Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Able to ping internet addresses, but unable to access websites


  • Please log in to reply
9 replies to this topic

#1 BBdude

BBdude

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:02 PM

Posted 17 November 2015 - 01:30 PM

Good Afternoon,

 

Hope you're doing well.  I originally had a DNS-based virus that I believe is now removed based on efforts of your other members here.  

 

Currently, I can ping websites via the Command Prompt, but unable to pull up webpages like google, cnn, etc.  Your other members directed me here per the link above as it was determined to be a networking issue.  When running Mini Toolbox I received the same error four times, which is that the ipconfig.exe application was unable to start correctly. The program otherwise completed and I posted the results in the attached.

 

Please note all my other devices (2 laptops, 3 phones, and 1 tablet) are connected wirelessly to the router without issue.

 

Make and model of computer - ASUS Laptop running Windows 7
How the computer is connected (wireless or wired) - Wireless
Make and model of Router - Verizon supplied router
Approximate Distance From the router the PC is if its a wireless connection - 20 feet
What type of internet you have (Dsl, Cable, T-1,etc..) - FIOS

Attached Files

  • Attached File  MTB.txt   29.73KB   7 downloads


BC AdBot (Login to Remove)

 


#2 BBdude

BBdude
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:02 PM

Posted 20 November 2015 - 10:14 AM

Bump.  Anyone?



#3 shelf life

shelf life

  • Malware Response Team
  • 2,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:10:02 PM

Posted 20 November 2015 - 02:21 PM

Have you tried typing a ip directly into your browser, for example: 64.233.163.104 which is a google ip?

 


How Can I Reduce My Risk to Malware?


#4 Nikhil_CV

Nikhil_CV

    Vestibulum Bleep


  • Members
  • 1,145 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:err: Destination unreachable! bash!
  • Local time:08:32 AM

Posted 21 November 2015 - 03:56 AM

Hi,
 
Have you tried nslookup? Try in elevated command prompt window

nslookup www.yahoo.com >%userprofile%\desktop\yahoo.txt
nslookup www.cnn.com >%userprofile%\desktop\cnn.txt
nslookup www.google.com >%userprofile%\desktop\google.txt
sfc /verifyonly
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >sfcdetails.txt 

 
Please re-run MTB and post the fresh log with choosing 'Select all' check box.
4 text files will be created on desktop with names yahoo, cnn, google, sfcdetails.
Please post back your log and results (copy-paste everything, DO NOT attach).


Edited by Nikhil_CV, 21 November 2015 - 04:17 AM.

Regards : CV                                                                                                    There is no ONE TOUCH key to security!
                                                                                                                                       Be alert and vigilant....!
                                                                                                                                  Always have a Backup Plan!!! Because human idiotism doesn't have a cure! Stop highlighting!
                                                     Questions are to be asked, it helps you, me and others.  Knowledge is power, only when its shared to others.            :radioactive: signature contents © cv and Someone....... :wink:

#5 BBdude

BBdude
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:02 PM

Posted 22 November 2015 - 06:48 AM

Have you tried typing a ip directly into your browser, for example: 64.233.163.104 which is a google ip?

 

Yes, but no dice.

 

Hi,
 
Have you tried nslookup? Try in elevated command prompt window

nslookup www.yahoo.com >%userprofile%\desktop\yahoo.txt
nslookup www.cnn.com >%userprofile%\desktop\cnn.txt
nslookup www.google.com >%userprofile%\desktop\google.txt
sfc /verifyonly
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >sfcdetails.txt 

 
Please re-run MTB and post the fresh log with choosing 'Select all' check box.
4 text files will be created on desktop with names yahoo, cnn, google, sfcdetails.
Please post back your log and results (copy-paste everything, DO NOT attach).

 

See logs below.

 

 

MiniToolBox by Farbar  Version: 02-11-2015

Ran by Debbie (administrator) on 21-11-2015 at 19:24:45
Running from "C:\Users\Debbie\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: K54L Manufacturer: ASUSTeK Computer Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
The following helper DLL cannot be loaded: NETIOHLP.DLL.
The following helper DLL cannot be loaded: NSHIPSEC.DLL.
The following command was not found: int ip dump.
Ping request could not find host google.com. Please check the name and try again.
Ping request could not find host yahoo.com. Please check the name and try again.
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...02 d8 19 86 a2 5c ......Microsoft Virtual WiFi Miniport Adapter
 12...60 d8 19 86 a2 5c ......Atheros AR9285 Wireless Network Adapter
 11...54 04 a6 23 74 99 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.11     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.11    281
     192.168.1.11  255.255.255.255         On-link      192.168.1.11    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.11    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.11    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.11    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (11/21/2015 07:22:57 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (11/21/2015 07:22:57 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/21/2015 07:19:28 PM) (Source: Application Error) (User: )
Description: Faulting application name: LiveUpdate.exe, version: 3.0.6.0, time stamp: 0x4e5dd2c8
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19045, time stamp: 0x56258f05
Exception code: 0xe0434f4d
Fault offset: 0x0000c42d
Faulting process id: 0x%9
Faulting application start time: 0xLiveUpdate.exe0
Faulting application path: LiveUpdate.exe1
Faulting module path: LiveUpdate.exe2
Report Id: LiveUpdate.exe3
 
Error: (11/13/2015 03:52:52 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (11/13/2015 03:52:52 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/13/2015 03:49:33 PM) (Source: Application Error) (User: )
Description: Faulting application name: LiveUpdate.exe, version: 3.0.6.0, time stamp: 0x4e5dd2c8
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19045, time stamp: 0x56258f05
Exception code: 0xe0434f4d
Fault offset: 0x0000c42d
Faulting process id: 0x%9
Faulting application start time: 0xLiveUpdate.exe0
Faulting application path: LiveUpdate.exe1
Faulting module path: LiveUpdate.exe2
Report Id: LiveUpdate.exe3
 
Error: (11/13/2015 03:33:35 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (11/13/2015 03:33:35 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/13/2015 03:30:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: LiveUpdate.exe, version: 3.0.6.0, time stamp: 0x4e5dd2c8
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19045, time stamp: 0x56258f05
Exception code: 0xe0434f4d
Fault offset: 0x0000c42d
Faulting process id: 0x%9
Faulting application start time: 0xLiveUpdate.exe0
Faulting application path: LiveUpdate.exe1
Faulting module path: LiveUpdate.exe2
Report Id: LiveUpdate.exe3
 
Error: (11/13/2015 03:05:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: LiveUpdate.exe, version: 3.0.6.0, time stamp: 0x4e5dd2c8
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19018, time stamp: 0x5609fed4
Exception code: 0xe0434f4d
Fault offset: 0x0000c42d
Faulting process id: 0x%9
Faulting application start time: 0xLiveUpdate.exe0
Faulting application path: LiveUpdate.exe1
Faulting module path: LiveUpdate.exe2
Report Id: LiveUpdate.exe3
 
 
System errors:
=============
Error: (11/21/2015 07:19:26 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Management and Security Application User Notification Service service depends on the Intel® Management and Security Application Local Management Service service which failed to start because of the following error: 
%%1053
 
Error: (11/21/2015 07:19:26 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Management and Security Application Local Management Service service failed to start due to the following error: 
%%1053
 
Error: (11/21/2015 07:19:26 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® Management and Security Application Local Management Service service to connect.
 
Error: (11/21/2015 07:19:18 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Management and Security Application Local Management Service service failed to start due to the following error: 
%%1053
 
Error: (11/21/2015 07:19:18 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® Management and Security Application Local Management Service service to connect.
 
Error: (11/13/2015 03:58:28 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
 
Error: (11/13/2015 03:51:02 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Management and Security Application User Notification Service service depends on the Intel® Management and Security Application Local Management Service service which failed to start because of the following error: 
%%1053
 
Error: (11/13/2015 03:51:02 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Management and Security Application Local Management Service service failed to start due to the following error: 
%%1053
 
Error: (11/13/2015 03:51:02 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® Management and Security Application Local Management Service service to connect.
 
Error: (11/13/2015 03:51:01 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Management and Security Application Local Management Service service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (11/21/2015 07:22:57 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (11/21/2015 07:22:57 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (11/21/2015 07:19:28 PM) (Source: Application Error)(User: )
Description: LiveUpdate.exe3.0.6.04e5dd2c8KERNELBASE.dll6.1.7601.1904556258f05e0434f4d0000c42d
 
Error: (11/13/2015 03:52:52 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (11/13/2015 03:52:52 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (11/13/2015 03:49:33 PM) (Source: Application Error)(User: )
Description: LiveUpdate.exe3.0.6.04e5dd2c8KERNELBASE.dll6.1.7601.1904556258f05e0434f4d0000c42d
 
Error: (11/13/2015 03:33:35 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (11/13/2015 03:33:35 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (11/13/2015 03:30:49 PM) (Source: Application Error)(User: )
Description: LiveUpdate.exe3.0.6.04e5dd2c8KERNELBASE.dll6.1.7601.1904556258f05e0434f4d0000c42d
 
