Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Rage


  • Please log in to reply
12 replies to this topic

#1 goal

goal

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 06 February 2013 - 10:11 PM

currently my loaded on internet browsers, IE8 and firefox, have been on the fritz lately. IE8 currently "unexpectedly closes" every few webpages. Apon using the recovery feature, the same webpage would crash again. I have updated and uninstalled IE9 multiple times, resetted IE settings, etc, i have found temporary relief through this, though the problems with IE returns after powering down and turning on Windows 7. Firefox had problems with flash. Originally, firefox.exe 32* kept running even after i closed the browser, having to end the process from the task manager. I tried Flash updates, and it messed up youtube viewing (i can only see a black screen with a static loading circle). Since the updates, both browser are consuming massive ammounts of memory, and it's getting quite frustrating. help would be greatly appreciated.

Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:14 PM

Posted 06 February 2013 - 10:39 PM

Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Report FF Proxy Settings
Reset Ie proxy Settins
Reset FF proxy settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

Download Adware Cleaner run it Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner


Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe


Download Emsisoft Emergency Kit and save it to your desktop. Right-click on EmsisoftEmergencyKit.zip and select Extract All.... Leave all settings as they are and click Extract. You will now have a folder named EmsisoftEmergencyKit on your desktop.

Open the EmsisoftEmergencyKit
http://www.emsisoft.com/en/software/eek/download/
folder and double-click Start.exe.
A new window will open. Under "Run Directly:" click Emergency Kit Scanner.
When asked to run an online update, click Yes.
When the update is finished, click the Back to Security Status link in the left corner. On the main screen click the Scan Now button.
Select the Deep Scan option and click the SCAN button.
When the scan is finished click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
Click the View Report button and in the Reports window double-click on the most recent log. Note, logs are named as follows: a2scan_<date>-<time>.txt.
Copy/paste the report contents in your next reply.

#3 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 07 February 2013 - 06:44 PM

MiniToolBox by Farbar  Version:10-01-2013
Ran by anrit (administrator) on 07-02-2013 at 18:42:33
Running from "C:\Users\anrit\Downloads"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

#       ::1             localhost

========================= IP Configuration: ================================

Intel® Centrino® Ultimate-N 6300 AGN = Wireless Network Connection (Connected)
JMicron PCI Express Gigabit Ethernet Adapter = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : BAEFAE114-SSRBR
   Primary Dns Suffix  . . . . . . . : anr.msu.edu
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : anr.msu.edu
                                       gateway.2wire.net

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 00-24-D7-25-84-81
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-24-D7-25-84-81
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Intel® Centrino® Ultimate-N 6300 AGN
   Physical Address. . . . . . . . . : 00-24-D7-25-84-80
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::ec5b:c27b:d2a3:53c9%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.79(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, February 07, 2013 3:31:35 PM
   Lease Expires . . . . . . . . . . : Friday, February 08, 2013 6:27:56 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 301999319
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-8C-22-A8-00-90-F5-B8-66-45
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : JMicron PCI Express Gigabit Ethernet Adapter
   Physical Address. . . . . . . . . : 00-90-F5-B8-66-45
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  home
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4009:801::1004
      74.125.225.69
      74.125.225.70
      74.125.225.71
      74.125.225.72
      74.125.225.73
      74.125.225.78
      74.125.225.64
      74.125.225.65
      74.125.225.66
      74.125.225.67
      74.125.225.68


Pinging google.com [74.125.225.70] with 32 bytes of data:
Reply from 74.125.225.70: bytes=32 time=48ms TTL=52
Reply from 74.125.225.70: bytes=32 time=38ms TTL=52

Ping statistics for 74.125.225.70:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 38ms, Maximum = 48ms, Average = 43ms
Server:  home
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Request timed out.
Reply from 98.139.183.24: bytes=32 time=193ms TTL=46

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 193ms, Maximum = 193ms, Average = 193ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...00 24 d7 25 84 81 ......Microsoft Virtual WiFi Miniport Adapter #2
 13...00 24 d7 25 84 81 ......Microsoft Virtual WiFi Miniport Adapter
 12...00 24 d7 25 84 80 ......Intel® Centrino® Ultimate-N 6300 AGN
 11...00 90 f5 b8 66 45 ......JMicron PCI Express Gigabit Ethernet Adapter
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.79     30
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.79    286
     192.168.1.79  255.255.255.255         On-link      192.168.1.79    286
    192.168.1.255  255.255.255.255         On-link      192.168.1.79    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.79    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.79    286
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    286 fe80::/64                On-link
 12    286 fe80::ec5b:c27b:d2a3:53c9/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/07/2013 06:29:36 PM) (Source: Microsoft Operations Manager) (User: NT AUTHORITY)
Description: The agent could not connect to the MOM Server ASQIATS10002.  The error reported is 'A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.'.  Verify the management group name is correct, the MOM Server
is running, that it is listening on port 1270, and that any firewalls between this agent and the MOM
server are configured to pass TCP and UDP traffic on port 1270.

Error: (02/07/2013 06:28:00 PM) (Source: Microsoft Operations Manager) (User: NT AUTHORITY)
Description: The agent could not connect to the MOM Server ASQIATS10002.  The error reported is 'No connection could be made because the target machine actively refused it.'.  Verify the management group name is correct, the MOM Server
is running, that it is listening on port 1270, and that any firewalls between this agent and the MOM
server are configured to pass TCP and UDP traffic on port 1270.

