Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

only some sites blocked - please help [Solved]


  • This topic is locked This topic is locked

#16
wmpendle

wmpendle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
You asked how is it running - very very slow.

For the TDSSKiller_Quarantine folder there is not a log in there but several folders with more folders in them. I can't describe it very well so I took another screen shot.

Attached Thumbnails

  • View of TDSSKiller_Quarantine.jpg

  • 0

Advertisements


#17
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Are you still experiencing the redirects or have they gone away after the OTL fix?

I am searching for the most effective way to restore the files that were quarantined and deleted. I will be back to you shortly.
  • 0

#18
wmpendle

wmpendle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
The sites are still blocked.
  • 0

#19
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hello wmpendle,

Let's reset the TCP/IP connection.


Step-1.

Reset/Renew TCP/IP Connection

  • Open an elevated command prompt. To do that:
    • Click the Start OrbPosted Image
    • In the Start Search box type cmd.exe. A program named cmd.exe will be listed at the top of the menu list under Programs
    • Right click on cmd.exe and click Run as Administrator. A black command window will open up.
  • At the blinking cursor type the following commands, pressing the Enter key after each command typed:
    • ipconfig /release
  • Back at the blinking cursor tpye the following command, and press the Enter key.
    • ipconfig /renew
  • Back at the blinking cursor type Exit and press the Enter key. This will close the command window.
  • Reboot the computer


Step-2.

Please download MiniToolBox, save it to your desktop and run it.

  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Report FF Proxy Settings
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Devices
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


Step-3.

Things For Your Next Post:
1. Are the sites still blocked?
2. The Results.txt log
  • 0

#20
wmpendle

wmpendle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Sites are still blocked.

Here is the toolbox log:

MiniToolBox by Farbar Version: 25-06-2012
Ran by Wendi (administrator) on 14-07-2012 at 12:04:40
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0
========================= IP Configuration: ================================

Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller = Local Area Connection (Connected)
Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Wendi-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mshome.net

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection
Physical Address. . . . . . . . . : 00-19-D2-B8-B1-B8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : mshome.net
Description . . . . . . . . . . . : Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-A0-D1-73-3B-0F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::fc07:ae15:666b:e09%8(Preferred)
IPv4 Address. . . . . . . . . . . : 10.100.2.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, July 14, 2012 11:59:40 AM
Lease Expires . . . . . . . . . . : Saturday, July 14, 2012 12:59:39 PM
Default Gateway . . . . . . . . . : 10.100.2.1
DHCP Server . . . . . . . . . . . : 10.100.2.1
DHCPv6 IAID . . . . . . . . . . . : 201367761
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0D-A2-79-A6-00-A0-D1-73-3B-0F
DNS Servers . . . . . . . . . . . : fe80::fc07:ae15:666b:e09%8
10.100.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Connection-specific DNS Suffix Search List :
mshome.net

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : mshome.net
Description . . . . . . . . . . . : isatap.{5CF63800-A8B9-4061-BFD6-E01C4FF176F2}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{EBA294B6-1341-4F2E-94B5-117DF86E04D7}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wendi-PC.mshome.net
Address: fe80::fc07:ae15:666b:e09

Name: google.com
Addresses: 2001:4860:8005::71
173.194.33.17



Pinging google.com [173.194.33.17] with 32 bytes of data:

Reply from 173.194.33.17: bytes=32 time=65ms TTL=51

Reply from 173.194.33.17: bytes=32 time=63ms TTL=51



Ping statistics for 173.194.33.17:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 63ms, Maximum = 65ms, Average = 64ms

Server: Wendi-PC.mshome.net
Address: fe80::fc07:ae15:666b:e09

Name: yahoo.com
Address: 209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=84ms TTL=56

Reply from 209.191.122.70: bytes=32 time=84ms TTL=56



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 84ms, Maximum = 84ms, Average = 84ms

