dbba ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
19:01:56.0875 2108 JavaQuickStarterService - ok
19:01:56.0906 2108 [ 463c1ec80cd17420a542b7f36a36f128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:01:56.0906 2108 Kbdclass - ok
19:01:56.0968 2108 [ 692bcf44383d056aed41b045a323d378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:01:56.0968 2108 kmixer - ok
19:01:57.0046 2108 [ 1705745d900dabf2d89f90ebaddc7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:01:57.0046 2108 KSecDD - ok
19:01:57.0093 2108 [ f385f4b02c535bffe1d70cab80838123 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:01:57.0093 2108 lanmanserver - ok
19:01:57.0171 2108 [ 1b67b632786fef1c1bbaef46c2f3f2e6 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:01:57.0171 2108 lanmanworkstation - ok
19:01:57.0187 2108 lbrtfdc - ok
19:01:57.0234 2108 [ a7db739ae99a796d91580147e919cc59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:01:57.0234 2108 LmHosts - ok
19:01:57.0296 2108 [ 986b1ff5814366d71e0ac5755c88f2d3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:01:57.0296 2108 Messenger - ok
19:01:57.0328 2108 [ 4ae068242760a1fb6e1a44bf4e16afa6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:01:57.0343 2108 mnmdd - ok
19:01:57.0375 2108 [ d18f1f0c101d06a1c1adf26eed16fcdd ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
19:01:57.0375 2108 mnmsrvc - ok
19:01:57.0421 2108 [ dfcbad3cec1c5f964962ae10e0bcc8e1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:01:57.0421 2108 Modem - ok
19:01:57.0453 2108 [ 35c9e97194c8cfb8430125f8dbc34d04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:01:57.0453 2108 Mouclass - ok
19:01:57.0484 2108 [ a80b9a0bad1b73637dbcbba7df72d3fd ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:01:57.0484 2108 MountMgr - ok
19:01:57.0546 2108 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:01:57.0546 2108 MozillaMaintenance - ok
19:01:57.0562 2108 mraid35x - ok
19:01:57.0625 2108 [ 11d42bb6206f33fbb3ba0288d3ef81bd ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:01:57.0625 2108 MRxDAV - ok
19:01:57.0703 2108 [ 68755f0ff16070178b54674fe5b847b0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:01:57.0718 2108 MRxSmb - ok
19:01:57.0765 2108 [ a137f1470499a205abbb9aafb3b6f2b1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:01:57.0765 2108 MSDTC - ok
19:01:57.0796 2108 [ c941ea2454ba8350021d774daf0f1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:01:57.0796 2108 Msfs - ok
19:01:57.0812 2108 MSIServer - ok
19:01:57.0843 2108 [ d1575e71568f4d9e14ca56b7b0453bf1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:01:57.0843 2108 MSKSSRV - ok
19:01:57.0890 2108 [ 325bb26842fc7ccc1fcce2c457317f3e ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:01:57.0890 2108 MSPCLOCK - ok
19:01:57.0906 2108 [ bad59648ba099da4a17680b39730cb3d ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:01:57.0906 2108 MSPQM - ok
19:01:57.0953 2108 [ af5f4f3f14a8ea2c26de30f7a1e17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:01:57.0953 2108 mssmbios - ok
19:01:58.0000 2108 [ 2f625d11385b1a94360bfc70aaefdee1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:01:58.0015 2108 Mup - ok
19:01:58.0078 2108 [ 0102140028fad045756796e1c685d695 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:01:58.0109 2108 napagent - ok
19:01:58.0171 2108 [ 1df7f42665c94b825322fae71721130d ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:01:58.0171 2108 NDIS - ok
19:01:58.0218 2108 [ 1ab3d00c991ab086e69db84b6c0ed78f ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:01:58.0218 2108 NdisTapi - ok
19:01:58.0250 2108 [ f927a4434c5028758a842943ef1a3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:01:58.0265 2108 Ndisuio - ok
19:01:58.0296 2108 [ edc1531a49c80614b2cfda43ca8659ab ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:01:58.0312 2108 NdisWan - ok
19:01:58.0343 2108 [ 6215023940cfd3702b46abc304e1d45a ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:01:58.0343 2108 NDProxy - ok
