Sign in with
Sign up | Sign in
Your question

Windows 7 Unidentified Network Terror Returns [Help meeeee]

Last response: in Networking
Share
January 6, 2013 12:15:55 AM

Ninja Edit: Ive tried a multitude of things like deleting the 0.0.0.0 thing. Ive tried both netsh commands. Ive tried flushing DNS. I know the cable isnt the problem since I used a cable tester. I have no idea what to do.

Yea so I got this problem ._.
I got Windows 7 64-Bit.
I can provide a combofix log. Here is my CMD prompt... ipconfig /all



Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Users\Simon>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Simon-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.fl.comcast.net.

Wireless LAN adapter Wireless Network Connection:

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82579V Gigabit Network Connectio
n
Physical Address. . . . . . . . . : 40-61-86-75-B9-E2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4dab:32c3:4707:47ab%12(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.71.171(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 272654726
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-79-A1-A7-40-61-86-75-B9-E2

DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled


C:\Users\Simon>
a b $ Windows 7
January 6, 2013 11:39:43 AM

Could both of you please press your Windows key and R together then into the Open box, type regedit and press Enter. Although I'm not asking you to change anything at this stage, it's good practice to make a backup of the Registry from the File>Export menu. Note the name and location of that backup file just in case.

Next, navigate to H_KEY_LOCAL_MACHINE>SYSTEM>CurrentControlSet>services>Winsock>Parameters and take a note of the contents of that key. Close eth Registry editor from the File>Exit menu and post back those details.

Related resources
a b $ Windows 7
January 6, 2013 11:44:46 AM

SharcBate1 said:
Ninja Edit: 169.254.71.171(Preferred)


That's a dud IP for starters. Set it according to the router's manual, so if the Default gateway is, say, for a Netgear, 192.168.0.1, set the IP address as 192.168.0.100 and the subnet will set itself.
January 6, 2013 1:40:09 PM

Saga Lout said:
That's a dud IP for starters. Set it according to the router's manual, so if the Default gateway is, say, for a Netgear, 192.168.0.1, set the IP address as 192.168.0.100 and the subnet will set itself.


Im sorry, what? Do you want me to set the ip address on my computer or the router?

oh and here is what you asked for
January 6, 2013 1:41:32 PM

escribblings said:
It would appear that we have a similar issue.

See my post here: Win 7 Home Premium 64 Bit - Cannot obtain automatic IP.



Dude, thats so funny, I looked at your post before I posted mine. Yeah, I tried all the things you tried. I downloaded combofix but it didnt solve any problems :/ 
a b $ Windows 7
January 6, 2013 1:47:34 PM

Right click that key and select Modify then add RFCOMM as one of the entries. It's best to use the Enter key to make a gap between your existing four and add the new one in that space. I do recommend making that possibly crucial Registry backup before doing this though. Restart the system afterwards and see if you can get online.

That IP address change needs to be made in the computer, in the Properties of the network and under the IPV4 Properties.

January 6, 2013 1:50:45 PM

Right click which key? The transports one? I dont want to do anything by mistake xD. I made the backup by the way.
January 6, 2013 2:14:00 PM

Saga Lout said:
Right click that key and select Modify then add RFCOMM as one of the entries. It's best to use the Enter key to make a gap between your existing four and add the new one in that space. I do recommend making that possibly crucial Registry backup before doing this though. Restart the system afterwards and see if you can get online.

That IP address change needs to be made in the computer, in the Properties of the network and under the IPV4 Properties.



Did everything. Still not working
January 6, 2013 2:45:39 PM

Saga Lout said:
Could both of you please press your Windows key and R together then into the Open box, type regedit and press Enter. Although I'm not asking you to change anything at this stage, it's good practice to make a backup of the Registry from the File>Export menu. Note the name and location of that backup file just in case.

Next, navigate to H_KEY_LOCAL_MACHINE>SYSTEM>CurrentControlSet>services>Winsock>Parameters and take a note of the contents of that key. Close eth Registry editor from the File>Exit menu and post back those details.



I am away from work now, but I will try this tomorrow. Thank you.

@SharcBate1 - good luck with yours.
January 7, 2013 8:18:40 AM

OK



Saga Lout said:
Right click that key and select Modify then add RFCOMM as one of the entries. It's best to use the Enter key to make a gap between your existing four and add the new one in that space. I do recommend making that possibly crucial Registry backup before doing this though. Restart the system afterwards and see if you can get online.

...


Did not work I am afraid.

I can connect if I hardwire my IP, but I want the DHCP to auto assign it. :( 
a b $ Windows 7
January 7, 2013 12:58:45 PM

Is that a before or after screenshot? If it's after, I didn't make myself sufficiently clear. I should have said right click on Transports and click Modify then add RFCOMM. It's odd that a fixed internal IP works but DHCP doesn't. Is there another machine in the system that does work with a DHCP allocated address or could the router be handing out only fixed ones?
January 7, 2013 2:34:41 PM

After screen shot.

If you re-read my thread[1] you will see that this machine is 1 of 4, all the others are still receiving their dynamic IP. I have limited rights to the router, but the MAC address of this troublesome machine is there as I reserved it and address when DHCP was working. But even before I tried your regedit I could get static working.

Removing that reservation makes no difference to the situation. Strangely this machine also does not show up in "attached devices" even with a static IP.

I am beginning to wonder if a port has been blocked somewhere.

1 - Win 7 Home Premium 64 Bit - Cannot obtain automatic IP.
Anonymous
a b $ Windows 7
January 7, 2013 10:02:41 PM

SharcBate1 said:
Ninja Edit: Ive tried a multitude of things like deleting the 0.0.0.0 thing. Ive tried both netsh commands. Ive tried flushing DNS. I know the cable isnt the problem since I used a cable tester. I have no idea what to do.