Server: Wendi-PC.mshome.net
Address: fe80::fc07:ae15:666b:e09

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
9 ...00 19 d2 b8 b1 b8 ...... Intel® PRO/Wireless 3945ABG Network Connection
8 ...00 a0 d1 73 3b 0f ...... Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
14 ...00 00 00 00 00 00 00 e0 isatap.{5CF63800-A8B9-4061-BFD6-E01C4FF176F2}
15 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
13 ...00 00 00 00 00 00 00 e0 isatap.{EBA294B6-1341-4F2E-94B5-117DF86E04D7}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.100.2.1 10.100.2.3 20
10.100.2.0 255.255.255.0 On-link 10.100.2.3 276
10.100.2.3 255.255.255.255 On-link 10.100.2.3 276
10.100.2.255 255.255.255.255 On-link 10.100.2.3 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.100.2.3 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.100.2.3 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
8 276 fe80::/64 On-link
8 276 fe80::fc07:ae15:666b:e09/128
On-link
1 306 ff00::/8 On-link
8 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/11/2012 08:54:20 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Access is denied.

Error: (07/11/2012 08:54:17 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Access is denied.

Error: (07/11/2012 07:24:02 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\F\75> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/11/2012 07:24:02 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\F\75> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/11/2012 07:24:00 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\E\8B> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/11/2012 07:24:00 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\E\8B> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/11/2012 07:24:00 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\E\05> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/11/2012 07:24:00 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\E\05> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/11/2012 07:23:59 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\9\30> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/11/2012 07:23:59 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\9\30> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (07/14/2012 00:00:58 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/14/2012 00:00:58 PM) (Source: Service Control Manager) (User: )
Description: WLAN AutoConfig%%2148270086

Error: (07/14/2012 11:59:58 AM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 10.100.2.3, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.

Error: (07/14/2012 11:59:58 AM) (Source: ipnathlp) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.

Error: (07/14/2012 11:59:40 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: 2148270086

Error: (07/14/2012 11:52:57 AM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Error: (07/14/2012 11:52:54 AM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 10.100.2.3, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.

Error: (07/14/2012 11:52:43 AM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 169.254.14.9, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.

Error: (07/14/2012 11:46:02 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/14/2012 11:46:02 AM) (Source: Service Control Manager) (User: )
Description: WLAN AutoConfig%%2148270086


Microsoft Office Sessions:
=========================
Error: (07/11/2012 08:54:20 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Access is denied.

Error: (07/11/2012 08:54:17 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Access is denied.

Error: (07/11/2012 07:24:02 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\F\75

Error: (07/11/2012 07:24:02 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\F\75

Error: (07/11/2012 07:24:00 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\E\8B

Error: (07/11/2012 07:24:00 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\E\8B

Error: (07/11/2012 07:24:00 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\E\05

Error: (07/11/2012 07:24:00 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\E\05

Error: (07/11/2012 07:23:59 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\9\30

Error: (07/11/2012 07:23:59 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\WENDI\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\YDVM5I2G.DEFAULT\CACHE\9\30


========================= Devices: ================================

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: isatap.{5CF63800-A8B9-4061-BFD6-E01C4FF176F2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: isatap.{EBA294B6-1341-4F2E-94B5-117DF86E04D7}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp

Name: ACPI x86-based PC
Description: ACPI x86-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI

Name: Direct Application Launch Button
Description: Direct Application Launch Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Direct Application Launch Button
Description: Direct Application Launch Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: TOSHIBA x86 ACPI-Compliant Value Added Logical and General Purpose Device
Description: TOSHIBA x86 ACPI-Compliant Value Added Logical and General Purpose Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: TOSHIBA
Service: TVALZ

Name: TOSHIBA Firmware Linkage Driver
Description: TOSHIBA Firmware Linkage Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: TOSHIBA
Service: FwLnk

Name: Intel® Core™ Duo CPU T2450 @ 2.00GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Intel® Core™ Duo CPU T2450 @ 2.00GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Mobile Intel® 945GM/PM/GMS/940GML and Intel® 945GT Express Processor to DRAM Controller - 27A0
Description: Mobile Intel® 945GM/PM/GMS/940GML and Intel® 945GT Express Processor to DRAM Controller - 27A0
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Mobile Intel® 945 Express Chipset Family
Description: Mobile Intel® 945 Express Chipset Family
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx

Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor

Name: ViewSonic VA2226w
Description: ViewSonic VA2226w
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: ViewSonic Corporation
Service: monitor

Name: Mobile Intel® 945 Express Chipset Family
Description: Mobile Intel® 945 Express Chipset Family
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService

