Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't access web pages, but internet access ok?


  • Please log in to reply
35 replies to this topic

#1 szchris384

szchris384

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Surrey, BC Canada
  • Local time:06:35 AM

Posted 19 November 2011 - 01:34 PM

Some help would be appreciate.

I can not access web pages, but there is access to the internet.
By this I mean, I can remotely access my dads computer via TeamViewer, but I can't access any web pages.
I've searched for solutions, couldn't find anything relating.

History:
Nov 10'ish, can't access web pages in IE 8 or Crome and Outlook email send/recieve didn't work. But COULD logon to Dads computer via TeamViewer and Remote Admin. Could NOT logon to my cpu remotely.

What I've done:
In IE 8, Reset IE settings to default, under Advanced settings
In IE 8, Restored Advanced settings
Rebooted, same web page issue.

Did 1 Restore to a system restore point a few days earlier (Nov 8'ish I think)
Upon reboot this message appeared:
Windows XP could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SYSTEM
Found a Micorsoft Fix
Did a manual restore to Nov 6th. (explained below)
Problem solved. Web pages now loading.

Rebooted next day, same webpage issue back.
Did the same manual restore to Nov 6th (even though it booted fine)
Problem solved.

Seems every time I reboot,issue comes back.

Process for manual restore.
Found a tutorial on Microsoft site:
http://support.microsoft.com/kb/307545

Thanks for any help on this issue.
Chris
XP-home

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:35 AM

Posted 19 November 2011 - 08:04 PM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 szchris384

szchris384
  • Topic Starter

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Surrey, BC Canada
  • Local time:06:35 AM

Posted 22 November 2011 - 08:06 PM

Thanks for the reply

Nov 22/11
What I did based on your instructions:

IE working fine
Ran Security Check, log posted
Ran MiniToolkit, log posted
MBAM was already installed
-v 1.51.2.1300 (8220)
-did a quick scan, log posted
-did an update as my other computer had (8221)
-got an error when trying to update
-screen capture of error inserted here
D:\My Documents\Bleeping Computer\2011 Nov 22\MBAM update error.JPG
-IE NOT working anymore, neither did Crome
-however I could still logon to Dads computer via TeamViewer

Rebooted CPU

IE NOT working
No internet at all, eg. CAN NOT logon to Dads computer via TeamViewer

Ran Security Check again, log created but not posted
Ran MiniToolkit check again, log created but not posted

Restored back to Sunday Nov 20

IE and Crome work again
MBAM, did an update to (8221)
-did a quick scan, log created but not posted, 0 results

Downloaded GMER
-Stopped ZoneAlarm and MBAM
-Ran GMER, took very long time approx 1.5 hrs
-Log created and posted