Error: (11/13/2015 03:05:13 PM) (Source: Application Error)(User: )
Description: LiveUpdate.exe3.0.6.04e5dd2c8KERNELBASE.dll6.1.7601.190185609fed4e0434f4d0000c42d
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-08-19 16:12:23.469
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-19 16:12:23.282
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-19 16:11:48.491
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-19 16:11:48.325
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-19 16:11:30.077
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-19 16:11:29.886
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-19 16:11:29.441
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-19 16:11:29.251
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-19 16:11:28.729
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-19 16:11:28.538
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{77588F59-3C58-4675-8EEE-998E5BC33CF4}) (Version: 1.4 - Eyeo GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader (HKLM-x32\...\{4555BB9E-E715-4260-A178-E8EFD2B653E3}) (Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.25 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.6 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.44 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.)
ASUS_Screensaver (HKLM-x32\...\ASUS_Screensaver) (Version:  - )
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
ExamView Assessment Suite (HKLM-x32\...\ExamView Pro) (Version:  - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MindPoint Quiz Show SE (HKLM-x32\...\MindPoint Quiz Show SE) (Version:  - )
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6410 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
WordPerfect Office 12 (HKLM-x32\...\{AF19F291-F22F-4798-9662-525305AE9E48}) (Version: 12.01 - Corel Corporation)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
 
========================= Devices: ================================
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 54%
Total physical RAM: 4000.13 MB
Available physical RAM: 1817.39 MB
Total Virtual: 7998.46 MB
Available Virtual: 5992.18 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:119.24 GB) (Free:48.12 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:153.85 GB) (Free:0.02 GB) NTFS
4 Drive f: () (Removable) (Total:1.87 GB) (Free:1.87 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\DEBBIE-PC
 
Administrator            Debbie                   Guest                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
01-11-2015 11:56:50 Restore Operation
01-11-2015 13:06:30 Windows Update
01-11-2015 13:21:37 Removed ASUS Splendid Video Enhancement Technology
06-11-2015 11:06:26 Windows Backup
06-11-2015 11:35:33 Restore Point Created by FRST
06-11-2015 11:41:48 zoek.exe restore point
07-11-2015 16:03:46 Windows Update
12-11-2015 03:02:59 Restore Point Created by FRST
13-11-2015 13:32:25 Windows Backup
13-11-2015 13:34:55 Restore Operation
13-11-2015 19:40:06 Windows Backup
13-11-2015 19:45:50 Windows Update
13-11-2015 19:50:35 Windows Update
13-11-2015 20:09:52 Windows Update
13-11-2015 20:32:51 Windows Update
 
**** End of log ****
 

 

 

Server:  Wireless_Broadband_Router.home

Address:  192.168.1.1
 
Name:    turner.map.fastly.net
Address:  199.27.76.73
Aliases:  www.cnn.com
 

 

 

Server:  Wireless_Broadband_Router.home

Address:  192.168.1.1
 
Name:    www.google.com
Addresses:  2607:f8b0:4004:808::1010
 63.88.73.54
 63.88.73.57
 63.88.73.55
 63.88.73.58
 63.88.73.52
 63.88.73.56
 63.88.73.53
 63.88.73.59
 

 

 

Server:  Wireless_Broadband_Router.home

Address:  192.168.1.1
 
Name:    fd-fp3.wg1.b.yahoo.com
Addresses:  2001:4998:58:c02::a9
 98.139.180.149
 98.139.183.24
Aliases:  www.yahoo.com
 


#6 BBdude

BBdude
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:02 PM

Posted 22 November 2015 - 06:52 AM

The CBS log created is 38MB.  Too large to attach or past here.  Thoughts?



#7 shelf life

shelf life

  • Malware Response Team
  • 2,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:10:02 PM

Posted 22 November 2015 - 08:35 PM

Have you tried booting into safe mode (with networking) to see if you could get to a website?


How Can I Reduce My Risk to Malware?


#8 BBdude

BBdude
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:02 PM

Posted 23 November 2015 - 08:02 AM

Have you tried booting into safe mode (with networking) to see if you could get to a website?

 

I did try, but no dice.  I ended up accepting Windows 10 upgrade.  For some reason I could still get updates.  After the windows 10 upgrade everything is working fine.  Weird.  I think the ipconfig.exe and nslookup.exe files were corrupt.



#9 shelf life

shelf life

  • Malware Response Team
  • 2,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:10:02 PM

Posted 23 November 2015 - 05:12 PM

Ok. good. It is weird to suddenly start working again like that?


How Can I Reduce My Risk to Malware?


#10 Nikhil_CV

Nikhil_CV

    Vestibulum Bleep


  • Members
  • 1,145 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:err: Destination unreachable! bash!
  • Local time:08:32 AM

Posted 30 November 2015 - 11:08 PM

It may be because some files related to network (dll file) were corrupted or missing, which got cleared by installing Win10.

 

From MTB log:

The following helper DLL cannot be loaded: NETIOHLP.DLL.
The following helper DLL cannot be loaded: NSHIPSEC.DLL.
The following command was not found: int ip dump.

Issue may be back once you revert back to Win7.


Regards : CV                                                                                                    There is no ONE TOUCH key to security!
                                                                                                                                       Be alert and vigilant....!
                                                                                                                                  Always have a Backup Plan!!! Because human idiotism doesn't have a cure! Stop highlighting!
                                                     Questions are to be asked, it helps you, me and others.  Knowledge is power, only when its shared to others.            :radioactive: signature contents © cv and Someone....... :wink:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users