Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

too much time try to solve ''DNS_PROBE_FINISHED_NXDOMAIN'' by my own


  • Please log in to reply
3 replies to this topic

#1 LoonieBBQ

LoonieBBQ

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 21 July 2016 - 12:00 PM

I Cannot use internet
 
Problem: Chrome, Explorer and Firefox: when typing websites adresses: DNS_PROBE_FINISHED_NXDOMAIN
 
Can't tell if the problem is hardware, software, virus or malaware.
 
As this is my first Post: My guess is you will ask what is my system:
 
Win 7 pro 64 bit service pack 1
thinkpad sl510
intel core 2 duo 2 x 2 ghz
4 gig ram

 
Best thanks
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-07-2016
Ran by user (administrator) on SL510 (21-07-2016 12:05:05)
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available Profiles: user & David & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Microsoft Corporation) C:\Windows\System32\mstsc.exe
(Farbar) C:\Users\user\Desktop\1 FRST64.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2818482519-57908050-4022146778-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2818482519-57908050-4022146778-1000\...\MountPoints2: E - E:\SecureDrive.exe
HKU\S-1-5-21-2818482519-57908050-4022146778-1000\...\MountPoints2: {833b0be8-4627-11e3-a7e8-904ce5e3865f} - E:\SecureDrive.exe
HKU\S-1-5-21-2818482519-57908050-4022146778-1000\...\MountPoints2: {a9db8370-31d7-11e3-8bca-806e6f6e6963} - Q:\LenovoQDrive.exe
Lsa: [Notification Packages] scecli ACGina
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.171.122
Tcpip\..\Interfaces\{01D02DFF-0CDB-4034-9C53-276A653A29F1}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{2AED2869-20BE-4616-85E4-B8BC790C7DDC}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2AED2869-20BE-4616-85E4-B8BC790C7DDC}: [DhcpNameServer] 192.168.1.254 75.153.171.122
Tcpip\..\Interfaces\{F034F8E0-18CF-4888-A13D-5A79DAA94C3A}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{F034F8E0-18CF-4888-A13D-5A79DAA94C3A}: [DhcpNameServer] 192.168.5.5
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2818482519-57908050-4022146778-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2818482519-57908050-4022146778-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
HKU\S-1-5-21-2818482519-57908050-4022146778-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-2818482519-57908050-4022146778-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-2818482519-57908050-4022146778-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> {A7C65DFE-0069-4074-B7BE-07C2C8EBE991} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox;
SearchScopes: HKLM-x32 -> {1198636E-8ECB-4574-8615-F2BA9BC92F9D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox;
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-11-22] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-16] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-18] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-17] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-11-22] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-16] (Kaspersky Lab ZAO)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-18] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-17] (Kaspersky Lab ZAO)
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-26] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-12-16] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-12-16] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-12-16] [not signed]
 