Yea so I got this problem ._.
I got Windows 7 64-Bit.
I can provide a combofix log. Here is my CMD prompt... ipconfig /all



Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Users\Simon>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Simon-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.fl.comcast.net.

Wireless LAN adapter Wireless Network Connection:

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82579V Gigabit Network Connectio
n
Physical Address. . . . . . . . . : 40-61-86-75-B9-E2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4dab:32c3:4707:47ab%12(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.71.171(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 272654726
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-79-A1-A7-40-61-86-75-B9-E2

DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled


C:\Users\Simon>



Had the same problem and tried everything, i fixded finaly. in wiareless adapter preferencec ----- configuration-------

wireless mode ----- changed from auto to b/g. result no uidentified network a huray and internet available

the problem comes with atheros ar9285
January 8, 2013 2:38:40 AM

Quote:
Had the same problem and tried everything, i fixded finaly. in wiareless adapter preferencec ----- configuration-------

wireless mode ----- changed from auto to b/g. result no uidentified network a huray and internet available

the problem comes with atheros ar9285


Its an unidentified network on an ethernet connection.
a b $ Windows 7
January 8, 2013 5:17:37 AM

Can you delete that connection completely and restart so it reconstitutes itself? It might just get it right this time.
January 8, 2013 7:41:14 AM

Mine us an atheros adapter - but not wireless.

I will try un-installing and re-installing it when I go back in on Thursday. In the mean time I am happy to hear any other suggestions.


Also, a question to SharcBate - have you tried configuring a static IP or are you just trying to get it to connect automatically?
Anonymous
a b $ Windows 7
January 8, 2013 10:39:36 AM

Diagnostika sítě Podrobnosti o vydavateli

Nalezené problémy
Problém s bezdrátovým adaptérem nebo přístupovým bodemProblém s bezdrátovým adaptérem nebo přístupovým bodem Opraveno
Resetujte bezdrátový adaptér. Dokončeno
Zkontrolujte, zda nedochází k potížím se směrovačem nebo přístupovým bodem Nespuštěno
Další informace o problémech s bezdrátovým připojením naleznete v Nápovědě a podpoře systému Windows. Nespuštěno


Nalezené problémy Podrobnosti o zjištění

6 Problém s bezdrátovým adaptérem nebo přístupovým bodem Opraveno

Resetujte bezdrátový adaptér. Dokončeno

Protokol diagnostiky sítě
Název souboru: 39D15246-B8EB-439F-92F6-C06DA16FE22F.Repair.1.etl


Zkontrolujte, zda nedochází k potížím se směrovačem nebo přístupovým bodem Nespuštěno

Jste-li připojeni k hotspotu nebo doménové síti, obraťte na správce sítě. V opačném případě: 1. Odpojte zařízení ze zásuvky nebo jej vypněte. 2. Jakmile zhasnou všechny kontrolky zařízení, počkejte alespoň 10 sekund. 3. Zapněte znovu zařízení nebo jej zapojte do zásuvky. Chcete-li restartovat směrovač nebo přístupový bod s integrovanou baterií, stiskněte a rychle uvolněte tlačítko Reset.
Další informace o problémech s bezdrátovým připojením naleznete v Nápovědě a podpoře systému Windows. Nespuštěno

Systém Windows nemůže vyřešit problém s bezdrátovým připojením.


Podrobnosti o zjištění

Diagnostické informace (Síťový Adaptér)
Podrobnosti diagnostiky síťový adaptér:

Informace o ovladači síťového adaptéru Wireless Network Connection:

Popis . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Výrobce . . . . . . . . . : Atheros Communications Inc.
Poskytovatel . . . . . . . . . . . : Microsoft
Verze . . . . . . . . . . . : 2.0.0.74
Název souboru INF . . . . . . . . . : C:\Windows\INF\netathr.inf
Datum souboru INF . . . . . . . . . : Monday, July 13, 2009 8:46:26 PM
Název oddílu . . . . . . . . . : ATHR_DEV_OS61_10891A3B.ndi
ID hardwaru . . . . . . . . . . : pci\ven_168c&dev_002b&subsys_10891a3b
Příznaky stavu instance . . . . . : 0x180200a
Stavový kód správce zařízení . . : 0
IfType . . . . . . . . . . . . : 71
Typ fyzického média . . . . . . : 9



Diagnostické informace (Bezdrátové Připojení)
Podrobnosti diagnostiky bezdrátové připojení:

Informace o diagnostikovaných připojeních
Identifikátor GUID rozhraní: 52b051bb-db9c-4264-9ee3-343983591b56
Název rozhraní: Atheros AR9285 Wireless Network Adapter
Typ rozhraní: Nativní Wi-Fi

Problém s připojením byl diagnostikován.
ID automatické konfigurace: 1
ID připojení: 1

Souhrnný stav připojení
Čas navázání připojení: 2013-01-09 13:42:51-349
Shoda profilu: Úspěch
Předběžné přidružení: Úspěch
Přidružení: Úspěch
Zabezpečení a ověřování: Úspěch

Seznam viditelných přístupových bodů: Celkem položek: 1, zobrazeno položek: 1
BSSID Síť PHY typu BSS Signál (dB) Kanál/frekvence SSID
-------------------------------------------------------------------------
80-B6-86-11-09-18 Infra <neznámý> -69 10 hamburger

Historie připojení

Informace pro automatickou konfiguraci, ID = 1

Seznam viditelných sítí: Celkem položek: 1, zobrazeno položek: 1
Síť PHY typu BSS Zabezpečení Signál (RSSI) Kompatibilní SSID
------------------------------------------------------------------------------
Infra <neznámý> Ano 60 Ano hamburger

Seznam upřednostňovaných sítí: Počet položek: 1
Profil: hamburger
SSID: hamburger
Délka identifikátoru SSID: 9
Režim připojení: Infra
Zabezpečení: Ano
Nastaveno zásadami skupiny: Ne
Připojit se i v případě, že síť nevysílá: Ne
Lze připojit: Ano

