Help
This topic is locked
Try this. It will clean your Domains.
Launch Notepad, and copy/paste all the blue instructions below to it.
Save in: Desktop
File Name: fixme.reg
Save as Type: All files
Click: Save
REGEDIT4
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges]
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
Then, disconnect from the Internet!
Next,
Back on the Desktop, double-click on the fixme.reg file you just saved and click on Yes when asked to merge the information.
On a Vista or Windows 7 operating system right click on the fixme.reg file and run as Administrator.
Optional if the following programs are in your computer.
Note that since the Domains are deleted SpywareBlaster protection must be re-enabled. Spybot's Immunize feature must be used again, also you have to re-install IE-SpyAd if installed.
Forum Guidelines
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help
Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient. DO NOT RUN ComboFix unless requested to. Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
Netbook runng slow/HijackThis log
#16
- Forum Addict
-
- Group: Malware Response Team
- Posts: 5,053
- Joined: 16-June 06
- Gender:Male
- Location:Montreal, QC. Canada
Posted 16 November 2011 - 10:54 AM
Back to top
#17
- Forum Addict
-
- Group: Malware Response Team
- Posts: 5,053
- Joined: 16-June 06
- Gender:Male
- Location:Montreal, QC. Canada
Posted 21 November 2011 - 11:41 AM
Are you still with me?
#18
- New Member
-
- Group: Members
- Posts: 13
- Joined: 24-October 11
Posted 21 November 2011 - 12:04 PM
I apologize...I thought I had replied. I did the requested actions and still no luck. Fyi, I also ordered an upgraded memory from 1g to 2g. Probably won't help much, but couldn't hurt.
#19
- Forum Addict
-
- Group: Malware Response Team
- Posts: 5,053
- Joined: 16-June 06
- Gender:Male
- Location:Montreal, QC. Canada
Posted 22 November 2011 - 08:24 AM
Run this tool see if anything bad is found.
Please download DrWeb-CureIt and save it to your Desktop. Do NOT perform a scan yet
Please download DrWeb-CureIt and save it to your Desktop. Do NOT perform a scan yet
- Double-click on drweb-cureit.exe to start the program.
An Express Scan of your PC notice will appear. - Under Start the Express Scan Now, Click OK to start the scan.
This is a short scan that will scan the files currently running in memory.
If something is found, click the Yes button when it asks you if you want to cure it. - Once the short scan has finished, Click Options > Change settings
- Choose the Scan tab and UNcheck Heuristic analysis
- Back at the main window, click Custom Scan, then Select drives (a red dot will show which drives have been chosen).
- Then click the Start/Stop Scanning button (green arrow on the right, and the scan will start.
- When finished, a message will be displayed at the bottom advising if any viruses were found.
- Click Yes to all if it asks if you want to cure/move the file.
- When the scan has finished, look if you can see the icon next to the files found.
If so, click it, then click the next icon right below and select Move incurable.
(This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured) - Next, in the Dr.Web CureIt menu on top, click file and choose save report list.
- Save the DrWeb.csv report to your Desktop.
- Exit Dr.Web Cureit when you have finished.
- Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
- After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)
#20
- New Member
-
- Group: Members
- Posts: 13
- Joined: 24-October 11
Posted 22 November 2011 - 05:15 PM
Performed the scan and here's the log:
cnet_RegpairSetup_exe.exe;C:\Documents and Settings\Julie\My Documents\Downloads;Adware.InstallCore.2;Incurable.Deleted.;
dds.scr;C:\Documents and Settings\Julie\My Documents\Downloads;Trojan.MulDrop3.6866;Incurable.Moved.;
FastDownload.exe;C:\Documents and Settings\Julie\My Documents\Downloads;Tool.InstallToolbar.17 - read error;Invalid path to file ;
cnet_RegpairSetup_exe.exe;C:\Documents and Settings\Julie\My Documents\Downloads;Adware.InstallCore.2;Incurable.Deleted.;
dds.scr;C:\Documents and Settings\Julie\My Documents\Downloads;Trojan.MulDrop3.6866;Incurable.Moved.;
FastDownload.exe;C:\Documents and Settings\Julie\My Documents\Downloads;Tool.InstallToolbar.17 - read error;Invalid path to file ;
#21
- Forum Addict
-
- Group: Malware Response Team
- Posts: 5,053
- Joined: 16-June 06
- Gender:Male
- Location:Montreal, QC. Canada
Posted 23 November 2011 - 10:31 AM
Lets find out more about FastDownload.exe that was not found by Dr. Web.
