Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No internet access


  • This topic is locked This topic is locked
6 replies to this topic

#1 AFguy11

AFguy11

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:36 PM

Posted 01 September 2014 - 01:18 PM

When I am in regular windows I am not able to access the internet although it says I have internet access. But when I am in safe mode with networking I am able to access the internet. I already done what I thought was the obvious: checked my DNS servers, no private IP addresses, etc. also I checked my host file and found a few extra entries. Please help and thank you in advance.

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 10.0.9200.17054  BrowserJavaVersion: 10.65.2
Run by Tomaso Viciano at 14:05:34 on 2014-09-01
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.6057.4367 [GMT -4:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
SP: Kaspersky Internet Security *Enabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Enabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [DellSystemDetect] C:\Users\Tomaso Viciano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
uRun: [HP Officejet 6600 (NET)] "C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe" -deviceID "CN2BG5RH2V05RN:NW" -scfn "HP Officejet 6600 (NET)" -AutoStart 1
uRun: [Spark] C:\Program Files (x86)\Spark\Spark.exe
uRun: [eyeBeam SIP Client] <no file>
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [JunosPulse] C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe -tray
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\TOMASO~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll
Trusted Zone: comtrac
Trusted Zone: dell.com
Trusted Zone: vision
DPF: {538793D5-659C-4639-A56C-A179AD87ED44} - hxxps://partnervpn.support.com/CACHE/stc/1/binaries/vpnweb.cab
DPF: {53A8AEF8-5503-4B78-A091-634BB68DEECE} - hxxps://operations.plumchoice.com/cvpn/aHR0cHM6Ly8xMC4xMDIuOTEuNTI/SecureAuth5/4430/SecureAuth.cab
DPF: {979B3FE4-7C7E-45AD-85E4-5A737690AF53} - hxxp://grandslam.cable.comcast.com/cdt/CTIControls/ContactBehaviors.dll
DPF: {A5A5E1FF-FFEF-3FEF-B592-C6D194F4383F} - hxxps://partnervpn.support.com/CACHE/sdesktop/install/binaries/instweb.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{0BA7C521-99FB-4D60-8B21-3D996AA88F93} : NameServer = 208.67.222.220,208.67.220.220
TCP: Interfaces\{0BA7C521-99FB-4D60-8B21-3D996AA88F93} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{853EFBB0-37F7-49D9-A3C9-AD84492FC2DF} : NameServer = 208.67.222.220,208.67.220.220
TCP: Interfaces\{853EFBB0-37F7-49D9-A3C9-AD84492FC2DF} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{853EFBB0-37F7-49D9-A3C9-AD84492FC2DF}\14275616530303 : NameServer = 208.67.222.220,208.67.220.220
TCP: Interfaces\{853EFBB0-37F7-49D9-A3C9-AD84492FC2DF}\14275616530303 : DHCPNameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{A674143F-75DD-4E6D-A265-79D87DF0C093} : NameServer = 172.16.100.10,172.16.100.9
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-DPF: {AA570693-00E2-4907-B6F1-60A1199B030C} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 jnprns;Juniper Network Service;C:\Windows\System32\drivers\jnprns.sys [2014-7-20 506160]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2014-2-25 30304]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2014-3-25 55904]
R3 JNPRNA;Juniper Network Agent Miniport;C:\Windows\System32\drivers\jnprna6.sys [2014-7-20 522544]
R3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service;C:\Windows\System32\drivers\jnprvamgr.sys [2014-3-13 45352]
R3 klflt;Kaspersky Lab Kernel DLL;C:\Windows\System32\drivers\klflt.sys [2014-8-13 140352]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S1 klhk;klhk;C:\Windows\System32\drivers\klhk.sys [2014-8-13 243808]
S1 klpd;klpd;C:\Windows\System32\drivers\klpd.sys [2013-4-12 15456]
S1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2014-3-26 179296]
S2 AVP15.0.0;Kaspersky Anti-Virus Service 15.0.0;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [2014-4-20 233552]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2014-1-14 198664]
S2 JuniperAccessService;Juniper Unified Network Service;C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [2014-3-20 158040]
S2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-1-27 5052224]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [2014-1-24 81536]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 jnprva;Juniper Networks Virtual Adapter Service;C:\Windows\System32\drivers\jnprva.sys [2014-1-14 30072]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2014-3-28 28768]
S3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-8-8 29280]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-16 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-16 180736]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-1-24 19456]
S3 ssmirrdr;ssmirrdr;C:\Windows\System32\drivers\ssmirrdr.sys [2013-4-30 10112]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-2-17 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-1-24 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-1-24 1255736]
S4 jnprTdi_803_44471;Juniper Networks TDI Filter Driver (jnprTdi_803_44471);C:\Windows\System32\drivers\jnprTdi_803_44471.sys [2014-7-20 108336]
.
=============== Created Last 30 ================
.
2014-09-01 17:52:40 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4694EAEA-16F6-4F06-ABCA-AECBB4A3B41B}\offreg.dll
2014-09-01 17:35:23 -------- d-----w- C:\ProgramData\Malwarebytes
2014-08-13 22:32:15 -------- d-----w- C:\Users\Tomaso Viciano\AppData\Roaming\TeamViewer
2014-08-13 21:50:41 -------- d-----w- C:\Users\Tomaso Viciano\AppData\Local\Skyhook Wireless
2014-08-13 19:29:00 110176 ----a-w- C:\Windows\System32\klfphc.dll
2014-08-13 19:28:15 -------- d-----w- C:\Windows\ELAMBKUP
2014-08-13 19:28:14 -------- d-----w- C:\ProgramData\Kaspersky Lab
2014-08-13 19:28:14 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2014-08-13 19:27:58 243808 ----a-w- C:\Windows\System32\drivers\klhk.sys
2014-08-13 19:27:58 140352 ----a-w- C:\Windows\System32\drivers\klflt.sys
2014-08-13 07:01:26 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2014-08-13 07:01:26 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2014-08-13 07:01:26 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2014-08-13 07:01:26 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2014-08-13 07:01:25 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-08-13 07:01:25 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-08-13 07:01:10 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-13 07:01:10 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-08-05 17:20:22 227728 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
==================== Find3M  ====================
.
2014-08-07 02:06:41 529920 ----a-w- C:\Windows\System32\aepdu.dll
2014-08-07 02:01:34 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-07-24 12:10:54 2240000 ----a-w- C:\Windows\System32\wininet.dll
2014-07-24 12:09:37 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2014-07-24 12:09:33 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-07-24 12:09:33 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-07-24 12:09:00 1508864 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-07-24 10:52:27 1766400 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-07-24 10:51:27 2861568 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-07-24 10:51:22 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-07-24 10:51:22 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-07-24 10:51:02 1440768 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-07-24 10:33:52 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-07-24 10:29:20 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-07-24 09:37:18 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-07-24 09:32:28 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-07-16 03:25:04 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-07-16 02:46:24 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-07-16 02:12:11 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-07-14 02:02:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-07-11 07:02:05 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-09 15:57:14 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 15:57:14 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 14:06:02.40 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:08:36 PM