19:01:58.0406 2108 [ 5d81cf9a2f1a3a756b66cf684911cdf0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:01:58.0406 2108 NetBIOS - ok
19:01:58.0453 2108 [ 74b2b2f5bea5e9a3dc021d685551bd3d ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:01:58.0453 2108 NetBT - ok
19:01:58.0500 2108 [ b857ba82860d7ff85ae29b095645563b ] NetDDE C:\WINDOWS\system32\netdde.exe
19:01:58.0515 2108 NetDDE - ok
19:01:58.0515 2108 [ b857ba82860d7ff85ae29b095645563b ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:01:58.0515 2108 NetDDEdsdm - ok
19:01:58.0562 2108 [ bf2466b3e18e970d8a976fb95fc1ca85 ] Netlogon C:\WINDOWS\System32\lsass.exe
19:01:58.0562 2108 Netlogon - ok
19:01:58.0625 2108 [ 13e67b55b3abd7bf3fe7aae5a0f9a9de ] Netman C:\WINDOWS\System32\netman.dll
19:01:58.0625 2108 Netman - ok
19:01:58.0687 2108 [ 927c58b8dcf8e058459325a8b03ccd96 ] NetwareWorkstation C:\WINDOWS\system32\NetWare\nwfs.sys
19:01:58.0703 2108 NetwareWorkstation - ok
19:01:58.0734 2108 [ a44f0bcf8abdba07b49b12712deeed9c ] NICM C:\WINDOWS\system32\drivers\nicm.sys
19:01:58.0734 2108 NICM - ok
19:01:58.0796 2108 [ b4138e99236f0f57d4cf49bae98a0746 ] Nla C:\WINDOWS\System32\mswsock.dll
19:01:58.0812 2108 Nla - ok
19:01:58.0859 2108 [ 3182d64ae053d6fb034f44b6def8034a ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:01:58.0859 2108 Npfs - ok
19:01:58.0906 2108 [ 78a08dd6a8d65e697c18e1db01c5cdca ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:01:58.0921 2108 Ntfs - ok
19:01:58.0953 2108 [ bf2466b3e18e970d8a976fb95fc1ca85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
19:01:58.0953 2108 NtLmSsp - ok
19:01:59.0046 2108 [ 156f64a3345bd23c600655fb4d10bc08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:01:59.0062 2108 NtmsSvc - ok
19:01:59.0093 2108 [ 73c1e1f395918bc2c6dd67af7591a3ad ] Null C:\WINDOWS\system32\drivers\Null.sys
19:01:59.0093 2108 Null - ok
19:01:59.0140 2108 [ 2cd673a16887a31533ab4f2eafffa69e ] NWDHCP C:\WINDOWS\system32\NetWare\nwdhcp.sys
19:01:59.0140 2108 NWDHCP - ok
19:01:59.0156 2108 [ 235f7f351f34588620f82ccc4a88b8a9 ] NWDNS C:\WINDOWS\system32\NetWare\nwdns.sys
19:01:59.0171 2108 NWDNS - ok
19:01:59.0187 2108 [ 7bbf493e2b4979312fa5b350fcf5a4c4 ] NWFILTER C:\WINDOWS\system32\NetWare\nwfilter.sys
19:01:59.0187 2108 NWFILTER - ok
19:01:59.0218 2108 [ baa75acf404bebce7065663664a7c3e4 ] NWHOST C:\WINDOWS\system32\NetWare\NWHOST.sys
19:01:59.0218 2108 NWHOST - ok
19:01:59.0234 2108 [ b305f3fad35083837ef46a0bbce2fc57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:01:59.0234 2108 NwlnkFlt - ok
19:01:59.0250 2108 [ c99b3415198d1aab7227f2c88fd664b9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:01:59.0250 2108 NwlnkFwd - ok
19:01:59.0296 2108 [ 8b8b1be2dba4025da6786c645f77f123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
19:01:59.0296 2108 NwlnkIpx - ok
19:01:59.0312 2108 [ 56d34a67c05e94e16377c60609741ff8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
19:01:59.0312 2108 NwlnkNb - ok
19:01:59.0343 2108 [ c0bb7d1615e1acbdc99757f6ceaf8cf0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
19:01:59.0359 2108 NwlnkSpx - ok
19:01:59.0375 2108 [ 2726a6792bbb080ff345ed9a8111360f ] NWSAP C:\WINDOWS\system32\NetWare\NWSAP.sys
19:01:59.0375 2108 NWSAP - ok
19:01:59.0406 2108 [ 0c19ea7bf54f23ef37d8a14c61f64891 ] NWSIPX32 C:\WINDOWS\system32\NetWare\nwsipx32.sys
19:01:59.0406 2108 NWSIPX32 - ok
19:01:59.0421 2108 [ 0b5c354bebc5381b59a196bd7e517814 ] NWSLP C:\WINDOWS\system32\NetWare\nwslp.sys
19:01:59.0421 2108 NWSLP - ok
19:01:59.0453 2108 [ 172308996609da67e99c87fa784df8bc ] NWSNS C:\WINDOWS\system32\NetWare\NWSNS.sys
19:01:59.0453 2108 NWSNS - ok
19:01:59.0484 2108 [ 5575faf8f97ce5e713d108c2a58d7c7c ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:01:59.0500 2108 Parport - ok
19:01:59.0515 2108 [ beb3ba25197665d82ec7065b724171c6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:01:59.0515 2108 PartMgr - ok
19:01:59.0562 2108 [ 70e98b3fd8e963a6a46a2e6247e0bea1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:01:59.0562 2108 ParVdm - ok