Informace pro připojení, ID = 1
Čas navázání připojení: 2013-01-09 13:42:51-349
ID automatické konfigurace: 1
Profil: hamburger
SSID: hamburger
Délka identifikátoru SSID: 9
Režim připojení: Infra
Zabezpečení: Ano
Předběžné přidružení a přidružení
Nastavení připojení poskytnuté výrobcem zařízení (nezávislým): Ne
Nastavení zabezpečení poskytnuté výrobcem zařízení (nezávislým): Ne
Profil splňuje požadavky sítě: Úspěch
Stav předběžného přidružení: Úspěch
Stav přidružení: Úspěšné
Poslední přístupový bod (AP): 80-b6-86-11-09-18
Zabezpečení a ověřování
Nakonfigurovaný typ zabezpečení: WPA-PSK
Nakonfigurovaný typ šifrování: CCMP(AES)
Protokol 802.1X: Ne
Výměna klíčů byla zahájena: Ano
Přijaté klíče jednosměrného vysílání: Ano
Přijatý klíč vícesměrového vysílání: Ano
Počet přijatých paketů zabezpečení: 3
Počet odeslaných paketů zabezpečení: 3
Stav pokusu o zabezpečení: Úspěch
Připojení
Statistika paketů
Ndis Rx: 45
Ndis Tx: 160
Úspěšné dešifrování jednosměrového vysílání: 45
Úspěšné dešifrování vícesměrového vysílání: 0
Chybné dešifrování jednosměrového vysílání: 0
Chybné dešifrování vícesměrového vysílání: 0
Úspěšně přijato: 45
Chybně přijato: 56
Úspěšně odesláno: 290
Chybně odesláno: 0
Opakování Tx: 5
Vícenásobné opakování Tx: 1
Překročena max. životnost Tx: 0
Chybné potvrzení Tx: 66
Historie roamingu: Počet položek: 0

i dont know why but every time i made my wireless adpt. work after restart it didnt
this works even after restart hope it help . i will send screens of my router setup.


Anonymous
a b $ Windows 7
January 8, 2013 10:49:09 AM

Microsoft Windows [Verze 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. Vsechna práva vyhrazena.

C:\Users\Petra>ipconfig /all

Konfigurace protokolu IP systému Windows

Název hostitele . . . . . . . . . : Skorm-PC
Primární prípona DNS. . . . . . . :
Typ uzlu . . . . . . . . . . . . : hybridní
Povoleno smerování IP . . . . . . : Ne
WINS Proxy povoleno . . . . . . . : Ne

Adaptér síte Ethernet Local Area Connection:

Stav média . . . . . . . . . . . : odpojeno
Prípona DNS podle pripojení . . . :
Popis . . . . . . . . . . . . . . : Atheros AR8131 PCI-E Gigabit Ethernet Con
troller (NDIS 6.20)
Fyzická Adresa. . . . . . . . . . : 48-5B-39-E7-09-3C
Protokol DHCP povolen . . . . . . : Ano
Automatická konfigurace povolena : Ano

Adaptér bezdrátové síte LAN Wireless Network Connection:

Prípona DNS podle pripojení . . . :
Popis . . . . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Fyzická Adresa. . . . . . . . . . : 1C-4B-D6-D5-EB-16
Protokol DHCP povolen . . . . . . : Ano
Automatická konfigurace povolena : Ano
Adresa IPv4 . . . . . . . . . . . : 10.0.0.140(Preferované)
Maska podsíte . . . . . . . . . . : 255.255.255.0
Zapujceno . . . . . . . . . . . . : Wednesday, January 09, 2013 1:44:23 PM
Zápujcka vyprsí . . . . . . . . . : Saturday, February 15, 2149 8:26:06 PM
Vychozí brána . . . . . . . . . . : 10.0.0.138
Server DHCP . . . . . . . . . . . : 10.0.0.138
Servery DNS . . . . . . . . . . . : 10.0.0.138
Rozhraní NetBios nad protokolem TCP/IP. . . . . . . . : Povoleno

Adaptér pro tunelové pripojení isatap.{52B051BB-DB9C-4264-9EE3-343983591B56}:

Stav média . . . . . . . . . . . : odpojeno
Prípona DNS podle pripojení . . . :
Popis . . . . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Fyzická Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatická konfigurace povolena : Ano

Adaptér pro tunelové pripojení Teredo Tunneling Pseudo-Interface:

Prípona DNS podle pripojení . . . :
Popis . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Fyzická Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatická konfigurace povolena : Ano
IPv6 adresa. . . . . . . . . . . : 2001:0:4137:9e76:24a9:2dbe:f5ff:ff73(Prefe
rované)
Místní IPv6 adresa v rámci propojení . . . : fe80::24a9:2dbe:f5ff:ff73%12(Pre
ferované)
Vychozí brána . . . . . . . . . . : ::
NetBIOS nad TCP/IP. . . . . . . . : zakázáno

C:\Users\Petra>

January 10, 2013 12:35:35 AM

Saga Lout said:
Can you delete that connection completely and restart so it reconstitutes itself? It might just get it right this time.


Sorry I responded so late, I didn't see if you replied. I tried that but nothing happened.
a b $ Windows 7
January 10, 2013 12:58:26 AM

By chance have you installed an Apple\Adobe product (IIRC SKYPE also installs and uses this service) on this system lately ?? (I-tunes, Photoshop CS, etc.) I was experiencing a similar problem awhile back and found that the cause was the Bonjour service added by Adobe for it's Photoshop CS --- It was installing prior to the network drivers and thus setting up an unknown Network that was then keeping my network card from initializing. By going into the boot settings and setting the service to a delayed start it fixed the problem.