LOGS
====

Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
ZoneAlarm Antivirus
ZoneAlarm Firewall
ZoneAlarm Backup Powered by IDrive version 1.0.5 February 10, 2
ZoneAlarm Internet Security Suite
ZoneAlarm Toolbar
ZoneAlarm Security
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
CCleaner
Java™ 6 Update 29
Adobe Flash Player ( 10.1.102.64) Flash Player Out of Date!
Adobe Reader X (10.1.0) Adobe Reader Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
CheckPoint ZoneAlarm vsmon.exe
CheckPoint ZoneAlarm zatray.exe
ZoneAlarmBackup ZABackupWebM.exe
ZoneAlarmBackup ZABackup Service.exe
``````````End of Log````````````






MiniToolBox by Farbar
Ran by Chris (administrator) on 22-11-2011 at 13:25:26
Microsoft Windows XP Service Pack 3 (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=static addr=192.168.1.51 mask=255.255.255.0
set address name="Local Area Connection" gateway=192.168.1.254 gwmetric=0
set dns name="Local Area Connection" source=static addr=none register=PRIMARY
set wins name="Local Area Connection" source=static addr=none


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : office Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : NoEthernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller Physical Address. . . . . . . . . : 00-1E-8C-07-18-FD Dhcp Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 192.168.1.51 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.254Server: UnKnown
Address: 127.0.0.1

Pinging google.com [74.125.224.52] with 32 bytes of data:Reply from 74.125.224.52: bytes=32 time=49ms TTL=53Reply from 74.125.224.52: bytes=32 time=48ms TTL=53Ping statistics for 74.125.224.52: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 48ms, Maximum = 49ms, Average = 48msServer: UnKnown
Address: 127.0.0.1

Pinging yahoo.com [98.139.180.149] with 32 bytes of data:Reply from 98.139.180.149: bytes=32 time=239ms TTL=50Reply from 98.139.180.149: bytes=32 time=95ms TTL=50Ping statistics for 98.139.180.149: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 95ms, Maximum = 239ms, Average = 167msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1e 8c 07 18 fd ...... Attansic L1 Gigabit Ethernet 10/100/1000Base-T Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.51 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.51 192.168.1.51 20
192.168.1.0 255.255.255.0 192.168.1.51 192.168.1.51 10
192.168.1.51 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.1.255 255.255.255.255 192.168.1.51 192.168.1.51 10
224.0.0.0 240.0.0.0 192.168.1.51 192.168.1.51 10
255.255.255.255 255.255.255.255 192.168.1.51 192.168.1.51 1
Default Gateway: 192.168.1.254
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/22/2011 01:14:12 PM) (Source: Application Error) (User: )
Description: Faulting application DynUpSvc.exe, version 4.1.9.0, faulting module unknown, version 0.0.0.0, fault address 0x00df3251.
Processing media-specific event for [DynUpSvc.exe!ws!]

Error: (11/22/2011 00:38:29 AM) (Source: Application Error) (User: )
Description: Faulting application iTunes.exe, version 10.5.0.142, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [iTunes.exe!ws!]

Error: (11/20/2011 07:42:30 PM) (Source: Microsoft Office 11) (User: )
Description: Accepted Safe Mode action : Microsoft Office Outlook.

Error: (11/19/2011 09:28:29 AM) (Source: LoadPerf) (User: )
Description: The performance counter name string value in the registry is incorrectly
formatted. The bogus string is 11212, the bogus index value is the first
DWORD in Data section while the last valid index values are the second and
third DWORD in Data section.

Error: (11/19/2011 09:28:26 AM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The
Error code is the first DWORD in Data section.

Error: (11/19/2011 09:28:26 AM) (Source: LoadPerf) (User: )
Description: The performance counter name string value in the registry is incorrectly
formatted. The bogus string is 11212, the bogus index value is the first
DWORD in Data section while the last valid index values are the second and
third DWORD in Data section.

Error: (11/13/2011 05:05:46 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80080005.

Error: (11/13/2011 09:01:34 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80080005.

Error: (11/13/2011 04:59:49 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80080005.

Error: (11/11/2011 08:59:31 AM) (Source: LoadPerf) (User: )
Description: The performance counter name string value in the registry is incorrectly
formatted. The bogus string is 11212, the bogus index value is the first
DWORD in Data section while the last valid index values are the second and
third DWORD in Data section.


System errors:
=============
Error: (11/22/2011 01:14:44 PM) (Source: Service Control Manager) (User: )
Description: The Dyn Updater service terminated unexpectedly. It has done this 1 time(s).

Error: (11/22/2011 00:39:06 AM) (Source: 0) (User: )
Description: \Device\Harddisk2\D

Error: (11/22/2011 00:39:04 AM) (Source: 0) (User: )
Description: \Device\Harddisk2\D

Error: (11/22/2011 00:39:03 AM) (Source: 0) (User: )
Description: \Device\Harddisk2\D

Error: (11/22/2011 00:39:01 AM) (Source: 0) (User: )
Description: \Device\Harddisk2\D

Error: (11/22/2011 00:38:42 AM) (Source: 0) (User: )
Description: \Device\Harddisk2\D

Error: (11/22/2011 00:38:40 AM) (Source: 0) (User: )