Error: (02/07/2013 03:32:37 PM) (Source: Microsoft Operations Manager) (User: NT AUTHORITY)
Description: The agent could not connect to the MOM Server ASQIATS10002.  The error reported is 'A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.'.  Verify the management group name is correct, the MOM Server
is running, that it is listening on port 1270, and that any firewalls between this agent and the MOM
server are configured to pass TCP and UDP traffic on port 1270.

Error: (02/07/2013 03:31:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2013 11:22:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce7a313
Faulting module name: mshtml.dll, version: 8.0.7601.18021, time stamp: 0x50e6fa28
Exception code: 0xc0000005
Fault offset: 0x00000000000f7189
Faulting process id: 0x10a8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (02/06/2013 10:58:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce7a313
Faulting module name: WININET.dll, version: 8.0.7601.17984, time stamp: 0x508b7509
Exception code: 0xc0000005
Fault offset: 0x000000000001943a
Faulting process id: 0xcc8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (02/06/2013 10:39:11 PM) (Source: Microsoft Operations Manager) (User: NT AUTHORITY)
Description: The agent could not connect to the MOM Server ASQIATS10002.  The error reported is 'A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.'.  Verify the management group name is correct, the MOM Server
is running, that it is listening on port 1270, and that any firewalls between this agent and the MOM
server are configured to pass TCP and UDP traffic on port 1270.

Error: (02/06/2013 10:38:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2013 09:54:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce7a313
Faulting module name: WININET.dll, version: 8.0.7601.17984, time stamp: 0x508b7509
Exception code: 0xc0000005
Fault offset: 0x000000000001943a
Faulting process id: 0x1314
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (02/06/2013 09:53:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 8.0.7601.17514, time stamp: 0x4ce79912
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000052d
Faulting process id: 0x874
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3


System errors:
=============
Error: (02/07/2013 05:01:44 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (02/07/2013 03:31:28 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
B) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

Error: (02/07/2013 03:31:26 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ANR due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (02/07/2013 00:22:29 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (02/06/2013 10:38:12 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
B) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

Error: (02/06/2013 10:38:11 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ANR due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (02/06/2013 09:27:43 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ANR due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (02/06/2013 05:25:21 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (02/06/2013 05:24:39 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ANR due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (02/06/2013 00:13:45 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain ANR due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.


Microsoft Office Sessions:
=========================
Error: (02/07/2013 06:29:36 PM) (Source: Microsoft Operations Manager)(User: NT AUTHORITY)
Description: ASQIATS10002A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.1270

Error: (02/07/2013 06:28:00 PM) (Source: Microsoft Operations Manager)(User: NT AUTHORITY)
Description: ASQIATS10002No connection could be made because the target machine actively refused it.1270

Error: (02/07/2013 03:32:37 PM) (Source: Microsoft Operations Manager)(User: NT AUTHORITY)
Description: ASQIATS10002A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.1270

Error: (02/07/2013 03:31:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2013 11:22:17 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce7a313mshtml.dll8.0.7601.1802150e6fa28c000000500000000000f718910a801ce04eab4767fb3C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mshtml.dllf42ab214-70dd-11e2-a58a-0090f5b86645

Error: (02/06/2013 10:58:05 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce7a313WININET.dll8.0.7601.17984508b7509c0000005000000000001943acc801ce04e5c5022d66C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\WININET.dll92c8a54d-70da-11e2-a58a-0090f5b86645

Error: (02/06/2013 10:39:11 PM) (Source: Microsoft Operations Manager)(User: NT AUTHORITY)
Description: ASQIATS10002A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.1270

Error: (02/06/2013 10:38:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/06/2013 09:54:06 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce7a313WININET.dll8.0.7601.17984508b7509c0000005000000000001943a131401ce04de628f3b74C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\WININET.dlla2ad91c1-70d1-11e2-8a1d-0090f5b86645

Error: (02/06/2013 09:53:57 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce79912unknown0.0.0.000000000c00000050000052d87401ce04de48f3bd5cC:\Program Files (x86)\Internet Explorer\iexplore.exeunknown9d60ffe0-70d1-11e2-8a1d-0090f5b86645