19:01:59.0609 2108 [ a219903ccf74233761d92bef471a07b1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:01:59.0609 2108 PCI - ok
19:01:59.0625 2108 PCIDump - ok
19:01:59.0656 2108 [ ccf5f451bb1a5a2a522a76e670000ff0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:01:59.0656 2108 PCIIde - ok
19:01:59.0734 2108 [ 9e89ef60e9ee05e3f2eef2da7397f1c1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:01:59.0734 2108 Pcmcia - ok
19:01:59.0750 2108 PDCOMP - ok
19:01:59.0765 2108 PDFRAME - ok
19:01:59.0781 2108 PDRELI - ok
19:01:59.0796 2108 PDRFRAME - ok
19:01:59.0796 2108 perc2 - ok
19:01:59.0812 2108 perc2hib - ok
19:01:59.0906 2108 [ 0e776ed5f7cc9f94299e70461b7b8185 ] PlugPlay C:\WINDOWS\system32\services.exe
19:01:59.0906 2108 PlugPlay - ok
19:01:59.0937 2108 [ bf2466b3e18e970d8a976fb95fc1ca85 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
19:01:59.0937 2108 PolicyAgent - ok
19:01:59.0984 2108 [ efeec01b1d3cf84f16ddd24d9d9d8f99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:01:59.0984 2108 PptpMiniport - ok
19:02:00.0015 2108 [ a32bebaf723557681bfc6bd93e98bd26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:02:00.0015 2108 Processor - ok
19:02:00.0062 2108 [ bf2466b3e18e970d8a976fb95fc1ca85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:02:00.0062 2108 ProtectedStorage - ok
19:02:00.0093 2108 [ 09298ec810b07e5d582cb3a3f9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:02:00.0109 2108 PSched - ok
19:02:00.0140 2108 [ 80d317bd1c3dbc5d4fe7b1678c60cadd ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:02:00.0140 2108 Ptilink - ok
19:02:00.0156 2108 ql1080 - ok
19:02:00.0171 2108 Ql10wnt - ok
19:02:00.0187 2108 ql12160 - ok
19:02:00.0218 2108 ql1240 - ok
19:02:00.0234 2108 ql1280 - ok
19:02:00.0250 2108 [ fe0d99d6f31e4fad8159f690d68ded9c ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:02:00.0265 2108 RasAcd - ok
19:02:00.0312 2108 [ ad188be7bdf94e8df4ca0a55c00a5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:02:00.0312 2108 RasAuto - ok
19:02:00.0343 2108 [ 11b4a627bc9614b885c4969bfa5ff8a6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:02:00.0359 2108 Rasl2tp - ok
19:02:00.0421 2108 [ 76a9a3cbeadd68cc57cda5e1d7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:02:00.0437 2108 RasMan - ok
19:02:00.0468 2108 [ 5bc962f2654137c9909c3d4603587dee ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:02:00.0468 2108 RasPppoe - ok
19:02:00.0500 2108 [ fdbb1d60066fcfbb7452fd8f9829b242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:02:00.0500 2108 Raspti - ok
19:02:00.0578 2108 [ 7ad224ad1a1437fe28d89cf22b17780a ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:02:00.0578 2108 Rdbss - ok
19:02:00.0609 2108 [ 4912d5b403614ce99c28420f75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:02:00.0609 2108 RDPCDD - ok
19:02:00.0703 2108 [ 15cabd0f7c00c47c70124907916af3f1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:02:00.0703 2108 rdpdr - ok
19:02:00.0781 2108 [ 6728e45b66f93c08f11de2e316fc70dd ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:02:00.0796 2108 RDPWD - ok
19:02:00.0859 2108 [ 3c37bf86641bda977c3bf8a840f3b7fa ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:02:00.0875 2108 RDSessMgr - ok
19:02:00.0906 2108 [ f828dd7e1419b6653894a8f97a0094c5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:02:00.0906 2108 redbook - ok
19:02:00.0937 2108 [ 7e699ff5f59b5d9de5390e3c34c67cf5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:02:00.0953 2108 RemoteAccess - ok
19:02:00.0984 2108 [ 5b19b557b0c188210a56a6b699d90b8f ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:02:00.0984 2108 RemoteRegistry - ok
19:02:01.0015 2108 [ 16c27d650113b0aa0c8255c561a71cd4 ] RESMGR C:\WINDOWS\system32\NetWare\resmgr.sys
19:02:01.0015 2108 RESMGR - ok
19:02:01.0078 2108 [ aaed593f84afa419bbae8572af87cf6a ] RpcLocator C:\WINDOWS\System32\locator.exe
19:02:01.0078 2108 RpcLocator - ok
