Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to update antivirus definitions and windows updates


  • Please log in to reply
9 replies to this topic

#1 frsc

frsc

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:08 AM

Posted 01 October 2011 - 04:15 PM

I am unable to update Security Essentials for the past month. I am also unable to update Windows. The URL download.microsoft.com is being redirected to the 127.0.0.1 when I ping it from the command line.

Also I cannot connect to most of the antivirus software sites from the browser.

I can download MalwareBytes, but it can't connect to its update site for downloading latest updates.

Since I have been facing this issue for almost a month, I have backed up all my data and formatted the system and installed Windows 7. After the install, I downloaded Security Essentials once again and I have the same issue all over again; neither I can update it nor I can access antivirus sites.

My computer seems to be badly infected with some persistent virus. Any help would be appreciated. Thanks.

BC AdBot (Login to Remove)

 


#2 Spartacus1

Spartacus1

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:38 PM

Posted 01 October 2011 - 04:37 PM

Please do the following and try again:
  • Go the Control Panel.
  • Click Network and Internet, then Network and Sharing Center, and click Change adapter settings.
  • Select the connection for which you want to configure Google Public DNS. For example:
    • To change the settings for an Ethernet connection, right-click Local Area Connection, and click Properties.
    • To change the settings for a wireless connection, right-click Wireless Network Connection, and click Properties.
    If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
  • Select the Networking tab. Under This connection uses the following items, select Internet Protocol Version 4 (TCP/IPv4) or Internet Protocol Version 6 (TCP/IPv6) and then click Properties.
  • Click Advanced and select the DNS tab. If there are any DNS server IP addresses listed there, write them down for future reference, and remove them from this window.
  • Click OK.
  • Select Use the following DNS server addresses. If there are any IP addresses listed in the Preferred DNS server or Alternate DNS server, write them down for future reference.
  • Replace those addresses with the IP addresses of the Google DNS servers:
    • For IPv4: 8.8.8.8 and/or 8.8.4.4.
    • For IPv6: 2001:4860:4860::8888 and/or 2001:4860:4860::8844
Tip: If you don't know which IP version you use, use the IPv4 settings
May thou virus bow at thy mercy when you come to me...

#3 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:38 PM

Posted 01 October 2011 - 04:55 PM

The above advice will not work if your hosts file has been modified by malware. Please do the following instead.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Edited by cryptodan, 01 October 2011 - 04:57 PM.


#4 frsc

frsc
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:08 AM

Posted 01 October 2011 - 05:15 PM

Hi cryptodan,

I verified that my hosts file was not altered. After enabling the alternate dns to google public dns, I was able to connect to antivirus sites. Here is the ping response now:

Pinging a767.ms.akamai.net [58.27.22.10] with 32 bytes of data:
Reply from 58.27.22.10: bytes=32 time=323ms TTL=53

I started the update of Security Essentials and it has not complained that the Connection Failed as of now.

I will post the Minibox results in a short while.

Thanks.

#5 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:38 PM

Posted 01 October 2011 - 05:19 PM

Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation. All rights reserved.

C:\Users\cryptodan>nslookup 58.27.22.10
Server: nsrest01.verizon.net
Address: 71.252.0.12

*** nsrest01.verizon.net can't find 58.27.22.10: Non-existent domain

C:\Users\cryptodan>

C:\Users\cryptodan>nslookup a767.ms.akamai.net
Server: nsrest01.verizon.net
Address: 71.252.0.12

Non-authoritative answer:
Name: a767.ms.akamai.net
Addresses: 65.197.197.33
65.197.197.8

C:\Users\cryptodan>

So yes your host file has been altered.

#6 frsc

frsc
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:08 AM

Posted 01 October 2011 - 05:33 PM

Wow, I didn't occur to me to check that IP. Thanks for doing that for me.

Security Essentials seems to be updating fine as of now.

