Jump to content

Malware detected

leeh

By leeh
in Resolved Malware Removal Logs

 Share

Recommended Posts

  • Replies 81
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

leeh

leeh

Posted
  • Author
Posted

Hello Gringo,

 

I think it's getting close to 24 hours now.  I have been using the emails and internet today to test the computer and apart from one restart where I got the limited connectivity message all has gone well.  I restarted the laptop without rebooting the router and it connected ok that time.

 

I have purchased the pro version of Malwarebytes!

 

Lee

Link to post
Share on other sites
leeh

leeh

Posted
  • Author
Posted

To expand on my last post, I have a printer connected directly to the router, then my phone connected to the wireless network as well as my husband's ipad and his phone.  I dragged an old laptop out when this one crashed and I had to download tools through it, and it's connected to the wireless internet as well. 

 

I am very happy to have my laptop up and running again without losing any of my data.  I want to thank you so much once again for your help with this over the last week.

 

Lee

Link to post
Share on other sites
  • Staff
gringo_pr

gringo_pr

Posted
  • Staff
Posted

Hello

Lets run this and see if it will shed some light

Please download http://www.bleepingcomputer.com/download/minitoolbox/dl/65/ MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

Flush DNS

Report IE Proxy Settings

Reset IE Proxy Settings

Report FF Proxy Settings

Reset FF Proxy Settings

List content of Hosts

List IP configuration

List Winsock Entries

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Link to post
Share on other sites
leeh

leeh

Posted
  • Author
Posted

Hi Gringo,

 

Here we go ...

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Brize (administrator) on 10-08-2013 at 11:54:48
Running from "C:\Users\Brize\Downloads"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Atheros AR5007 802.11b/g WiFi Adapter = Wireless Network Connection (Connected)
Realtek RTL8102E/8103E Family PCI-E FE NIC = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Local Area Connection" address=192.168.1.5


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : BRIZE-LAPTOP
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR5007 802.11b/g WiFi Adapter
   Physical Address. . . . . . . . . : 00-24-2B-18-98-F5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::e1f3:f614:8a01:b573%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, 9 August 2013 2:17:44 PM
   Lease Expires . . . . . . . . . . : Sunday, 11 August 2013 8:47:20 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234890283
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-2C-A8-14-00-24-2B-18-98-F5
   DNS Servers . . . . . . . . . . . : 202.93.103.19
                                       202.93.104.19
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8102E/8103E Family PCI-E FE NIC
   Physical Address. . . . . . . . . : 00-1F-16-6A-D7-48
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{83EF0CD4-F863-45CB-AC5E-1EB80E82BB04}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{8C7E7665-25E1-45F8-827D-BD2B4630227D}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:475:2b19:3f57:fe9b(Preferred)
   Link-local IPv6 Address . . . . . : fe80::475:2b19:3f57:fe9b%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  ns6.dsl.net.au
Address:  202.93.103.19

Name:    google.com
Addresses:  2404:6800:4006:802::1000
      210.8.185.151
      210.8.185.155
      210.8.185.157
      210.8.185.158
      210.8.185.162
      210.8.185.166
      210.8.185.170
      210.8.185.172
      210.8.185.173
      210.8.185.177
      210.8.185.181
      210.8.185.185
      210.8.185.187
      210.8.185.143
      210.8.185.147



Pinging google.com [210.8.185.147] with 32 bytes of data:

Reply from 210.8.185.147: bytes=32 time=28ms TTL=57

Reply from 210.8.185.147: bytes=32 time=28ms TTL=57



Ping statistics for 210.8.185.147:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 28ms, Maximum = 28ms, Average = 28ms

Server:  ns6.dsl.net.au
Address:  202.93.103.19

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=240ms TTL=46

Reply from 98.138.253.109: bytes=32 time=241ms TTL=46



Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 240ms, Maximum = 241ms, Average = 240ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=12ms TTL=128

Reply from 127.0.0.1: bytes=32 time=3ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 3ms, Maximum = 12ms, Average = 7ms

===========================================================================
Interface List
 11 ...00 24 2b 18 98 f5 ...... Atheros AR5007 802.11b/g WiFi Adapter
 10 ...00 1f 16 6a d7 48 ...... Realtek RTL8102E/8103E Family PCI-E FE NIC
  1 ........................... Software Loopback Interface 1
 16 ...00 00 00 00 00 00 00 e0  isatap.{83EF0CD4-F863-45CB-AC5E-1EB80E82BB04}
 14 ...00 00 00 00 00 00 00 e0  isatap.{8C7E7665-25E1-45F8-827D-BD2B4630227D}
 12 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 13 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.100     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.100    281
    192.168.1.100  255.255.255.255         On-link     192.168.1.100    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.100    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.100    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.100    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     18 2001::/32                On-link
 13    266 2001:0:4137:9e76:475:2b19:3f57:fe9b/128
                                    On-link
 11    281 fe80::/64                On-link
 13    266 fe80::/64                On-link
 13    266 fe80::475:2b19:3f57:fe9b/128
                                    On-link
 11    281 fe80::e1f3:f614:8a01:b573/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    266 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

**** End of log ****
 

Link to post
Share on other sites
leeh

leeh

Posted
  • Author
Posted

Thank you gringo and good morning,

 

I restarted the computer after running the mini tool box and the internet connected successfully.  I left it overnight and restarted twice this morning and both times was the same limited connection error and having to reboot the router.

 

Lee

Link to post
Share on other sites
leeh

leeh

Posted
  • Author
Posted

Good morning Gringo,

 

The laptop restarted during the night after automatic updates were installed, and the internet is on without any error messages of limited connectivity! 

 

I think you have solved the problem with resetting the network adapter!

 

Thank you so much once again for taking all this time to help me get things up and running properly, your help has been invaluable. 

 

Lee

Link to post
Share on other sites
leeh

leeh

Posted
  • Author
Posted

Good morning again Gringo,

I spoke too soon :-(

This morning I woke to find the laptop had restarted during the night, seems more Windows updates were installed. Had the limited connectivity message again with the internet.

I also had a message that said "failed to connect to a windows service - system event notification service centre etc".

I looked art the update log and a lot have failed beside them.

I did a restart - took forever to shut down - and the internet has connected this time. I had messages from winpatrol that three programs were no longer on the startup menu - trust defender (which comes with my banking) my backup drive, and lastly protege whatever that is.

I wonder what has happened?

Lee

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.