[DrkMachine]

Not sure what happened or how...but service pack 3 was installed while I was away and now the net works. so does SINO. Here is the log

System Investigator by Olrik
Log Created On: 1922_28-05-2011
SINO Version: 3.1.0.0

Total RAM: 3071 MB | Free RAM: 2398 MB | Pagefile Size: 3294 MB
C: | 39816 MB out of 78520 MB Free | Local Fixed Disk
D: | None | CD-ROM Disc
E: | None | CD-ROM Disc
F: | 428971 MB out of 476938 MB Free | Local Fixed Disk

<<<< System Information >>>>

Computer Name: RATSYS
Username: DrkRvnKnyght
Language Setting: ENU
Windows Directory: C:\WINDOWS
Windows Version: Windows XP Service Pack 3
Windows Mode: Normal

<<<< Tasklist >>>>

[System Idle Process] - Process ID: 0
[System] - Process ID: 4
[C:\WINDOWS\System32\smss.exe] - Process ID: 672
[csrss.exe] - Process ID: 736
[C:\WINDOWS\system32\winlogon.exe] - Process ID: 760
[C:\WINDOWS\system32\services.exe] - Process ID: 808
[C:\WINDOWS\system32\lsass.exe] - Process ID: 820
[C:\WINDOWS\system32\nvsvc32.exe] - Process ID: 1008
[C:\WINDOWS\system32\svchost.exe] - Process ID: 1044
[svchost.exe] - Process ID: 1092
[C:\WINDOWS\System32\svchost.exe] - Process ID: 1188
[C:\Program Files\Ahead\InCD\InCDsrv.exe] - Process ID: 1212
[C:\WINDOWS\system32\svchost.exe] - Process ID: 1312
[svchost.exe] - Process ID: 1420
[svchost.exe] - Process ID: 1536
[C:\WINDOWS\system32\spoolsv.exe] - Process ID: 1640
[C:\Program Files\Creative\Shared Files\CTAudSvc.exe] - Process ID: 1688
[svchost.exe] - Process ID: 1716
[C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe] - Process ID: 1912
[C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe] - Process ID: 1976
[C:\WINDOWS\system32\drivers\KodakCCS.exe] - Process ID: 152
[C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe] - Process ID: 196
[C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe] - Process ID: 228
[C:\WINDOWS\System32\svchost.exe] - Process ID: 304
[C:\WINDOWS\system32\Tablet.exe] - Process ID: 316
[C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe] - Process ID: 356
[C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe] - Process ID: 440
[C:\WINDOWS\system32\wuauclt.exe] - Process ID: 908
[alg.exe] - Process ID: 772
[wmiprvse.exe] - Process ID: 4060
[C:\Program Files\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe] - Process ID: 1552
[C:\WINDOWS\Explorer.EXE] - Process ID: 1828
[C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe] - Process ID: 2084
[C:\WINDOWS\system32\wscntfy.exe] - Process ID: 2216
[C:\Program Files\Microsoft IntelliType Pro\itype.exe] - Process ID: 2776
[C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe] - Process ID: 2272
[C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe] - Process ID: 2840
[C:\WINDOWS\CTHELPER.EXE] - Process ID: 2852
[C:\Program Files\Common Files\Corel\Standby\Standby.exe] - Process ID: 2920
[C:\Program Files\AMT Media Manager\AMTDeviceService.exe] - Process ID: 2940
[C:\WINDOWS\system32\CTXFIHLP.EXE] - Process ID: 2952
[C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] - Process ID: 2996
[C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe] - Process ID: 3028
[C:\WINDOWS\SYSTEM32\CTXFISPI.EXE] - Process ID: 3112
[C:\WINDOWS\system32\ctfmon.exe] - Process ID: 3128
[C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe] - Process ID: 3152
[C:\Program Files\Creative\Sound Blaster X-Fi\Entertainment Center\EAXLoadr.exe] - Process ID: 3192
[C:\Program Files\MSI\Core Center\CoreCenter.exe] - Process ID: 3248
[C:\Program Files\MSI\DigiCell\DigiCell.exe] - Process ID: 3204
[C:\WINDOWS\system32\WTablet\TabUserW.exe] - Process ID: 912
[C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe] - Process ID: 1864
[C:\DOCUME~1\DRKRVN~1\LOCALS~1\Temp\SINO\SINO.exe] - Process ID: 2416
[wmiprvse.exe] - Process ID: 2652

<<<< Startup Items >>>>

[Adobe Gamma Loader.lnk] - <Common Startup> - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[CoreCenter.lnk] - <Common Startup> - C:\Program Files\MSI\Core Center\CoreCenter.exe
[DigiCell.lnk] - <Common Startup> - C:\Program Files\MSI\DigiCell\DigiCell.exe
[DualCoreCenter.lnk] - <Common Startup> - C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
[TabUserW.exe.lnk] - <Common Startup> - C:\WINDOWS\system32\WTablet\TabUserW.exe
[NeroFilterCheck] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\WINDOWS\system32\NeroCheck.exe
[itype] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
[RTHDCPL] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - RTHDCPL.EXE
[SW24] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\WINDOWS\system32\sw24.exe
[RCSystem] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
[AudioDrvEmulator] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
[VolPanel] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
[CTHelper] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - CTHELPER.EXE
[NvCplDaemon] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[Standby] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Common Files\Corel\Standby\Standby.exe" -START
[AMTDeviceService] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\AMT Media Manager\AMTDeviceService.exe"
[CTxfiHlp] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - CTXFIHLP.EXE
[SUPERAntiSpyware] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[Corel Photo Downloader] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
[ctfmon.exe] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - C:\WINDOWS\system32\ctfmon.exe
[OpenDNS Updater] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe" /autostart

<<<< MS Services >>>>

Application Layer Gateway Service (ALG) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\System32\alg.exe
Windows Audio (AudioSrv) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Background Intelligent Transfer Service (BITS) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
CryptSvc (CryptSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
DCOM Server Process Launcher (DcomLaunch) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost -k DcomLaunch
DHCP Client (Dhcp) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Logical Disk Manager (dmserver) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
DNS Client (Dnscache) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k NetworkService
Error Reporting Service (ERSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Event Log (Eventlog) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\services.exe
COM+ Event System (EventSystem) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Help and Support (helpsvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
HID Input Service (HidServ) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
TCP/IP NetBIOS Helper (LmHosts) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k LocalService
Network Connections (Netman) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Network Location Awareness (NLA) (Nla) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Plug and Play (PlugPlay) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\services.exe
Protected Storage (ProtectedStorage) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\lsass.exe
Remote Access Connection Manager (RasMan) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Remote Procedure Call (RPC) (RpcSs) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k rpcss
Security Accounts Manager (SamSs) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\lsass.exe
Task Scheduler (Schedule) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Secondary Logon (seclogon) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
System Event Notification (SENS) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Windows Firewall/Internet Connection Sharing (ICS) (SharedAccess) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Shell Hardware Detection (ShellHWDetection) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Print Spooler (Spooler) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\spoolsv.exe
System Restore Service (srservice) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
SSDP Discovery Service (SSDPSRV) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k LocalService
Windows Image Acquisition (WIA) (stisvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k imgsvc
Telephony (TapiSrv) - Running [Manual | Stoppable | Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Terminal Services (TermService) - Running [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost -k DComLaunch
Themes (Themes) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Distributed Link Tracking Client (TrkWks) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Windows Time (W32Time) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
WebClient (WebClient) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k LocalService
Windows Management Instrumentation (winmgmt) - Running [Manual | Stoppable | Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Security Center (wscsvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Automatic Updates (wuauserv) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
Application Management (AppMgmt) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
ASP.NET State Service (aspnet_state) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
Indexing Service (cisvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\cisvc.exe
ClipBook (ClipSrv) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\clipsrv.exe
.NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
COM+ System Application (COMSysApp) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Logical Disk Manager Administrative Service (dmadmin) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\dmadmin.exe /com
Wired AutoConfig (Dot3svc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k dot3svc
Extensible Authentication Protocol Service (EapHost) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k eapsvcs
Fast User Switching Compatibility (FastUserSwitchingCompatibility) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
Health Key and Certificate Management Service (hkmsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
HTTP SSL (HTTPFilter) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k HTTPFilter
InstallDriver Table Manager (IDriverT) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
Windows CardSpace (idsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
IMAPI CD-Burning COM Service (ImapiService) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\imapi.exe
NetMeeting Remote Desktop Sharing (mnmsrvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\mnmsrvc.exe
Distributed Transaction Coordinator (MSDTC) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\msdtc.exe
Windows Installer (MSIServer) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\msiexec.exe /V
Network Access Protection Agent (napagent) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Network DDE (NetDDE) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\netdde.exe
Network DDE DSDM (NetDDEdsdm) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\netdde.exe
Net.Tcp Port Sharing Service (NetTcpPortSharing) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Removable Storage (NtmsSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
IPSEC Services (PolicyAgent) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\lsass.exe
Remote Access Auto Connection Manager (RasAuto) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Remote Desktop Help Session Manager (RDSessMgr) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\sessmgr.exe
Routing and Remote Access (RemoteAccess) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Remote Registry (RemoteRegistry) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k LocalService
QoS RSVP (RSVP) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\rsvp.exe
Smart Card (SCardSvr) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\SCardSvr.exe
MS Software Shadow Copy Provider (SwPrv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\dllhost.exe /Processid:{F5477C7D-30F7-4750-8EF3-AD6CA732C548}
Performance Logs and Alerts (SysmonLog) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\smlogsvc.exe
Telnet (TlntSvr) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\tlntsvr.exe
Universal Plug and Play Device Host (upnphost) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k LocalService
Uninterruptible Power Supply (UPS) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\ups.exe
Volume Shadow Copy (VSS) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\vssvc.exe
Portable Media Serial Number Service (WmdmPmSN) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Windows Management Instrumentation Driver Extensions (Wmi) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
WMI Performance Adapter (WmiApSrv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\wbem\wmiapsrv.exe
Wireless Zero Configuration (WZCSVC) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Network Provisioning Service (xmlprov) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs

<<<< Non-MS Services >>>>

Adobe Active File Monitor (AdobeActiveFileMonitor) - Running [Auto | Stoppable | Pausable] - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
Creative Audio Service (CTAudSvcService) - Running [Auto | Stoppable | Not_Pausable] - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
InCD Helper (InCDsrv) - Running [Auto | Stoppable | Not_Pausable] - C:\Program Files\Ahead\InCD\InCDsrv.exe
iolo FileInfoList Service (ioloFileInfoList) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe"
iolo System Service (ioloSystemService) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe"
Kodak Camera Connection Software (KodakCCS) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\drivers\KodakCCS.exe
NVIDIA Display Driver Service (NVSvc) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\system32\nvsvc32.exe
Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Running [Auto | Stoppable | Not_Pausable] - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
Protexis Licensing V2 (PSI_SVC_2) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
TabletService (TabletService) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\Tablet.exe
vseamps (vseamps) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe"
vsedsps (vsedsps) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe"
Creative Audio Engine Licensing Service (Creative Audio Engine Licensing Service) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe"
Creative Service for CDROM Access (Creative Service for CDROM Access) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\CTsvcCDA.EXE
InCD Helper (read only) (InCDsrvR) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\Program Files\Ahead\InCD\InCDsrv.exe -r
Infrared Monitor (Irmon) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Java Quick Starter (JavaQuickStarterService) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
Messenger Sharing USN Journal Reader service (usnsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k usnsvc
vseqrts (vseqrts) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe"

<<<< Boot.ini >>>>

[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn /usepmtimer

<<<< Last 5 Application Errors or Warnings >>>>

Computer Name: RATSYS | ID: 5603 | Source: WinMgmt | Type: Warning | Date: 28-5-11 19:19:52 | Log: Application
Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.


Computer Name: RATSYS | ID: 5603 | Source: WinMgmt | Type: Warning | Date: 28-5-11 19:19:52 | Log: Application
Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.


Computer Name: RATSYS | ID: 63 | Source: WinMgmt | Type: Warning | Date: 28-5-11 18:44:26 | Log: Application
Message: A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.


Computer Name: RATSYS | ID: 8 | Source: crypt32 | Type: Error | Date: 28-5-11 15:54:34 | Log: Application
Message: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....authrootseq.txt> with error: The server name or address could not be resolved




Computer Name: RATSYS | ID: 8 | Source: crypt32 | Type: Error | Date: 28-5-11 15:53:6 | Log: Application
Message: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....authrootseq.txt> with error: The server name or address could not be resolved




<<<< Last 5 System Errors or Warnings >>>>

Computer Name: RATSYS | ID: 20 | Source: Print | Type: Warning | Date: 28-5-11 19:20:21 | Log: System
Message: Printer Driver Microsoft XPS Document Writer for Windows NT x86 Version-3 was added or updated. Files:- (null).