19:02:01.0171 2108 [ 2589fe6015a316c0f5d5112b4da7b509 ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:02:01.0171 2108 RpcSs - ok
19:02:01.0250 2108 [ 58ad09abeb8eebab6e83d4ebbc26f039 ] RsiSvc C:\Program Files\RDS\RsiSvc.exe
19:02:01.0250 2108 RsiSvc - ok
19:02:01.0296 2108 [ 471b3f9741d762abe75e9deea4787e47 ] RSVP C:\WINDOWS\System32\rsvp.exe
19:02:01.0296 2108 RSVP - ok
19:02:01.0343 2108 [ cf84b1f0e8b14d4120aaf9cf35cbb265 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
19:02:01.0359 2108 RTL8023xp - ok
19:02:01.0390 2108 [ d507c1400284176573224903819ffda3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:02:01.0390 2108 rtl8139 - ok
19:02:01.0406 2108 [ bf2466b3e18e970d8a976fb95fc1ca85 ] SamSs C:\WINDOWS\system32\lsass.exe
19:02:01.0421 2108 SamSs - ok
19:02:01.0468 2108 [ 93b2bb5b10ff5a4d63a4541135aeb125 ] ScanRouterDriverV2 C:\Program Files\RDS\srscandr.exe
19:02:01.0484 2108 ScanRouterDriverV2 - ok
19:02:01.0562 2108 [ 86d007e7a654b9a71d1d7d856b104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:02:01.0562 2108 SCardSvr - ok
19:02:01.0625 2108 [ 0a9a7365a1ca4319aa7c1d6cd8e4eafa ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:02:01.0640 2108 Schedule - ok
19:02:01.0671 2108 [ 90a3935d05b494a5a39d37e71f09a677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:02:01.0671 2108 Secdrv - ok
19:02:01.0703 2108 [ cbe612e2bb6a10e3563336191eda1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:02:01.0703 2108 seclogon - ok
19:02:01.0734 2108 [ 7fdd5d0684eca8c1f68b4d99d124dcd0 ] SENS C:\WINDOWS\system32\sens.dll
19:02:01.0734 2108 SENS - ok
19:02:01.0765 2108 [ 0f29512ccd6bead730039fb4bd2c85ce ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:02:01.0781 2108 serenum - ok
19:02:01.0843 2108 [ cca207a8896d4c6a0c9ce29a4ae411a7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:02:01.0843 2108 Serial - ok
19:02:01.0859 2108 [ 8e6b8c671615d126fdc553d1e2de5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:02:01.0875 2108 Sfloppy - ok
19:02:01.0937 2108 [ 83f41d0d89645d7235c051ab1d9523ac ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:02:01.0953 2108 SharedAccess - ok
19:02:02.0000 2108 [ 1926899bf9ffe2602b63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:02:02.0000 2108 ShellHWDetection - ok
19:02:02.0015 2108 Simbad - ok
19:02:02.0078 2108 [ efae4b36c98413c71c40b3972af924ae ] SOption C:\Program Files\RDS\SOption.exe
19:02:02.0078 2108 SOption - ok
19:02:02.0109 2108 Sparrow - ok
19:02:02.0140 2108 [ ab8b92451ecb048a4d1de7c3ffcb4a9f ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:02:02.0140 2108 splitter - ok
19:02:02.0187 2108 [ d8e14a61acc1d4a6cd0d38aebac7fa3b ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:02:02.0187 2108 Spooler - ok
19:02:02.0250 2108 [ 76bb022c2fb6902fd5bdd4f78fc13a5d ] sr C:\WINDOWS\System32\DRIVERS\sr.sys
19:02:02.0250 2108 sr - ok
19:02:02.0312 2108 [ 3805df0ac4296a34ba4bf93b346cc378 ] srservice C:\WINDOWS\System32\srsvc.dll
19:02:02.0312 2108 srservice - ok
19:02:02.0375 2108 [ 5252605079810904e31c332e241cd59b ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:02:02.0406 2108 Srv - ok
19:02:02.0437 2108 [ 92a0fe75514b41d811f8876aa739868e ] SRVLOC C:\WINDOWS\system32\NetWare\srvloc.sys
19:02:02.0437 2108 SRVLOC - ok
19:02:02.0484 2108 [ 0a5679b3714edab99e357057ee88fca6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:02:02.0484 2108 SSDPSRV - ok
19:02:02.0531 2108 [ a36ee93698802cd899f98bfd553d8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:02:02.0531 2108 ssmdrv - ok
19:02:02.0593 2108 [ 8bad69cbac032d4bbacfce0306174c30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:02:02.0609 2108 stisvc - ok
19:02:02.0656 2108 [ 3941d127aef12e93addf6fe6ee027e0f ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:02:02.0656 2108 swenum - ok
19:02:02.0687 2108 [ 8ce882bcc6cf8a62f2b2323d95cb3d01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:02:02.0687 2108 swmidi - ok
19:02:02.0718 2108 SwPrv - ok
19:02:02.0734 2108 symc810 - ok
19:02:02.0750 2108 symc8xx - ok
19:02:02.0765 2108 sym_hi - ok
