Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser redirects following Windows 7 Recovery virus uninstall


  • Please log in to reply
23 replies to this topic

#1 Lamenz

Lamenz

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 07 June 2011 - 04:47 PM

A few weeks ago, my laptop was infected with the Windows 7 Recovery virus- which I figured out after reading through several forums on this site. I followed the uninstall guide as directed, including: Running Rkill (which stopped several processes), Kaspersky TDSS (which came up clean), followed by Malwarebytes (had over 25 infections), and finally scanned with Avast.

This seemed to fix everything, and I was able to get everything up and running as usual. Over the past 2 weeks, I started noticing browser redirects- and now they seem to be occurring more frequently. I keep running the scans, and besides 1 infection on Malwarebytes, which was fixed, nothing ever comes up. However, the redirects keep happening.

I did read one other forum, which prompted me to run Hitman Pro- it doesn't appear to bring up any issues, but I'm not really sure what I'm looking for. I am a novice when it comes to computers- I do my best to follow steps & guides , etc... but that's where my abilities end. I'm hoping someone can help me figure out if my computer is still infected, and if so, how to fix it. Prior to posting this comment, I did install the DeFogger software, and created a backup of all files.

My computer information is as follows:
Toshiba Satellite L505D
Window 7 Home edition
32-bit operating system


Thank you!!!!!!!!

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:14 AM

Posted 11 June 2011 - 09:23 PM

Can you post the logs from Malwarebytes and tdss killer?

#3 Lamenz

Lamenz
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 11 June 2011 - 09:45 PM

Yes, here are the Malwarebyte logs starting 5/14 & 5/15, when I was trying to get rid of the Windows 7 recovery virus. The rest are within the past few weeks, when only 1 or 2 infections showed up. The Tdss killer has never found anything- it always says the the scans are clean- do you still want those logs?

Malwarebytes' Anti-Malware 1.41
Database version: 3283
Windows 6.1.7600 (Safe Mode)

5/14/2011 5:43:07 PM
mbam-log-2011-05-14 (17-43-07).txt

Scan type: Quick Scan
Objects scanned: 99904
Time elapsed: 3 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vlujiviyi (Trojan.Agent.U) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rjeyavurogehuda (Trojan.Agent.U) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Data: c:\users\rando\appdata\local\temp\csrss.exe -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\Rando\AppData\Local\Temp\csrss.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Rando\AppData\Local\sDMevip.dll (Trojan.Agent.U) -> Quarantined and deleted successfully.
C:\Users\Rando\AppData\Local\opinuyozewahatew.dll (Trojan.Agent.U) -> Quarantined and deleted successfully.
C:\Users\Rando\AppData\Local\Temp\0.002422506516179479.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Rando\AppData\Local\Temp\0.31328206587040863.exe (Trojan.Dropper) -> Quarantined and deleted successfully.


5/15/2011 3:49:20 AM
mbam-log-2011-05-15 (03-49-20).txt

Scan type: Quick Scan
Objects scanned: 102836
Time elapsed: 4 minute(s), 45 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
C:\Users\Rando\AppData\Local\Temp\csrss.exe (Trojan.Agent) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Data: c:\users\rando\appdata\local\temp\csrss.exe -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\Rando\AppData\Local\Temp\csrss.exe (Trojan.Agent) -> Quarantined and deleted successfully.

5/15/2011 8:47:52 PM
mbam-log-2011-05-15 (20-47-52).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 252705
Time elapsed: 1 hour(s), 15 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 6
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 26

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\conhost (Backdoor.Cycbot.Gen) -> Value: conhost -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\conhost (Backdoor.Cycbot.Gen) -> Value: conhost -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eGJterJSMsHHPPC (Rogue.Installer.Gen) -> Value: eGJterJSMsHHPPC -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Value: Load -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell.Gen) -> Value: Shell -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Backdoor.Cycbot.Gen) -> Bad: (C:\Users\Rando\AppData\Local\Temp\csrss.exe) Good: () -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Rando\AppData\Roaming\microsoft\conhost.exe (Backdoor.Cycbot.Gen) -> Quarantined and deleted successfully.
c:\programdata\egjterjsmshhppc.exe (Rogue.Installer.Gen) -> Quarantined and deleted successfully.
c:\Users\Rando\AppData\Local\Temp\csrss.exe (Backdoor.Cycbot.Gen) -> Quarantined and deleted successfully.
c:\Users\Rando\AppData\Local\Temp\3939.tmp (Rogue.Installer.Gen) -> Quarantined and deleted successfully.
c:\Users\Rando\AppData\Local\Temp\3D40.tmp (Backdoor.Cycbot.Gen) -> Quarantined and deleted successfully.
c:\Users\Rando\AppData\Local\Temp\setup4152241120.exe (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.
c:\Users\Rando\AppData\Roaming\dwm.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Rando\AppData\Roaming\Adobe\plugs\mmc156770193.txt (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\CEA7___0.tmp (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\setup1219598890.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\setup1317140430.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\setup1491249120.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\setup1910342980.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\setup2739588450.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\setup302466100.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\setup3206207841.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\setup3432115800.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\setup347726261.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\setup3660174570.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\setup3865192770.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\setup4078561941.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\setup556057941.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\setup62491130.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Rando\doctorweb\quarantine\setup926096690.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\programdata\29679352.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.
c:\Users\Rando\downloads\eXplorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.


