Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

internet only works in safe mode(still not very well)


  • Please log in to reply
3 replies to this topic

#1 apprentice92

apprentice92

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:53 AM

Posted 20 June 2012 - 09:44 AM

I am a complete novice when it comes to computers, i know basics but am struggling to get my computer up and running properly. I have a really fast broadband with virgin media but this only works properly on safe mode. whilst in normal mode it comes on and off and takes a long time to load each page. I have heard of HIJACK THIS and downloaded it but am unable to read the log files ect to see what should and shouldnt be there and need help to find out how to find and solve my problem. all i ask is for a little patience as this a new learning experience for myself. hope someone can help. The computer seems to be running fine and programs are opening quickly. Only problem seems to be the internet

BC AdBot (Login to Remove)

 


#2 NpaMA

NpaMA

  • Members
  • 635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Memphis, TN
  • Local time:12:53 AM

Posted 20 June 2012 - 03:41 PM

Please follow This Topic and post the results in a reply here.

Also, run a SpeedTest and post the results in your reply.

#3 apprentice92

apprentice92
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:53 AM

Posted 21 June 2012 - 07:54 AM

MiniToolBox by Farbar Version: 09-06-2012
Ran by JAMIE (administrator) on 14-06-2012 at 20:47:57
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Nerwork
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================



========================= IP Configuration: ================================

802.11bgn 1T1R Mini Card Wireless Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : JAMIE1992
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 802.11bgn 1T1R Mini Card Wireless Adapter
Physical Address. . . . . . . . . : 40-61-86-9C-17-07
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1008:466d:c5a5:3ce0%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 14 June 2012 20:23:53
Lease Expires . . . . . . . . . . : 14 June 2012 21:23:54
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 205545862
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-8A-61-FF-40-61-86-AF-0C-5B
DNS Servers . . . . . . . . . . . : 194.168.4.100
194.168.8.100
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 40-61-86-AF-0C-5B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{7B435DE3-3645-4A44-ADA0-F696A3C0C463}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: google.com
Addresses: 2a00:1450:4009:801::1009
74.125.230.135
74.125.230.142
74.125.230.132
74.125.230.137
74.125.230.128
74.125.230.133
74.125.230.131
74.125.230.134
74.125.230.136
74.125.230.129
74.125.230.130


Pinging google.com [74.125.230.132] with 32 bytes of data:
Reply from 74.125.230.132: bytes=32 time=169ms TTL=56
Reply from 74.125.230.132: bytes=32 time=60ms TTL=56

Ping statistics for 74.125.230.132:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 60ms, Maximum = 169ms, Average = 114ms
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=287ms TTL=52
Reply from 72.30.38.140: bytes=32 time=259ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 259ms, Maximum = 287ms, Average = 273ms
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...40 61 86 9c 17 07 ......802.11bgn 1T1R Mini Card Wireless Adapter
10...40 61 86 af 0c 5b ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
19...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.2 281
192.168.0.2 255.255.255.255 On-link 192.168.0.2 281
192.168.0.255 255.255.255.255 On-link 192.168.0.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::1008:466d:c5a5:3ce0/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/14/2012 07:57:49 PM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EA79AB5-6A54-4052-ABBA-790FD5240DB2}\mpengine.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Host Process for Windows Services because of this error.

Program: Host Process for Windows Services
File: C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EA79AB5-6A54-4052-ABBA-790FD5240DB2}\mpengine.dll

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C0000010
Disk type: 3

Error: (06/14/2012 07:57:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_WinDefend, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: mpengine.dll, version: 1.1.8403.0, time stamp: 0x4fa94c1e
Exception code: 0xc0000006
Fault offset: 0x00324e59
Faulting process id: 0x44c
Faulting application start time: 0xsvchost.exe_WinDefend0
Faulting application path: svchost.exe_WinDefend1
Faulting module path: svchost.exe_WinDefend2
Report Id: svchost.exe_WinDefend3

Error: (06/14/2012 07:57:39 PM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\Users\JAMIE\AppData\Local\Google\Chrome\Application\19.0.1084.52\chrome.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Google Chrome because of this error.