19:02:02.0796 2108 sym_u3 - ok
19:02:02.0812 2108 [ 8b83f3ed0f1688b4958f77cd6d2bf290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:02:02.0828 2108 sysaudio - ok
19:02:02.0875 2108 [ c7abbc59b43274b1109df6b24d617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:02:02.0875 2108 SysmonLog - ok
19:02:02.0937 2108 [ 3cb78c17bb664637787c9a1c98f79c38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:02:02.0937 2108 TapiSrv - ok
19:02:03.0015 2108 [ 93ea8d04ec73a85db02eb8805988f733 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:02:03.0015 2108 Tcpip - ok
19:02:03.0062 2108 [ 6471a66807f5e104e4885f5b67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:02:03.0062 2108 TDPIPE - ok
19:02:03.0093 2108 [ c56b6d0402371cf3700eb322ef3aaf61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:02:03.0093 2108 TDTCP - ok
19:02:03.0296 2108 [ 2bbb318ea9f34fdc508cea4aab98d770 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
19:02:03.0468 2108 TeamViewer7 - ok
19:02:03.0531 2108 [ 88155247177638048422893737429d9e ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:02:03.0531 2108 TermDD - ok
19:02:03.0593 2108 [ ff3477c03be7201c294c35f684b3479f ] TermService C:\WINDOWS\System32\termsrv.dll
19:02:03.0609 2108 TermService - ok
19:02:03.0656 2108 [ 1926899bf9ffe2602b63074971700412 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:02:03.0656 2108 Themes - ok
19:02:03.0718 2108 [ db7205804759ff62c34e3efd8a4cc76a ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
19:02:03.0718 2108 TlntSvr - ok
19:02:03.0734 2108 TosIde - ok
19:02:03.0781 2108 [ 55bca12f7f523d35ca3cb833c725f54e ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:02:03.0781 2108 TrkWks - ok
19:02:03.0843 2108 [ 5787b80c2e3c5e2f56c2a233d91fa2c9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:02:03.0843 2108 Udfs - ok
19:02:03.0859 2108 ultra - ok
19:02:03.0953 2108 [ 402ddc88356b1bac0ee3dd1580c76a31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:02:03.0953 2108 Update - ok
19:02:04.0015 2108 [ 1ebafeb9a3fbdc41b8d9c7f0f687ad91 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:02:04.0031 2108 upnphost - ok
19:02:04.0062 2108 [ 05365fb38fca1e98f7a566aaaf5d1815 ] UPS C:\WINDOWS\System32\ups.exe
19:02:04.0062 2108 UPS - ok
19:02:04.0093 2108 [ 65dcf09d0e37d4c6b11b5b0b76d470a7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:02:04.0109 2108 usbehci - ok
19:02:04.0156 2108 [ 1ab3cdde553b6e064d2e754efe20285c ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:02:04.0171 2108 usbhub - ok
19:02:04.0218 2108 [ 0daecce65366ea32b162f85f07c6753b ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:02:04.0218 2108 usbohci - ok
19:02:04.0234 2108 [ a0b8cf9deb1184fbdd20784a58fa75d4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:02:04.0234 2108 usbscan - ok
19:02:04.0250 2108 [ a32426d9b14a089eaa1d922e0c5801a9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:02:04.0265 2108 USBSTOR - ok
19:02:04.0281 2108 [ 0d3a8fafceacd8b7625cd549757a7df1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:02:04.0296 2108 VgaSave - ok
19:02:04.0296 2108 ViaIde - ok
19:02:04.0359 2108 [ 4c8fcb5cc53aab716d810740fe59d025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:02:04.0359 2108 VolSnap - ok
19:02:04.0437 2108 [ 7a9db3a67c333bf0bd42e42b8596854b ] VSS C:\WINDOWS\System32\vssvc.exe
19:02:04.0453 2108 VSS - ok
19:02:04.0531 2108 [ 54af4b1d5459500ef0937f6d33b1914f ] W32Time C:\WINDOWS\System32\w32time.dll
19:02:04.0531 2108 W32Time - ok
19:02:04.0593 2108 [ e20b95baedb550f32dd489265c1da1f6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:02:04.0593 2108 Wanarp - ok
19:02:04.0609 2108 WDICA - ok
19:02:04.0640 2108 [ 6768acf64b18196494413695f0c3a00f ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:02:04.0656 2108 wdmaud - ok
19:02:04.0703 2108 [ 77a354e28153ad2d5e120a5a8687bc06 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:02:04.0703 2108 WebClient - ok
19:02:04.0781 2108 [ 2d0e4ed081963804ccc196a0929275b5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:02:04.0781 2108 winmgmt - ok