Here is the content of Result.txt:

MiniToolBox by Farbar 
Ran by minato (administrator) on 02-10-2011 at 03:58:43
Windows 7 Professional N  (X86)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost


127.0.0.1 localhost

========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : minato-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
   Physical Address. . . . . . . . . : 00-24-1D-A5-AC-29
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9a3:e8cc:2e04:9112%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, October 02, 2011 3:19:14 AM
   Lease Expires . . . . . . . . . . : Monday, October 03, 2011 3:33:13 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234890269
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-19-CA-83-00-24-1D-A5-AC-29
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{0D67CF1D-629F-454E-949F-0F37B173CD9B}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2c16:1aaf:3f57:fefd(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::2c16:1aaf:3f57:fefd%13(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    google.com
Addresses:  74.125.236.84
	  74.125.236.80
	  74.125.236.82
	  74.125.236.81
	  74.125.236.83


Pinging google.com [74.125.236.84] with 32 bytes of data:
Reply from 74.125.236.84: bytes=32 time=65ms TTL=55
Reply from 74.125.236.84: bytes=32 time=63ms TTL=55

Ping statistics for 74.125.236.84:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 63ms, Maximum = 65ms, Average = 64ms
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    yahoo.com
Addresses:  209.191.122.70
	  67.195.160.76
	  72.30.2.43
	  98.137.149.56
	  98.139.180.149


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=306ms TTL=50
Reply from 209.191.122.70: bytes=32 time=301ms TTL=50

Ping statistics for 209.191.122.70:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 301ms, Maximum = 306ms, Average = 303ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...00 24 1d a5 ac 29 ......NVIDIA nForce Networking Controller
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    276
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:4137:9e76:2c16:1aaf:3f57:fefd/128
                                    On-link
 11    276 fe80::/64                On-link
 13    306 fe80::/64                On-link
 11    276 fe80::9a3:e8cc:2e04:9112/128
                                    On-link
 13    306 fe80::2c16:1aaf:3f57:fefd/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/02/2011 03:19:59 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {24f1a9c1-aec8-4e7b-bade-9663e6a64060}


System errors:
=============
Error: (10/02/2011 03:32:11 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY59

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\SYSTEM

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 03:23:47 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY51

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\NETWORK SERVICE

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 03:23:47 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY51

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\NETWORK SERVICE

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 03:23:47 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY51

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\NETWORK SERVICE

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 03:23:47 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY51

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\NETWORK SERVICE

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 03:23:47 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY51

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\NETWORK SERVICE

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 03:23:41 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY51

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\NETWORK SERVICE

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 03:23:41 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY51

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\NETWORK SERVICE

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 03:23:41 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY51

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\NETWORK SERVICE

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 03:23:41 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY51

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\NETWORK SERVICE

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (10/02/2011 03:19:59 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {24f1a9c1-aec8-4e7b-bade-9663e6a64060}


=========================== Installed Programs ============================

Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Mozilla Firefox 7.0.1 (x86 en-US) (Version: 7.0.1)
Spybot - Search & Destroy (Version: 1.6.2)
STOPzilla (Version: 5.0.95.144)

========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 3519.55 MB
Available physical RAM: 2215.15 MB
Total Pagefile: 7037.39 MB
Available Pagefile: 5970.78 MB
Total Virtual: 2047.88 MB
Available Virtual: 1952.7 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:19.53 GB) (Free:8.17 GB) NTFS
3 Drive d: () (Fixed) (Total:21.39 GB) (Free:21.3 GB) NTFS
4 Drive e: (GRMCNPRFRER_EN_DVD) (CDROM) (Total:2.08 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\MINATO-PC

Administrator            Guest                    home-pc                  
minato                   

========================= Minidump Files ==================================

No minidump file found

**** End of log ****


#7 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:38 PM

Posted 01 October 2011 - 05:46 PM

You should have way more programs listed as installed unless you edited the file prior to posting.

Also can you revert back to what you had prior to entering the public DNS Information from Google?

#8 frsc

frsc
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:08 AM

Posted 01 October 2011 - 06:01 PM

This is a fresh install. So Security Essentials, Spybot, Stopzilla, and Firefox are the only programs I have installed so far. Unfortunately within a couple of minutes of enabling Google Public DNS, the windows update picked up and is downloading updates. Windows Update should be done in about 5 minutes. Once that is done, I will revert the DNS settings and post the log again.

