Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

2 Computer, Simultaneous Loss of Internet


  • Please log in to reply
17 replies to this topic

#1 AEdonis

AEdonis

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:34 AM

Posted 11 January 2012 - 04:59 PM

First off Thank you to all of you who help with computers.

I have 2 computers connected at 1 hub.
One is my computer (XP-Pro, 32bit, SP 3) the other is the family computer (XP-Pro, 32bit, SP2).
Two weeks ago my computer was having pages time out and general difficulty connecting to the internet.
Last week my computer would not connect with the internet.
I had a Local Area Network connection to other computer.
I tried the family computer and same, not able to connect with the internet but LAN connection.
(While not actually simultaneous, mine and the family computers were working the night before.)
I thought the hub had died so I switched my computer directly into the dsl modem/router.
Still no internet connection.
Checked the Avast scan logs Full scan 3 days prior clean
Ran boot-time scan with Avast and rebooted. This was clean
Ran Malwarebytes scan - clean
Ran SUPERAntiSpyware scan
- 440 adware tracking cookies deleted
- Trojan.Dropper/ UserInit-Fake C:\WINDOWS\SYSTEM32\USERINIT.EXE - deleted
still no internet.
rebooted still no internet.
Went to control panel-Network Connections-LAN Connection-Properties-TCP/IP-Properties
- Obtain IP and DNS address automatically both checked
Under Advanced tab-IP Setting: DHCP enabled and automatic metric checked
Under Advanced tab-DNS: Append primary checked - Append parent suffixes checked - Register connection address in DNS checked
Under Advanced tab-WINS: Enable LMHOSTS checked, Default NetBIOS checked

Made no changes
went to Control Panel-Internet Options-Connections Tab-LAN Setting- Automatically detect setting was unchecked
- checked it then okayed way out to control panel.
No internet connection.
(This was exactly the same on the family computer, everything fine but Control Panel-Internet Options-Connections Tab-LAN Setting- Automatically detect setting was off too. I checked it then okay out.)
No internet connection with family computer either if plugged directly into DSL Modem/Router

Edited by AEdonis, 11 January 2012 - 06:46 PM.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,656 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:34 AM

Posted 12 January 2012 - 12:00 AM

Welcome aboard Posted Image

Select one computer we'll start with.

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 AEdonis

AEdonis
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:34 AM

Posted 12 January 2012 - 02:29 PM

Thank you for the quick reply. I am working only on my computer and assuming that the problems may be similar and we will work on the second computer after finishing the first. Also I am using my work computer to send these, so sorry for the delay. That being said here are the results:

Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
avast! Free Antivirus
Microsoft Security Essentials
Antivirus out of date! (On Access scanning disabled!)
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
HijackThis 2.0.2
Java™ 6 Update 24
Java™ SE Development Kit 6 Update 3
Out of date Java installed!
Adobe Flash Player 11.1.102.55
Mozilla Firefox (3.6.15) Firefox Out of Date!
Mozilla Thunderbird (8.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
``````````End of Log````````````


Farbar Service Scanner
Ran by Don (administrator) on 12-01-2012 at 09:43:19
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error: Google IP is offline
Attempt to access Yahoo IP returend error: Yahoo IP is offline


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(8) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4) VPCNetS2(10)
0x0A0000000500000001000000020000000300000004000000080000000900000006000000070000000A000000
IpSec Tag value is correct.

**** End of log ****


MiniToolBox by Farbar
Ran by Don (administrator) on 12-01-2012 at 09:44:28
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller = Local Area Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : don

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller

Physical Address. . . . . . . . . : 00-13-D4-8A-7D-74

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.4

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 192.168.0.1

205.171.3.25

Lease Obtained. . . . . . . . . . : Thursday, January 12, 2012 9:33:46 AM

Lease Expires . . . . . . . . . . : Friday, January 13, 2012 9:33:46 AM

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 74.125.127.99, 74.125.127.103, 74.125.127.104, 74.125.127.105
74.125.127.106, 74.125.127.147



Pinging google.com [74.125.127.103] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 74.125.127.103:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.139.180.149, 209.191.122.70, 72.30.2.43, 98.137.149.56



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 d4 8a 7d 74 ...... Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.4 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.4 192.168.0.4 20
192.168.0.4 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.4 192.168.0.4 20
224.0.0.0 240.0.0.0 192.168.0.4 192.168.0.4 20
255.255.255.255 255.255.255.255 192.168.0.4 192.168.0.4 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/11/2012 04:44:12 PM) (Source: Application Error) (User: )
Description: Faulting application s8exzg9n.exe, version 1.0.15.15641, faulting module s8exzg9n.exe, version 1.0.15.15641, fault address 0x0000c676.
Processing media-specific event for [s8exzg9n.exe!ws!]

Error: (01/11/2012 00:37:52 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8007043c, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/10/2012 05:23:26 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/09/2012 05:33:01 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/09/2012 05:28:00 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/08/2012 05:33:01 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/08/2012 05:28:00 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/07/2012 09:23:14 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/07/2012 05:33:00 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/07/2012 05:28:00 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


System errors:
=============
Error: (01/12/2012 09:34:31 AM) (Source: Service Control Manager) (User: )
Description: The Webroot Client Service service failed to start due to the following error:
%%3

Error: (01/12/2012 09:31:44 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/11/2012 04:41:05 PM) (Source: DCOM) (User: Don)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (01/11/2012 04:40:57 PM) (Source: DCOM) (User: Don)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (01/11/2012 04:35:44 PM) (Source: DCOM) (User: Don)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (01/11/2012 04:03:31 PM) (Source: DCOM) (User: Don)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (01/11/2012 04:03:30 PM) (Source: DCOM) (User: Don)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error: (01/11/2012 03:15:46 PM) (Source: DCOM) (User: Don)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (01/11/2012 03:15:01 PM) (Source: DCOM) (User: Don)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (01/11/2012 00:55:25 PM) (Source: DCOM) (User: Don)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}


Microsoft Office Sessions:
=========================
Error: (01/11/2012 04:44:12 PM) (Source: Application Error)(User: )
Description: s8exzg9n.exe1.0.15.15641s8exzg9n.exe1.0.15.156410000c676

Error: (01/11/2012 00:37:52 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8007043cbeginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/10/2012 05:23:26 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/09/2012 05:33:01 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/09/2012 05:28:00 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/08/2012 05:33:01 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/08/2012 05:28:00 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/07/2012 09:23:14 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/07/2012 05:33:00 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/07/2012 05:28:00 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL


=========================== Installed Programs ============================

Adobe Acrobat 5.0 (Version: 5.0)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Illustrator 8.0 (Version: 8.0)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader 9.4.1 (Version: 9.4.1)
Adobe Type Manager 4.0
AMT Media Manager (Version: 2.1.0000)
Applian FLV Player (Version: 2.0.24)
Ask & Record Toolbar 4.01 (Version: 4.01)
Ask Toolbar (Version: 1.6.9.0)
avast! Free Antivirus (Version: 6.0.1289.0)
DAO 3.5
Dell Laser Printer 1110 Software Uninstall
DVD Shrink 3.2
DVDFab 6.2.1.8 (31/12/2009)
DWG TrueView 2010 (Version: 18.0.55.0)
FILE RECOVERY for Windows (Version: 1.0.201)
Folder Size for Windows (Version: 2.3)
Free Download Manager 2.1
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.2.2318.1946)
Google Update Helper (Version: 1.3.21.79)
HijackThis 2.0.2 (Version: 2.0.2)
ISO Recorder (Version: 2.0.0)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
Java™ SE Development Kit 6 Update 3 (Version: 1.6.0.30)
LightScribe System Software (Version: 1.18.6.1)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Marvell Miniport Driver (Version: 7.21.1.3)
Media Player Classic - Home Cinema v. 1.3.1249.0
MediaJoin
MediaJoin (Version: 2.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Excel 97
Microsoft National Language Support Downlevel APIs
Microsoft Office 97, Professional Edition
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server Desktop Engine (AUTODESKVAULT) (Version: 8.00.2039)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Virtual PC 2007 SP1 (Version: 6.0.192.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Word 97
Microsoft WSE 2.0 SP3 Runtime (Version: 2.0.5050.0)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XML Parser (Version: 8.30.9523.3)
MITCalc-Planet Gears 1.13 (Excel XP,2003,2007)
Mozilla Firefox (3.6.15) (Version: 3.6.15 (en-US))
Mozilla Thunderbird (8.0) (Version: 8.0 (en-US))
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (Version: 1.0.0.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
Nero Burning ROM 10 (Version: 10.2.11000.12.100)
Nero Burning ROM 10 (Version: 10.5.10300)
Nero BurningROM 10 Help (CHM) (Version: 10.5.10100)
Nero BurnRights 10 (Version: 4.2.10300.0.102)
Nero BurnRights 10 Help (CHM) (Version: 10.5.10000)
Nero Control Center 10 (Version: 10.2.10600.0.6)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.17400.8.2)
Nero Update (Version: 1.0.0018)
NVIDIA Drivers
NX I-deas (Version: 6.10.0000)
NX I-DEAS Online Help Library (Version: 6.10.0000)
NX I-DEAS Resource Locking Service (Version: 13.00.0000)
Open Video Joiner version 3.3.0.0
Orbix (Version: 6.32.0000)
Pinnacle Instant DVD Recorder (Version: 2.00.088)
QuickBooks
Quicken Deluxe 99
Realtek AC'97 Audio
Recover My Files (Version: 4.4.8.578)
sentinelsystemdriver (Version: 5.39.2)
Siemens PLM Software NX 7 CAST (Version: 7.0.0.0)
Studio 11 (Version: 11.0)
Studio 11 (Version: 11.0.0.0)
SUPERAntiSpyware (Version: 5.0.1142)
Teamcenter's Application Sharing (Version: 8.0.9020)
Tweak UI
UGS NX 7.5 (Version: 7.5.0.32)
UGS NX 7.5 Documentation (Version: 7.5.0.32)
UGSLicensing (Version: 4.0.0)
Unlocker 1.9.1 (Version: 1.9.1)
VBA (2627.01) (Version: 6.03.00.9402)
WebEx
WebFldrs XP (Version: 9.50.6513)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
WMV Merger version 1.3.1.0
XnView 1.97.8 (Version: 1.97.8)
Yahoo! Desktop Login (Version: 1.00.0001)
Yahoo! Detect

========================= Memory info: ===================================

Percentage of memory in use: 23%
Total physical RAM: 3071.48 MB
Available physical RAM: 2340.34 MB
Total Pagefile: 4957.39 MB
Available Pagefile: 4365.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1980.15 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:58.21 GB) (Free:13.66 GB) NTFS
3 Drive d: (WDC USB2) (Fixed) (Total:111.76 GB) (Free:23.89 GB) FAT32
7 Drive j: (Back Ups) (Fixed) (Total:135.85 GB) (Free:0.6 GB) NTFS
8 Drive k: (X Drive) (Fixed) (Total:135.85 GB) (Free:33.52 GB) NTFS
9 Drive l: (Y Drive) (Fixed) (Total:135.85 GB) (Free:23.42 GB) NTFS

========================= Users: ========================================

User accounts for \\DON

Administrator Ann ASPNET
Don Guest HelpAssistant
Jerry Mike SUPPORT_388945a0


**** End of log ****

*******************************

I already had Malwarebytes on my computer (It was 180 days out of date). So I loaded the newer version over the top of the old and it wanted a reboot. I rebooted and it was looking for an update, so I let it look because your instructions said to allow it (even though I do not have an internet connection, I thought it would time out). It did not time out after 15 minutes of looking for an update, I ended the task and restarted and did not look for an update (18 days out of date).

