Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet connection slows down to a crawl.


  • Please log in to reply
5 replies to this topic

#1 littlefizz

littlefizz

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:16 AM

Posted 19 October 2015 - 05:55 PM

I originally posted on the "am I infected" forum.....they sent these instructions to send to this forum.

 

Thanks for your  help.

 

 

------------

 

 
  • photo-thumb-72247.gif?_r=0
  • Malware Response Team
  • 28,353 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:49 PM

Posted Today, 01:24 PM

Quote

Did an ipconfig /all and found something called Teredo Tunneling Pseudo-Interface. Could that be a problem


May be may be not . It's part of your TCP/IP If something was wrong you would have problems all the time.
https://en.wikipedia.org/wiki/Teredo_tunneling

Are you alone one this Router/Lan?

You may want to start a new topic in the Networking forum
http://www.bleepingcomputer.com/forums/f/21/networking/

Please download MiniToolBox to Desktop and run it.
Submit the logs in the Networking forum for advice from an export.

Check mark the following boxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List last 10 Event Viewer log
  • List content of Hosts
  • List IP Configuration
  • List Winsock Entries
  • List Installed Programs
  • List Users, Partitions and Memory size
  • List Devices (problems only)
  • List Minidump Files
  • List Restore Points
  • Click Go and copy/paste the log (Result.txt) into your next post.
  • Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
================

Keep me posted. 

-------------------------------------------------------------------------

 

MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by Jean (administrator) on 19-10-2015 at 17:50:34
Running from "C:\Users\Jean\Desktop"
Microsoft Windows 8.1 Pro  (X64)
Model: XPS 8500 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Ethernet (Connected)
Dell Wireless 1703 802.11b|g|n (2.4GHz) = Wi-Fi (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : HardwoodMain
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Local Area Connection* 13:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
   Physical Address. . . . . . . . . : 5A-76-3F-3C-A5-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 90-B1-1C-A7-B4-01
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, October 19, 2015 6:32:37 AM
   Lease Expires . . . . . . . . . . : Tuesday, October 20, 2015 6:32:37 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 1A-76-3F-3C-A5-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : B8-76-3F-3C-A5-FA
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Dell Wireless 1703 802.11b|g|n (2.4GHz)
   Physical Address. . . . . . . . . : B8-76-3F-3C-A5-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{1889D82F-5BCF-4391-978A-3D3573EDFFE3}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 14:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:3c99:d169:b58f:2a79(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::3c99:d169:b58f:2a79%7(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 150994944
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-15-53-0E-B8-76-3F-3C-A5-F9
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
 
Name:    google.com
Addresses:  2607:f8b0:4009:807::1001
 4.59.40.98
 4.59.40.123
 4.59.40.93
 4.59.40.109
 4.59.40.88
 4.59.40.108
 4.59.40.118
 4.59.40.103
 4.59.40.119
 4.59.40.84
 4.59.40.114
 4.59.40.89
 4.59.40.94
 4.59.40.99
 4.59.40.104
 4.59.40.113
 
 
Pinging google.com [4.59.40.98] with 32 bytes of data:
Reply from 4.59.40.98: bytes=32 time=44ms TTL=57
Reply from 4.59.40.98: bytes=32 time=1869ms TTL=57
 
Ping statistics for 4.59.40.98:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 44ms, Maximum = 1869ms, Average = 956ms
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  8.8.8.8
 