Name: TOSHIBA Software Modem
Description: TOSHIBA Software Modem
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Agere
Service: Modem

Name: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D0
Description: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D0
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
Description: Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Marvell
Service: yukonwlh

Name: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D2
Description: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D2
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Intel® PRO/Wireless 3945ABG Network Connection
Description: Intel® PRO/Wireless 3945ABG Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETw5v32

Name: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D4
Description: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D4
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C8
Description: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C8
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C9
Description: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C9
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: HID Keyboard Device
Description: HID Keyboard Device
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: kbdhid

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:

Name: HID-compliant device
Description: HID-compliant device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service:

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CA
Description: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CA
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: TouchChip Fingerprint Coprocessor
Description: TouchChip Fingerprint Coprocessor
Class Guid: {53d29ef7-377c-4d14-864b-eb3a85769359}
Manufacturer: UPEK
Service: TcUsb

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CB
Description: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CB
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® 82801G (ICH7 Family) USB2 Enhanced Host Controller - 27CC
Description: Intel® 82801G (ICH7 Family) USB2 Enhanced Host Controller - 27CC
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: Chicony USB 2.0 Camera
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo

Name: Intel® 82801 PCI Bridge - 2448
Description: Intel® 82801 PCI Bridge - 2448
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Texas Instruments PCI-8x12/7x12/6x12 CardBus Controller
Description: Texas Instruments PCI-8x12/7x12/6x12 CardBus Controller
Class Guid: {4d36e977-e325-11ce-bfc1-08002be10318}
Manufacturer: Texas Instruments
Service: pci

Name: Texas Instruments OHCI Compliant IEEE 1394 Host Controller
Description: Texas Instruments OHCI Compliant IEEE 1394 Host Controller
Class Guid: {6bdd1fc1-810f-11d0-bec7-08002be2092f}
Manufacturer: Texas Instruments
Service: ohci1394

Name: Mass Storage Controller
Description: Mass Storage Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SDA Standard Compliant SD Host Controller
Description: SDA Standard Compliant SD Host Controller
Class Guid: {a0a588a4-c46f-4b37-b7ea-c82fe89870c6}
Manufacturer: SDA Standard Compliant SD Host Controller Vendor
Service: sdbus

Name: Intel® 82801GBM (ICH7-M) LPC Interface Controller - 27B9
Description: Intel® 82801GBM (ICH7-M) LPC Interface Controller - 27B9
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt

Name: Intel® 82801GBM/GHM (ICH7-M Family) Serial ATA Storage Controller - 27C4
Description: Intel® 82801GBM/GHM (ICH7-M Family) Serial ATA Storage Controller - 27C4
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: intelide

Name: IDE Channel
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Hitachi HTS541612J9SA00 ATA Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: IDE Channel
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: MATSHITA DVD-RAM UJ-850S ATA Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: Intel® 82801G (ICH7 Family) SMBus Controller - 27DA
Description: Intel® 82801G (ICH7 Family) SMBus Controller - 27DA
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Compbatt

Name: Microsoft iSCSI Initiator
Description: Microsoft iSCSI Initiator
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: iScsiPrt

Name: Ancilliary Function Driver for Winsock
Description: Ancilliary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: BHDrvx86
Description: BHDrvx86
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BHDrvx86

Name: Norton Internet Security Settings Manager
Description: Norton Internet Security Settings Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ccSet_NIS

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS

Name: Crcdisk Filter Driver
Description: Crcdisk Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: crcdisk

Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DXGKrnl

Name: Symantec Eraser Control driver
Description: Symantec Eraser Control driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: eeCtrl

Name: EraserUtilRebootDrv
Description: EraserUtilRebootDrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: EraserUtilRebootDrv

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: IDSVix86
Description: IDSVix86
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IDSVix86

Name: IO_Memory
Description: IO_Memory
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IO_Memory

Name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpFilterDriver

Name: IP Network Address Translator
Description: IP Network Address Translator
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IPNAT

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MountMgr

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv

Name: ISA/EISA Class Driver
Description: ISA/EISA Class Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv

Name: NativeWiFi Filter
Description: NativeWiFi Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NativeWifiP

Name: NAVENG
Description: NAVENG
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NAVENG

Name: NAVEX15
Description: NAVEX15
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NAVEX15