5/15/2011 10:19:02 PM
mbam-log-2011-05-15 (22-19-02).txt

Scan type: Quick scan
Objects scanned: 166290
Time elapsed: 4 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

5/19/2011 4:08:33 PM
mbam-log-2011-05-19 (16-08-33).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 254122
Time elapsed: 1 hour(s), 35 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\users\rando\appdata\locallow\sun\java\deployment\cache\6.0\37\1fdfe3e5-10d755f4 (Trojan.Downloader) -> Not selected for removal.
c:\Users\Rando\2gweorjqjutp92vjy9gake (Malware.Trace) -> Quarantined and deleted successfully.


6/4/2011 9:02:33 AM
mbam-log-2011-06-04 (09-02-33).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 265104
Time elapsed: 1 hour(s), 50 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Rando\AppData\Roaming\Adobe\shed\thr1.chm (Malware.Trace) -> Quarantined and deleted successfully.

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:14 AM

Posted 11 June 2011 - 11:22 PM

Please update mbam and run a complete scan.

#5 Lamenz

Lamenz
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 12 June 2011 - 02:26 PM

I have been updating & running a complete scan everyday, and it keeps coming up clean- yet the redirects keep happening. Here is the log from today, after it was updated:

6/12/2011 3:23:10 PM
mbam-log-2011-06-12 (15-23-09).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 268929
Time elapsed: 1 hour(s), 44 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:14 AM

Posted 12 June 2011 - 02:56 PM

I need to see the full log you missing a very critical part of the log I will show you what I need:

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6798

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

6/7/2011 17:42:54
mbam-log-2011-06-07 (17-42-54).txt

Scan type: Full scan (C:\|)
Objects scanned: 380680
Time elapsed: 42 minute(s), 28 second(s)

I need to see that portion of it.

How many computers do you have on this network?

#7 Lamenz

Lamenz
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 12 June 2011 - 03:13 PM

Sorry-

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6842

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

6/12/2011 3:23:10 PM
mbam-log-2011-06-12 (15-23-09).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 268929
Time elapsed: 1 hour(s), 44 minute(s), 32 second(s)


I have only one computer, it's not networked with anything else.

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:14 AM

Posted 12 June 2011 - 03:16 PM

Please download MiniToolBox, save it to your desktop and run it.

Checkmark following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

#9 Lamenz

Lamenz
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 12 June 2011 - 03:24 PM

Thanks, here are the results:

MiniToolBox by Farbar
Ran by Rando (administrator) on 12-06-2011 at 16:21:20
Windows 7 Home Premium (X86)

***************************************************************************


================= Flush DNS: ==============================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

================= End of Flush DNS ========================================

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= End of IE Proxy Settings ========================

"Reset IE Proxy Settings": Proxy Settings were reset.

=============== Hosts content: ============================================

# Copyright © 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost

=============== End of Hosts ==============================================

================= IP Configuration: =======================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Rando-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 70-1A-04-19-59-95
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Realtek RTL8187SE Wireless LAN PCIE Network Adapter
Physical Address. . . . . . . . . : 70-1A-04-19-59-95
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8911:5ed2:5655:7bd7%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, June 10, 2011 11:55:40 PM
Lease Expires . . . . . . . . . . : Monday, June 13, 2011 1:35:59 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 309336580
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-44-32-19-00-1E-33-F7-4A-ED
DNS Servers . . . . . . . . . . . : 192.168.1.1
71.242.0.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-1E-33-F7-4A-ED
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{96D03D1A-798C-469C-923F-892351F71C41}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1877:b5d:93ef:8108(Preferred)
Link-local IPv6 Address . . . . . : fe80::1877:b5d:93ef:8108%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{202D59F2-652F-4A17-B4A2-12CC91388794}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.115.147
74.125.115.104
74.125.115.103
74.125.115.105
74.125.115.106
74.125.115.99