Posted 02 September 2014 - 05:04 PM

hi,

 

Try disabling the Kaspersky firewall component and check internet access. May have to reboot machine after disabling it.

 

Do you know what this is: C:\Program Files (x86)\Spark\Spark.exe

 

Is this a VPN type service?: JuniperAccessService. Might try disabling it also if its active.

 

Post back with results.


How Can I Reduce My Risk to Malware?


#3 AFguy11

AFguy11
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:36 PM

Posted 02 September 2014 - 11:56 PM

First I want to say thanks for your help in advance and for the reply. Next I want to give you some additional information in response in what you have asked me to do so far. I actually installed Kaspersky after I encountered the issue with the internet. It did not find anything. I also ran Anti-Malware Bytes and it found nothing at all. I do know what the Spark application is ( a chat software similar to yahoo messenger without all of the fancy GUI, that we used when I worked for Comcast at home). And the Juniper Access service is a VPN client for my new job; I have it on my laptop and I have never had any issues. But I will uninstall both if you think it will resolve the issue? Let me also give you a little more information. I assumed it was a virus or hijacking of some sort because I checked my host file and it had two additional entries that were not suppose to be in a normal host file. What do you think it was I am also submitting a screen shot of the host file I had before I changed it back to normal.

Attached Files



#4 shelf life

shelf life

  • Malware Response Team
  • 2,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:08:36 PM

Posted 03 September 2014 - 05:17 PM

thanks for the info. The reason i suspected the FW is because it wouldnt be active in safe mode. Your log looks ok, I dont recogonize any malware anyway.

Malwarebytes coming up clean is always good,  also malware wants and needs a outbound connection to be successful.  I dont see anything wrong with the host file.

So what happens when you click on Chrome or IE? You get that no connection window thingy?  If you brought up task manager do you see Chrome or IE listed under the process tab?

 

Lets see what this shows first, run it after a normal bootup even without a connection. the ping results will show if you really are or are not connected.

 

Download
http://www.bleepingcomputer.com/download/minitoolbox/dl/65/

Checkmark following 3 boxes:

List IP configuration
List Winsock Entries
List last 10 Event Viewer log


Click Go and post the generated result log.  Then reboot into safe mode and run it again and post that log.


How Can I Reduce My Risk to Malware?


#5 AFguy11

AFguy11
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:36 PM

Posted 05 September 2014 - 02:26 AM

I want to tell you  THANKS SO MUCH! It was the Junos. I never suspected it because I have it on my laptop, and I have no problems at all. I disabled it when I first started my computer up and I instantly was able to get on the internet again. I would have never suspected that was causing the issue. THANK YOU ONCE AGAIN. 



#6 shelf life

shelf life

  • Malware Response Team
  • 2,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:08:36 PM

Posted 06 September 2014 - 01:53 PM

Ok good. Your welcome. Happy safe surfing out there.


How Can I Reduce My Risk to Malware?


#7 shelf life

shelf life

  • Malware Response Team
  • 2,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:08:36 PM

Posted 23 December 2014 - 09:31 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users