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: netbt

Name: NSI proxy service
Description: NSI proxy service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PSched

Name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RasAcd

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD

Name: RDP Winstation Driver
Description: RDP Winstation Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPWD

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv

Name: Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
Description: Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Smb

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr

Name: Symantec Real Time Storage Protection (PEL)
Description: Symantec Real Time Storage Protection (PEL)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SRTSPX

Name: Symantec Data Store
Description: Symantec Data Store
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SymDS

Name: SymEvent
Description: SymEvent
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SymEvent

Name: Symantec Iron Driver
Description: Symantec Iron Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SymIRON

Name: Symantec Vista Network Dispatch Driver
Description: Symantec Vista Network Dispatch Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SYMTDIv

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg

Name: TDTCP
Description: TDTCP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: TDTCP

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx

Name: Terminal Services Security Filter Driver
Description: Terminal Services Security Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tssecsrv

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:


**** End of log ****
  • 0

#21
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hi Wendi,

Did the problem with sites being blocked begin before you ran TDSSKiller or after you ran TDSSKiller?


Step-1.

I want to see the DNS settings on the Eathernet adapter.

  • Right click the internet icon in the system tray and click Network and Sharing Center.
  • On the windows that opens up, in the left hand column under Tasks, click Manage Network Connections. A Network Connections window will open up.
  • Right click on the Local Area Connection and click Properties. Click OK on the UAC warning window.
  • Under the This connection uses the following items: section click the Internet Protocol Version 4(ICP/IPv4) line to highlight it and click the Properties button.
  • Click the General tab at the top of the window.
  • Take a screen shot of the window and post it in your next reply.
  • Click the Cancel button at the bottom of the Internet Protocol Version window to close it.
  • Click the Cancel button at the bottom of the Local Area Connection Properties window to close it.
  • Close out the Network Connections window and the Network Sharing Center window.
Post the screen shot in your next reply.

Let's get a look at the files in the TDSSKiller_Quarintine folder.


Step-2.

Get information on TDSSKiller Quarantine:

Download this simple little tool 'TDDS Qlook' to your desktop.

Firefox users will need to right click the link and click Save Target As..

  • Double click the TDSSQlook.exe file to run it. (Windows Vista /7 users will need to click Allow on the UAC window.)
  • TDSSQlook will open and you will see three options.
    • Type A and press the Enter key.
  • A log will be produced named TDSSQ.txt
  • Copy and paste the contents into your next post.


Step-3.

Things For Your Next Post:
1, The screen shot
2. The TDSSQ.txt log
3. Answer my question above.

Edited by godawgs, 14 July 2012 - 04:40 PM.

  • 0

#22
wmpendle

wmpendle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
The problem with sites being blocked began before I ran TDSSKiller. I thought it was some sort of virus or malware and thought TDSSKiller might stop it.

I will need to do the rest of your instructions tonight, info/log to follow later.

Edited by wmpendle, 14 July 2012 - 05:50 PM.

  • 0

#23
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
:thumbsup:
  • 0

#24
wmpendle

wmpendle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Screen shot you asked for

Attached Thumbnails

  • TCP IPv4.jpg

  • 0

#25
wmpendle

wmpendle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Log

TDSSKiller Quarantine Information log
TDSS Qlook Version 1.0.0.5 - Wendi - Sat 07/14/2012 - 21:56:59.98.
Windows Vista ™ Home Premium 6.0.6002 Service Pack 2 Scripts=disabled
***** START SCAN Sat 07/14/2012 21:57:01.25 *****

---------- TDSSKiller logs ----------

TDSSKiller.2.7.34.0_05.07.2012_22.19.18_log.txt
TDSSKiller.2.7.44.0_05.07.2012_22.20.22_log.txt
TDSSKiller.2.7.44.0_07.07.2012_15.05.53_log.txt

---------- TDSSStarter logs ----------


---------- DIR LIST ----------

C:\TDSSKiller_Quarantine\07.07.2012_15.05.54
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0006
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0005
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0004
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0003
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0002
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0001
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0000
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0000\object.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0000\svc0000
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0000\svc0000\object.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0000\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0000\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0001\object.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0001\svc0000
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0001\svc0000\object.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0001\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0001\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0002\object.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0002\svc0000
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0002\svc0000\object.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0002\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0002\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0003\object.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0003\svc0000
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0003\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0003\svc0000\object.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0003\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0004\object.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0004\svc0000
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0004\svc0000\object.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0004\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0004\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0005\object.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0005\svc0000
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0005\svc0000\object.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0005\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0005\svc0000\tsk0000.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0006\object.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0006\svc0000
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0006\svc0000\tsk0000.dta
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0006\svc0000\object.ini
C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0006\svc0000\tsk0000.ini