To do this if you think it may be the problem for you as well -- type services.msc in run or services in search (win7)
look for the id string on top that points to bonjour (on my system it was ##Id_String2.6844F930_1628_4223_B5CC_5BB94B879762##) and right click to bring up the properties
On the Startup type pick the Automatic (delayed start) and save the change

Doing this makes the service start after a delay and lets your network driver load first keeping the bonjour service from installing that unknown network.

This has solved my issue so far
a b $ Windows 7
January 10, 2013 4:58:50 AM

If I could give a Best Answer in this thread, JDFan would definitely get it.
January 10, 2013 9:07:24 AM

JDFan said:
By chance have you installed an Apple\Adobe product (IIRC SKYPE also installs and uses this service) on this system lately ?? (I-tunes, Photoshop CS, etc.) I was experiencing a similar problem awhile back and found that the cause was the Bonjour service added by Adobe for it's Photoshop CS --- It was installing prior to the network drivers and thus setting up an unknown Network that was then keeping my network card from initializing. By going into the boot settings and setting the service to a delayed start it fixed the problem.

To do this if you think it may be the problem for you as well -- type services.msc in run or services in search (win7)
look for the id string on top that points to bonjour (on my system it was ##Id_String2.6844F930_1628_4223_B5CC_5BB94B879762##) and right click to bring up the properties
On the Startup type pick the Automatic (delayed start) and save the change

Doing this makes the service start after a delay and lets your network driver load first keeping the bonjour service from installing that unknown network.

This has solved my issue so far



In my case this is not so. No Bonjour service at all.

I don't know if it is important, but when I went:

Control Panel > Network and Internet > Network Sharing Centre > View Network Computers and Devices

I got a yellow pop-up at the top of the screen

"Network discovery and file sharing are turned off. Network computers and devices are not visible. Click to change..."

I click, and no matter what option I select, that message stays there.

This is on the static IP, either set as home or work network.

I am about to try removing the adapter.

"
January 10, 2013 9:12:45 AM

OK, that didn't work - I will try with an updated driver another day.

In the mean time - would doing anything with the advanced configurations help? DNS, WINS, LMHOSTS?
a b $ Windows 7
January 10, 2013 9:40:51 AM

In the mean time - would doing anything with the advanced configurations help? DNS, WINS, LMHOSTS?

I really thought JDFan had nailed it that time - it's a brilliant solution but just not for you.

DNS should have ticks in both Append options. WINS should have Enable LM Hosts look up" ticked and Default selected. More importantly if XP - but not if Vista or 7/8 - is the last tab marked Options. Click the Advanced button and make sure all three are marked "Permit All". If they aren't, it would explain a thing or two.

January 10, 2013 9:34:07 PM

OK, I'll double check those.

I think the best thing I can do is screen shots - and lots of them ;) 

I'll come back tomorrow.
January 11, 2013 8:40:43 AM

Ok, everything was already as you suggest - only I can't find the Options tab you mention!

Screenies as promised. Let me know if there is any more info you want.

The static Ip below works fine, it is the DHCP that does not. I am typing this reply on the aforementioned machine.

Interestingly the other 3 machines on the LAN receive DHCP fine. including an identical (same make, model, OS, bought at the same time) machine.









January 30, 2013 5:00:28 AM

After Saga Lout's comment to get the registry info for H_KEY_LOCAL_MACHINE>SYSTEM>CurrentControlSet>services>Winsock>Parameters
I found that Tcpip6 was in front of Tcpip in my registry, I switched it so it looks like

Tcpip Tcpip6 NetBIOS Psched RFCOMM

this has solved my "unidentified Network" issue, I did this after a clean "route delete 0.0.0.0" and "netsh winsock reset catalog", rebooted.
Also for me it was a wi-fi connection I also deleted that "known" network before rebooting.
a b $ Windows 7
January 30, 2013 5:47:15 AM

Nice one, jkal - by the look of escribblings Registry screenshot, he might benefit form your suggestion. Welcome to Tom's Hardware Forums, by the way.
January 30, 2013 8:53:27 AM

jkal said:
After Saga Lout's comment to get the registry info for H_KEY_LOCAL_MACHINE>SYSTEM>CurrentControlSet>services>Winsock>Parameters
I found that Tcpip6 was in front of Tcpip in my registry, I switched it so it looks like

Tcpip Tcpip6 NetBIOS Psched RFCOMM

this has solved my "unidentified Network" issue, I did this after a clean "route delete 0.0.0.0" and "netsh winsock reset catalog", rebooted.
Also for me it was a wi-fi connection I also deleted that "known" network before rebooting.


Saga Lout said:
Nice one, jkal - by the look of escribblings Registry screenshot, he might benefit form your suggestion. Welcome to Tom's Hardware Forums, by the way.


I was so hoping this would sort it, bu alas no.

I am begining to give up all hope on this machine ever using DHCP again :( 

I switch Tcpip and Tcpip6. I even added NetBIOS when that didn't work.

I did the

  1. route delete 0.0.0.0
  2. netsh winsock catalog


I rebooted many times, disabled and re-enabled the adapter.

I even tried disabling the adapter, changing its properties to automatic, "cleaning" and rebooting the machine before re-enabling the adapter.

I even tried changing NetBIOS from Default to Enable NetBIOS over TCP/IP

Nothing is working except assigning a static IP.

It is not the cabling or the router port as these work with the other machines, so it has to be software or hardware in the machine itself.

a b $ Windows 7
January 30, 2013 9:03:11 AM

Darn it - it looked though that may have done it for you as well. Try netsh winsock reset catalog but I doubt it's that simple. I'm almost tempted to suggest getting a download of ComboFix from bleepingcomputer.com, after reading the Tutorial. Is there anything interesting or slightly dubious in your Hosts file? Check it in c:\windows\system32\drivers\etc and open it using Notepad.
January 30, 2013 9:06:24 AM

I am away from the machine now, but I'll check that later.
January 30, 2013 12:02:23 PM

OK. I went into C:\windows\system32\drivers\etc and looked at the various files in there.