=========================== Installed Programs ============================

Adobe Acrobat X Pro (Version: 10.1.5)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Bing Bar (Version: 7.1.361.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
BisonCam (Version: 9.2.1.71.19)
CCleaner (Version: 3.25)
Corel Graphics - Windows Shell Extension (Version: 15.2.0.686)
Corel Graphics - Windows Shell Extension (Version: 15.2.686)
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686)
Corel WordPerfect Office - iFilter 64 Bit (Version: 1.01.000)
CorelDRAW Graphics Suite X5 - BR (Version: 15.3)
CorelDRAW Graphics Suite X5 - Capture (Version: 15.3)
CorelDRAW Graphics Suite X5 - Common (Version: 15.3)
CorelDRAW Graphics Suite X5 - Connect (Version: 15.3)
CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.3)
CorelDRAW Graphics Suite X5 - Draw (Version: 15.3)
CorelDRAW Graphics Suite X5 - EN (Version: 15.3)
CorelDRAW Graphics Suite X5 - ES (Version: 15.3)
CorelDRAW Graphics Suite X5 - Extra Content
CorelDRAW Graphics Suite X5 - Extra Content (Version: 15.0)
CorelDRAW Graphics Suite X5 - Filters (Version: 15.3)
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.3)
CorelDRAW Graphics Suite X5 - FR (Version: 15.3)
CorelDRAW Graphics Suite X5 - IPM (Version: 15.3)
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.3)
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.3)
CorelDRAW Graphics Suite X5 - Redist (Version: 15.3)
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.3)
CorelDRAW Graphics Suite X5 - VBA (Version: 15.3)
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.3)
CorelDRAW Graphics Suite X5 - VSTA (Version: 15.3)
CorelDRAW Graphics Suite X5 - WT (Version: 15.3)
CorelDRAW Graphics Suite X5 (Version: 15.3)
CorelDRAW® Graphics Suite X5 (Version: 15.2.0.686)
CyberLink Media Suite (Version: 8.0.2401)
CyberLink Power2Go (Version: 7.0.0.1126)
CyberLink PowerDVD 10 (Version: 10.0.2312.52)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Futuremark SystemInfo (Version: 3.21.2.1)
GIMP 2.8.2 (Version: 2.8.2)
Glary Utilities 2.52.0.1698 (Version: 2.52.0.1698)
Google Chrome (Version: 24.0.1312.57)
Google Update Helper (Version: 1.3.21.135)
Hotkey 3.3020 (Version: 3.3020)
HP Officejet Pro 8500 A910 Basic Device Software (Version: 22.50.231.0)
HP Officejet Pro 8500 A910 Help (Version: 140.0.2.2)
HP Officejet Pro 8500 A910 Product Improvement Study (Version: 22.50.231.0)
HP Update (Version: 5.002.006.003)
I.R.I.S. OCR (Version: 12.3.4.0)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® PROSet/Wireless WiFi Software (Version: 14.0.2000)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
Intel® SMBus
ITE Infrared Transceiver (Version: 1.00.0000)
Java 7 Update 13 (64-bit) (Version: 7.0.130)
JMicron Ethernet Adapter NDIS Driver (Version: 6.0.21.9)
JMicron Flash Media Controller Driver (Version: 1.0.48.1)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MapleStory
Marketsplash Shortcuts (Version: 1.0.1.7)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Forefront Client Security Antimalware Service (Version: 1.5.1993.0)
Microsoft Forefront Client Security State Assessment Service (Version: 1.0.1703.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Operations Manager 2005 Agent (Version: 5.0.2911.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (Version: 9.0.30729)
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nexon Game Manager
NVIDIA 3D Vision Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.12.0604)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Pando Media Booster (Version: 2.6.0.8)
Paradox
Paradox (Version: 11.4)
Protector Suite 2009 (Version: 5.9.3.6379)
Realtek High Definition Audio Driver (Version: 6.0.1.6132)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.34.0)
ROBLOX Player for anrit
ROBLOX Studio 2013 for anrit
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.6.1014)
Synaptics Pointing Device Driver (Version: 15.0.8.0)
Team Fortress 2
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Visual Basic for Applications ® Core - English (Version: 6.4.99.69)
Visual Basic for Applications ® Core (Version: 6.4.99.69)
WordPerfect Lightning - IPM (Version: 1.0)
WordPerfect Lightning - Messages (Version: 1.0)
WordPerfect Lightning - MSOM (Version: 1.1)
WordPerfect Lightning (Version: 2.0)
WordPerfect Office X5 - Common (Version: 15.0)
Wordperfect Office X5 - EN (Version: 15.0)
WordPerfect Office X5 - Filters (Version: 15.0)
WordPerfect Office X5 - Graphics (Version: 15.0)
WordPerfect Office X5 - IPM (Version: 15.0)
WordPerfect Office X5 - LegalTools (Version: 15.0)
WordPerfect Office X5 - Migration Manager (Version: 15.0)
WordPerfect Office X5 - Oxford (Version: 15.0)
WordPerfect Office X5 - PerfectExperts EN (Version: 15.0)
WordPerfect Office X5 - PR (Version: 15.0)
WordPerfect Office X5 - QP (Version: 15.0)
WordPerfect Office X5 - Setup Files (Version: 15.0)
WordPerfect Office X5 - Sharepoint (Version: 15.0)
WordPerfect Office X5 - Skins (Version: 15.0)
WordPerfect Office X5 - System EN (Version: 15.0)
WordPerfect Office X5 - Templates (Version: 15.0)
WordPerfect Office X5 - WP (Version: 15.0)
WordPerfect Office X5 - WT (Version: 15.0)
WordPerfect Office X5 (Version: 15.0)
WordPerfect Office X5 (Version: 15.0.0.357)

========================= Devices: ================================

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


========================= Memory info: ===================================

Percentage of memory in use: 19%
Total physical RAM: 12279.23 MB
Available physical RAM: 9938.45 MB
Total Pagefile: 24556.65 MB
Available Pagefile: 22043.45 MB
Total Virtual: 4095.88 MB
Available Virtual: 3959.35 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:465.56 GB) (Free:386.38 GB) NTFS

========================= Users: ========================================

User accounts for \\BAEFAE114-SSRBR

anradmin                 anrit                    Guest                    
UpdatusUser              


**** End of log ****
 

 

 

# AdwCleaner v2.111 - Logfile created 02/07/2013 at 18:43:25
# Updated 05/02/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : anrit - BAEFAE114-SSRBR
# Boot Mode : Normal
# Running from : C:\Users\anrit\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****

 

next logs comming soon


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (en-US)

File : C:\Users\anrit\AppData\Roaming\Mozilla\Firefox\Profiles\tq7zny1f.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\anrit\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R4].txt - [947 octets] - [07/02/2013 18:43:25]

########## EOF - C:\AdwCleaner[R4].txt - [1006 octets] ##########
 



#4 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 07 February 2013 - 09:24 PM

The Emisoft EmergencyKit deep scan picked up 2 items. i quarentined them. Upon attempting to open view report, it stopped responding "Emisoft Emergency Kit Is not responding" window pops up.