*******************************

Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2011.12.24.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Don :: DON [administrator]

Protection: Enabled

1/12/2012 10:16:07 AM
mbam-log-2012-01-12 (10-16-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 219427
Time elapsed: 4 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


aswMBR version 0.9.9.1297 Copyright© 2011 AVAST Software
Run date: 2012-01-12 10:21:55
-----------------------------
10:21:55.156 OS Version: Windows 5.1.2600 Service Pack 3
10:21:55.156 Number of processors: 2 586 0x2302
10:21:55.156 ComputerName: DON UserName:
10:21:55.812 Initialize success
10:21:55.921 AVAST engine defs: 12010400
10:22:15.578 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
10:22:15.578 Disk 0 Vendor: WDC_WD5000AAKB-00H8A0 05.04E05 Size: 476940MB BusType: 3
10:22:15.593 Disk 0 MBR read successfully
10:22:15.593 Disk 0 MBR scan
10:22:15.593 Disk 0 Windows XP default MBR code
10:22:15.609 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 59608 MB offset 63
10:22:15.609 Disk 0 Partition - 00 0F Extended LBA 417329 MB offset 122077935
10:22:15.609 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 139109 MB offset 122077998
10:22:15.609 Disk 0 Partition - 00 05 Extended 139109 MB offset 406974645
10:22:15.625 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 139109 MB offset 406974708
10:22:15.625 Disk 0 Partition - 00 05 Extended 139109 MB offset 976768065
10:22:15.640 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 139109 MB offset 691871418
10:22:15.640 Disk 0 scanning sectors +976768065
10:22:15.718 Disk 0 scanning C:\WINDOWS\system32\drivers
10:22:21.046 Service scanning
10:22:21.937 Modules scanning
10:22:40.515 Disk 0 trace - called modules:
10:22:40.515 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
10:22:40.515 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ad91ab8]
10:22:40.515 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\00000073[0x8ad6e510]
10:22:40.515 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8acf4940]
10:22:40.906 AVAST engine scan C:\WINDOWS
10:22:46.265 AVAST engine scan C:\WINDOWS\system32
10:23:49.875 AVAST engine scan C:\WINDOWS\system32\drivers
10:23:59.156 AVAST engine scan C:\Documents and Settings\Don
10:26:16.062 AVAST engine scan C:\Documents and Settings\All Users
10:26:59.609 Scan finished successfully
10:27:19.109 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Don\Desktop\Bleeping Computer Virus Fix\MBR.dat"
10:27:19.109 The log file has been saved successfully to "C:\Documents and Settings\Don\Desktop\Bleeping Computer Virus Fix\aswMBR.txt"

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,656 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:34 AM

Posted 12 January 2012 - 02:55 PM

In MiniToolbox you forgot to checkmark this box:
List last 10 Event Viewer log

Your settings look fine so far.

You're running two AV programs, Avast and MSE.
You must uninstall one of them.
Your choice.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 AEdonis

AEdonis
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:34 AM

Posted 12 January 2012 - 03:14 PM

I will run home for a late lunch and re-do the MiniToolbox and Uninstall MSE (Didn't like it so well anyway). I will send MiniToolbox results in about an hour. Thanks again.

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,656 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:34 AM

Posted 12 January 2012 - 03:16 PM

No problem :)

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 AEdonis

AEdonis
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:34 AM

Posted 12 January 2012 - 04:16 PM

Whoa, now I am a little scared. I got home and my wife told me that the wireless went out, I told her I would handle it later. I went down to plug in the ethernet cable directly to the DSL modem/router (ZyXEL PK5000Z). Come to find out I had left the cable plugged in from this morning. Now it seems that whatever I plug this computers ethernet into seems to go off line. I unplugged the ethernet cable from my computer to the DSL modem and unplugged the power waited 30 seconds then plugged the power back in. It seems to be working fine now (I am sending this from a wireless laptop I brought from work), but I am afraid to plug my computers ethernet cable into anything. I am running an experiment to see if the hub (NetGear WPN824) is working now that it is reset and not connected to my computer. Anyway, here is just the MiniToolbox Last 10 events results followed by a total re-run of MiniToolbox results. I could not see what part was missing from the first.

MiniToolBox by Farbar
Ran by Don (administrator) on 12-01-2012 at 12:43:59
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/12/2012 10:19:41 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80072efe, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/12/2012 10:15:10 AM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.60.0.59, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/12/2012 09:53:12 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80072efe, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/11/2012 04:44:12 PM) (Source: Application Error) (User: )