I have

hosts
lmhosts.sam
networks
protocol
services


I looked at all of them, but here are the contents of only 3 of them:

hosts
  1. # Copyright (c) 1993-2009 Microsoft Corp.
  2. #
  3. # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
  4. #
  5. # This file contains the mappings of IP addresses to host names. Each
  6. # entry should be kept on an individual line. The IP address should
  7. # be placed in the first column followed by the corresponding host name.
  8. # The IP address and the host name should be separated by at least one
  9. # space.
  10. #
  11. # Additionally, comments (such as these) may be inserted on individual
  12. # lines or following the machine name denoted by a '#' symbol.
  13. #
  14. # For example:
  15. #
  16. # 102.54.94.97 rhino.acme.com # source server
  17. # 38.25.63.10 x.acme.com # x client host
  18.  
  19. # localhost name resolution is handled within DNS itself.
  20. # 127.0.0.1 localhost
  21. # ::1 localhost


lmhosts.sam
  1. # Copyright (c) 1993-1999 Microsoft Corp.
  2. #
  3. # This is a sample LMHOSTS file used by the Microsoft TCP/IP for Windows.
  4. #
  5. # This file contains the mappings of IP addresses to computernames
  6. # (NetBIOS) names. Each entry should be kept on an individual line.
  7. # The IP address should be placed in the first column followed by the
  8. # corresponding computername. The address and the computername
  9. # should be separated by at least one space or tab. The "#" character
  10. # is generally used to denote the start of a comment (see the exceptions
  11. # below).
  12. #
  13. # This file is compatible with Microsoft LAN Manager 2.x TCP/IP lmhosts
  14. # files and offers the following extensions:
  15. #
  16. # #PRE
  17. # #DOM:<domain>
  18. # #INCLUDE <filename>
  19. # #BEGIN_ALTERNATE
  20. # #END_ALTERNATE
  21. # \0xnn (non-printing character support)
  22. #
  23. # Following any entry in the file with the characters "#PRE" will cause
  24. # the entry to be preloaded into the name cache. By default, entries are
  25. # not preloaded, but are parsed only after dynamic name resolution fails.
  26. #
  27. # Following an entry with the "#DOM:<domain>" tag will associate the
  28. # entry with the domain specified by <domain>. This affects how the
  29. # browser and logon services behave in TCP/IP environments. To preload
  30. # the host name associated with #DOM entry, it is necessary to also add a
  31. # #PRE to the line. The <domain> is always preloaded although it will not
  32. # be shown when the name cache is viewed.
  33. #
  34. # Specifying "#INCLUDE <filename>" will force the RFC NetBIOS (NBT)
  35. # software to seek the specified <filename> and parse it as if it were
  36. # local. <filename> is generally a UNC-based name, allowing a
  37. # centralized lmhosts file to be maintained on a server.
  38. # It is ALWAYS necessary to provide a mapping for the IP address of the
  39. # server prior to the #INCLUDE. This mapping must use the #PRE directive.
  40. # In addtion the share "public" in the example below must be in the
  41. # LanManServer list of "NullSessionShares" in order for client machines to
  42. # be able to read the lmhosts file successfully. This key is under
  43. # \machine\system\currentcontrolset\services\lanmanserver\parameters\nullsessionshares
  44. # in the registry. Simply add "public" to the list found there.
  45. #
  46. # The #BEGIN_ and #END_ALTERNATE keywords allow multiple #INCLUDE
  47. # statements to be grouped together. Any single successful include
  48. # will cause the group to succeed.
  49. #
  50. # Finally, non-printing characters can be embedded in mappings by
  51. # first surrounding the NetBIOS name in quotations, then using the
  52. # \0xnn notation to specify a hex value for a non-printing character.
  53. #
  54. # The following example illustrates all of these extensions:
  55. #
  56. # 102.54.94.97 rhino #PRE #DOM:networking #net group's DC
  57. # 102.54.94.102 "appname \0x14" #special app server
  58. # 102.54.94.123 popular #PRE #source server
  59. # 102.54.94.117 localsrv #PRE #needed for the include
  60. #
  61. # #BEGIN_ALTERNATE
  62. # #INCLUDE \\localsrv\public\lmhosts
  63. # #INCLUDE \\rhino\public\lmhosts
  64. # #END_ALTERNATE
  65. #
  66. # In the above example, the "appname" server contains a special
  67. # character in its name, the "popular" and "localsrv" server names are
  68. # preloaded, and the "rhino" server name is specified so it can be used
  69. # to later #INCLUDE a centrally maintained lmhosts file if the "localsrv"
  70. # system is unavailable.
  71. #
  72. # Note that the whole file is parsed including comments on each lookup,
  73. # so keeping the number of comments to a minimum will improve performance.
  74. # Therefore it is not advisable to simply add lmhosts file entries onto the
  75. # end of this file.


networks
  1. # Copyright (c) 1993-1999 Microsoft Corp.
  2. #
  3. # This file contains network name/network number mappings for
  4. # local networks. Network numbers are recognized in dotted decimal form.
  5. #
  6. # Format:
  7. #
  8. # <network name> <network number> [aliases...] [#<comment>]
  9. #
  10. # For example:
  11. #
  12. # loopback 127
  13. # campus 284.122.107
  14. # london 284.122.108
  15.  
  16. loopback 127


To my limited knowledge of these files, I cannot see anything hinky - but them I am also worried that I can't see much that has not been commented out.