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
If your operating system is 64 bit download this tool:
SystemLook_x64.exe
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
If your operating system is 64 bit download this tool:
SystemLook_x64.exe
- Double-click SystemLook.exe to run it.
- Copy and paste the content of the following bold text into the main textfield:
:filefind
FastDownload.exe
- Click the Look button to start the scan.
- When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
#22
- New Member
-
- Group: Members
- Posts: 13
- Joined: 24-October 11
Posted 23 November 2011 - 12:04 PM
Here's the log:
SystemLook 30.07.11 by jpshortstuff
Log created at 12:01 on 23/11/2011 by Julie
Administrator - Elevation successful
========== filefind ==========
Searching for "FastDownload.exe"
No files found.
-= EOF =-
SystemLook 30.07.11 by jpshortstuff
Log created at 12:01 on 23/11/2011 by Julie
Administrator - Elevation successful
========== filefind ==========
Searching for "FastDownload.exe"
No files found.
-= EOF =-
#23
- Forum Addict
-
- Group: Malware Response Team
- Posts: 5,053
- Joined: 16-June 06
- Gender:Male
- Location:Montreal, QC. Canada
Posted 23 November 2011 - 01:46 PM
How is the computer running now?
#24
- Forum Addict
-
- Group: Malware Response Team
- Posts: 5,053
- Joined: 16-June 06
- Gender:Male
- Location:Montreal, QC. Canada
Posted 27 November 2011 - 10:04 AM
Are you still with me?
#25
- New Member
-
- Group: Members
- Posts: 13
- Joined: 24-October 11
Posted 28 November 2011 - 12:27 PM
Still the same problem...internet runs slow and when the netbook is connected all other devices on the network run slow. I installed the 2g ram, but I haven't noticed a difference. I'm thinking about running a recovery back to factory settings and just starting fresh.
#26
- Forum Addict
-
- Group: Malware Response Team
- Posts: 5,053
- Joined: 16-June 06
- Gender:Male
- Location:Montreal, QC. Canada
Posted 28 November 2011 - 01:46 PM
Let have a look at these results first.
Please download MiniToolBox to Desktop and run it.
Checkmark the following boxes:
Click Go and copy/paste the log (Result.txt) into your next post.
Please download MiniToolBox to Desktop and run it.
Checkmark the following boxes:
- Flush DNS
- Report IE Proxy Settings
- Reset IE Proxy Settings
- List content of Hosts
- List IP Configuration
- Lst Last 10 Event Viewer Errors
- List Users, Partitions and Memory Size
Click Go and copy/paste the log (Result.txt) into your next post.