Description: Faulting application s8exzg9n.exe, version 1.0.15.15641, faulting module s8exzg9n.exe, version 1.0.15.15641, fault address 0x0000c676.
Processing media-specific event for [s8exzg9n.exe!ws!]

Error: (01/11/2012 00:37:52 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8007043c, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/10/2012 05:23:26 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/09/2012 05:33:01 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/09/2012 05:28:00 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/08/2012 05:33:01 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/08/2012 05:28:00 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


System errors:
=============
Error: (01/12/2012 10:20:59 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 10:20:59 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 10:20:59 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 10:20:59 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 10:19:41 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 10:01:28 AM) (Source: Service Control Manager) (User: )
Description: The Webroot Client Service service failed to start due to the following error:
%%3

Error: (01/12/2012 09:54:30 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 09:54:30 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 09:54:30 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 09:54:30 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (01/12/2012 10:19:41 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80072efeendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/12/2012 10:15:10 AM) (Source: Application Hang)(User: )
Description: mbam.exe1.60.0.59hungapp0.0.0.000000000

Error: (01/12/2012 09:53:12 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80072efeendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/11/2012 04:44:12 PM) (Source: Application Error)(User: )
Description: s8exzg9n.exe1.0.15.15641s8exzg9n.exe1.0.15.156410000c676

Error: (01/11/2012 00:37:52 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8007043cbeginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/10/2012 05:23:26 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/09/2012 05:33:01 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/09/2012 05:28:00 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/08/2012 05:33:01 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/08/2012 05:28:00 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL


**** End of log ****

MiniToolBox by Farbar
Ran by Don (administrator) on 12-01-2012 at 12:47:38
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : don

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection 2:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller

Physical Address. . . . . . . . . : 00-13-D4-8A-7D-74

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 d4 8a 7d 74 ...... Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
255.255.255.255 255.255.255.255 255.255.255.255 2 1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/12/2012 10:19:41 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80072efe, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/12/2012 10:15:10 AM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.60.0.59, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/12/2012 09:53:12 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80072efe, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/11/2012 04:44:12 PM) (Source: Application Error) (User: )
Description: Faulting application s8exzg9n.exe, version 1.0.15.15641, faulting module s8exzg9n.exe, version 1.0.15.15641, fault address 0x0000c676.
Processing media-specific event for [s8exzg9n.exe!ws!]

Error: (01/11/2012 00:37:52 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8007043c, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/10/2012 05:23:26 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/09/2012 05:33:01 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/09/2012 05:28:00 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/08/2012 05:33:01 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/08/2012 05:28:00 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


System errors:
=============
Error: (01/12/2012 10:20:59 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 10:20:59 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 10:20:59 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 10:20:59 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 10:19:41 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 10:01:28 AM) (Source: Service Control Manager) (User: )
Description: The Webroot Client Service service failed to start due to the following error:
%%3