Description: \Device\Harddisk2\D

Error: (11/22/2011 00:36:52 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.

Error: (11/22/2011 00:36:09 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the GenieTimelineService service.

Error: (11/22/2011 00:35:19 AM) (Source: Service Control Manager) (User: )
Description: The SSPORT service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (11/22/2011 01:14:12 PM) (Source: Application Error)(User: )
Description: DynUpSvc.exe4.1.9.0unknown0.0.0.000df3251

Error: (11/22/2011 00:38:29 AM) (Source: Application Error)(User: )
Description: iTunes.exe10.5.0.142unknown0.0.0.000000000

Error: (11/20/2011 07:42:30 PM) (Source: Microsoft Office 11)(User: )
Description: Microsoft Office OutlookOutlook experienced a serious error the last time the add-in 'google calendar sync' was opened. Would you like to disable this add-in?
To reactivate this add-in, click About Microsoft Office Outlook on the Help menu, and then click Disabled Items

Error: (11/19/2011 09:28:29 AM) (Source: LoadPerf)(User: )
Description: 11212

Error: (11/19/2011 09:28:26 AM) (Source: LoadPerf)(User: )
Description: WmiApRplWmiApRpl

Error: (11/19/2011 09:28:26 AM) (Source: LoadPerf)(User: )
Description: 11212

Error: (11/13/2011 05:05:46 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80080005

Error: (11/13/2011 09:01:34 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80080005

Error: (11/13/2011 04:59:49 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80080005

Error: (11/11/2011 08:59:31 AM) (Source: LoadPerf)(User: )
Description: 11212


=========================== Installed Programs ============================

7-Zip 9.20
Acrobat.com (Version: 1.7.186)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (Version: 9.4.5)
Adobe Acrobat 9.4.5 - CPSID_83708
Adobe AIR (Version: 2.7.0.19530)
Adobe Bridge 1.0 (Version: 001.000.000)
Adobe Common File Installer (Version: 1.00.0000)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.34)
Adobe Flash Player 10 Plugin (Version: 10.1.102.64)
Adobe Help Center 2.1 (Version: 2.1)
Adobe Photoshop CS2 (Version: 9.0)
Adobe Reader X (10.1.0) (Version: 10.1.0)
Adobe Stock Photos 1.0 (Version: 001.000.000)
Air Video Server 2.4.3 (Version: 2.4.3)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (Version: 2.1.3.127)
Ashampoo Undeleter v.1.00 (Version: 1.0.0)
Attansic Ethernet Utility (Version: 2.0.60.5)
Attansic L1 Gigabit Ethernet Driver
AVS Server 1.4.3
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.11)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
ConvertXtoDVD 4.0.3.313 (Version: 4.0.3.313)
CSV2QIF (Version: 1.0.0.8)
Decor Express (Version: 3.298.20)
DiskAid 4.1 (Version: 4.1)
DVDFab 6.2.0.5 (11/11/2009)
Dyn Updater (Version: 4.1.10)
EPSON Copy Utility
EPSON Photo Print
EPSON Printer Software
EPSON Scan
EPSON Smart Panel
FMS
Folder Size for Windows (Version: 2.4)
Genie Timeline Professional 2.1 (Version: 2.1)
Google Calendar Sync
Google Earth Plug-in (Version: 6.1.0.5001)
Google Talk Plugin (Version: 2.4.6.4433)
Google Update Helper (Version: 1.3.21.79)
Hard Disk Low Level Format Tool 2.36 build 1181
HD Tune 2.55
Image Resizer Powertoy for Windows XP (Version: 1.00.0001)
ImageConverter Plus 8.0 (Version: 8.0.105 (build: 110201))
ImTOO DVD Ripper Ultimate 6 (Version: 6.0.12.1105)
ImTOO DVD Ripper Ultimate 6 (Version: 6.0.5.0624)
iPhone Explorer 2.005
iSofter DVD Ripper Platinum 3.0.2007.228
iTunes (Version: 10.5.0.142)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
K-Lite Codec Pack 6.7.0 (Standard) (Version: 6.7.0)
LaserJet 1020 series
Lavasoft Reghance 2.1 -licensed- (Version: 1.1)
LimeWire PRO 4.17.0 (Version: 4.17.0)
Logitech® Camera Driver
LogMeIn (Version: 4.1.1578)
Magic ISO Maker v5.5 (build 0281)
Magical Jelly Bean KeyFinder (Version: 2.0.8.1)
MagicDisc 2.7.106
Maintenance Samsung CLP-320 Series
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Money 2007 Home & Business (Version: 16)
Microsoft Money Shared Libraries (Version: 16.0.0.621)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MVision (Version: 11.10.2030)
Nero 7 Ultra Edition (Version: 7.02.9753)
neroxml (Version: 1.0.0)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA nView Desktop Manager (Version: 6.14.10.13527)
NVIDIA PhysX (Version: 9.09.0814)
OJOsoft Total Video Converter (Version: 2.7.6.0419)
PeerGuardian 2.0 (Version: 2.0.6.5)
PowerISO
QuickTax 2009 (Version: 1.00.0000)
QuickTime (Version: 7.71.80.42)
Radmin Viewer 3.2 (Version: 3.20.0000)
Realtek High Definition Audio Driver (Version: 5.10.0.5391)
Remote Administrator v2.2
Revo Uninstaller Pro 2.5.3 (Version: 2.5.3)
RPS CRT (Version: 9.0.48)
ScanToWeb
SeaTools for Windows (Version: 1.2.0.1)
Secunia PSI (2.0.0.3001)
Skype Toolbars (Version: 5.0.4137)
Skype™ 5.1 (Version: 5.1.112)
Smart Viewer for DVR-MON(190)
SoftV90 Data Fax Voice Modem
TeamViewer 6 (Version: 6.0.11117)
Torrent Episode Downloader (Version: 0.9715)
TurboTax 2010 (Version: 1.00.0000)
Tweak UI
VC 9.0 Runtime (Version: 1.0.0)
VLC media player 1.1.10 (Version: 1.1.10)
VNC Enterprise Edition E4.3.2 (Version: E4.3.2)
VNC Mirror Driver 1.7.1 (Version: 1.7.1)
Vuze (Version: 4.6)
WebFldrs XP (Version: 9.50.7523)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 8 (Version: 20090308.140743)
WinRAR archiver
Yahoo! SiteBuilder (Version: 2.4.0)