#5 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 07 February 2013 - 09:39 PM

i've rescanned, C:\ProgramData\cttunsvr.dll appears to be unquarentinable and undeletable

Emsisoft Emergency Kit - Version 3.0
Last update: 2/7/2013 8:25:06 PM

Scan settings:

Scan type: Deep Scan
Objects: Rootkits, Memory, Traces, C:\

Detect Riskware: Off
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start:    2/7/2013 8:26:15 PM

C:\ProgramData\cttunsvr.dll     detected: Trojan.Generic.KDV.839689 (B)
C:\ProgramData\Microsoft\Microsoft Forefront\Client Security\Client\Antimalware\LocalCopy\{750E1215-00D5-1994-A5D5-066F1B133DCA}-mauxi.exe -> (Quarantine-PE)     detected: Trojan.Generic.8682889 (B)

Scanned    460727
Found    2

Scan end:    2/7/2013 9:19:35 PM
Scan time:    0:53:20

 Second Scan

 

Emsisoft Emergency Kit - Version 3.0
Last update: 2/7/2013 8:25:06 PM

Scan settings:

Scan type: Deep Scan
Objects: Rootkits, Memory, Traces, C:\

Detect Riskware: Off
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start:    2/7/2013 9:27:44 PM

C:\ProgramData\cttunsvr.dll     detected: Trojan.Generic.KDV.839689 (B)

Scanned    330939
Found    1

Scan end:    2/7/2013 9:36:48 PM
Scan time:    0:09:04


Quarantined    0
 



#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:14 PM

Posted 08 February 2013 - 07:17 PM

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe


Right Click it Run As Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results



Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log here,


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
post the log here.




Run a scan with Eset. You will need to disable your antivirus during this scan.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.



#7 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 10 February 2013 - 11:59 AM

TDSSKiller did not pick up anything

Malwarebytes did not pick up anything

SuperAntiSpyware picked up a number of cookies i don't remember

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/09/2013 at 01:03 PM

Application Version : 5.6.1014

Core Rules Database Version : 9990
Trace Rules Database Version: 7802

Scan type       : Quick Scan
Total Scan Time : 00:02:37

Operating System Information
Windows 7 Ultimate 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 313
Memory threats detected   : 0
Registry items scanned    : 64753
Registry threats detected : 0
File items scanned        : 10755
File threats detected     : 133

Adware.Tracking Cookie
    C:\Users\anrit\AppData\Roaming\Microsoft\Windows\Cookies\6DISVGUF.txt [ /accounts.google.com ]
    C:\Users\anrit\AppData\Roaming\Microsoft\Windows\Cookies\KGQ14Q7W.txt [ /serving-sys.com ]
    C:\Users\anrit\AppData\Roaming\Microsoft\Windows\Cookies\TABTJ5RP.txt [ /doubleclick.net ]
    C:\Users\anrit\AppData\Roaming\Microsoft\Windows\Cookies\9LQS1VRW.txt [ /accounts.youtube.com ]
    C:\USERS\ANRIT\AppData\Roaming\Microsoft\Windows\Cookies\L1S08438.txt [ Cookie:anrit@www.google.com/accounts ]
    C:\USERS\ANRIT\Cookies\6DISVGUF.txt [ Cookie:anrit@accounts.google.com/ ]
    C:\USERS\ANRIT\Cookies\L1S08438.txt [ Cookie:anrit@www.google.com/accounts ]
    C:\USERS\ANRIT\Cookies\9LQS1VRW.txt [ Cookie:anrit@accounts.youtube.com/accounts ]
    .doubleclick.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    track.prd1.netshelter.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .apmebf.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .apmebf.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .mediaplex.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .ar.atwola.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .atwola.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .steelhousemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    network.realmedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .mediaplex.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    delivery.enigmaadserver.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    delivery.enigmaadserver.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    delivery.enigmaadserver.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    delivery.enigmaadserver.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    delivery.enigmaadserver.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    delivery.enigmaadserver.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .fastclick.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .ad.mlnadvertising.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    ees.rotator.hadj1.adjuggler.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    ees.rotator.hadj1.adjuggler.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    ees.rotator.hadj1.adjuggler.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    ees.rotator.hadj1.adjuggler.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .specificclick.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    track.adform.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .network.realmedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .network.realmedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    network.realmedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    stats.adotube.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .tribalfusion.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .247realmedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .247realmedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    www.burstnet.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\ANRIT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ7ZNY1F.DEFAULT\COOKIES.SQLITE ]

 

 

ESET found 4

 

C:\Users\All Users\cttunsvr.dll    Win32/PSW.Papras.CD trojan    
C:\ProgramData\cttunsvr.dll    Win32/PSW.Papras.CD trojan    cleaned by deleting (after the next restart) - quarantined
C:\Users\anrit\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\13eef480-1f9dc6d7    a variant of Java/Exploit.Agent.NFN trojan    deleted - quarantined
Operating memory    probably a variant of Win32/PSW.Papras.CD trojan    


 



#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:14 PM

Posted 10 February 2013 - 12:28 PM

Download Autoruns and Autorunsc
http://download.sysinternals.com/files/Autoruns.zip
Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply. 