I will be away from this machine until tomorrow now. All suggestions welcome.
January 30, 2013 9:59:17 PM

How is your router setup? Do you by chance have DD-WRT flashed to it?
January 30, 2013 10:07:35 PM

I am having the same problem as well. Around two weeks ago it was working fine, I rarely used it; but now I have a reason too!

Done the following:

Re-installed Windows 7
Reset router
Plugged PC directly to modem

:( 
January 31, 2013 8:53:36 AM

ha2fb said:
How is your router setup? Do you by chance have DD-WRT flashed to it?


Router is as was when installed. No DD-WRT as it is monitored remotely. I am lucky I have the access to it that I do, but have to be very careful about re configuring it.

However, I do not believe the router to be at fault. The other 3 machines and the countless wireless devices connect without issue. 1 machine is identical to the one with the issue.

The cable and router port are not the issue either as these work with the other machines when swapped over.

Here is some router info - by I don't think the router is the problem (I have masked the WAN IP and SSID for security reasons.

  1. Host Name: P-660HW-T1_v2
  2. Model Number: P-660HW-T1 v2
  3. MAC Address: 00:23:f8:97:a1:2d
  4. ZyNOS Firmware Version: V3.40(AXL.1) | 11/21/2007
  5. WAN Information
  6. - DSL Mode: ADSL2 DELT
  7. - IP Address: ###.###.###.###
  8. - IP Subnet Mask: 255.255.255.255
  9. - VPI/VCI: 0/38
  10. - MTU : 1500
  11. LAN Information
  12. - IP Address: 192.168.1.1
  13. - IP Subnet Mask: 255.255.255.0
  14. - DHCP: Server
  15. WLAN Information
  16. - SSID: ###############
  17. - Channel: 1
  18. - Security: WPA-PSK
  19. Security
  20. - Firewall: Enabled
  21. - Content Filter: Disable

a b $ Windows 7
January 31, 2013 9:05:32 AM

14. - DHCP: Server

Can that entry not be changed to Automatic by DHCP? Does accessing the router from one of the other wirelessly connected systems produce an identical report?
January 31, 2013 9:21:23 AM

Saga Lout said:
14. - DHCP: Server

Can that entry not be changed to Automatic by DHCP? Does accessing the router from one of the other wirelessly connected systems produce an identical report?


The options are Server, Relay or None.

That report is from the routers homepage, and was accessed, copied and pasted through my mobile phone.

However it does not change if you log in from another machine.
a b $ Windows 7
January 31, 2013 1:55:57 PM

Well, I hate to give up on you, escribblings but I'm out of ideas. Unless there's a background Proxy running in your system, I can't see what can be wrong. Could someone have enabled, say, FoxyProxy in Firefox without your knowledge. I take it there's nothing ticked in Internet Options>Connections tab>LAN button Proxy boxes. Sorry I couldn't be more help.
February 2, 2013 12:23:42 AM

Man this sucks, I have no idea what to do from this point on. Even with a fresh reinstall of Windows 7 it is not working!

Saga Lout, thoughts?
a b $ Windows 7
February 2, 2013 5:40:54 AM

Without going back through the entire thread, I can't remember if I suggested delaying the start of the Bonjour Service at any time. If you have any Apple or Quick Time software, that Service can cause problems if it loads before some others. Apart form that, I'm out of ammo on this one and I can't even force a duplication of the circumstances in one of my own systems.
February 2, 2013 11:13:08 AM

Do a restore point going back to where everything worked.... Then see what happens.
169.254.x.x is no DHCP server
Static works but not picking up the IP from the router.
Get another wireless card and see if it works.
Still not working ???
Not running any spoofing tools?
BackTrack?
Caine & Abel?
Remove everything....

If it's still not working then wipe the drive clean, no partitians, no OS, nothing.
Clean is clean ....and BTW where did you get the OS from? Is it legal?
February 2, 2013 12:00:22 PM

Saga Lout said:
Without going back through the entire thread, I can't remember if I suggested delaying the start of the Bonjour Service at any time. If you have any Apple or Quick Time software, that Service can cause problems if it loads before some others. Apart form that, I'm out of ammo on this one and I can't even force a duplication of the circumstances in one of my own systems.

You didn't - but JDFan did, and nope - no Bonjour or similar service that I can tell is running.

Beachnative said:
Do a restore point going back to where everything worked.... Then see what happens.
169.254.x.x is no DHCP server
Static works but not picking up the IP from the router.
Get another wireless card and see if it works.
Still not working ???
Not running any spoofing tools?
BackTrack?
Caine & Abel?
Remove everything....

If it's still not working then wipe the drive clean, no partitians, no OS, nothing.
Clean is clean ....and BTW where did you get the OS from? Is it legal?


I know it is not DHCP, it is Automatic Private IP.

It's not wireless, it is hard wired. There is nothing wrong with the cable or router/router port as these work with the other machines on the network and this machine does not receive DHCP on their cables/ports.

No spoofing tools that I am aware of.

I will be running more checkup software on it soon, when I have time (only have my lunch breaks at the moment).

Re-install is not an option at the moment - as much as I want this working with DHCP, it is working with static IP - and due to my time contraints, while it is working at all I cannot justify the re-install.

As for is the OS legal. I should bloody hope so, it came pre-installed from PC-World. I bought to identical machines at the same time, same spec same OS. One is still working on DHCP and thee other is not.
February 3, 2013 1:25:59 PM

In my instance this is not a notebook and I dont have Bonjour installed.

Fresh install on a desktop.
a b $ Windows 7
February 3, 2013 4:20:16 PM

I'm beginning to think the answer to this is in the router's settings somewhere so I'm going to set up a dummy router (rather than play around with my server systems) to see if I can duplicate the problem. Meantime, if you fellows could share router details, i might be useful.
February 3, 2013 5:08:44 PM

Saga Lout said:
I'm beginning to think the answer to this is in the router's settings somewhere so I'm going to set up a dummy router (rather than play around with my server systems) to see if I can duplicate the problem. Meantime, if you fellows could share router details, i might be useful.


My router is a Zyzel, I posted the setup details above. The DHCP pool starts at 101. I can't seem to segregate wifi from wired though, so they both share the pool of 101-255.

  1. Host Name: P-660HW-T1_v2
  2. Model Number: P-660HW-T1 v2
  3. MAC Address: 00:23:f8:97:a1:2d
  4. ZyNOS Firmware Version: V3.40(AXL.1) | 11/21/2007
  5. WAN Information
  6. - DSL Mode: ADSL2 DELT
  7. - IP Address: ###.###.###.###
  8. - IP Subnet Mask: 255.255.255.255
  9. - VPI/VCI: 0/38
  10. - MTU : 1500
  11. LAN Information
  12. - IP Address: 192.168.1.1
  13. - IP Subnet Mask: 255.255.255.0
  14. - DHCP: Server
  15. WLAN Information
  16. - SSID: ###############
  17. - Channel: 1
  18. - Security: WPA-PSK
  19. Security
  20. - Firewall: Enabled
  21. - Content Filter: Disable
a b $ Windows 7
February 4, 2013 5:11:39 AM

IP pool sharing between wired and wireless devices is quite normal. I can't think what could cause your problem but if there are any firewall or other access restrictions to your machine, it could be that those restrictions are overarched by a fixed IP. See if you can find anything.
February 5, 2013 2:27:51 PM

Saga Lout said:
IP pool sharing between wired and wireless devices is quite normal. I can't think what could cause your problem but if there are any firewall or other access restrictions to your machine, it could be that those restrictions are overarched by a fixed IP. See if you can find anything.



There are no individual rules set on the router, all machines should be treated equally. Likewise I cannot find any other programs running that might cause issue.

I have made 2 HiJackThis logs. The first is on Static IP, the second on DHCP. I doubt there will be any difference between the files.

HiJackThis Log - Static IP
  1. Logfile of Trend Micro HijackThis v2.0.4
  2. Scan saved at 16:19:05, on 05/02/2013
  3. Platform: Windows 7 SP1 (WinNT 6.00.3505)
  4. MSIE: Internet Explorer v9.00 (9.00.8112.16457)
  5. Boot mode: Normal
  6.  
  7. Running processes:
  8. C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
  9. C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
  10. C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
  11. C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
  12.  
  13. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  14. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
  15. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQDSK/2
  16. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  17. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  18. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQDSK/2
  19. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  20. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  21. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  22. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
  23. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  24. F2 - REG:system.ini: UserInit=userinit.exe,
  25. O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  26. O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  27. O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
  28. O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
  29. O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
  30. O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
  31. O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
  32. O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  33. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
  34. O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
  35. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
  36. O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
  37. O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  38. O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  39. O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
  40. O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
  41. O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  42. O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  43. O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  44. O17 - HKLM\System\CCS\Services\Tcpip\..\{2B1A40CA-56C4-4228-A7B3-91F8804FCBD8}: NameServer = 192.168.1.1
  45. O17 - HKLM\System\CS1\Services\Tcpip\..\{2B1A40CA-56C4-4228-A7B3-91F8804FCBD8}: NameServer = 192.168.1.1
  46. O17 - HKLM\System\CS2\Services\Tcpip\..\{2B1A40CA-56C4-4228-A7B3-91F8804FCBD8}: NameServer = 192.168.1.1
  47. O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
  48. O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  49. O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  50. O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
  51. O23 - Service: CalendarSynchService - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
  52. O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
  53. O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
  54. O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\windows\System32\ezSharedSvcHost.exe
  55. O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
  56. O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
  57. O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  58. O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  59. O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
  60. O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
  61. O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
  62. O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
  63. O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
  64. O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  65. O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
  66. O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
  67. O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
  68. O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
  69. O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
  70. O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
  71. O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
  72. O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
  73. O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
  74. O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
  75. O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
  76. O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
  77. O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
  78. O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
  79. O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
  80. O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
  81. O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
  82.  
  83. --
  84. End of file - 9500 bytes


HiJackThis Log - DHCP
  1. Logfile of Trend Micro HijackThis v2.0.4
  2. Scan saved at 16:20:08, on 05/02/2013
  3. Platform: Windows 7 SP1 (WinNT 6.00.3505)
  4. MSIE: Internet Explorer v9.00 (9.00.8112.16457)
  5. Boot mode: Normal
  6.  
  7. Running processes:
  8. C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
  9. C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
  10. C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
  11. C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
  12.  
  13. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  14. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
  15. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQDSK/2
  16. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  17. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  18. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQDSK/2
  19. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  20. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  21. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  22. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
  23. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  24. F2 - REG:system.ini: UserInit=userinit.exe,
  25. O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  26. O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  27. O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
  28. O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
  29. O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
  30. O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
  31. O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
  32. O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  33. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
  34. O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
  35. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
  36. O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
  37. O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  38. O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  39. O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
  40. O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
  41. O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  42. O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  43. O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  44. O17 - HKLM\System\CS2\Services\Tcpip\..\{2B1A40CA-56C4-4228-A7B3-91F8804FCBD8}: NameServer = 192.168.1.1
  45. O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
  46. O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  47. O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  48. O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
  49. O23 - Service: CalendarSynchService - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
  50. O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
  51. O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
  52. O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\windows\System32\ezSharedSvcHost.exe
  53. O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
  54. O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
  55. O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  56. O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  57. O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
  58. O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
  59. O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
  60. O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
  61. O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
  62. O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  63. O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
  64. O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
  65. O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
  66. O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
  67. O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
  68. O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
  69. O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
  70. O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
  71. O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
  72. O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
  73. O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
  74. O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
  75. O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
  76. O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
  77. O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
  78. O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
  79. O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
  80.  
  81. --
  82. End of file - 9288 bytes


Maybe that can shed some light.