Computer Name: RATSYS | ID: 7026 | Source: Service Control Manager | Type: Error | Date: 28-5-11 19:19:36 | Log: System
Message: The following boot-start or system-start driver(s) failed to load:

i8042prt


Computer Name: RATSYS | ID: 29 | Source: W32Time | Type: Error | Date: 28-5-11 19:7:4 | Log: System
Message: The time provider NtpClient is configured to acquire time from one or more

time sources, however none of the sources are currently accessible.

No attempt to contact a source will be made for 59 minutes.

NtpClient has no source of accurate time.


Computer Name: RATSYS | ID: 17 | Source: W32Time | Type: Error | Date: 28-5-11 19:7:4 | Log: System
Message: Time Provider NtpClient: An error occurred during DNS lookup of the manually

configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 60

minutes.

The error was: A socket operation was attempted to an unreachable host. (0x80072751)


Computer Name: RATSYS | ID: 29 | Source: W32Time | Type: Error | Date: 28-5-11 18:37:4 | Log: System
Message: The time provider NtpClient is configured to acquire time from one or more

time sources, however none of the sources are currently accessible.

No attempt to contact a source will be made for 29 minutes.

NtpClient has no source of accurate time.


<<<< Special Events >>>>

There were no special events found

<<<< Ipconfig >>>>

Windows IP Configuration

Host Name . . . . . . . . . . . . : ratsys
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 10:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller #4
Physical Address. . . . . . . . . : 00-19-DB-5F-78-CD
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.102
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 24.220.0.10
24.220.0.11
192.168.1.1
Lease Obtained. . . . . . . . . . : Saturday, May 28, 2011 7:19:14 PM
Lease Expires . . . . . . . . . . : Sunday, May 29, 2011 7:19:14 PM


<<<< Pinging >>>>

OpenDNS Domain Test
Pinging to www.opendns.com [208.69.38.150]:
Response - 78ms
Response - 62ms
Response - 62ms
Response - 62msPackets: Sent = 4, Received = 4, Lost = 0
Minimum = 62ms - Maximum = 78ms

OpenDNS IP Test
Pinging to 208.69.38.150 [208.69.38.150]:
Response - 62ms
Response - 62ms
Response - 62ms
Response - 62msPackets: Sent = 4, Received = 4, Lost = 0
Minimum = 62ms - Maximum = 62ms

Kaspersky Domain Test
Pinging to www.kaspersky.com [38.117.98.208]:
Response - 62ms
Response - 62ms
Response - 62ms
Response - 62msPackets: Sent = 4, Received = 4, Lost = 0
Minimum = 62ms - Maximum = 62ms

Kaspersky IP Test
Pinging to 195.27.181.10 [195.27.181.10]:
Response - 141ms
Response - 141ms
Response - 140ms
Response - 140msPackets: Sent = 4, Received = 4, Lost = 0
Minimum = 140ms - Maximum = 141ms

YouTube Domain Test
Pinging to www.youtube.com [74.125.225.12]:
Response - 62ms
Response - 46ms
Response - 47ms
Response - 77msPackets: Sent = 4, Received = 4, Lost = 0
Minimum = 46ms - Maximum = 77ms

YouTube IP Test
Pinging to 66.102.9.136 [66.102.9.136]:
Response - None
Response - None
Response - None
Response - NonePackets: Sent = 4, Received = 0, Lost = 4
Minimum = 0ms - Maximum = 0ms

localhost Test
Pinging to 127.0.0.1 [127.0.0.1]:
Response - 0ms
Response - 0ms
Response - 0ms
Response - 0msPackets: Sent = 4, Received = 4, Lost = 0
Minimum = 0ms - Maximum = 0ms


<<<< Netstat >>>>

Active Connections

Proto Local Address Foreign Address State PID
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 1092
c:\windows\system32\WS2_32.dll
C:\WINDOWS\system32\RPCRT4.dll
c:\windows\system32\rpcss.dll
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ADVAPI32.dll
[svchost.exe]

TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
[System]

TCP 127.0.0.1:1027 0.0.0.0:0 LISTENING 772
[alg.exe]

TCP 127.0.0.1:7025 0.0.0.0:0 LISTENING 1976
[ioloServiceManager.exe]

TCP 127.0.0.1:7110 0.0.0.0:0 LISTENING 1976
[ioloServiceManager.exe]

TCP 127.0.0.1:10636 0.0.0.0:0 LISTENING 2084
[dsmonitor.exe]

TCP 192.168.1.102:139 0.0.0.0:0 LISTENING 4
[System]

TCP 192.168.1.102:1081 70.37.130.35:80 TIME_WAIT 0
TCP 192.168.1.102:1112 69.163.234.194:80 TIME_WAIT 0
UDP 0.0.0.0:445 *:* 4
[System]

UDP 127.0.0.1:123 *:* 1188
c:\windows\system32\WS2_32.dll
c:\windows\system32\w32time.dll
ntdll.dll
C:\WINDOWS\system32\kernel32.dll
[svchost.exe]

UDP 127.0.0.1:1900 *:* 1536
c:\windows\system32\WS2_32.dll
c:\windows\system32\ssdpsrv.dll
C:\WINDOWS\system32\ADVAPI32.dll
C:\WINDOWS\system32\kernel32.dll
[svchost.exe]

UDP 192.168.1.102:137 *:* 4
[System]

UDP 192.168.1.102:1900 *:* 1536
c:\windows\system32\WS2_32.dll
c:\windows\system32\ssdpsrv.dll
C:\WINDOWS\system32\ADVAPI32.dll
C:\WINDOWS\system32\kernel32.dll
[svchost.exe]

UDP 192.168.1.102:138 *:* 4
[System]

UDP 192.168.1.102:123 *:* 1188
c:\windows\system32\WS2_32.dll
c:\windows\system32\w32time.dll
ntdll.dll
C:\WINDOWS\system32\kernel32.dll
[svchost.exe]


<<<< Routing Table >>>>

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 19 db 5f 78 cd ...... NVIDIA nForce Networking Controller #4 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.102 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.102 192.168.1.102 20
192.168.1.102 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.102 192.168.1.102 20
224.0.0.0 240.0.0.0 192.168.1.102 192.168.1.102 20
255.255.255.255 255.255.255.255 192.168.1.102 192.168.1.102 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None

Route Table

<<<< Hosts File >>>>

The HOSTS file is 736 Bytes in size.

There were 0 lines which refer to an external IP address.

<<<< Active Shares >>>>



------ End of File ------

[Advertisements]

Message: Time Provider NtpClient: An error occurred during DNS lookup

Looks like the SP3 update fixed this problem for you

What problems are outstanding ?

[Essexboy]

Message: Time Provider NtpClient: An error occurred during DNS lookup

Looks like the SP3 update fixed this problem for you

What problems are outstanding ?

[DrkMachine]

everything seems to be working pretty good.

[Essexboy]

Subject to no further problems

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :Commands
  [resethosts]
  [purity]
  [emptytemp]
  [EMPTYFLASH]
  [CLEARALLRESTOREPOINTS]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /Uninstall

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that

• Click Start.
• Open My Computer.
• Select the Tools menu and click Folder Options.
• Select the View Tab.
• Under the Hidden files and folders heading select Do not show hidden files and folders.
• Click Yes to confirm.
• Click OK.

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:

• Go to this site and click Do I have Java
• It will check your current version and then offer to update to the latest version

SPRING CLEAN

Download and run Puran Disc Defragmenter
For the first run I would recommend a boot defrag and disk check




Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit

• Microsoft Windows Update

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe

[DrkMachine]

Wonderfull! Thank you so much for your assistance. One more question if you would. Should I wait until the 24 hour run has elapsed before submitting my application to GeekU?

[Essexboy]

If you are happy now I will then close this and you can apply - See you when you get to my part - darn lost the evil smiley

[DrkMachine]

well to be on the safe side, and make sure my friends system is 100% I think it would be wise to wait the 24 hours out, just in case. lol. Thank you again for your assistance. And when I get there I'll see you in class...

[Essexboy]

Good luck

[DrkMachine]

All is good. Thank you again.

[Essexboy]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.