Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Says not connected but am. Please review minitoolbox


  • Please log in to reply
1 reply to this topic

#1 palaceman

palaceman

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 27 April 2016 - 10:48 AM

I had both a PC and laptop die on the same day after battling malware.  That was suspiscious enough but my new laptop is showing the same sympton.  It says that I am not connected to the Internet when I am.  This is worrisome because as I mentioned, that is what my dead PC was saying.  I suspect the reason is because I am actually connecting to a hacker's Internet connection or something.  Also, I just ran Rogue Killer and it removed a Master Boot Record registry malware.  That was the 2nd time that has happened in a few months.

 

I am a marketing guy; not a tech guy so I came here for help.  Nasdaq recommend I run minitoolbox and post the findings here in Networking.  Thank you in advance for your help.  Here's the report findings.

 

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by Owner (administrator) on 27-04-2016 at 11:38:59
Running from "C:\Users\Owner\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X86)
Model: Latitude E5410 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
127.0.0.1       localhost
========================= IP Configuration: ================================
 
Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection (Connected)
DW1520 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Hardware not present)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : MININT-IPM9K5V
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.mi.comcast.net
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : hsd1.mi.comcast.net
   Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller
   Physical Address. . . . . . . . . : 78-2B-CB-CB-E6-9D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:40a:8102:7432::209a(Preferred) 
   Lease Obtained. . . . . . . . . . : Wednesday, April 27, 2016 11:29:39 AM
   Lease Expires . . . . . . . . . . : Wednesday, May 04, 2016 10:24:54 AM
   IPv6 Address. . . . . . . . . . . : 2601:40a:8102:7432:50a4:fe37:b68b:decc(Preferred) 
   Temporary IPv6 Address. . . . . . : 2601:40a:8102:7432:9547:2b34:831d:3f01(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::50a4:fe37:b68b:decc%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.131(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, April 27, 2016 11:29:38 AM
   Lease Expires . . . . . . . . . . : Wednesday, May 04, 2016 11:37:41 AM
   Default Gateway . . . . . . . . . : fe80::1286:8cff:fedc:4e2%11
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 250629538
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-79-14-4E-78-2B-CB-CB-E6-9D
   DNS Servers . . . . . . . . . . . : 2001:558:feed::2
                                       2001:558:feed::1
                                       75.75.76.76
                                       75.75.75.75
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.hsd1.mi.comcast.net:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.mi.comcast.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  2001:558:feed::2
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
 
Pinging google.com [216.58.192.174] with 32 bytes of data:
Reply from 216.58.192.174: bytes=32 time=25ms TTL=54
Reply from 216.58.192.174: bytes=32 time=23ms TTL=54
 
Ping statistics for 216.58.192.174:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 23ms, Maximum = 25ms, Average = 24ms
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  2001:558:feed::2
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:44:204::a7
 2001:4998:c:a06::2:4008
 
 
Pinging yahoo.com [2001:4998:c:a06::2:4008] with 32 bytes of data:
Reply from 2001:4998:c:a06::2:4008: time=88ms 
Reply from 2001:4998:c:a06::2:4008: time=87ms 
 
Ping statistics for 2001:4998:c:a06::2:4008:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 87ms, Maximum = 88ms, Average = 87ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...78 2b cb cb e6 9d ......Broadcom NetXtreme 57xx Gigabit Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1       10.0.0.131     10
         10.0.0.0    255.255.255.0         On-link        10.0.0.131    266
       10.0.0.131  255.255.255.255         On-link        10.0.0.131    266
       10.0.0.255  255.255.255.255         On-link        10.0.0.131    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link        10.0.0.131    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link        10.0.0.131    266
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11    266 ::/0                     fe80::1286:8cff:fedc:4e2
  1    306 ::1/128                  On-link
 11     18 2601:40a:8102:7432::/64  On-link
 11    266 2601:40a:8102:7432::209a/128
                                    On-link
 11    266 2601:40a:8102:7432:50a4:fe37:b68b:decc/128
                                    On-link
 11    266 2601:40a:8102:7432:9547:2b34:831d:3f01/128
                                    On-link
 11    266 fe80::/64                On-link
 11    266 fe80::50a4:fe37:b68b:decc/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/27/2016 11:29:40 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/27/2016 11:18:59 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Users\Owner\Downloads\HitmanPro.exe /updated:"C:\Users\Owner\AppData\Local\Temp\HitmanPro.exe"; Description = Checkpoint by HitmanPro; Error = 0x8007043c).
 