Program: Google Chrome
File: C:\Users\JAMIE\AppData\Local\Google\Chrome\Application\19.0.1084.52\chrome.dll

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C0000010
Disk type: 3

Error: (06/14/2012 07:57:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 19.0.1084.52, time stamp: 0x4fbc2f58
Faulting module name: chrome.dll, version: 19.0.1084.52, time stamp: 0x4fbc2ede
Exception code: 0xc0000006
Fault offset: 0x00c73354
Faulting process id: 0x718
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (06/07/2012 08:40:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: userinit.exe, version: 6.1.7601.17514, time stamp: 0x4ce79438
Faulting module name: protector.dll_unloaded, version: 0.0.0.0, time stamp: 0x4f606d34
Exception code: 0xc0000005
Fault offset: 0x7508d17b
Faulting process id: 0xce8
Faulting application start time: 0xuserinit.exe0
Faulting application path: userinit.exe1
Faulting module path: userinit.exe2
Report Id: userinit.exe3

Error: (06/07/2012 08:39:53 PM) (Source: ESENT) (User: )
Description: WinMail (728) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (06/07/2012 08:11:08 PM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (06/07/2012 08:11:08 PM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (06/07/2012 07:36:34 PM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (06/07/2012 07:36:33 PM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


System errors:
=============
Error: (06/14/2012 08:24:20 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (06/14/2012 08:24:20 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/14/2012 08:24:20 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/14/2012 08:24:20 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/14/2012 08:24:20 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (06/14/2012 08:24:19 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/14/2012 08:24:17 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/14/2012 08:24:17 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/14/2012 08:24:17 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/14/2012 08:24:17 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (06/14/2012 07:57:49 PM) (Source: Application Error)(User: )
Description: C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EA79AB5-6A54-4052-ABBA-790FD5240DB2}\mpengine.dllHost Process for Windows ServicesC00000103

Error: (06/14/2012 07:57:49 PM) (Source: Application Error)(User: )
Description: svchost.exe_WinDefend6.1.7600.163854a5bc100mpengine.dll1.1.8403.04fa94c1ec000000600324e5944c01cd4a59780d3542C:\windows\System32\svchost.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EA79AB5-6A54-4052-ABBA-790FD5240DB2}\mpengine.dlld551ffc7-b652-11e1-9162-406186af0c5b

Error: (06/14/2012 07:57:39 PM) (Source: Application Error)(User: )
Description: C:\Users\JAMIE\AppData\Local\Google\Chrome\Application\19.0.1084.52\chrome.dllGoogle ChromeC00000103

Error: (06/14/2012 07:57:39 PM) (Source: Application Error)(User: )
Description: chrome.exe19.0.1084.524fbc2f58chrome.dll19.0.1084.524fbc2edec000000600c7335471801cd4a59a0af72a7C:\Users\JAMIE\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\JAMIE\AppData\Local\Google\Chrome\Application\19.0.1084.52\chrome.dllcfb5745e-b652-11e1-9162-406186af0c5b

Error: (06/07/2012 08:40:00 PM) (Source: Application Error)(User: )
Description: userinit.exe6.1.7601.175144ce79438protector.dll_unloaded0.0.0.04f606d34c00000057508d17bce801cd44e548ace1b5C:\Windows\system32\userinit.exeprotector.dll910d3c6e-b0d8-11e1-8b65-406186af0c5b

Error: (06/07/2012 08:39:53 PM) (Source: ESENT)(User: )
Description: WinMail728WindowsMail0:

Error: (06/07/2012 08:11:08 PM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (06/07/2012 08:11:08 PM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: Performance1637070000000000000000000009030000

Error: (06/07/2012 07:36:34 PM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (06/07/2012 07:36:33 PM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: Performance1637070000000000000000000009030000


========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 1791.3 MB
Available physical RAM: 1345.66 MB
Total Pagefile: 3582.61 MB
Available Pagefile: 3178.72 MB
Total Virtual: 2047.88 MB
Available Virtual: 1954.06 MB

========================= Partitions: =====================================

1 Drive c: (OS_Install) (Fixed) (Total:133.67 GB) (Free:72.93 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:89.11 GB) (Free:80.69 GB) NTFS

========================= Users: ========================================

User accounts for \\JAMIE1992

Administrator Guest JAMIE


**** End of log ****

#4 jhayz

jhayz

  • BC Advisor
  • 6,922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:53 PM

Posted 21 June 2012 - 09:19 PM

Please include also List Installed Programs on Minitoolbox report. Have you tried reinstalling protection softwares first by using available removal tools online? You may also be infected.

Tekken
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users