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:44:204::a7
 2001:4998:c:a06::2:4008
 98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=256ms TTL=53
Reply from 98.138.253.109: bytes=32 time=76ms TTL=53
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 76ms, Maximum = 256ms, Average = 166ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 19...5a 76 3f 3c a5 f9 ......Microsoft Hosted Network Virtual Adapter
  9...90 b1 1c a7 b4 01 ......Realtek PCIe GBE Family Controller
  8...1a 76 3f 3c a5 f9 ......Microsoft Wi-Fi Direct Virtual Adapter
  5...b8 76 3f 3c a5 fa ......Bluetooth Device (Personal Area Network)
  3...b8 76 3f 3c a5 f9 ......Dell Wireless 1703 802.11b|g|n (2.4GHz)
  1...........................Software Loopback Interface 1
  6...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  7...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    276
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  7    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  7    306 2001::/32                On-link
  7    306 2001:0:9d38:6ab8:3c99:d169:b58f:2a79/128
                                    On-link
  7    306 fe80::/64                On-link
  7    306 fe80::3c99:d169:b58f:2a79/128
                                    On-link
  1    306 ff00::/8                 On-link
  7    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
Error: (10/19/2015 12:04:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: HardwoodMain)
Description: Activation of app Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (10/18/2015 07:27:00 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (10/18/2015 07:05:14 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: The volume Recovery was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (10/18/2015 06:48:40 PM) (Source: Perflib) (User: )
Description: rdyboost4
 
Error: (10/18/2015 06:48:40 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (10/18/2015 12:05:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: HardwoodMain)
Description: Activation of app Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (10/18/2015 07:04:21 AM) (Source: Microsoft-Windows-Defrag) (User: )
Description: The volume Recovery was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (10/17/2015 03:08:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: HardwoodMain)
Description: Activation of app Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (10/17/2015 07:28:38 AM) (Source: Microsoft-Windows-Defrag) (User: )
Description: The volume Recovery was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (10/17/2015 07:02:57 AM) (Source: Perflib) (User: )
Description: rdyboost4
 
 
System errors:
=============
Error: (10/19/2015 09:33:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Microsoft.BingWeather.
 
Error: (10/19/2015 09:33:27 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Microsoft.BingFinance.
 
Error: (10/19/2015 09:33:27 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Microsoft.BingFinance.
 
Error: (10/19/2015 09:33:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Microsoft.BingTravel.
 
Error: (10/19/2015 09:33:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Microsoft.BingFinance.
 
Error: (10/19/2015 09:33:17 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Microsoft.BingNews.
 
Error: (10/19/2015 09:33:17 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Microsoft.BingNews.
 
Error: (10/19/2015 09:33:13 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Microsoft.BingWeather.
 
Error: (10/19/2015 09:33:13 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Microsoft.BingSports.
 
Error: (10/19/2015 09:33:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Microsoft.BingWeather.
 
 
Microsoft Office Sessions:
=========================
Error: (10/19/2015 12:04:54 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: HardwoodMain)
Description: Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong-2144927148
 
Error: (10/18/2015 07:27:00 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (10/18/2015 07:05:14 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: RecoveryThe parameter is incorrect. (0x80070057)
 
Error: (10/18/2015 06:48:40 PM) (Source: Perflib)(User: )
Description: rdyboost4
 
Error: (10/18/2015 06:48:40 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (10/18/2015 12:05:59 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: HardwoodMain)
Description: Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong-2144927148
 
Error: (10/18/2015 07:04:21 AM) (Source: Microsoft-Windows-Defrag)(User: )
Description: RecoveryThe parameter is incorrect. (0x80070057)
 
Error: (10/17/2015 03:08:00 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: HardwoodMain)
Description: Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong-2144927148
 
Error: (10/17/2015 07:28:38 AM) (Source: Microsoft-Windows-Defrag)(User: )
Description: RecoveryThe parameter is incorrect. (0x80070057)
 