Error: (04/27/2016 11:18:27 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Users\Owner\Downloads\HitmanPro.exe /updated:"C:\Users\Owner\AppData\Local\Temp\HitmanPro.exe"; Description = Checkpoint by HitmanPro; Error = 0x8007043c).
 
Error: (04/27/2016 10:49:36 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = ComboFix created restore point; Error = 0x8007043c).
 
Error: (04/27/2016 10:49:36 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007043c, This service cannot be started in Safe Mode
.
 
 
Operation:
   Instantiating VSS server
 
Error: (04/27/2016 10:49:36 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started during Safe Mode.
The Volume Shadow Copy service cannot start while in safe mode. [0x8007043c, This service cannot be started in Safe Mode
]
 
 
Operation:
   Instantiating VSS server
 
Error: (04/27/2016 10:48:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/27/2016 10:23:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/27/2016 09:18:42 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/27/2016 07:04:35 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (04/27/2016 11:34:24 AM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.
 
Error: (04/27/2016 11:29:39 AM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: 
%%1058
 
Error: (04/27/2016 11:29:39 AM) (Source: Service Control Manager) (User: )
Description: The NTRU TSS v1.2.1.29 TCS service depends the following service: TBS. This service might not be installed.
 
Error: (04/27/2016 10:58:11 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (04/27/2016 10:56:00 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (04/27/2016 10:49:58 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (04/27/2016 10:49:36 AM) (Source: DCOM) (User: )
Description: 1084VSS{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 
Error: (04/27/2016 10:46:40 AM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (04/27/2016 10:46:40 AM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (04/27/2016 10:46:37 AM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
 
Microsoft Office Sessions:
=========================
Error: (04/27/2016 11:29:40 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/27/2016 11:18:59 AM) (Source: System Restore)(User: )
Description: C:\Users\Owner\Downloads\HitmanPro.exe /updated:"C:\Users\Owner\AppData\Local\Temp\HitmanPro.exe"Checkpoint by HitmanPro0x8007043c
 
Error: (04/27/2016 11:18:27 AM) (Source: System Restore)(User: )
Description: C:\Users\Owner\Downloads\HitmanPro.exe /updated:"C:\Users\Owner\AppData\Local\Temp\HitmanPro.exe"Checkpoint by HitmanPro0x8007043c
 
Error: (04/27/2016 10:49:36 AM) (Source: System Restore)(User: )
Description: C:\Windows\system32\wbem\wmiprvse.exeComboFix created restore point0x8007043c
 
Error: (04/27/2016 10:49:36 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x8007043c, This service cannot be started in Safe Mode
 
 
Operation:
   Instantiating VSS server
 
Error: (04/27/2016 10:49:36 AM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x8007043c, This service cannot be started in Safe Mode
 
 
Operation:
   Instantiating VSS server
 
Error: (04/27/2016 10:48:00 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/27/2016 10:23:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/27/2016 09:18:42 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/27/2016 07:04:35 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
**** End of log ****

Attached Files

  • Attached File  MTB.txt   16.85KB   0 downloads


BC AdBot (Login to Remove)

 


#2 Sneakycyber

Sneakycyber

    Network Engineer


  • BC Advisor
  • 6,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio
  • Local time:04:28 AM

Posted 28 April 2016 - 02:16 PM

Try Changing your DNS server entry in your network connections to 8.8.4.4. Your dns lookup keeps timing out and it could cause the computer to think it is not connected. 

 

  1. Open the Run box by holding the "Windows Key" and Pressing "R"
  2. type ncpa.cpl
  3. Right click your network connection and select properties.
  4. Select Internet Protocol Version 4 then click the properties button.
  5. Select Use The following DNS server Address
  6. Enter 8.8.4.4 (Google Public) on the first line and 208.67.222.222 (Open DNS) on the second line. 
  7. Run Minitoolbox again selecting ONLY List IP configuration

Chad Mockensturm 

Systems and Network Engineer

Certified CompTia Network +, A +





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users