Download and save Rkill to your desktop right click it run it as admin.Post the log.
http://www.bleepingcomputer.com/download/rkill/

 

 

 

Re-run the Deep scan of emisoft in safemode with networking post the log please.



#9 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 10 February 2013 - 02:28 PM

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/10/2013 02:26:23 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 02/10/2013 02:26:35 PM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)
 

 

 

autorun report

 

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Acrobat Assistant 8.0"    "AcroTray"    "Adobe Systems Inc."    "c:\program files (x86)\adobe\acrobat 10.0\acrobat\acrotray.exe"
+ "Adobe Acrobat Speed Launcher"    "Adobe Acrobat SpeedLauncher"    "Adobe Systems Incorporated"    "c:\program files (x86)\adobe\acrobat 10.0\acrobat\acrobat_sl.exe"
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Google Chrome"    "Google Chrome"    "Google Inc."    "c:\program files (x86)\google\chrome\application\24.0.1312.57\installer\chrmstp.exe"
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "findconv"    "Between They largest diagram leant lips."    "RMS WEB"    "c:\programdata\cttunsvr64.dll"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""
+ "text/xml"    "Microsoft Office XML MIME Filter"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""
+ "Groove GFS Stub Execution Hook"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""
+ "Groove GFS Stub Execution Hook"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Adobe.Acrobat.ContextMenu"    "Adobe Acrobat Context Menu"    "Adobe Systems Inc."    "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu64.dll"
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn64.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Adobe.Acrobat.ContextMenu"    "Adobe Acrobat Context Menu"    "Adobe Systems Inc."    "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu.dll"
+ "Glary Utilities"    "Context Menu Handler"    "Glarysoft Ltd"    "c:\program files (x86)\glary utilities\contexthandler.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "SafearchiveContextMenu"    "PSQL file safe"    "UPEK Inc."    "c:\program files\protector suite\farchns.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn64.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "QuickFinderMenu"    "QuickFinder Shell Extensions"    "Corel Corporation"    "c:\program files (x86)\corel\wordperfect office x5\programs\pfse150.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\PropertySheetHandlers"    ""    ""    ""
+ "QuickFinderPage"    "QuickFinder Shell Extensions"    "Corel Corporation"    "c:\program files (x86)\corel\wordperfect office x5\programs\pfse150.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext"    ""    "NVIDIA Corporation"    "c:\windows\system32\nvshext.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Adobe.Acrobat.ContextMenu"    "Adobe Acrobat Context Menu"    "Adobe Systems Inc."    "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu64.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Adobe.Acrobat.ContextMenu"    "Adobe Acrobat Context Menu"    "Adobe Systems Inc."    "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu.dll"
+ "Glary Utilities"    "Context Menu Handler"    "Glarysoft Ltd"    "c:\program files (x86)\glary utilities\contexthandler.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\grooveex.dll"
+ "UEAFOverlay"    "PSQL file safe"    "UPEK Inc."    "c:\program files\protector suite\farchns.dll"
+ "UEAFOverlayOpen"    "PSQL file safe"    "UPEK Inc."    "c:\program files\protector suite\farchns.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"    "Microsoft SharePoint Workspace Extensions"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Conversion Toolbar Helper"    "Adobe PDF Toolbar for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "SmartSelect Class"    "Adobe PDF Toolbar for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "Adobe PDF"    "Adobe PDF Toolbar for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Bing"    "Bing Client Extensions"    "Microsoft Corporation."    "c:\program files (x86)\microsoft\bingbar\7.1.361.0\bingext.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "OneNote Lin&ked Notes"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "OneNote Lin&ked Notes"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote"    "Microsoft OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
"Task Scheduler"    ""    ""    ""
+ "\CCleanerSkipUAC"    "CCleaner"    "Piriform Ltd"    "c:\program files\ccleaner\ccleaner.exe"
+ "\GlaryInitialize"    "Glary Utilities Initialize"    "Glarysoft Ltd"    "c:\program files (x86)\glary utilities\initialize.exe"
X "\HPCustParticipation HP Officejet Pro 8500 A910"    "HP Customer Participation."    "Hewlett-Packard Co."    "c:\program files\hp\hp officejet pro 8500 a910\bin\hpcustpartic.exe"
+ "\Microsoft\Microsoft Forefront\Client Security\Client\Antimalware\MP Scheduled Quick Scan"    "Microsoft Malware Protection Command Line Utility"    "Microsoft Corporation"    "c:\program files\microsoft forefront\client security\client\antimalware\mpcmdrun.exe"
+ "\Microsoft\Microsoft Forefront\Client Security\Client\Antimalware\MP Scheduled Scan"    "Microsoft Malware Protection Command Line Utility"    "Microsoft Corporation"    "c:\program files\microsoft forefront\client security\client\antimalware\mpcmdrun.exe"
+ "\Microsoft\Microsoft Forefront\Client Security\Client\Antimalware\MP Scheduled Signature Update"    "Microsoft Malware Protection Command Line Utility"    "Microsoft Corporation"    "c:\program files\microsoft forefront\client security\client\antimalware\mpcmdrun.exe"
X "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"
X "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "Windows Media Player Network Sharing Service Configuration Application"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"
+ "\RunAsStdUser Task for VeohWebPlayer"    ""    ""    "File not found: C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
+ "\{894A66B5-DCC1-4E7F-A834-4D35E4EE925D}"    "Firefox"    "Mozilla Corporation"    "c:\program files (x86)\mozilla firefox\firefox.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
X "!SASCORE"    "SUPERAntiSpyware Core Service"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sascore64.exe"
+ "AdobeARMservice"    "Adobe Acrobat Updater keeps your Adobe software up to date."    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
X "BBSvc"    "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar."    "Microsoft Corporation."    "c:\program files (x86)\microsoft\bingbar\7.1.361.0\bbsvc.exe"