Pinging google.com [74.125.91.147] with 32 bytes of data:
Reply from 74.125.91.147: bytes=32 time=27ms TTL=252
Reply from 74.125.91.147: bytes=32 time=25ms TTL=252

Ping statistics for 74.125.91.147:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 25ms, Maximum = 27ms, Average = 26ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 69.147.125.65
72.30.2.43
98.137.149.56
209.191.122.70
67.195.160.76


Pinging yahoo.com [67.195.160.76] with 32 bytes of data:
Reply from 67.195.160.76: bytes=32 time=15ms TTL=53
Reply from 67.195.160.76: bytes=32 time=16ms TTL=53

Ping statistics for 67.195.160.76:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 15ms, Maximum = 16ms, Average = 15ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...70 1a 04 19 59 95 ......Microsoft Virtual WiFi Miniport Adapter
12...70 1a 04 19 59 95 ......Realtek RTL8187SE Wireless LAN PCIE Network Adapter
11...00 1e 33 f7 4a ed ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:1877:b5d:93ef:8108/128
On-link
12 281 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::1877:b5d:93ef:8108/128
On-link
12 281 fe80::8911:5ed2:5655:7bd7/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

================= End of IP Configuration =================================

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/12/2011 01:35:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1867239

Error: (06/12/2011 01:35:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1867239

Error: (06/12/2011 01:35:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/12/2011 01:04:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1389

Error: (06/12/2011 01:04:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1389

Error: (06/12/2011 01:04:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/12/2011 01:00:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9561801

Error: (06/12/2011 01:00:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9561801

Error: (06/12/2011 01:00:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/12/2011 01:00:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9560584


System errors:
=============
Error: (06/12/2011 01:39:43 PM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Error: (06/12/2011 01:35:51 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (06/12/2011 01:00:24 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (06/12/2011 10:08:00 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (06/11/2011 10:27:04 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (06/11/2011 10:49:39 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (06/11/2011 00:43:03 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (06/10/2011 11:55:35 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (06/09/2011 07:27:39 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (06/09/2011 06:36:58 PM) (Source: atikmdag) (User: )
Description: Display is not active


Microsoft Office Sessions:
=========================
Error: (06/12/2011 01:35:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1867239

Error: (06/12/2011 01:35:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1867239

Error: (06/12/2011 01:35:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/12/2011 01:04:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1389

Error: (06/12/2011 01:04:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1389

Error: (06/12/2011 01:04:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/12/2011 01:00:23 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9561801

Error: (06/12/2011 01:00:23 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9561801

Error: (06/12/2011 01:00:23 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/12/2011 01:00:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9560584


========================= End of Event log errors =========================

#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:14 AM

Posted 12 June 2011 - 03:44 PM

Can you please remove Bonjour and also you may need to update your ATI Drivers.


So you connect directly to the internet via a Modem/Router Combo device?

#11 Lamenz

Lamenz
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 12 June 2011 - 03:50 PM

Ok, I uninstalled Bonjour- not sure how to update ATI drivers. Yes, I connect to the internet directly through a modem/router.

#12 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:14 AM

Posted 12 June 2011 - 04:08 PM

You can update the drivers for ATI going to http://www.amd.com

Prior to doing so Please perform the following, so that we can get the exact specs of your computer. This will better assist us in helping you more.

Publish a Snapshot using Speccy

The below is for those who cannot get online

Please take caution when attaching a text file to your post if you cannot copy/paste the link to your post, you will need to edit it to make sure that your Windows Key is not present.

Edited by cryptodan, 12 June 2011 - 04:08 PM.


#13 Lamenz

Lamenz
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 12 June 2011 - 04:22 PM

Here is the link:

http://speccy.piriform.com/results/Pcqf8ZK1bCu3Wkjzg7huwPk

#14 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:14 AM

Posted 12 June 2011 - 04:27 PM

You will need to head over to Toshiba's website and download the latest drivers for your video card, and I would highly recommend updating to SP1 via http://www.microsoft.com/downloads/en/details.aspx?FamilyID=c3202ce6-4056-4059-8a1b-3a9b77cdfdda&displaylang=en### and download the following: windows6.1-KB976932-X86.exe

#15 Lamenz

Lamenz
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 12 June 2011 - 06:28 PM

Ok, I updated the AMD/ATI display driver from the Toshiba website- I hope this was the correct one.
Then I upgraded to SPI via the link that you provided.

Edited by Lamenz, 12 June 2011 - 06:29 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users