19:02:04.0843 2108 [ c7e39ea41233e9f5b86c8da3a9f1e4a8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
19:02:04.0843 2108 WmdmPmSN - ok
19:02:04.0937 2108 [ bab489a5fe26f2d0c910cf7af7e4cf92 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:02:05.0000 2108 Wmi - ok
19:02:05.0093 2108 [ e0673f1106e62a68d2257e376079f821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
19:02:05.0093 2108 WmiApSrv - ok
19:02:05.0140 2108 [ 7c278e6408d1dce642230c0585a854d5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:02:05.0140 2108 wscsvc - ok
19:02:05.0171 2108 [ 35321fb577cdc98ce3eb3a3eb9e4610a ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:02:05.0171 2108 wuauserv - ok
19:02:05.0265 2108 [ 81dc3f549f44b1c1fff022dec9ecf30b ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:02:05.0281 2108 WZCSVC - ok
19:02:05.0343 2108 [ 295d21f14c335b53cb8154e5b1f892b9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:02:05.0343 2108 xmlprov - ok
19:02:05.0359 2108 ================ Scan global ===============================
19:02:05.0375 2108 (42f1f4c0afb08410e5f02d4b13ebb623) C:\WINDOWS\system32\basesrv.dll
19:02:05.0453 2108 (1618f36d4f7f6ccceb3ee44ba95be85c) C:\WINDOWS\system32\winsrv.dll
19:02:05.0484 2108 (1618f36d4f7f6ccceb3ee44ba95be85c) C:\WINDOWS\system32\winsrv.dll
19:02:05.0531 2108 (0e776ed5f7cc9f94299e70461b7b8185) C:\WINDOWS\system32\services.exe
19:02:05.0531 2108 [Global] - ok
19:02:05.0531 2108 ================ Scan MBR ==================================
19:02:05.0546 2108 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:02:05.0734 2108 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:02:05.0734 2108 \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:02:05.0734 2108 ================ Scan VBR ==================================
19:02:05.0734 2108 Boot (0x1200) (d42a2190c6411dd984f1c150593532c6) \Device\Harddisk0\DR0\Partition1
19:02:05.0734 2108 \Device\Harddisk0\DR0\Partition1 - ok
19:02:05.0734 2108 ============================================================
19:02:05.0734 2108 Scan finished
19:02:05.0734 2108 ============================================================
19:02:05.0765 2092 Detected object count: 1
19:02:05.0765 2092 Actual detected object count: 1
19:02:37.0203 2092 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:02:37.0203 2092 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-17 19:04:53
-----------------------------
19:04:53.437 OS Version: Windows 5.1.2600 Service Pack 3
19:04:53.437 Number of processors: 1 586 0x409
19:04:53.453 ComputerName: PETERS-5 UserName: Admin
19:04:54.265 Initialize success
19:08:40.062 AVAST engine defs: 12081701
19:31:29.796 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
19:31:29.796 Disk 0 Vendor: ST340014A 8.54 Size: 38166MB BusType: 3
19:31:29.812 Disk 0 MBR read successfully
19:31:29.812 Disk 0 MBR scan
19:31:30.015 Disk 0 Windows XP default MBR code
19:31:30.031 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38154 MB offset 63
19:31:30.078 Disk 0 scanning sectors +78140160
19:31:30.187 Disk 0 scanning C:\WINDOWS\system32\drivers
19:31:55.328 Service scanning
19:32:26.343 Modules scanning
19:32:39.328 Disk 0 trace - called modules:
19:32:39.343 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
19:32:39.343 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b6eab8]
19:32:39.718 3 CLASSPNP.SYS[f7680fd7] -> nt!IofCallDriver -> \Device\0000005c[0x86b2e030]
19:32:39.781 5 ACPI.sys[f7517620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86b71940]
19:32:39.984 AVAST engine scan C:\WINDOWS
19:32:47.281 AVAST engine scan C:\WINDOWS\system32
19:36:50.437 AVAST engine scan C:\WINDOWS\system32\drivers
19:37:13.125 AVAST engine scan C:\Documents and Settings\Admin
19:39:02.562 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\My Documents\MBR.dat"
19:39:02.562 The log file has been saved successfully to "C:\Documents and Settings\Admin\My Documents\aswMBR.txt"