Error: (01/12/2012 09:54:30 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 09:54:30 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 09:54:30 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/12/2012 09:54:30 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2196.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (01/12/2012 10:19:41 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80072efeendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/12/2012 10:15:10 AM) (Source: Application Hang)(User: )
Description: mbam.exe1.60.0.59hungapp0.0.0.000000000

Error: (01/12/2012 09:53:12 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80072efeendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/11/2012 04:44:12 PM) (Source: Application Error)(User: )
Description: s8exzg9n.exe1.0.15.15641s8exzg9n.exe1.0.15.156410000c676

Error: (01/11/2012 00:37:52 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8007043cbeginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/10/2012 05:23:26 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/09/2012 05:33:01 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/09/2012 05:28:00 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/08/2012 05:33:01 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/08/2012 05:28:00 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry8024402cendsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL


=========================== Installed Programs ============================

Adobe Acrobat 5.0 (Version: 5.0)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Illustrator 8.0 (Version: 8.0)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader 9.4.1 (Version: 9.4.1)
Adobe Type Manager 4.0
AMT Media Manager (Version: 2.1.0000)
Applian FLV Player (Version: 2.0.24)
Ask & Record Toolbar 4.01 (Version: 4.01)
Ask Toolbar (Version: 1.6.9.0)
avast! Free Antivirus (Version: 6.0.1289.0)
DAO 3.5
Dell Laser Printer 1110 Software Uninstall
DVD Shrink 3.2
DVDFab 6.2.1.8 (31/12/2009)
DWG TrueView 2010 (Version: 18.0.55.0)
FILE RECOVERY for Windows (Version: 1.0.201)
Folder Size for Windows (Version: 2.3)
Free Download Manager 2.1
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.2.2318.1946)
Google Update Helper (Version: 1.3.21.79)
HijackThis 2.0.2 (Version: 2.0.2)
ISO Recorder (Version: 2.0.0)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
Java™ SE Development Kit 6 Update 3 (Version: 1.6.0.30)
LightScribe System Software (Version: 1.18.6.1)
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
Marvell Miniport Driver (Version: 7.21.1.3)
Media Player Classic - Home Cinema v. 1.3.1249.0
MediaJoin
MediaJoin (Version: 2.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Excel 97
Microsoft National Language Support Downlevel APIs
Microsoft Office 97, Professional Edition
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server Desktop Engine (AUTODESKVAULT) (Version: 8.00.2039)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Virtual PC 2007 SP1 (Version: 6.0.192.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Word 97
Microsoft WSE 2.0 SP3 Runtime (Version: 2.0.5050.0)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XML Parser (Version: 8.30.9523.3)
MITCalc-Planet Gears 1.13 (Excel XP,2003,2007)
Mozilla Firefox (3.6.15) (Version: 3.6.15 (en-US))
Mozilla Thunderbird (8.0) (Version: 8.0 (en-US))
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (Version: 1.0.0.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
Nero Burning ROM 10 (Version: 10.2.11000.12.100)
Nero Burning ROM 10 (Version: 10.5.10300)
Nero BurningROM 10 Help (CHM) (Version: 10.5.10100)
Nero BurnRights 10 (Version: 4.2.10300.0.102)
Nero BurnRights 10 Help (CHM) (Version: 10.5.10000)
Nero Control Center 10 (Version: 10.2.10600.0.6)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.17400.8.2)
Nero Update (Version: 1.0.0018)
NVIDIA Drivers
NX I-deas (Version: 6.10.0000)
NX I-DEAS Online Help Library (Version: 6.10.0000)
NX I-DEAS Resource Locking Service (Version: 13.00.0000)
Open Video Joiner version 3.3.0.0
Orbix (Version: 6.32.0000)
Pinnacle Instant DVD Recorder (Version: 2.00.088)
QuickBooks
Quicken Deluxe 99
Realtek AC'97 Audio
Recover My Files (Version: 4.4.8.578)
sentinelsystemdriver (Version: 5.39.2)
Siemens PLM Software NX 7 CAST (Version: 7.0.0.0)
Studio 11 (Version: 11.0)
Studio 11 (Version: 11.0.0.0)
SUPERAntiSpyware (Version: 5.0.1142)
Teamcenter's Application Sharing (Version: 8.0.9020)
Tweak UI
UGS NX 7.5 (Version: 7.5.0.32)
UGS NX 7.5 Documentation (Version: 7.5.0.32)
UGSLicensing (Version: 4.0.0)
Unlocker 1.9.1 (Version: 1.9.1)
VBA (2627.01) (Version: 6.03.00.9402)
WebEx
WebFldrs XP (Version: 9.50.6513)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
WMV Merger version 1.3.1.0
XnView 1.97.8 (Version: 1.97.8)
Yahoo! Desktop Login (Version: 1.00.0001)
Yahoo! Detect

========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 3071.48 MB
Available physical RAM: 2256.84 MB
Total Pagefile: 4957.39 MB
Available Pagefile: 4313.59 MB
Total Virtual: 2047.88 MB
Available Virtual: 1980.21 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:58.21 GB) (Free:13.58 GB) NTFS
3 Drive d: (WDC USB2) (Fixed) (Total:111.76 GB) (Free:23.89 GB) FAT32
7 Drive j: (Back Ups) (Fixed) (Total:135.85 GB) (Free:0.6 GB) NTFS