---------- INI FILES ----------

=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0000\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0000\svc0000\object.ini

[InfectedObject]
Type: Service
Name: CFSvcs
Type: n/a (0x10)
Start: Auto (0x2)
ImagePath: C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0000\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
md5: c82162949bba6cc5d006c7bd008f3cf1


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0001\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0001\svc0000\object.ini

[InfectedObject]
Type: Service
Name: KR10I
Type: Kernel driver (0x1)
Start: Disabled (0x4)
ImagePath: \SystemRoot\system32\drivers\kr10i.sys


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0001\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Windows\system32\drivers\kr10i.sys
md5: 1e0d65f7ffeb4e99b2eec1ccb5754cc8


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0002\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0002\svc0000\object.ini

[InfectedObject]
Type: Service
Name: KR10N
Type: Kernel driver (0x1)
Start: Disabled (0x4)
ImagePath: \SystemRoot\system32\drivers\kr10n.sys


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0002\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Windows\system32\drivers\kr10n.sys
md5: a1963360e74931222a67356c8ad48378


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0003\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0003\svc0000\object.ini

[InfectedObject]
Type: Service
Name: KR3NPXP
Type: Kernel driver (0x1)
Start: Disabled (0x4)
ImagePath: \SystemRoot\system32\drivers\kr3npxp.sys


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0003\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Windows\system32\drivers\kr3npxp.sys
md5: 485e005cd51ff502fb16483eb4b69c17


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0004\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0004\svc0000\object.ini

[InfectedObject]
Type: Service
Name: tifm21
Type: Kernel driver (0x1)
Start: Demand (0x3)
ImagePath: system32\drivers\tifm21.sys


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0004\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Windows\system32\drivers\tifm21.sys
md5: e4c85c291ddb3dc5e4a2f227ca465ba6


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0005\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0005\svc0000\object.ini

[InfectedObject]
Type: Service
Name: TODDSrv
Type: n/a (0x10)
Start: Auto (0x2)
ImagePath: C:\Windows\system32\TODDSrv.exe


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0005\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Windows\system32\TODDSrv.exe
md5: d540858e65bfa6fded41ad2495ece344


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0006\object.ini

[InfectedObject]
Verdict: UnsignedFile.Multi.Generic


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0006\svc0000\object.ini

[InfectedObject]
Type: Service
Name: TOSHIBA Bluetooth Service
Type: n/a (0x10)
Start: Disabled (0x4)
ImagePath: C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe


=== C:\TDSSKiller_Quarantine\07.07.2012_15.05.54\susp0006\svc0000\tsk0000.ini

[InfectedFile]
Type: Raw image
Src: C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
md5: 5480abfc2c6b19972d2871f576ebcaa3


***** END SCAN Sat 07/14/2012 21:57:01.63 *****
  • 0

Advertisements


#26
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hi wmpendle,

It looks like the internet connection problem is being caused by this:

Windows IP Configuration

Host Name . . . . . . . . . . . . : Wendi-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mshome.net


Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection
Physical Address. . . . . . . . . : 00-19-D2-B8-B1-B8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes



Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : mshome.net
Description . . . . . . . . . . . : Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-A0-D1-73-3B-0F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::fc07:ae15:666b:e09%8(Preferred)
IPv4 Address. . . . . . . . . . . : 10.100.2.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, July 14, 2012 11:59:40 AM
Lease Expires . . . . . . . . . . : Saturday, July 14, 2012 12:59:39 PM
Default Gateway . . . . . . . . . : 10.100.2.1
DHCP Server . . . . . . . . . . . : 10.100.2.1
DHCPv6 IAID . . . . . . . . . . . : 201367761
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0D-A2-79-A6-00-A0-D1-73-3B-0F
DNS Servers . . . . . . . . . . . : fe80::fc07:ae15:666b:e09%8
10.100.2.1

NetBIOS over Tcpip. . . . . . . . : Enabled
Connection-specific DNS Suffix Search List :
mshome.net



The DNS Servers... line indicates that computer is set up as a DNS server or a DHCP server and a router address is used for the DNS resolver 10.100.2.1. That is strange for a home computer.