ESET online scanner
It found 0 threats so I couldn't create a list.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:10 AM

Posted 17 August 2012 - 08:37 PM

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Create a restore point before trying this

Download

adware cleaner

Launch it click on Delete

post the generated log

#5 hotblooded

hotblooded
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 18 August 2012 - 07:44 AM

Mini toolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Admin (administrator) on 18-08-2012 at 08:23:52
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


94.63.240.133 www.google.com
94.63.240.134 www.bing.com


========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=NONE
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : peters-5 Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : NoEthernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC Physical Address. . . . . . . . . : 00-16-76-76-D1-81 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 196.1.1.104 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 196.1.1.1 DHCP Server . . . . . . . . . . . : 196.1.1.1 DNS Servers . . . . . . . . . . . : 196.1.1.1 Lease Obtained. . . . . . . . . . : Thursday, August 16, 2012 9:21:37 PM Lease Expires . . . . . . . . . . : Sunday, August 19, 2012 9:21:37 PMServer: indus.cmie.ernet.in
Address: 196.1.1.1

Name: google.com
Addresses: 74.125.228.32, 74.125.228.35, 74.125.228.36, 74.125.228.40
74.125.228.41, 74.125.228.34, 74.125.228.38, 74.125.228.33, 74.125.228.37
74.125.228.39, 74.125.228.46

Pinging google.com [74.125.228.4] with 32 bytes of data:Reply from 74.125.228.4: bytes=32 time=42ms TTL=55Reply from 74.125.228.4: bytes=32 time=40ms TTL=55Ping statistics for 74.125.228.4: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 40ms, Maximum = 42ms, Average = 41msServer: indus.cmie.ernet.in
Address: 196.1.1.1

Name: yahoo.com
Addresses: 72.30.38.140, 98.138.253.109, 98.139.183.24

Pinging yahoo.com [72.30.38.140] with 32 bytes of data:Reply from 72.30.38.140: bytes=32 time=117ms TTL=56Reply from 72.30.38.140: bytes=32 time=183ms TTL=56Ping statistics for 72.30.38.140: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 117ms, Maximum = 183ms, Average = 150msServer: indus.cmie.ernet.in
Address: 196.1.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Reply from 208.43.87.2: Destination host unreachable.Reply from 208.43.87.2: Destination host unreachable.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 16 76 76 d1 81 ...... Realtek RTL8139/810x Family Fast Ethernet NIC
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 196.1.1.1 196.1.1.104 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
196.1.1.0 255.255.255.0 196.1.1.104 196.1.1.104 20
196.1.1.104 255.255.255.255 127.0.0.1 127.0.0.1 20
196.1.1.255 255.255.255.255 196.1.1.104 196.1.1.104 20
224.0.0.0 240.0.0.0 196.1.1.104 196.1.1.104 20
255.255.255.255 255.255.255.255 196.1.1.104 196.1.1.104 1
Default Gateway: 196.1.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\netware\NWWS2NDS.DLL [36947] (Novell, Inc.)
Catalog5 05 C:\Windows\system32\netware\NWWS2SAP.DLL [32851] (Novell, Inc.)
Catalog5 06 C:\Windows\system32\netware\NWWS2SLP.DLL [49235] (Novell, Inc.)
Catalog5 07 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/16/2012 09:24:40 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/16/2012 09:24:40 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 10:42:16 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 10:42:16 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 10:35:30 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (08/10/2012 10:35:30 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 10:35:30 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The connection with the server was terminated abnormally

Error: (08/10/2012 10:35:30 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 10:28:59 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (08/10/2012 10:28:58 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


System errors:
=============
Error: (08/16/2012 09:06:31 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall/Internet Connection Sharing (ICS) service hung on starting.

Error: (08/16/2012 09:04:44 PM) (Source: Service Control Manager) (User: )
Description: The SOption service failed to start due to the following error:
%%1069

Error: (08/16/2012 09:04:44 PM) (Source: Service Control Manager) (User: )
Description: The SOption service was unable to log on as .\ADMIN with the currently configured
password due to the following error:
%%1326

To ensure that the service is
configured properly, use the Services snap-in in Microsoft Management
Console (MMC).

Error: (08/16/2012 08:40:58 PM) (Source: Service Control Manager) (User: )
Description: The SOption service failed to start due to the following error:
%%1069

Error: (08/16/2012 08:40:58 PM) (Source: Service Control Manager) (User: )
Description: The SOption service was unable to log on as .\ADMIN with the currently configured
password due to the following error:
%%1326

To ensure that the service is
configured properly, use the Services snap-in in Microsoft Management
Console (MMC).

Error: (08/16/2012 07:25:52 PM) (Source: Service Control Manager) (User: )
Description: The SOption service failed to start due to the following error:
%%1069

Error: (08/16/2012 07:25:52 PM) (Source: Service Control Manager) (User: )
Description: The SOption service was unable to log on as .\ADMIN with the currently configured
password due to the following error:
%%1326

To ensure that the service is
configured properly, use the Services snap-in in Microsoft Management
Console (MMC).