Error: (10/17/2015 07:02:57 AM) (Source: Perflib)(User: )
Description: rdyboost4
 
 
=========================== Installed Programs ============================
 
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{5AE0838D-19B1-5D12-5FE8-E6503B2C8716}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
calibre (HKLM-x32\...\{3091A8EB-386B-46D7-8E19-4139424261DD}) (Version: 1.24.0 - Kovid Goyal)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell System Detect - 1  (HKCU\...\73f463568823ebbe) (Version: 6.6.0.1 - Dell)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.9.0.5 - Dell)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.53.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.42.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-820 Series Printer Uninstall (HKLM\...\EPSON XP-820 Series) (Version:  - SEIKO EPSON Corporation)
Epson XP-820 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson XP-820 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{F983229B-587E-4322-BCB9-D7A49734E5CD}) (Version: 3.0.0.0 - SEIKO EPSON CORPORATION)
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Family Tree Maker 2014 (HKLM\...\{39EF38DF-2727-4C09-A165-FD3B87BA3AE9}) (Version: 22.0.207 - Ancestry.com, Inc.) Hidden
Family Tree Maker 2014 (HKLM-x32\...\Family Tree Maker 2014) (Version: 22.0.207 - Ancestry.com, Inc.)
FastStone Image Viewer 4.9 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.9 - FastStone Soft)
Ghostery (HKLM-x32\...\Ghostery) (Version:  - Ghostery Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Heredis 2014 (HKLM\...\Heredis 2014_is1) (Version:  - BSD Concept)
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iolo technologies' System Mechanic Professional (HKLM-x32\...\{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1) (Version: 11.0.3 - iolo technologies, LLC)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Kaspersky Internet Security (HKLM-x32\...\{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.396 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.396 - Kaspersky Lab)
Living Cookbook 2013 (HKCU\...\Living Cookbook 2013) (Version: 4.0.40 - Radium Technologies, Inc.)
Living Cookbook 2013 (HKLM-x32\...\{FB941DEF-00ED-45B5-8A48-30CCAAE161D4}) (Version: 4.0.40 - Radium Technologies) Hidden
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Professional 2013 - en-us (HKLM\...\ProfessionalRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MotoCast (HKLM-x32\...\{5401CEE8-3C2D-4835-A802-213306537FF4}) (Version: 2.0.31 - Motorola Mobility)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
MOTOROLA MEDIA LINK (HKLM-x32\...\{378397D6-FD32-4092-A854-6A75CB7EDA46}) (Version: 1.9.0002.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 en-US)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.12.00 - NETGEAR Inc.)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.7.18 - Intuit)
Quicken 2015 (HKLM-x32\...\{00C2D443-43D9-4550-ABEA-318288E23E57}) (Version: 24.1.1.11 - Intuit)
Smart Label Printer 7.1.0 (HKLM-x32\...\{275B8FD7-87CD-485F-ADC7-4FC50B1B00D5}) (Version: 7.1.0432 - Seiko Instruments Inc.)
Sound Blaster Recon3D PCIe (HKLM-x32\...\{33EA4E98-B70D-478C-BFAC-B305DA105410}) (Version: 1.00.23 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{EC1D58F3-BD94-4CF2-87C2-832985F73E39}) (Version: 1.0 - Creative Technology Limited)
Transcript 2.4.0 (HKLM-x32\...\Transcript) (Version: 2.4.0 - Jacob Boerema)
TreeSize Free V3.3.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.3.2 - JAM Software)
Verizon Software Upgrade Assistant (HKLM-x32\...\{BCF6EF87-6C48-4E69-A5CB-E5E0961948E1}) (Version: 14.09.1701 - Motorola Mobility) Hidden
Verizon Wireless Software Upgrade Assistant for Motorola (HKLM-x32\...\{9BEDD987-AC68-44D2-8803-EC0650F6C43F}) (Version: 1.4.3 - Motorola Mobility)
WD Drive Utilities (HKLM-x32\...\{22662b08-91e0-4540-bb98-c96f32e09417}) (Version: 1.3.0.18 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{DD0C1657-A79B-4FED-B70C-26C1FE50BFB5}) (Version: 1.3.0.18 - Western Digital Technologies, Inc.) Hidden
WD Security (HKLM-x32\...\{429a42d7-4c55-44d4-b38a-5872a0d70495}) (Version: 1.3.0.18 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{F1D5FC88-4EE0-4D0B-917B-60E930142FB9}) (Version: 1.3.0.18 - Western Digital Technologies, Inc.) Hidden
WD SmartWare (HKLM\...\{EC54143B-24CC-47D2-AB39-0F5701988BA4}) (Version: 2.1.0.11 - Western Digital Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
 