From the scan it looks like the Wireless adapter is not connected, hence the Media Disconnected entry. The Eathernet adapter is connected.

1. Is this a desktop or laptop computer?
2. Do you have a router installed? If so, what make and model?
3. Are you aware that the computer is set up as a DHCP server or a DNS server?

Let's see if we can get the files that were quarantined and deleted by TDSSKiller restored and we'll take it from there.


Step-1.

Restore the Quarintined TDSSKiller files

  • Please download the attached file (tdssunq.txt) to your desktop.
  • Run TDSSQlook.exe again.
  • Type B and press the Enter key. A notepad window will open.
  • Click file > open and open the tdssunq.txt file.
  • Click file > save and close the window.
    Your files should now be returned to their correct location.
  • Type Q and press the Enter key to close the program
  • Reboot the computer.
If you have any problems with this, STOP here and tell me


Now we're gonna run TDSSKiller again and see if the files are back.


Step-2.

Posted Image TDSSKiller

Please read carefully and follow these steps.
Do Not allow anything to be Cured or Deleted

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    Posted Image
  • Click the Start Scan button.
    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Change Cure to Skip, then click Continue
    Posted Image
  • Note: Make sure everything is set to Skip. Do not choose Delete or CURE.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.



Next we're gonna run the system file checker to see if any other system files need to be replaced.
The screen shots are from a Windows 7 system, but the directions are the same for Vista.


Step-3.

Delete Old SFC Log

  • Open an elevated command prompt. To do that:
    • Click Start, click on All Programs and Accessories, then right click on Command Prompt and click on Run as administrator. (See screenshot below)

    Posted Image
  • Type the following and press ENTER after each line:
    cd  \windows\Logs\cbs
    
    copy  cbs.log  cbs.old
    
    del  cbs.log
    

Now run System File Checker


Run System File Checker

  • Open an elevated command prompt. To do that:
  • Click Start, click All programs and Accessories
  • Right click Command Prompt and select Run as Administrator. (See the screen shot below)

    Posted Image
  • In the black box that opens type or copy and paste the following command and press Enter:

    sfc /scannow

    Posted Image

    The sfc /scannow command scans all protected system files and replaces incorrect versions with correct Microsoft versions.
  • Write down the results of the scan so you can post them in your next reply.<--Very Improtant
  • Type exit and press the ENTER key to close the command window.


Step-4.

Things For Your Next Post:
1. Answer my questions above.
2. The TDSSKiller log
3. The results of the System File Checker run
4. Are the sites still blocked?

Edited by godawgs, 15 July 2012 - 08:12 PM.

  • 0

#27
wmpendle

wmpendle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
1. Is this a desktop or laptop computer? It is a laptop that got a busted screen. So it is not very portable anymore, what I did was buy a monitor and connect the monitor to the laptop. I use it as a desktop in that it stays in one place, but it is actually a laptop.

2. Do you have a router installed? If so, what make and model? There is a router, but it is not a wireless router. I will get make & model for you tonight.

3. Are you aware that the computer is set up as a DHCP server or a DNS server? I have no idea what the difference is but it should not be a server at all :(

I will go through these steps tonight.

Edited by wmpendle, 16 July 2012 - 01:25 PM.

  • 0

#28
wmpendle

wmpendle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
The router is Linksys SPA2102-AN.

I started the first step of replacing or bringing back the files and got a warning. Took a screen shot, just in case... I am going to continue on.

Attached Thumbnails

  • Qlook warning.jpg

  • 0

#29
wmpendle

wmpendle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
I rebooted and went to see what's next and I saw this line

If you have any problems with this, STOP here and tell me


so I stopped, just in case that warning I saw was a problem. Once you see this, just let me know if its ok to keep going.
  • 0

#30
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Just stop please. I'm investigating the screen shot. I'll be back to you.

Do you have more than one computer on the router?

Edited by godawgs, 17 July 2012 - 12:41 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP