Inactive [InActive] Limited or No Connectivity -DDS logs

As requested by Arie


DDS (Ver_09-01-19.01) - NTFSx86
Run by Administrator at 21:47:06.45 on 30/01/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.1023.792 [GMT 0:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

mWinlogon: SfcDisable=-99 (0xffffff9d)
mRun: [C-Media Speaker Configuration] c:\progra~1\c-media\win_me\Setup.exe /SPEAKER
mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
mRun: [vptray] c:\program files\navnt\vptray.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-explorer: NoResolveTrack = 1 (0x1)
dPolicies-explorer: NoResolveTrack = 1 (0x1)
Notify: NavLogon - c:\windows\system32\NavLogon.dll

============= SERVICES / DRIVERS ===============

R4 NAVAPEL;NAVAPEL;c:\program files\navnt\Navapel.sys [2001-9-24 9232]
R4 Norton AntiVirus Server;Norton AntiVirus Client;c:\program files\navnt\rtvscan.exe [2001-9-24 454656]
S3 slnt;RTL8139D PCI Fast Ethernet Adapter;c:\windows\system32\drivers\slnt.sys [2009-1-25 18004]

=============== Created Last 30 ================

2009-01-25 11:59 <DIR> --d----- c:\program files\ACW
2009-01-25 09:53 18,004 a----r-- c:\windows\system32\drivers\slnt.sys
2009-01-24 15:13 <DIR> --d----- c:\windows\Profiles
2009-01-24 15:06 <DIR> --d----- c:\windows\tmp.0000
2009-01-24 15:06 <DIR> --d----- c:\windows\Drivers
2009-01-23 11:12 83,968 a------- c:\windows\system32\drivers\Rtnicxp.sys
2009-01-23 11:12 <DIR> --d----- c:\program files\Realtek
2009-01-22 22:48 0 a------- c:\windows\VPC32.INI
2009-01-22 22:45 120,379 a------- c:\windows\system32\SYMEVNT.386
2009-01-22 22:45 57,696 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-22 22:45 36,864 a------- c:\windows\system32\S32EVNT1.DLL
2009-01-22 22:45 4,032 a------- c:\windows\system32\SYMEVNT1.DLL
2009-01-22 22:45 244 a------- c:\windows\ODBC.INI
2009-01-22 22:45 <DIR> --d----- c:\windows\system32\CBA
2009-01-22 22:45 <DIR> --d----- c:\program files\Symantec
2009-01-22 22:45 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec
2009-01-22 22:45 <DIR> --d----- c:\program files\NavNT
2009-01-22 22:45 <DIR> --d----- c:\program files\common files\Symantec Shared
2009-01-22 20:59 0 a------- c:\windows\system32\drivers\aspi32.sys
2009-01-22 20:59 0 a------- c:\windows\system\wowpost.exe
2009-01-22 20:59 0 a------- c:\windows\system\winaspi.dll
2009-01-22 20:59 0 a------- c:\windows\system32\wnaspi32.dll
2009-01-22 20:59 48,128 -------- c:\windows\system32\ADP70.tmp
2009-01-22 20:59 23,936 -------- c:\windows\system32\drivers\ADP6D.tmp
2009-01-22 20:59 5,600 -------- c:\windows\system\ADP6F.tmp
2009-01-22 20:59 4,672 -------- c:\windows\system\ADP71.tmp
2009-01-22 20:59 1,052,672 a------- c:\windows\system32\ivimci32.dll
2009-01-22 20:59 317,952 a------- c:\windows\system32\Roboex32.dll
2009-01-22 20:59 25,264 a------- c:\windows\system32\ivimci.drv
2009-01-22 20:59 <DIR> --d----- c:\program files\InterVideo
2009-01-22 20:58 <DIR> --d----- c:\program files\C-Media Audio
2009-01-22 20:57 <DIR> --d----- c:\program files\IDEUtil
2009-01-22 20:57 11,776 a----r-- c:\windows\system32\sisidexp.dll
2009-01-22 20:57 4,096 a------- c:\windows\system32\drivers\siside.sys
2009-01-22 20:56 41,088 a------- c:\windows\system32\drivers\SISAGP.SYS
2009-01-22 20:56 <DIR> --d----- c:\windows\system32\ReinstallBackups
2009-01-22 20:56 <DIR> --d----- c:\windows\SiSAGP
2009-01-22 20:56 306,688 a------- c:\windows\IsUninst.exe
2009-01-22 20:56 <DIR> --d----- c:\documents and settings\administrator\WINDOWS
2009-01-22 20:53 12,160 a------- c:\windows\system32\drivers\mouhid.sys
2009-01-22 20:51 9,600 a------- c:\windows\system32\drivers\hidusb.sys
2009-01-22 20:50 <DIR> --d----- c:\documents and settings\Administrator
2009-01-22 20:50 <DIR> --ds---- c:\windows\system32\Microsoft
2009-01-22 20:47 539,648 a------- c:\windows\system32\hhctrl.ocx
2009-01-22 20:46 <DIR> --dsh--- c:\documents and settings\all users\DRM
2009-01-22 20:46 488 a---hr-- c:\windows\system32\WindowsLogon.manifest
2009-01-22 20:46 488 a---hr-- c:\windows\system32\logonui.exe.manifest
2009-01-22 20:46 <DIR> --ds---- c:\windows\Downloaded Program Files
2009-01-22 20:46 <DIR> --d--r-- c:\windows\Offline Web Pages
2009-01-22 20:45 <DIR> --d-h--- c:\program files\WindowsUpdate
2009-01-22 20:45 <DIR> --d----- c:\program files\Online Services
2009-01-22 20:45 <DIR> --d----- c:\program files\common files\MSSoap
2009-01-22 20:42 <DIR> --d----- c:\program files\Windows NT
2009-01-22 20:37 <DIR> --d----- c:\program files\common files\ODBC
2009-01-22 20:37 <DIR> --d----- c:\program files\common files\SpeechEngines
2009-01-22 20:36 <DIR> --d--r-- c:\documents and settings\all users\Documents

==================== Find3M ====================

2009-01-24 15:22 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-01-22 20:43 21,640 a------- c:\windows\system32\emptyregdb.dat
2001-11-23 04:08 712,704 a------- c:\windows\inf\other\AUDIO3D.DLL

============= FINISH: 21:47:19.34 ===============

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-01-19.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 22/01/2009 20:49:23
System Uptime: 30/01/2009 20:41:55 (1 hours ago)

Motherboard: http:\\www.abit.com.tw | | SiS-645(SA7 V1.0)
Processor: Intel(R) Celeron(R) CPU 2.20GHz | Socket 478 | 2205/100mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 67.931 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 22/01/2009 21:02:47 - System Checkpoint
RP2: 22/01/2009 22:17:03 - Installed Windows XP KB884020.
RP3: 22/01/2009 22:45:34 - Installed Norton AntiVirus Corporate Edition
RP4: 23/01/2009 11:12:33 - Installed REALTEK GbE & FE Ethernet PCI NIC Driver
RP5: 24/01/2009 15:11:58 - Installed RTLSetup
RP6: 24/01/2009 15:13:06 - Installed RTLSetup
RP7: 25/01/2009 09:53:48 - Unsigned driver install
RP8: 25/01/2009 11:58:19 - Unsigned driver install
RP9: 25/01/2009 14:35:02 - Installed Windows XP KB884020.
RP10: 26/01/2009 15:17:05 - System Checkpoint
RP11: 30/01/2009 21:20:59 - System Checkpoint

==== Installed Programs ======================

Adobe Acrobat 4.0
C-Media Audio
InterVideo WinDVD
LiveUpdate 1.6 (Symantec Corporation)
Norton AntiVirus Corporate Edition
REALTEK GbE & FE Ethernet PCI NIC Driver
RTLSetup
SiS Bus Master IDE Driver (Remove)
WebFldrs XP
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB884020
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB887797
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB891781

==== Event Viewer Messages From Past Week ========

25/01/2009 10:30:10, error: System Error [1003] - Error code 100000d1, parameter1 362e3132, parameter2 00000002, parameter3 00000001, parameter4 f7af8004.
25/01/2009 10:14:17, error: System Error [1003] - Error code 100000d1, parameter1 34746824, parameter2 00000002, parameter3 00000001, parameter4 f7af8004.
25/01/2009 09:59:51, error: System Error [1003] - Error code 100000c5, parameter1 00000000, parameter2 00000002, parameter3 00000001, parameter4 8054ba39.
24/01/2009 18:15:59, error: Server [2505] - The server could not bind to the transport \Device\NetbiosSmb because another computer on the network has the same name. The server could not start.
24/01/2009 16:00:17, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
24/01/2009 15:58:24, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm
25/01/2009 11:04:10, error: System Error [1003] - Error code 100000d1, parameter1 336c6166, parameter2 00000002, parameter3 00000001, parameter4 f7af0002.
25/01/2009 11:09:43, error: System Error [1003] - Error code 100000d1, parameter1 62623431, parameter2 00000002, parameter3 00000001, parameter4 f7af0004.
25/01/2009 11:11:23, error: System Error [1003] - Error code 1000007e, parameter1 c0000005, parameter2 f766f55d, parameter3 f7c75900, parameter4 f7c755fc.
25/01/2009 11:16:19, error: System Error [1003] - Error code 100000d1, parameter1 64653074, parameter2 00000002, parameter3 00000001, parameter4 f7af0004.
25/01/2009 11:17:14, error: System Error [1003] - Error code 1000007e, parameter1 c0000005, parameter2 f766f55d, parameter3 f7c81900, parameter4 f7c815fc.
25/01/2009 11:23:35, error: System Error [1003] - Error code 100000d1, parameter1 14c89804, parameter2 00000002, parameter3 00000001, parameter4 f7af0004.
25/01/2009 11:44:48, error: Service Control Manager [7023] - The IPSEC Services service terminated with the following error: The support for the specified socket type does not exist in this address family.
25/01/2009 11:44:48, error: Service Control Manager [7023] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: An address incompatible with the requested protocol was used.
25/01/2009 11:48:05, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: This operation returned because the timeout period expired.
25/01/2009 12:22:58, error: System Error [1003] - Error code 100000d1, parameter1 0608a804, parameter2 00000002, parameter3 00000001, parameter4 f7af0004.
25/01/2009 14:32:15, error: Server [2505] - The server could not bind to the transport \Device\NwlnkIpx because another computer on the network has the same name. The server could not start.
25/01/2009 14:32:15, error: Server [2505] - The server could not bind to the transport \Device\NwlnkNb because another computer on the network has the same name. The server could not start.

==== End Of File ===========================

 

Hi Olly,

Nothing stands out as being malware related, so lets put this topic on hold. I will respond to your original topic in the Networking forum.

 

Cheers noahdfear - much appreciated

Olly