========================= Devices: ================================
 
Name: Photosmart C309a series
Description: Photosmart C309a series
Class Guid: 
Manufacturer: 
Service: 
Device ID: ROOT\MULTIFUNCTION\0000
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 16%
Total physical RAM: 24536.95 MB
Available physical RAM: 20572.81 MB
Total Virtual: 28120.95 MB
Available Virtual: 22773.34 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:237.96 GB) (Free:25.44 GB) NTFS
7 Drive i: (My Book) (Fixed) (Total:3725.99 GB) (Free:3463.27 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\HARDWOODMAIN
 
Admin                    Administrator            Guest                    
Jean                     Rolly                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
03-10-2015 15:20:26 zoek.exe restore point
11-10-2015 12:17:24 Scheduled Checkpoint
19-10-2015 00:26:59 Scheduled Checkpoint
 
**** End of log ****
 


BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:01:16 AM

Posted 21 October 2015 - 06:55 PM

Ok so as far as you know you are malware free? Didnt see a link back to the other forum.

Any other machines on your network?

Anybody file sharing streaming media or gaming? 

Slow down random or all the time? All machines slow? You have tried rebooting your machine and power cycling your router?  the questions help.

Only online once or twice per day so you may not get a reply back from me until the following day.


How Can I Reduce My Risk to Malware?


#3 littlefizz

littlefizz
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:16 AM

Posted 21 October 2015 - 08:49 PM

Thank you for your assistance.

 

Here's  the link to the malware forum post.

 

http://www.bleepingcomputer.com/forums/t/592227/81-internet-connection-drops-or-is-extremely-slow-possible-infection/

 

Other Machines:

 

Epson xp-820 printer

2 android phones  & 1 Samsung Nook (also have Kaspersky installed)

Occasionally, a laptop   (also has Kaspersky)

 

We do not do gaming and the only streaming we do is occasional youtube or facebook videos.

 

Yes...the speed varies......It's better after I do ipconfig and netsh, but eventually slows down.

 

I've run disk cleanup.  Defrag is on a schedule and is current.

 

It seems to affect all connected devices.

 

Yes, I have restarted the computer multiple times, reset the modem (from ISP) and even reset the router (Netgear Nighthawk R7000) to factory default. ( and, of course, then have to update firmware).

 

I'm really puzzled about what can be causing this.   



#4 shelf life

shelf life

  • Malware Response Team
  • 2,651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:01:16 AM

Posted 22 October 2015 - 04:07 PM

ok lets try this: uninstall system mechanic via the add/remove programs panel. then reboot machine.

 

This type of all in one, fix, boost, improve, speedup, clean, optimize (add adjectives here) etc software is alot more hype than substance. Worth a try anyway at this point.


How Can I Reduce My Risk to Malware?


#5 littlefizz

littlefizz
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:16 AM

Posted 23 October 2015 - 06:31 PM

Thanks for the help.

 

I uninstalled System Mechanic.  After a couple restarts, internet is still slow. 

 

 

  I have had system mechanic installed for several years and have never had any problem with it.  



#6 shelf life

shelf life

  • Malware Response Team
  • 2,651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:01:16 AM

Posted 24 October 2015 - 08:16 AM

Ok it was worth a try anyway. As far as malware goes it all looks ok.

Couple of things to try for troubleshooting. Really unless something jumps out in a log its a question of trying different things to narrow it down.

After each one wait and see if any thing improves before moving on.

 

1) uninstall the netgear network genie and reboot machine. You can log into the router from your web browser, no need for the genie to be installed.

 

2) Try Changing the channel from auto to a set channel

 

3)Have you checked the Dell site for any updated ethernet adapters?

 

4)Is this computer all the logs are from connected wirelessly to your router or wired?

   If its wireless can you try using a etherent cable from the computer to the router?

 

5) Do you think its the router firmware update? Reset Router without updating firmware.

 

6) By-pass router and connect modem cable directly to ethernet adapter on a computer.

 


How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users