#27
- New Member
-
- Group: Members
- Posts: 13
- Joined: 24-October 11
Posted 28 November 2011 - 08:20 PM
Sure thing...here's the log:
MiniToolBox by Farbar
Ran by Julie (administrator) on 28-11-2011 at 20:15:02
Microsoft Windows XP Service Pack 3 (X86)
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Atheros AR5B93 Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros AR8132 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip
# Interface IP Configuration for "Local Area Connection"
set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
# Interface IP Configuration for "Wireless Network Connection"
set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp
popd
# End of interface IP configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : acer-399b23ec8f
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : rochester.rr.com
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Atheros AR8132 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-26-22-5A-F7-24
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . : rochester.rr.com
Description . . . . . . . . . . . : Atheros AR5B93 Wireless Network Adapter
Physical Address. . . . . . . . . : 0C-60-76-17-29-63
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.106
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Lease Obtained. . . . . . . . . . : Monday, November 28, 2011 8:13:37 PM
Lease Expires . . . . . . . . . . : Monday, December 05, 2011 8:13:37 PM
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Pinging google.com [72.14.204.105] with 32 bytes of data:
Reply from 72.14.204.105: bytes=32 time=53ms TTL=51
Reply from 72.14.204.105: bytes=32 time=44ms TTL=51
Ping statistics for 72.14.204.105:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 44ms, Maximum = 53ms, Average = 48ms
Server: UnKnown
Address: 192.168.0.1
Name: yahoo.com
Addresses: 72.30.2.43, 98.137.149.56, 98.139.180.149, 209.191.122.70
Pinging yahoo.com [98.137.149.56] with 32 bytes of data:
Reply from 98.137.149.56: bytes=32 time=77ms TTL=52
Reply from 98.137.149.56: bytes=32 time=78ms TTL=52
Ping statistics for 98.137.149.56:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 77ms, Maximum = 78ms, Average = 77ms
Server: UnKnown
Address: 192.168.0.1
Name: bleepingcomputer.com
Address: 208.43.87.2
Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.
Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 26 22 5a f7 24 ...... Atheros AR8132 PCI-E Fast Ethernet Controller - Packet Scheduler Miniport
0x3 ...0c 60 76 17 29 63 ...... Atheros AR5B93 Wireless Network Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.106 30
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.0.106 192.168.0.106 20
192.168.0.0 255.255.255.0 192.168.0.106 192.168.0.106 30
192.168.0.106 255.255.255.255 127.0.0.1 127.0.0.1 30
192.168.0.255 255.255.255.255 192.168.0.106 192.168.0.106 30
224.0.0.0 240.0.0.0 192.168.0.106 192.168.0.106 30
255.255.255.255 255.255.255.255 192.168.0.106 192.168.0.106 1
255.255.255.255 255.255.255.255 192.168.0.106 2 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Event log errors: ===============================
Application errors:
==================
Error: (11/28/2011 03:07:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 26735
Error: (11/28/2011 03:07:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 26735
Error: (11/28/2011 03:07:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/28/2011 03:07:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 24782
Error: (11/28/2011 03:07:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 24782
Error: (11/28/2011 03:07:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/28/2011 03:06:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 22829
Error: (11/28/2011 03:06:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 22829
Error: (11/28/2011 03:06:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/28/2011 03:06:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20875
System errors:
=============
Error: (11/27/2011 09:05:49 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.0.100 for the Network Card with network address 0C6076172963 has been
denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
Error: (11/27/2011 05:34:31 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the ZuneBusEnum service.
Error: (11/26/2011 06:30:49 PM) (Source: 0) (User: )
Description: D:
Error: (11/26/2011 06:30:46 PM) (Source: 0) (User: )
Description: D:
Error: (11/26/2011 06:30:43 PM) (Source: 0) (User: )
Description: D:
Error: (11/26/2011 06:30:39 PM) (Source: 0) (User: )
Description: D:
Error: (11/26/2011 06:30:08 PM) (Source: 0) (User: )
Description: D:
Error: (11/26/2011 06:30:04 PM) (Source: 0) (User: )
Description: D:
Error: (11/26/2011 06:29:29 PM) (Source: 0) (User: )
Description: D:
Error: (11/26/2011 06:28:56 PM) (Source: 0) (User: )
Description: D:
Microsoft Office Sessions:
=========================
Error: (11/14/2011 07:14:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8620 seconds with 5160 seconds of active time. This session ended with a crash.
Error: (10/26/2011 06:10:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6408 seconds with 1740 seconds of active time. This session ended with a crash.
