Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot consistently connect to internet - not malware


  • Please log in to reply
16 replies to this topic

#1 bomber1712

bomber1712

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wisconsin, USA
  • Local time:06:43 PM

Posted 09 January 2016 - 05:42 PM

Hello,

 

I am hoping someone can provide some guidance.  I originally started in the "Am I Infected", then went into "Virus, Trojan, Spyware and Malware Removal Logs.  All of the history and links are in the post http://www.bleepingcomputer.com/forums/t/600714/was-here-before-not-fixed/

 

Everyone has been so helpful, but we have not been able to get my issue resolved.

 

Any help here would be greatly appreciated.



BC AdBot (Login to Remove)

 


#2 bomber1712

bomber1712
  • Topic Starter

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wisconsin, USA
  • Local time:06:43 PM

Posted 23 January 2016 - 05:28 PM

I originally posted here on January 9.  No response, so I figure I must have done something wrong.  Reading through the forum sticky, I wanted to update the original post with the requested information.  I was unable to figure out a way to edit the original post, so I am going to bump myself and hope that someone sees this.

 

Make and model of computer - Self Built - Asus Motherboard with Intel Core i5 (750) @ 2.67 GHz, Windows 10 Pro x64 (Upgraded from Win 7 Pro), 12 GB RAM

How the computer is connected (wireless or wired) - Wired

Make and model of Router - ZyXEL PK5001Z 

Approximate Distance From the router the PC is if its a wireless connection - N/A

What type of internet you have (Dsl, Cable, T-1,etc..) - Centurylink DSL @ 10 Mbps (showing 11.776 Mbps in router admin screen)

 

MiniToolBox by Farbar  Version: 02-11-2015
Ran by Bomber (administrator) on 23-01-2016 at 16:16:43
Running from "C:\Users\Bomber\Desktop"
Microsoft Windows 10 Pro  (X64)
Model: System Product Name Manufacturer: System manufacturer
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Intel® 82578DM Gigabit Network Connection = Ethernet (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Basement-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : PK5001Z
 
Ethernet adapter Ethernet:
 
   Connection-specific DNS Suffix  . : PK5001Z
   Description . . . . . . . . . . . : Intel® 82578DM Gigabit Network Connection
   Physical Address. . . . . . . . . : E0-CB-4E-D6-9C-78
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f101:843b:ec8c:8fb7%5(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.85(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, January 23, 2016 10:05:59 AM
   Lease Expires . . . . . . . . . . : Sunday, January 24, 2016 10:05:58 AM
   Default Gateway . . . . . . . . . : 10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 98618190
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-77-A6-C3-E0-CB-4E-D6-9C-78
   DNS Servers . . . . . . . . . . . : 10.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.PK5001Z:
 
   Connection-specific DNS Suffix  . : PK5001Z
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5efe:10.0.0.85%3(Preferred) 
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 150994944
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-77-A6-C3-E0-CB-4E-D6-9C-78
   DNS Servers . . . . . . . . . . . : 10.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:80f:3bc0:3089:2595(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::80f:3bc0:3089:2595%4(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 134217728
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-77-A6-C3-E0-CB-4E-D6-9C-78
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  PK5001Z.PK5001Z
Address:  10.0.0.1
 
Name:    google.com
Address:  216.58.216.238
 
 
Pinging google.com [216.58.216.238] with 32 bytes of data:
Reply from 216.58.216.238: bytes=32 time=37ms TTL=57
Reply from 216.58.216.238: bytes=32 time=36ms TTL=57
 