Chrome: 
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-10]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-10]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-10]
CHR Extension: (Recherche Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (URL Advisor) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-05-26]
CHR Extension: (Éditeur Office pour Docs, Sheets et Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2015-03-16]
CHR Extension: (Bookmark Manager) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-06]
CHR Extension: (Visionneuse Google Documents PDF/PowerPoint (par Google)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2014-08-27]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-10-14]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-14] (Kaspersky Lab ZAO)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S2 LanmanServer; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S2 LanmanServer; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-11-20] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1019904 2009-08-28] (Lenovo Group Limited) [File not signed]
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-07-06] (Lenovo Group Limited)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2013-11-20] (Intel® Corporation)
S2 RoxLiveShare10; "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 blackberryncm; C:\Windows\System32\DRIVERS\blackberryncm6_AMD64.sys [24576 2014-02-20] (BlackBerry) [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-11-22] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-21] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-21] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-14] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-14] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2013-12-18] (Kaspersky Lab ZAO)
S3 netw5v64; C:\Windows\System32\DRIVERS\netw5v64.sys [5435904 2009-05-13] (Intel Corporation) [File not signed]
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-05-07] (Research in Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 TGBMPEnum; C:\Windows\System32\DRIVERS\TGBMPEnum.sys [40624 2012-02-13] (TheGreenBow)
S3 TGBVPNVirtM; C:\Windows\System32\DRIVERS\TGBVPNVirtM.sys [140464 2012-02-13] (TheGreenBow)
R1 TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [13104 2009-08-23] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 PCDSRVC{127174DC-C366ED8B-06000000}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X]
S0 pxfvd; System32\drivers\rckqk.sys [X]
S2 regi; \??\C:\Windows\system32\drivers\regi.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-21 15:52 - 2016-07-21 12:05 - 00000000 ____D C:\FRST
2016-07-21 12:05 - 2016-07-21 12:05 - 00017279 _____ C:\Users\user\Desktop\FRST.txt
2016-07-20 16:45 - 2016-07-20 16:45 - 00000000 ____D C:\Users\user\Desktop\Retrouver DNS
2016-07-20 16:45 - 2016-07-20 16:43 - 02393600 _____ (Farbar) C:\Users\user\Desktop\1 FRST64.exe
2016-07-20 16:32 - 2016-07-20 16:32 - 00000181 _____ C:\Windows\WININIT.INI
2016-07-20 16:31 - 2016-07-20 16:31 - 00000000 ____D C:\Users\user\AppData\Roaming\Roxio Log Files
2016-07-20 16:12 - 2016-07-20 16:07 - 164627480 _____ (Kaspersky Lab) C:\Users\user\Desktop\kav16.0.1.445abcen_10302.exe
2016-07-14 04:47 - 2016-07-14 07:17 - 00000000 ____D C:\Users\user\Desktop\Juillet 2016
2016-06-29 09:36 - 2016-07-14 13:04 - 00000000 ____D C:\Users\user\Desktop\TCC
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-21 12:03 - 2013-10-10 14:56 - 00765200 _____ C:\Windows\system32\perfh00C.dat
2016-07-21 12:03 - 2013-10-10 14:56 - 00156186 _____ C:\Windows\system32\perfc00C.dat
2016-07-21 12:03 - 2009-07-14 01:13 - 01706370 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-21 12:03 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-07-21 12:00 - 2013-11-22 10:50 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-07-21 11:59 - 2016-01-03 10:22 - 00008770 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-21 11:59 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-21 11:45 - 2009-07-14 00:45 - 00025408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-21 11:45 - 2009-07-14 00:45 - 00025408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-20 17:07 - 2009-07-14 00:45 - 00345344 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-20 17:06 - 2013-12-12 11:09 - 00000000 ____D C:\Program Files\Google
2016-07-20 17:06 - 2013-12-12 11:08 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-20 16:47 - 2013-10-11 08:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-07-20 16:44 - 2013-10-10 13:30 - 00087352 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-20 16:32 - 2013-10-10 14:29 - 00000000 ____D C:\ProgramData\Roxio
2016-07-20 16:32 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-07-20 16:31 - 2013-10-21 13:36 - 00000000 ____D C:\Program Files (x86)\SketchUp
2016-07-20 16:30 - 2015-02-25 20:35 - 00000000 ____D C:\Users\user\AppData\LocalLow\Unity
2016-07-20 16:30 - 2015-02-25 20:35 - 00000000 ____D C:\Users\user\AppData\Local\Unity
2016-07-20 16:30 - 2013-12-12 11:08 - 00000000 ____D C:\Users\user\AppData\Local\Google
2016-07-20 16:29 - 2015-03-11 15:48 - 00000000 ____D C:\Users\user\AppData\Roaming\Foxit Software
2016-07-20 16:29 - 2014-02-14 12:59 - 00000000 ____D C:\Users\user\AppData\Roaming\Dropbox
2016-07-20 16:28 - 2014-01-06 15:48 - 00000000 ____D C:\ProgramData\Skype
2016-07-20 16:17 - 2013-10-11 07:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-07-20 16:16 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Help
2016-07-20 16:14 - 2014-01-06 11:39 - 00000000 ____D C:\Users\user\AppData\Roaming\TeamViewer
2016-07-20 16:14 - 2013-12-20 17:31 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-07-20 16:12 - 2014-01-18 15:06 - 00000000 ____D C:\Program Files (x86)\Getting Things Done
2016-07-20 15:51 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-20 10:47 - 2014-01-06 15:48 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype
2016-07-18 10:51 - 2014-02-16 21:58 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2016-07-15 14:14 - 2013-10-15 11:03 - 00000000 ____D C:\Users\user\Documents\Fichiers Outlook
2016-07-14 13:05 - 2014-02-14 13:00 - 00000000 ___RD C:\Users\user\Dropbox
 
==================== Files in the root of some directories =======
 
2014-10-15 17:12 - 2014-10-15 17:12 - 0022209 _____ () C:\Users\user\AppData\Roaming\Valeurs séparées par une virgule (DOS).ADR
2014-11-27 17:29 - 2015-03-06 16:33 - 0004608 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-27 11:11 - 2016-05-12 14:25 - 0007617 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg
2014-12-24 10:06 - 2014-12-24 10:06 - 0000000 _____ () C:\Users\user\AppData\Local\{ECECE64F-A9A3-4E63-B22C-B75E709B9D89}
 
Some files in TEMP:
====================
C:\Users\user\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5vnqax.dll
C:\Users\user\AppData\Local\Temp\FoxitUpdater.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-05 12:44
 
==================== End of FRST.txt ============================
 

Edited by LoonieBBQ, 21 July 2016 - 04:35 PM.


BC AdBot (Login to Remove)

 


#2 LoonieBBQ

LoonieBBQ
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 21 July 2016 - 12:22 PM

Also:

I can use wifi to connect to my vpn

then I can use my Terminal server loggin to work on my distant server.

 

So I can access something outside the computer.

 

But no internet, no updates of antivirus etc..

 

Are those details important!

 

Thanks!



#3 LoonieBBQ

LoonieBBQ
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 29 July 2016 - 09:15 AM

Since I Got no news from the Web Planet, I decided afther testing all means possibles, to start fresh with a new ssd drive and windows 10 installed. Now everything words pretty good! We will finally never know what was the problem.

 

Thanks anyway!

 

Bye

 

LoonieBBQ

 

Please close this topic as I can't do following on my previous problems.



#4 Trikein

Trikein

  • Members
  • 1,321 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rhode Island, US
  • Local time:06:50 PM

Posted 29 July 2016 - 10:37 AM

Just in case anyone is effected by this, or it comes back, my guess is:

 

If it just effected Chrome, I would blame the proxy plugin below, which looks like Vielduck.

CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa

 

If all browsers, I would think it had something to do with trying to use OpenDNS on your router, but GoogleDNS as static DNS on your computer. 

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.171.122

Tcpip\..\Interfaces\{01D02DFF-0CDB-4034-9C53-276A653A29F1}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{2AED2869-20BE-4616-85E4-B8BC790C7DDC}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2AED2869-20BE-4616-85E4-B8BC790C7DDC}: [DhcpNameServer] 192.168.1.254 75.153.171.122
Tcpip\..\Interfaces\{F034F8E0-18CF-4888-A13D-5A79DAA94C3A}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{F034F8E0-18CF-4888-A13D-5A79DAA94C3A}: [DhcpNameServer] 192.168.5.5


Edited by Trikein, 29 July 2016 - 10:38 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users