X "BBUpdate"    "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar."    "Microsoft Corporation."    "c:\program files (x86)\microsoft\bingbar\7.1.361.0\seaport.exe"
+ "CLKMSVC10_38F51D56"    "CyberLink KM Service"    "CyberLink"    "c:\program files (x86)\cyberlink\powerdvd10\navfilter\kmsvc.exe"
+ "EvtEng"    "Manages the event trace messages for all the Intel® PROSet/Wireless Software components."    "Intel® Corporation"    "c:\program files\intel\wifi\bin\evteng.exe"
+ "FCSAM"    "Helps protect users from spyware and other potentially unwanted software"    "Microsoft Corporation"    "c:\program files\microsoft forefront\client security\client\antimalware\msmpeng.exe"
+ "FcsSas"    "Helps protect users by providing security state analysis services to the Microsoft Forefront Security Suite."    "Microsoft Corporation"    "c:\program files\microsoft forefront\client security\client\ssa\fcssas.exe"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "IAStorDataMgrSvc"    "Provides storage event notification and manages communication between the storage driver and user space applications."    "Intel Corporation"    "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "MBAMScheduler"    "Malwarebytes Anti-Malware scheduler"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService"    "Malwarebytes Anti-Malware service"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft SharePoint Workspace Audit Service"    "Microsoft SharePoint Workspace"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MOM"    "Microsoft Operations Manager service."    "Microsoft Corporation"    "c:\program files (x86)\microsoft forefront\client security\client\microsoft operations manager 2005\momservice.exe"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MyWiFiDHCPDNS"    "Wireless PAN DHCP and DNS Server"    ""    "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "NVSvc"    "Provides system and desktop level support to the NVIDIA display driver"    "NVIDIA Corporation"    "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService"    "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server."    "NVIDIA Corporation"    "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc"    "Office Software Protection Platform Service (unlocalized description)"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PnkBstrA"    "PunkBuster Service Component [v1036] http://www.evenbalance.com"    ""    "c:\windows\syswow64\pnkbstra.exe"
+ "PowerBiosServer"    "WMI"    ""    "c:\program files (x86)\hotkey\powerbiosserver.exe"
+ "PSI_SVC_2"    "This service provides Protexis licensing functionalty."    "Protexis Inc."    "c:\program files (x86)\common files\protexis\license service\psiservice_2.exe"
+ "RegSrvc"    "Provides registry access to all Intel® PROSet/Wireless Software components"    "Intel® Corporation"    "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "Steam Client Service"    "Steam Client Service monitors and updates Steam content"    "Valve Corporation"    "c:\program files (x86)\common files\steam\steamservice.exe"
+ "Stereo Service"    "Provides system support for NVIDIA Stereoscopic 3D driver"    "NVIDIA Corporation"    "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "WinDefend"    "Protection against spyware and potentially unwanted software"    "Microsoft Corporation"    "c:\program files\windows defender\mpsvc.dll"
X "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
+ "XTUService"    "Intel Extreme Tuning Utility hardware interface."    "Intel Corporation"    "c:\program files (x86)\common files\intel\intel extreme tuning utility\perftuneservice.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "A2DDA"    "Emsisoft Direct Disk Access Support Driver"    "Emsi Software GmbH"    "c:\users\anrit\documents\emsisoftemergencykit\run\a2ddax64.sys"
+ "adp94xx"    "Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"    "Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"    "Adaptec StorPort Ultra320 SCSI Driver (X64)"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"
+ "aliide"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"
+ "amdsata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"    "Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"
+ "arc"    "Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"    "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"    "Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"    "Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide"    "CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"
+ "EagleX64"    ""    ""    "File not found: C:\Windows\system32\drivers\EagleX64.sys"
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbda.sys"
+ "elxstor"    "Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir"    "Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor"    "Intel Rapid Storage Technology driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV"    "Intel Matrix Storage Manager driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp"    "Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService"    "Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IOCBIOS"    "Intel® Overclocking Device Driver"    "Intel Corporation"    "c:\programdata\intel\extreme tuning utility\iocbios\64bit\iocbios.sys"
+ "itecir"    "ITE Consumer IR Driver for eHome"    "ITE Tech. Inc. "    "c:\windows\system32\drivers\itecir.sys"
+ "JMCR"    "JMicron JMB38X Flash Media Controller Driver"    "JMicron Technology Corporation"    "c:\windows\system32\drivers\jmcr.sys"
+ "JME"    "JMicron NDIS6.20 Driver"    "JMicron Technology Corp."    "c:\windows\system32\drivers\jme.sys"
+ "LSI_FC"    "LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"    "LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\windows\system32\drivers\mbam.sys"
+ "megasas"    "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"
+ "MpKsl8fc73be4"    ""    ""    "File not found: C:\ProgramData\Microsoft\Microsoft Forefront\Client Security\Client\Antimalware\Definition Updates\{78A01DD3-FB85-402C-8874-C76B824C8983}\MpKsl8fc73be4.sys"
+ "NETwNs64"    "Intel® Wireless WiFi Link Driver"    "Intel Corporation"    "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960"    "IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub"    "USB 3.0 Hub Driver"    "Renesas Electronics Corporation"    "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc"    "USB 3.0 Host Controller Driver"    "Renesas Electronics Corporation"    "c:\windows\system32\drivers\nusb3xhc.sys"
+ "NVHDA"    "NVIDIA HDMI Audio Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm"    "NVIDIA Windows Kernel Mode Driver, Version 306.97 "    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300"    "QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"    "QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"