Error: (10/23/2011 05:58:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 99699 seconds with 6120 seconds of active time. This session ended with a crash.
Error: (10/02/2011 05:53:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7725 seconds with 2700 seconds of active time. This session ended with a crash.
Error: (10/02/2011 03:44:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 91736 seconds with 720 seconds of active time. This session ended with a crash.
Error: (05/02/2011 07:20:55 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14707 seconds with 7500 seconds of active time. This session ended with a crash.
Error: (04/30/2011 04:38:48 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6338 seconds with 3660 seconds of active time. This session ended with a crash.
Error: (04/17/2011 07:15:09 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3772 seconds with 240 seconds of active time. This session ended with a crash.
Error: (03/22/2011 11:50:14 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1369 seconds with 600 seconds of active time. This session ended with a crash.
Error: (03/21/2011 07:05:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1532 seconds with 0 seconds of active time. This session ended with a crash.
========================= Memory info: ===================================
Percentage of memory in use: 56%
Total physical RAM: 2037.87 MB
Available physical RAM: 877.07 MB
Total Pagefile: 3409.48 MB
Available Pagefile: 2335 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.84 MB
========================= Partitions: =====================================
1 Drive c: (ACER) (Fixed) (Total:139.04 GB) (Free:0.52 GB) NTFS
========================= Users: ========================================
User accounts for \\ACER-399B23EC8F
Administrator Guest HelpAssistant
Julie SUPPORT_388945a0
**** End of log ****
MiniToolBox by Farbar
Ran by Julie (administrator) on 28-11-2011 at 20:15:02
Microsoft Windows XP Service Pack 3 (X86)
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Atheros AR5B93 Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros AR8132 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip
# Interface IP Configuration for "Local Area Connection"
set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
# Interface IP Configuration for "Wireless Network Connection"
set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp
popd
# End of interface IP configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : acer-399b23ec8f
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : rochester.rr.com
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Atheros AR8132 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-26-22-5A-F7-24
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . : rochester.rr.com
Description . . . . . . . . . . . : Atheros AR5B93 Wireless Network Adapter
Physical Address. . . . . . . . . : 0C-60-76-17-29-63
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.106
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Lease Obtained. . . . . . . . . . : Monday, November 28, 2011 8:13:37 PM
Lease Expires . . . . . . . . . . : Monday, December 05, 2011 8:13:37 PM
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Pinging google.com [72.14.204.105] with 32 bytes of data:
Reply from 72.14.204.105: bytes=32 time=53ms TTL=51
Reply from 72.14.204.105: bytes=32 time=44ms TTL=51
Ping statistics for 72.14.204.105:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 44ms, Maximum = 53ms, Average = 48ms
Server: UnKnown
Address: 192.168.0.1
Name: yahoo.com
Addresses: 72.30.2.43, 98.137.149.56, 98.139.180.149, 209.191.122.70
Pinging yahoo.com [98.137.149.56] with 32 bytes of data:
Reply from 98.137.149.56: bytes=32 time=77ms TTL=52
Reply from 98.137.149.56: bytes=32 time=78ms TTL=52
Ping statistics for 98.137.149.56:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 77ms, Maximum = 78ms, Average = 77ms
Server: UnKnown
Address: 192.168.0.1
Name: bleepingcomputer.com
Address: 208.43.87.2
Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.
Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 26 22 5a f7 24 ...... Atheros AR8132 PCI-E Fast Ethernet Controller - Packet Scheduler Miniport
0x3 ...0c 60 76 17 29 63 ...... Atheros AR5B93 Wireless Network Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.106 30
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.0.106 192.168.0.106 20
192.168.0.0 255.255.255.0 192.168.0.106 192.168.0.106 30
192.168.0.106 255.255.255.255 127.0.0.1 127.0.0.1 30
192.168.0.255 255.255.255.255 192.168.0.106 192.168.0.106 30
224.0.0.0 240.0.0.0 192.168.0.106 192.168.0.106 30
255.255.255.255 255.255.255.255 192.168.0.106 192.168.0.106 1
255.255.255.255 255.255.255.255 192.168.0.106 2 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Event log errors: ===============================
Application errors:
==================
Error: (11/28/2011 03:07:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 26735
Error: (11/28/2011 03:07:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 26735
Error: (11/28/2011 03:07:03 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/28/2011 03:07:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 24782
Error: (11/28/2011 03:07:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 24782
Error: (11/28/2011 03:07:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/28/2011 03:06:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 22829
Error: (11/28/2011 03:06:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 22829
Error: (11/28/2011 03:06:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/28/2011 03:06:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20875
System errors:
=============
Error: (11/27/2011 09:05:49 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.0.100 for the Network Card with network address 0C6076172963 has been
denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
Error: (11/27/2011 05:34:31 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the ZuneBusEnum service.
Error: (11/26/2011 06:30:49 PM) (Source: 0) (User: )
Description: D:
Error: (11/26/2011 06:30:46 PM) (Source: 0) (User: )
Description: D:
Error: (11/26/2011 06:30:43 PM) (Source: 0) (User: )
Description: D:
Error: (11/26/2011 06:30:39 PM) (Source: 0) (User: )
Description: D:
Error: (11/26/2011 06:30:08 PM) (Source: 0) (User: )
Description: D:
Error: (11/26/2011 06:30:04 PM) (Source: 0) (User: )
Description: D:
Error: (11/26/2011 06:29:29 PM) (Source: 0) (User: )
Description: D:
Error: (11/26/2011 06:28:56 PM) (Source: 0) (User: )
Description: D:
Microsoft Office Sessions:
=========================
Error: (11/14/2011 07:14:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8620 seconds with 5160 seconds of active time. This session ended with a crash.
Error: (10/26/2011 06:10:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6408 seconds with 1740 seconds of active time. This session ended with a crash.
Error: (10/23/2011 05:58:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 99699 seconds with 6120 seconds of active time. This session ended with a crash.
Error: (10/02/2011 05:53:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7725 seconds with 2700 seconds of active time. This session ended with a crash.
Error: (10/02/2011 03:44:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 91736 seconds with 720 seconds of active time. This session ended with a crash.
Error: (05/02/2011 07:20:55 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14707 seconds with 7500 seconds of active time. This session ended with a crash.
Error: (04/30/2011 04:38:48 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6338 seconds with 3660 seconds of active time. This session ended with a crash.
Error: (04/17/2011 07:15:09 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3772 seconds with 240 seconds of active time. This session ended with a crash.
Error: (03/22/2011 11:50:14 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1369 seconds with 600 seconds of active time. This session ended with a crash.
Error: (03/21/2011 07:05:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1532 seconds with 0 seconds of active time. This session ended with a crash.
========================= Memory info: ===================================
Percentage of memory in use: 56%
Total physical RAM: 2037.87 MB
Available physical RAM: 877.07 MB
Total Pagefile: 3409.48 MB
Available Pagefile: 2335 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.84 MB
========================= Partitions: =====================================
1 Drive c: (ACER) (Fixed) (Total:139.04 GB) (Free:0.52 GB) NTFS
========================= Users: ========================================
User accounts for \\ACER-399B23EC8F
Administrator Guest HelpAssistant
Julie SUPPORT_388945a0
**** End of log ****
#28
- Forum Addict
-
- Group: Malware Response Team
- Posts: 5,053
- Joined: 16-June 06
- Gender:Male
- Location:Montreal, QC. Canada
Posted 29 November 2011 - 09:05 AM
Please post the latest information from the MiniToolBox to a new topic in this forum.
http://www.bleepingcomputer.com/forums/forum21.html
Explain your problem and see what the expert have to say about your settings.
Please keep me posted.
http://www.bleepingcomputer.com/forums/forum21.html
Explain your problem and see what the expert have to say about your settings.
Please keep me posted.