Error: (08/13/2012 00:36:30 PM) (Source: Service Control Manager) (User: )
Description: The SOption service failed to start due to the following error:
%%1069

Error: (08/13/2012 00:36:30 PM) (Source: Service Control Manager) (User: )
Description: The SOption service was unable to log on as .\ADMIN with the currently configured
password due to the following error:
%%1326

To ensure that the service is
configured properly, use the Services snap-in in Microsoft Management
Console (MMC).

Error: (08/10/2012 01:26:34 PM) (Source: Service Control Manager) (User: )
Description: The SOption service failed to start due to the following error:
%%1069


Microsoft Office Sessions:
=========================
Error: (08/16/2012 09:24:40 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/16/2012 09:24:40 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 10:42:16 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 10:42:16 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 10:35:30 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (08/10/2012 10:35:30 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 10:35:30 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe connection with the server was terminated abnormally

Error: (08/10/2012 10:35:30 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/10/2012 10:28:59 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (08/10/2012 10:28:58 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

Adobe Flash Player 10 ActiveX (Version: 10.3.181.26)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Reader 7.0 (Version: 7.0.0)
ATI Display Driver (Version: 8.172-050830a1-026739C-Intel)
Avira Free Antivirus (Version: 12.0.0.1167)
Compatibility Pack for the 2007 Office system (Version: 12.0.6021.5000)
DeskTopBinder Lite
DSpro Workstation
ESET Online Scanner v3
Google Chrome (Version: 21.0.1180.79)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
Ipswitch WS_FTP Pro Uninstall
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 34 (Version: 6.0.340)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0 (Version: 2.0.50727)
Microsoft Office 2000 Professional (Version: 9.00.2720)
Microsoft Office Live Meeting 2007 (Version: 8.0.6362.187)
Microsoft Silverlight (Version: 4.0.51204.0)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
NICI (Shared) U.S./Worldwide (128 bit) (2.6.8-2)
NMAS Challenge Response Method (Version: 2.07.0001)
NMAS Client (Version: 3.2.0.16)
Novell Client for Windows
PowerDVD
Realtek High Definition Audio Driver (Version: 2.00)
Registry Mechanic 7.0 (Version: 7.0)
ScanRouter V2 Lite
TeamViewer 7 (Version: 7.0.13989)
Type2018 TWAIN Driver Ver.3
Unity Web Player (Version: 2.6.1f3_31223)
WebEx
WebFldrs XP (Version: 9.50.5318)
Windows Driver Package - Microsoft Corporation (usbvideo) Image (05/25/2007 1.0.3656.0) (Version: 05/25/2007 1.0.3656.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinZip

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 990.48 MB
Available physical RAM: 565.67 MB
Total Pagefile: 1234.3 MB
Available Pagefile: 833.53 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.03 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:37.26 GB) (Free:25.71 GB) NTFS

========================= Users: ========================================

User accounts for \\PETERS-5

Admin Administrator Guest
HelpAssistant SUPPORT_388945a0


**** End of log ****



FSS:
Farbar Service Scanner Version: 06-08-2012
Ran by Admin (administrator) on 18-08-2012 at 08:26:51
Running from "C:\Documents and Settings\Admin\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is set to Demand. The default start type is Auto.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice: "C:\WINDOWS\System32\srsvc.dll".

sr Service is not running. Checking service configuration:
The start type of sr service is set to Disabled. The default start type is Boot.
The ImagePath of sr: "\SystemRoot\System32\DRIVERS\sr.sys".


System Restore Disabled Policy:
========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=DWORD:1


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) NwlnkIpx(8) NwlnkNb(9) PSched(7) Tcpip(4)
0x09000000050000000100000002000000030000000400000006000000070000000800000009000000
IpSec Tag value is correct.

**** End of log ****



adware cleaner:

# AdwCleaner v1.801 - Logfile created 08/18/2012 at 08:29:18
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Admin - PETERS-5
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Admin\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Ask.com.tmp

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\s8ta4uf5.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.79

File : C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",
Deleted : "path": "C:\\Documents and Settings\\Admin\\Local Settings\\Application Data\\Unity\\WebPla[...]

*************************

AdwCleaner[S1].txt - [1169 octets] - [18/08/2012 08:29:18]

########## EOF - C:\AdwCleaner[S1].txt - [1297 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:10 AM

Posted 18 August 2012 - 07:54 AM

Download

Hosts fix

Run it,restart the PC,you should be able to access google now.

Let me know if you have any issues before we wrap up

#7 hotblooded

hotblooded
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 18 August 2012 - 08:15 AM

Worked like a charm. Thanks!

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:10 AM

Posted 18 August 2012 - 08:29 AM

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users