8 Drive k: (X Drive) (Fixed) (Total:135.85 GB) (Free:33.52 GB) NTFS
9 Drive l: (Y Drive) (Fixed) (Total:135.85 GB) (Free:23.42 GB) NTFS

========================= Users: ========================================

User accounts for \\DON

Administrator Ann ASPNET
Don Guest HelpAssistant
Jerry Mike SUPPORT_388945a0


**** End of log ****

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,656 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:34 AM

Posted 12 January 2012 - 04:43 PM

OK, let me know if you sorted out your hardware issues.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 AEdonis

AEdonis
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:34 AM

Posted 12 January 2012 - 05:18 PM

Okay so the NetGear Hub is working and the DSL modem is working. The ethernet cable from my computer is not plugged in to either. The family computer works if it is plugged into the NetGear Hub.

Should I unplug the family computer and only plug in my computer to the NetGear hub and see if I get a connection and if it goes away?

Was there anything in the MiniToolbox that I sent?

Thanks again.

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,656 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:34 AM

Posted 12 January 2012 - 05:21 PM

No, all your settings look correct so I suspect there is something wrong with physical components of your network.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 AEdonis

AEdonis
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:34 AM

Posted 12 January 2012 - 05:28 PM

Okay, I am going to just plug in my computer to the hub and see if it works. Is it possible for something (virus/malware) to shut down the internet part of my modem/router or hub?

If I can connect through the hub like I use to then it shuts down like the modem did this morning, would that be a worthwile test?

Nothing changed in my hardware or components from the day before this happened to the day after it happened.

I plugged in just my computer to the NetGear hub and had internet access for about 5 minutes. Enough time to download about 24 emails, bring up google and get almost done updating Avast, then the connection quite. Any thoughts?

Edited by AEdonis, 12 January 2012 - 05:50 PM.


#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,656 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:34 AM

Posted 12 January 2012 - 05:56 PM

Try to connect your computer straight to the modem bypassing a hub.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 AEdonis

AEdonis
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:34 AM

Posted 12 January 2012 - 06:19 PM

I connected my computer directly to the DSL modem and my computer says it is off-line. IE says the page I am looking for is currently unavailable. LAN 2 says it is unplugged but it definately is plugged in. I have moved the plug to all four ethernet connections.

Just as an aside: I was able to get the family computer on line and Avast updated and needed to restart. I restarted and ran the boot-time scan. I got 2 infection so far:
File C:\System Volume Information\_restore{E1348C12-C689-46B1-A410-49BC5B8FEEFD}\RP1147\A0034187.exe|>[PECompact] is infected by Win32:Rootkit-gen [RtK]
File C:\WINDOWS\PEV.exe|>|>[PECompact] is infected by Win32:Rootkit-gen [RtK]

I hit 1 "Delete" for both of these the second one has a warning that it is in the WINDOWS directory am I sure?

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,656 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:34 AM

Posted 12 January 2012 - 06:27 PM

The first file is locate in one of your restore points so it's inactive unless you use system restore.
The second one is false positive. It's Combofix file.

At this point I think the best option would be to really check if your computer is clean.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 AEdonis

AEdonis
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:05:34 AM

Posted 12 January 2012 - 06:43 PM

Sorry for the aside, back to my computer I opened the Network Connections and selected Properties for Local Area Connection 2 I got a pop up window that is Titled " Local Network" with the Message "Some of the controls on this property sheet are disabled because one or more other Network property sheets are already open. To use these controls, close all these property sheets and the reopen this one." The only thing I have open is Control Panel window, Network Connections window, Local Area Connection 2 Properies.

If I close and re-open LAN 2 Properties I get the same message. Also, if I okay the message Internet Protocol (TCP/IP) properties is greyed out.

Under the General tab "Connection using:" Marvel Yukon 88E8001/8003/8010
"This connection uses the following items:"
Client for Microsoft Networks
avast! Firewall NDIS Filter Driver
Virtual Machine Network Services
File and Printer Sharing for Microsoft Networks
QoS Packet Scheduler
Internet Protocol (TCP/IP)

all are checked and all are greyed out for install, uninstall or properties if highlighted.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users