+ "SASDIFSV"    "SASDIFSV64.SYS"    "SUPERAdBlocker.com and SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL"    "SASKUTIL64.SYS"    "SUPERAdBlocker.com and SUPERAntiSpyware.com"    "c:\program files\superantispyware\saskutil64.sys"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "Serial"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"
+ "smbusp"    "System Management Bus 2.0 (SMBus) Driver"    "Intel Corporation"    "c:\windows\system32\drivers\intelsmb.sys"
+ "stexstor"    "Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP"    "Synaptics Touchpad Driver"    "Synaptics Incorporated"    "c:\windows\system32\drivers\syntp.sys"
+ "VGPU"    ""    ""    "File not found: System32\drivers\rdvgkmd.sys"
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "CyberLink Audio Decoder (PDVD10)"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claud.ax"
+ "CyberLink Audio Decoder(PDVD10 UPnP)"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\upnp\claud.ax"
+ "CyberLink Audio Effect (PDVD10)"    "CyberLink Audio Effect Filter"    "CyberLink Corporation"    "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claudfx.ax"
+ "CyberLink Audio Noise Reduction"    "CLAuNR"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler"    "CLAuRsmpl.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio Spectrum Analyzer(PDVD10 UPnP)"    "CLAudSpa.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\upnp\claudspa.ax"
+ "CyberLink Audio VolumeBooster"    "CyberLink Audio Volume Booster Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink Audio Wizard"    "CyberLink Audio Wizard Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter"    "CyberLink AudioCD Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "CyberLink AudioCD Filter (PDVD10)"    "CyberLink AudioCD Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claudiocd.ax"
+ "CyberLink AVCHD Navigator"    "CLBDROMNav"    "cyberlink"    "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clavchdnav.ax"
+ "CyberLink Demultiplexer(PDVD10 UPnP)"    "MPEG-2 Dempltiplexer"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\upnp\cldemuxer.ax"
+ "Cyberlink Demuxer 2.0"    "CLDemuxer2"    "Cyberlink"    "c:\program files (x86)\cyberlink\powerdvd10\navfilter\cldemuxer2.ax"
+ "CyberLink Digest Filter (PDVD10)"    "DigestFilter Dynamic Link Library"    ""    "c:\program files (x86)\cyberlink\powerdvd10\digestfilter.dll"
+ "CyberLink DVD Navigator (PDVD10)"    "CyberLink DVD Navigation Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clnavx.ax"
+ "Cyberlink File Reader (Async.)"    "Cyberlink MPEG File Reader"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink FLV Splitter(PDVD10)"    "CyberLink FLV Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clflvsplitter.ax"
+ "CyberLink HAM Decoder"    "CyberLink 264 Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clcvd.ax"
+ "CyberLink HD/BD Mixer (PDVD10)"    "CLHBMixer"    " "    "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\clhbmixer.ax"
+ "CyberLink Line21 Decoder (PDVD10)"    "CyberLink Line21 Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clline21.ax"
+ "CyberLink Matroska Splitter(PDVD10)"    "CyberLink Matroska Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clmkvsplter.ax"
+ "CyberLink MP3/WAV Wrapper"    "CyberLink MP3 Wrapper"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\upnp\clsplter.ax"
+ "CyberLink MPEG Splitter"    "CyberLink MPEG Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clsplter.ax"
+ "CyberLink MPEG-4 Splitter (PDVD10)"    "CyberLink MPEG-4 Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clm4splt.ax"
+ "CyberLink PCM Wrapper"    "CyberLink PCM Wrapper"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink Push-Mode CLStream(PDVD10)"    "CLStream"    "CyberLink"    "c:\program files (x86)\cyberlink\powerdvd10\upnp\clstream(pushmode).ax"
+ "CyberLink RealAudio Decoder(PDVD10)"    "CyberLink RealMedia Audio Decoder"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\clrmaud.ax"
+ "CyberLink RealMedia Splitter(PDVD10)"    "CyberLink RealMedia Splitter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clrmsplitter.ax"
+ "CyberLink RealVideo Decoder(PDVD10)"    "CyberLink RealMedia Video Decoder"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clrmvd.ax"
+ "CyberLink Streamming Filter(PDVD10)"    "Cyberlink Streaming Source Filter(Scramble)"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\upnp\clstream.ax"
+ "Cyberlink SubTitle Importor (PDVD10)"    "CLSubTitle.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clsubtitle.ax"
+ "Cyberlink SubTitle Importor 2.0 (PDVD10)"    "CLSubTitle.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD10)"    "CLAuTS.ax"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\clauts.ax"
+ "CyberLink Tzan Filter (PDVD10)"    "Cyberlink Tzan Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\videofilter\cltzan.ax"
+ "CyberLink Video Decoder (PDVD10)"    "CyberLink 264 Decoder Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clcvd.ax"
+ "CyberLink Video Regulator"    "CLRGL"    "Cyberlink"    "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video/SP Decoder (PDVD10)"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clvsd.ax"
+ "CyberLink Video/SP Decoder(PDVD10 UPnP)"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files (x86)\cyberlink\powerdvd10\upnp\clvsd.ax"
+ "CyberLink WMV/WMA Demux(PDVD10)"    "WMV/WMA Demux"    "CyberLink"    "c:\program files (x86)\cyberlink\powerdvd10\upnp\clwmfdemux.ax"
+ "P2G Audio Encoder"    "CyberLink Audio Encoder Filter"    "Cyberlink Corp."    "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"    ""    ""    ""
+ "Provider Object"    "Windows Vista Credential Provider"    "UPEK Inc."    "c:\program files\protector suite\provider.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters"    ""    ""    ""
+ "Provider Filter Object"    "Windows Vista Credential Provider"    "UPEK Inc."    "c:\program files\protector suite\provider.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""
+ "psfus"    "Logon stub"    "UPEK Inc."    "c:\program files\protector suite\psqlpwd.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""
+ "Adobe PDF Port Monitor"    "Adobe PDF Port  Monitor DLL"    "Adobe Systems Inc"    "c:\windows\system32\adobepdf.dll"
+ "HP 5312 Status Monitor"    "Print Status Language Monitor"    "Hewlett-Packard Co."    "c:\windows\system32\hpinksts5312lm.dll"
+ "HP Discovery Port Monitor (HP Officejet Pro 8500 A910)"    "HP Discovery Port Monitor"    "Hewlett-Packard Co."    "c:\windows\system32\hpdiscopm5312.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages"    ""    ""    ""
+ "C:\Program Files\Protector Suite\psqlpwd.dll"    "Logon stub"    "UPEK Inc."    "c:\program files\protector suite\psqlpwd.dll"
 



#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:14 PM

Posted 11 February 2013 - 04:17 AM

That all looks good how is the original issue?



#11 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 13 February 2013 - 10:54 PM

firefox is stable, youtube and flash works again

IE still does the close thing



#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:14 PM

Posted 13 February 2013 - 11:01 PM

Open Autoruns and untick the items below.
 
These are under........ "Task Scheduler"    
 

+ "\CCleanerSkipUAC"    "CCleaner"    "Piriform Ltd"    "c:\program files\ccleaner\ccleaner.exe"
+ "\GlaryInitialize"    "Glary Utilities Initialize"    "Glarysoft Ltd"    "c:\program files (x86)\glary utilities\initialize.exe"
+ "\RunAsStdUser Task for VeohWebPlayer"    ""    ""    "File not found: C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
+ "\{894A66B5-DCC1-4E7F-A834-4D35E4EE925D}"    "Firefox"    "Mozilla Corporation"    "c:\program files (x86)\mozilla firefox\firefox.exe"

 

 
 
Open your device manager then left click your network adapters then right click and select uninstall for your wireless and wired connections.



Reboot your machine.

Hit start
Control Panel
NetWork & Sharing Center
Manage Network Connections
Right Click Your Connection
Select Properties
Un-Check Ipv6
Select ok





Run the Fix it below this remove the Tunnel Adapters from your machine.
http://go.microsoft.com/?linkid=9728872


 

Optimize your dns with DNS jumper.
Run hit the fastest dns button 
Allow it to finsh 
Then hit apply dns.
Close the program.



Open Elevated Command Prompt Click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.Now type or copy and paste the commands below one at a time hitting enter after each.

ipconfig /flushdns

ipconfig /registerdns

net stop "dns client"

net start "dns client"


nbtstat -R

nbtstat -RR

netsh winsock reset catalog

Exit

Restart computer.



After completing the above task then Please download TFC by Old Timer and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it.If TFC doesnt prompt a reboot then please do so manually

 

 

Please let me know how the machine is now. 

 



#13 goal

goal
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 23 March 2013 - 08:32 PM

sorry i neglected to update in such a long time. the fixes were all pretty much temporary. browsing is fast for a while, but after a few days or so, and update prompt will slow down all the browsers. loading the webpage for most browsers seem to be the problem, once on it runs smoothly. firefox is still consuming large amounts of memory with IE still having unexpected error shutdowns (usually with pages with animation or flash, returning to the same webpage right after still crashes, does not apply to specific webpages; sporadic). I've mostly been using chrome and that's still slow to load webpages. the wireless connection is fine. Also youtube works but still takes time to buffer randomly within the video


Edited by goal, 23 March 2013 - 08:33 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users