Ping statistics for 216.58.216.238:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 36ms, Maximum = 37ms, Average = 36ms
Server:  PK5001Z.PK5001Z
Address:  10.0.0.1
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=67ms TTL=52
Reply from 98.139.183.24: bytes=32 time=69ms TTL=52
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 67ms, Maximum = 69ms, Average = 68ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  5...e0 cb 4e d6 9c 78 ......Intel® 82578DM Gigabit Network Connection
  3...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  1...........................Software Loopback Interface 1
  4...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.85     20
         10.0.0.0    255.255.255.0         On-link         10.0.0.85    276
        10.0.0.85  255.255.255.255         On-link         10.0.0.85    276
       10.0.0.255  255.255.255.255         On-link         10.0.0.85    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link         10.0.0.85    306
  169.254.255.255  255.255.255.255         On-link         10.0.0.85    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.0.85    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.0.85    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  4    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  4    306 2001::/32                On-link
  4    306 2001:0:9d38:90d7:80f:3bc0:3089:2595/128
                                    On-link
  5    276 fe80::/64                On-link
  4    306 fe80::/64                On-link
  3    281 fe80::5efe:10.0.0.85/128 On-link
  4    306 fe80::80f:3bc0:3089:2595/128
                                    On-link
  5    276 fe80::f101:843b:ec8c:8fb7/128
                                    On-link
  1    306 ff00::/8                 On-link
  5    276 ff00::/8                 On-link
  4    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/17/2016 07:41:30 AM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (01/16/2016 09:13:17 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (01/07/2016 09:49:53 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (01/05/2016 06:04:10 PM) (Source: ESENT) (User: )
Description: svchost (1480) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU0015A.log.
 
Error: (01/05/2016 06:01:27 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (01/05/2016 05:52:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15562
 
Error: (01/05/2016 05:52:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15562
 
Error: (01/05/2016 05:52:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/04/2016 06:12:15 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (01/04/2016 06:12:01 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {51d1e56f-a7ec-483a-9e23-2459907da291}
 
 
System errors:
=============
Error: (01/19/2016 06:55:54 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer DESKTOP-3CQLO40
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{CAC65294-64D5-45DB-B4FB-C29C684EC4D5}.
The master browser is stopping or an election is being forced.
 
Error: (01/18/2016 03:51:30 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer DESKTOP-3CQLO40
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{CAC65294-64D5-45DB-B4FB-C29C684EC4D5}.
The master browser is stopping or an election is being forced.
 
Error: (01/18/2016 02:50:24 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer DESKTOP-3CQLO40
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{CAC65294-64D5-45DB-B4FB-C29C684EC4D5}.
The master browser is stopping or an election is being forced.
 
Error: (01/18/2016 01:48:16 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer DESKTOP-3CQLO40
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{CAC65294-64D5-45DB-B4FB-C29C684EC4D5}.
The master browser is stopping or an election is being forced.
 
Error: (01/17/2016 05:31:37 AM) (Source: Service Control Manager) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 
%%1058
 
Error: (01/17/2016 05:30:00 AM) (Source: Service Control Manager) (User: )
Description: The Sync Host_3b1f2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/16/2016 09:14:50 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2 x64 Edition - January 2016 (KB890830).
 
Error: (01/14/2016 09:32:11 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer ALEXSPC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{CAC65294-64D5-45DB-B4FB-C29C684EC4D5}.
The master browser is stopping or an election is being forced.
 
Error: (01/13/2016 01:47:08 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer ALEXSPC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{CAC65294-64D5-45DB-B4FB-C29C684EC4D5}.
The master browser is stopping or an election is being forced.
 
Error: (01/11/2016 07:52:14 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer ALEXSPC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{CAC65294-64D5-45DB-B4FB-C29C684EC4D5}.
The master browser is stopping or an election is being forced.
 
 
Microsoft Office Sessions:
=========================
Error: (01/17/2016 07:41:30 AM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (01/16/2016 09:13:17 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (01/07/2016 09:49:53 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (01/05/2016 06:04:10 PM) (Source: ESENT)(User: )
Description: svchost1480SRUJet: C:\WINDOWS\system32\SRU\SRU0015A.log-1811 (0xfffff8ed)
 
Error: (01/05/2016 06:01:27 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (01/05/2016 05:52:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15562
 
Error: (01/05/2016 05:52:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15562
 
Error: (01/05/2016 05:52:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/04/2016 06:12:15 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (01/04/2016 06:12:01 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {51d1e56f-a7ec-483a-9e23-2459907da291}
 
 
CodeIntegrity Errors:
===================================
  Date: 2016-01-23 16:16:15.008
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-23 16:16:14.999
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-18 18:42:06.688
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-18 18:42:06.619
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-17 05:41:57.771
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-17 05:34:03.396
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-11 15:29:24.766
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-06 20:13:25.291
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-01-05 20:17:31.342
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-05 18:46:38.240
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
=========================== Installed Programs ============================
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.6.0 - SlySoft)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.4.2.0 - Auslogics Labs Pty Ltd)
Blue Coat K9 Web Protection (HKLM\...\Blue Coat K9 Web Protection) (Version: 4.4.268 - Blue Coat Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Duplicate Cleaner Free 3.2.3 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.2.3 - DigitalVolcano Software Ltd)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
Freemake Video Converter version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.1 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Network Connections (HKLM\...\PROSetDX) (Version: 14.6.0.0 - Intel)
Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
LightScribe System Software (HKLM-x32\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{8A03241E-7A3C-401D-B0CE-B3096F50AE6F}) (Version: 1.18.27.10 - LightScribe)
Macrium Reflect Free Edition (HKLM\...\{90DAB387-766E-4815-9E18-5200681CDD22}) (Version: 6.0.753 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 6.0 - Paramount Software (UK) Ltd.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA 3D Vision Controller Driver 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Plex Media Server (HKLM-x32\...\{5ea93dc7-0906-47a6-8033-d26ed443f0a8}) (Version: 0.9.1101 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{ACC30F1F-7964-4B30-891A-BAF642A0D1E1}) (Version: 0.9.1101 - Plex, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 9 Host (HKLM-x32\...\TeamViewer 9 Host) (Version: 9.0.41110 - TeamViewer)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 15%
Total physical RAM: 12246.99 MB
Available physical RAM: 10335.54 MB
Total Virtual: 24534.99 MB
Available Virtual: 22402.33 MB
 
========================= Partitions: =====================================
 
2 Drive c: () (Fixed) (Total:223.03 GB) (Free:155.29 GB) NTFS
3 Drive d: (More Movies) (Fixed) (Total:1863.01 GB) (Free:1033.87 GB) NTFS
6 Drive g: (Extra Storage) (Fixed) (Total:1863.02 GB) (Free:820.9 GB) NTFS
7 Drive h: (User Files) (Fixed) (Total:1863.01 GB) (Free:896.59 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\BASEMENT-PC
 
Administrator            Bomber                   DefaultAccount           
Guest                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
06-01-2016 00:01:25 Restore Operation
16-01-2016 15:13:15 Windows Update
 
**** End of log ****

 



#3 Sneakycyber

Sneakycyber

    Network Engineer


  • BC Advisor
  • 6,104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:07:43 PM

Posted 06 February 2016 - 08:39 PM

Sorry for the delay in getting you some help.

 

I received a message from Oh My! alerting me to your Issue, allow me some time to read over your previous topic and see if I can figure out some things to try.

 

 

Thanks!


Chad Mockensturm 

Systems and Network Engineer

Certified CompTia Network +, A +


#4 bomber1712

bomber1712
  • Topic Starter

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wisconsin, USA
  • Local time:06:43 PM

Posted 07 February 2016 - 09:31 AM

Thanks for checking into this. I really appreciate it.



#5 Sneakycyber

Sneakycyber

    Network Engineer


  • BC Advisor
  • 6,104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:07:43 PM

Posted 07 February 2016 - 10:22 AM

Did this issue start after the upgrade to Windows 10? Did you have any problems on Windows 7?


Chad Mockensturm 

Systems and Network Engineer

Certified CompTia Network +, A +


#6 bomber1712

bomber1712
  • Topic Starter

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wisconsin, USA
  • Local time:06:43 PM

Posted 08 February 2016 - 08:16 AM

To answer your question, directly, I did not have any trouble with Win 7.  To expand a little, I upgraded to Win 10 some time ago.  I don't recall having issues until this started in December.



#7 Sneakycyber

Sneakycyber

    Network Engineer


  • BC Advisor
  • 6,104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:07:43 PM

Posted 08 February 2016 - 07:02 PM

  1.  Create a System Restore Point *This will work for Windows 10 as well*
  2.  Open the Command Prompt as Administrator

            A. Press the Win + X key 

            B. Select Command Prompt Administrator

     

3. Enter the following command. 

netsh int ip reset c:\reset.txt

Reboot the computer and test the internet. 


Chad Mockensturm 

Systems and Network Engineer

Certified CompTia Network +, A +


#8 bomber1712

bomber1712
  • Topic Starter

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wisconsin, USA
  • Local time:06:43 PM

Posted 08 February 2016 - 10:34 PM

Here is what happened when I ran the command:

 

Microsoft Windows [Version 10.0.10586]

© 2015 Microsoft Corporation. All rights reserved.
 
C:\WINDOWS\system32>netsh int ip reset c:\reset.txt
Resetting Global, OK!
Resetting Interface, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Restart the computer to complete this action.
 
 
C:\WINDOWS\system32>
 
The web pages are still struggling to load. I'm not getting any DNS errors, but some pages load quickly and others seem to take forever.  I will keep you posted.

Edited by bomber1712, 08 February 2016 - 11:27 PM.


#9 bomber1712

bomber1712
  • Topic Starter

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wisconsin, USA
  • Local time:06:43 PM

Posted 10 February 2016 - 08:01 AM

I have been using the computer since this last post. It seems to work fine, for a while. I will get some surfing done with no issue. But, then, without reason, I start to get the DNS_PROBE_FINISHED_NO_INTERNET. The pages will continue to attempt to load, and eventually do.

 

My test consist of running a search at Google.com.  I search for random things to assure I am not loading cached pages.  I will "right click>>open in new tab" several of the results.  Then I sit back and watch.  It seems the longer I use the browser and maybe the more tabs I open, the more the computer struggles to load pages.



#10 Sneakycyber

Sneakycyber

    Network Engineer


  • BC Advisor
  • 6,104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:07:43 PM

Posted 11 February 2016 - 09:09 PM

On your ZyXEL modem is the DNS set to your ISP address or to google public dns?


Chad Mockensturm 

Systems and Network Engineer

Certified CompTia Network +, A +


#11 bomber1712

bomber1712
  • Topic Starter

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wisconsin, USA
  • Local time:06:43 PM

Posted 12 February 2016 - 07:22 AM

DNS Address #1:
205.171.3.66
DNS Address #2:
205.171.202.166


#12 Sneakycyber

Sneakycyber

    Network Engineer


  • BC Advisor
  • 6,104 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:07:43 PM

Posted 13 February 2016 - 10:16 AM

I am assuming this is happening in both Google Chrome and Internet explorer 11?

 

I an elevated command prompt enter these commands pressing enter and waiting for the command to complete after each one. 

Ipconfig /flushdns

Ipconfig /registerdns

After Register DNS completes open Event Viewer and navigate to Applications and Services Logs > Microsoft > Windows> DNS Client Events. *Note the log may be disabled* Right click the log and Select Enable in the menu. 

 

Try running Internet Explorer and Google Chrome again. If they give you DNS Probe errors check the event log for errors.


Chad Mockensturm 

Systems and Network Engineer

Certified CompTia Network +, A +


#13 bomber1712

bomber1712
  • Topic Starter

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wisconsin, USA
  • Local time:06:43 PM

Posted 13 February 2016 - 06:06 PM

I ran the commands you suggested.  I really was unsure as to what I was looking for the Event Viewer.  I got there, and there were several entries noted as "Information".  I have events ID's 1001, 1015, 1019, 3006, 3008, 3009, 3010, 3011, 3016, 3018, 3019, and 3020.  A bunch of "information" entries for each.

 

I don't know, but it seems to be working at this point.  I say I don't know, mostly because it seems that pages load quickly at first.  But then, it seems that they load slower and slower.  I have not had any that did NOT load.   

 

One strange thing that has been happening, probably unrelated, is that this machine keeps shutting down, randomly.  I will turn it on, and when I come back (sometimes minutes, sometimes hours), it is off.  Any thoughts?  Do you think these are related?



#14 vcolev

vcolev

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:04:43 PM

Posted 16 February 2016 - 10:59 AM

Maybe Check the Temp of the computer? If its turning off at random times it might be over heating. I did not look at all the old posts so sorry if this was already suggested. Also have you deleted your browsers and reinstalled them? Possible add on running through your browser that can be slowing it down as it collects more info.



#15 bomber1712

bomber1712
  • Topic Starter

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wisconsin, USA
  • Local time:06:43 PM

Posted 16 February 2016 - 10:20 PM

Thanks for the reply.  I think the browsing issue is resolved, for the most part.  I really appreciate your time and patience.  As for the potential overheating, I downloaded "Speedfan", "Open Hardware Manager" and CPUID HWMonitor.  They are all showing my CPU running at 94 to 99 C when the computer is basically idle.  What causes this and what can I do to fix it?


Edited by bomber1712, 17 February 2016 - 10:11 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users