Note both the above logs were taken in the Administrator Login.
a b $ Windows 7
February 5, 2013 2:50:14 PM

If your other Windows 7 systems don't show those 04 RunOnce entries for mctadmin.exe, re-run HJT and tick to remove them. If the other machiens have the same entries, don't bother because it isn't the problem.

February 6, 2013 2:09:00 PM

Unfortunately those entries exist on the other Win7 machine too.

HiJackThis Log - Win 7 Machine with working DHCP
  1. Logfile of Trend Micro HijackThis v2.0.4
  2. Scan saved at 16:05:06, on 06/02/2013
  3. Platform: Windows 7 SP1 (WinNT 6.00.3505)
  4. MSIE: Internet Explorer v9.00 (9.00.8112.16457)
  5. Boot mode: Normal
  6.  
  7. Running processes:
  8. C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
  9. C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
  10. C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
  11. C:\Program Files (x86)\Internet Explorer\iexplore.exe
  12. C:\Program Files (x86)\Internet Explorer\iexplore.exe
  13. C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
  14.  
  15. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQDSK/2
  16. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  17. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
  18. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQDSK/2
  19. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  20. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  21. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQDSK/2
  22. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  23. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  24. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  25. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  26. F2 - REG:system.ini: UserInit=userinit.exe
  27. O1 - Hosts: 216.239.32.20 www.google.ae # bck9
  28. O1 - Hosts: 216.239.32.20 www.google.at # bck9
  29. O1 - Hosts: 216.239.32.20 www.google.be # bck9
  30. O1 - Hosts: 216.239.32.20 www.google.ca # bck9
  31. O1 - Hosts: 216.239.32.20 www.google.ch # bck9
  32. O1 - Hosts: 216.239.32.20 www.google.cl # bck9
  33. O1 - Hosts: 216.239.32.20 www.google.co.il # bck9
  34. O1 - Hosts: 216.239.32.20 www.google.co.in # bck9
  35. O1 - Hosts: 216.239.32.20 www.google.co.jp # bck9
  36. O1 - Hosts: 216.239.32.20 www.google.co.kr # bck9
  37. O1 - Hosts: 216.239.32.20 www.google.co.nz # bck9
  38. O1 - Hosts: 216.239.32.20 www.google.co.uk # bck9
  39. O1 - Hosts: 216.239.32.20 www.google.co.ve # bck9
  40. O1 - Hosts: 216.239.32.20 www.google.co.za # bck9
  41. O1 - Hosts: 216.239.32.20 www.google.com # bck9
  42. O1 - Hosts: 216.239.32.20 www.google.com.ar # bck9
  43. O1 - Hosts: 216.239.32.20 www.google.com.au # bck9
  44. O1 - Hosts: 216.239.32.20 www.google.com.br # bck9
  45. O1 - Hosts: 216.239.32.20 www.google.com.co # bck9
  46. O1 - Hosts: 216.239.32.20 www.google.com.gr # bck9
  47. O1 - Hosts: 216.239.32.20 www.google.com.hk # bck9
  48. O1 - Hosts: 216.239.32.20 www.google.com.mx # bck9
  49. O1 - Hosts: 216.239.32.20 www.google.com.my # bck9
  50. O1 - Hosts: 216.239.32.20 www.google.com.pe # bck9
  51. O1 - Hosts: 216.239.32.20 www.google.com.ph # bck9
  52. O1 - Hosts: 216.239.32.20 www.google.com.pk # bck9
  53. O1 - Hosts: 216.239.32.20 www.google.com.sg # bck9
  54. O1 - Hosts: 216.239.32.20 www.google.com.tr # bck9
  55. O1 - Hosts: 216.239.32.20 www.google.com.tw # bck9
  56. O1 - Hosts: 216.239.32.20 www.google.com.ua # bck9
  57. O1 - Hosts: 216.239.32.20 www.google.de # bck9
  58. O1 - Hosts: 216.239.32.20 www.google.dk # bck9
  59. O1 - Hosts: 216.239.32.20 www.google.es # bck9
  60. O1 - Hosts: 216.239.32.20 www.google.fi # bck9
  61. O1 - Hosts: 216.239.32.20 www.google.fr # bck9
  62. O1 - Hosts: 216.239.32.20 www.google.it # bck9
  63. O1 - Hosts: 216.239.32.20 www.google.lt # bck9
  64. O1 - Hosts: 216.239.32.20 www.google.lv # bck9
  65. O1 - Hosts: 216.239.32.20 www.google.nl # bck9
  66. O1 - Hosts: 216.239.32.20 www.google.pl # bck9
  67. O1 - Hosts: 216.239.32.20 www.google.pt # bck9
  68. O1 - Hosts: 216.239.32.20 www.google.ro # bck9
  69. O1 - Hosts: 216.239.32.20 www.google.ru # bck9
  70. O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  71. O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
  72. O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)
  73. O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
  74. O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
  75. O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
  76. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
  77. O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
  78. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
  79. O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
  80. O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  81. O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  82. O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  83. O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
  84. O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  85. O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
  86. O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
  87. O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  88. O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
  89. O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Blue Coat Systems, Inc. - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
  90. O23 - Service: CalendarSynchService - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
  91. O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
  92. O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
  93. O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\windows\System32\ezSharedSvcHost.exe
  94. O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
  95. O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
  96. O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
  97. O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
  98. O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
  99. O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
  100. O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
  101. O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  102. O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
  103. O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
  104. O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
  105. O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
  106. O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
  107. O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
  108. O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
  109. O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
  110. O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
  111. O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
  112. O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
  113. O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
  114. O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
  115. O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
  116. O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
  117. O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
  118. O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
  119. O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
  120.  
  121. --
  122. End of file - 10442 bytes
!