#9 frsc

frsc
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:08 AM

Posted 02 October 2011 - 02:57 AM

Hello again Cryptodan,

Sorry, but I have dozed off last night. Here is the result.txt after removing the Google Public DNS

MiniToolBox by Farbar 
Ran by minato (administrator) on 02-10-2011 at 13:24:35
Windows 7 Professional N  (X86)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost


127.0.0.1 localhost

========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : minato-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
   Physical Address. . . . . . . . . : 00-24-1D-A5-AC-29
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9a3:e8cc:2e04:9112%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, October 02, 2011 12:44:02 PM
   Lease Expires . . . . . . . . . . : Monday, October 03, 2011 1:24:09 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234890269
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-19-CA-83-00-24-1D-A5-AC-29
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{0D67CF1D-629F-454E-949F-0F37B173CD9B}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:24bc:360d:3f57:fefd(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::24bc:360d:3f57:fefd%13(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  72.14.204.99
	  72.14.204.103
	  72.14.204.104
	  72.14.204.147
	  72.14.204.105


Pinging google.com [72.14.204.104] with 32 bytes of data:
Reply from 72.14.204.104: bytes=32 time=398ms TTL=49
Reply from 72.14.204.104: bytes=32 time=398ms TTL=49

Ping statistics for 72.14.204.104:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 398ms, Maximum = 398ms, Average = 398ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  72.30.2.43
	  98.139.180.149
	  98.137.149.56
	  67.195.160.76
	  209.191.122.70


Pinging yahoo.com [98.137.149.56] with 32 bytes of data:
Reply from 98.137.149.56: bytes=32 time=334ms TTL=53
Reply from 98.137.149.56: bytes=32 time=336ms TTL=53

Ping statistics for 98.137.149.56:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 334ms, Maximum = 336ms, Average = 335ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=10ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 3ms, Maximum = 10ms, Average = 6ms
===========================================================================
Interface List
 11...00 24 1d a5 ac 29 ......NVIDIA nForce Networking Controller
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    276
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:4137:9e76:24bc:360d:3f57:fefd/128
                                    On-link
 11    276 fe80::/64                On-link
 13    306 fe80::/64                On-link
 11    276 fe80::9a3:e8cc:2e04:9112/128
                                    On-link
 13    306 fe80::24bc:360d:3f57:fefd/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/02/2011 08:44:49 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (10/02/2011 08:44:46 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (10/02/2011 03:19:59 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {24f1a9c1-aec8-4e7b-bade-9663e6a64060}


System errors:
=============
Error: (10/02/2011 08:49:56 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (10/02/2011 06:05:15 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
is3srv

Error: (10/02/2011 06:03:48 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY59

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\SYSTEM

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 06:03:48 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY59

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\SYSTEM

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 05:45:05 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY51

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\NETWORK SERVICE

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 05:45:05 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY51

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\NETWORK SERVICE

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 05:45:05 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY51

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\NETWORK SERVICE

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 05:45:05 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY51

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\NETWORK SERVICE

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 05:45:05 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY51

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\NETWORK SERVICE

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/02/2011 05:37:04 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 0.0.0.0

	Update Source: %NT AUTHORITY59

	Update Stage: 3.0.8402.00

	Source Path: 3.0.8402.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\SYSTEM

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (10/02/2011 08:44:49 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

Error: (10/02/2011 08:44:46 AM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (10/02/2011 03:19:59 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {24f1a9c1-aec8-4e7b-bade-9663e6a64060}


=========================== Installed Programs ============================

7-Zip 9.20
CCleaner (Version: 3.11)
Everything 1.2.1.371
ImgBurn (Version: 2.5.5.0)
Java Auto Updater (Version: 2.0.6.1)
Java(TM) 6 Update 27 (Version: 6.0.270)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Mozilla Firefox 7.0.1 (x86 en-US) (Version: 7.0.1)
Notepad++ (Version: 5.9.3)
Notepad2 (Notepad Replacement) (Version: 4.2.25 )
Spybot - Search & Destroy (Version: 1.6.2)
SumatraPDF (Version: 1.8)

========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 3519.55 MB
Available physical RAM: 2765.72 MB
Total Pagefile: 7037.39 MB
Available Pagefile: 6013.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1962.09 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:19.53 GB) (Free:6.01 GB) NTFS
3 Drive d: () (Fixed) (Total:21.39 GB) (Free:21.29 GB) NTFS
4 Drive e: (GRMCNPRFRER_EN_DVD) (CDROM) (Total:2.08 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\MINATO-PC

Administrator            Guest                    home-pc                  
minato                                       

========================= Minidump Files ==================================

No minidump file found

**** End of log ****


#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:38 PM

Posted 02 October 2011 - 08:40 AM

Can you perform an nslookup on the above address:

C:\Users\cryptodan>nslookup a767.ms.akamai.net
Server: nsrest01.verizon.net
Address: 71.252.0.12

Non-authoritative answer:
Name: a767.ms.akamai.net
Addresses: 63.97.123.57
63.97.123.75
63.97.123.56
63.97.123.58


C:\Users\cryptodan>




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users