ZoneAlarm Antivirus (Version: 10.0.246.000)
ZoneAlarm Backup Powered by IDrive version 1.0.5 February 10, 2 (Version: 1.0.5)
ZoneAlarm Firewall (Version: 10.0.246.000)
ZoneAlarm Internet Security Suite (Version: 10.0.246.000)
ZoneAlarm Security (Version: 10.0.246.000)
ZoneAlarm Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 34%
Total physical RAM: 3327.04 MB
Available physical RAM: 2172 MB
Total Pagefile: 6487.27 MB
Available Pagefile: 5377.02 MB
Total Virtual: 2047.88 MB
Available Virtual: 1968.73 MB

========================= Partitions: =====================================

2 Drive c: (XP_Home) (Fixed) (Total:465.75 GB) (Free:429.07 GB) NTFS
3 Drive d: (Data) (Fixed) (Total:465.76 GB) (Free:230.76 GB) NTFS
5 Drive f: (Storage_oldData) (Fixed) (Total:465.76 GB) (Free:464.66 GB) NTFS
7 Drive i: (FreeAgent Drive) (Fixed) (Total:1397.26 GB) (Free:1129.5 GB) NTFS
9 Drive q: (FreeAgent Drive) (Network) (Total:1397.26 GB) (Free:1129.5 GB) NTFS

========================= Users: ========================================

User accounts for \\OFFICE

Administrator Chris Guest
HelpAssistant LogMeInRemoteUser SUPPORT_388945a0


**** End of log ****






Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8220

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/22/2011 1:37:34 PM
mbam-log-2011-11-22 (13-37-34).txt

Scan type: Quick scan
Objects scanned: 185273
Time elapsed: 8 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:35 AM

Posted 22 November 2011 - 08:47 PM

What are the current issues?

You forgot to post GMER log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 szchris384

szchris384
  • Topic Starter

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Surrey, BC Canada
  • Local time:06:35 AM

Posted 22 November 2011 - 11:57 PM

No issue right this moment, but it seems at any time I could lose my Internet access and have to restore to an earlier day to fix it?
Like when I updated the MBAM or rebooted?

Can't past the GMER log as it's too big and it won't let me

Chris

#6 szchris384

szchris384
  • Topic Starter

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Surrey, BC Canada
  • Local time:06:35 AM

Posted 22 November 2011 - 11:58 PM

Did you wan't me to do the logs again when I'm having the connection issue?
Chris

#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:35 AM

Posted 23 November 2011 - 12:01 AM

Can't past the GMER log as it's too big and it won't let me


Upload the file(s) here: http://www.filedropper.com/
Post download link (copy URL: link):
Posted Image

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#8 szchris384

szchris384
  • Topic Starter

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Surrey, BC Canada
  • Local time:06:35 AM

Posted 23 November 2011 - 12:16 AM

Thanks
http://www.filedropper.com/gmerlog

#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:35 AM

Posted 23 November 2011 - 12:22 AM

All logs look clean, malware-wise.

However I can see some Kaspersky's leftovers in your GMER log.
Have you ever had Kaspersky installed?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#10 szchris384

szchris384
  • Topic Starter

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Surrey, BC Canada
  • Local time:06:35 AM

Posted 23 November 2011 - 12:25 AM

No, not the downloaded installable version. However I may have done an online scan a while back? Would that leave any leftovers?
Chris

#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:35 AM

Posted 23 November 2011 - 12:27 AM

Let's see if anything is active....

Download Autoruns for Windows: http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
No installation required.
Simply unzip Autoruns.zip file, and double click on autoruns.exe file to run the program.
Go File>Save, and save it as AutoRuns.txt file to know location.
You must select Text from drop-down menu as a file type:

Posted Image

Upload the file(s) here: http://www.filedropper.com/
Post download link (copy URL: link):
Posted Image

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#12 szchris384

szchris384
  • Topic Starter

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Surrey, BC Canada
  • Local time:06:35 AM

Posted 23 November 2011 - 12:30 AM

http://www.filedropper.com/autoruns_8
Thanks

#13 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:35 AM

Posted 23 November 2011 - 12:39 AM

Re-run Autoruns, scroll down to "HKLM\System\CurrentControlSet\Services" section and UN-check:

"KL1"
"kl2"
"KLIF"

Restart computer.

Next time you have some problem with your internet (download the tool now so you have it ready)...

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Check "Include All Files" option.
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#14 szchris384

szchris384
  • Topic Starter

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Surrey, BC Canada
  • Local time:06:35 AM

Posted 23 November 2011 - 12:41 AM

Will do.
Chris

#15 szchris384

szchris384
  • Topic Starter

  • Members
  • 96 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Surrey, BC Canada
  • Local time:06:35 AM

Posted 23 November 2011 - 12:44 AM

I found the entries, however KLIF entry gives me an error when I try to Un-check it. the other 2 UN-check fine.
Should I re-boot with just the 2 UN-checked?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users