Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Random Browser dropouts especially on startup & eventviewer proble


  • Please log in to reply

#1
phickspc

phickspc

    Member

  • Member
  • PipPipPip
  • 372 posts

Hi I have several administrative event viewer errors and I've got Network issues.

For at least 5-10minutes after logging in, internet doesn't work (browsers don't load pages, email don't apps emails),

and the system tray network icon shows loading logo, during which I cannot load network adapter or right-click it or else windows explorer freezes.

Also, when I try uninstall network in Device Manager, but then try to refresh it, Device Manager hangs for 5-10mins.

I've already tried uninstalling all security software & real-time scanners.

 

Event Viewer Errors:

3: Session "Microsoft Security Client OOBE" stopped due to the following error: 0xC000000D

1014: Name resolution for the name crl.microsoft.com timed out after none of the configured DNS servers responded.

7011: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AcrSch2Svc service.

10016: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

64: Certificate for local system with Thumbprint 70 04 3c 28 93 39 60 37 92 da 92 8f 73 f5 50 86 60 3f bf 27 is about to expire or already expired.

11: The driver detected a controller error on \Device\CdRom0.

1530: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. 

 DETAIL -
 11 user registry handles leaked from \Registry\User\S-1-5-21-1925592742-456944920-4000667399-1008:
Process 2704 (\Device\HarddiskVolume2\Program Files\Microsoft IntelliPoint\ipoint.exe) has opened key \REGISTRY\USER\S-1-5-21-1925592742-456944920-4000667399-1008
Process 2704 (\Device\HarddiskVolume2\Program Files\Microsoft IntelliPoint\ipoint.exe) has opened key \REGISTRY\USER\S-1-5-21-1925592742-456944920-4000667399-1008\Software\Microsoft\Internet Explorer\Main\FeatureControl
Process 2704 (\Device\HarddiskVolume2\Program Files\Microsoft IntelliPoint\ipoint.exe) has opened key \REGISTRY\USER\S-1-5-21-1925592742-456944920-4000667399-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Process 2704 (\Device\HarddiskVolume2\Program Files\Microsoft IntelliPoint\ipoint.exe) has opened key \REGISTRY\USER\S-1-5-21-1925592742-456944920-4000667399-1008\Software\Microsoft\Windows\CurrentVersion\Explorer
Process 2704 (\Device\HarddiskVolume2\Program Files\Microsoft IntelliPoint\ipoint.exe) has opened key \REGISTRY\USER\S-1-5-21-1925592742-456944920-4000667399-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Process 2704 (\Device\HarddiskVolume2\Program Files\Microsoft IntelliPoint\ipoint.exe) has opened key \REGISTRY\USER\S-1-5-21-1925592742-456944920-4000667399-1008\Software\Microsoft\Internet Explorer\Main
Process 2704 (\Device\HarddiskVolume2\Program Files\Microsoft IntelliPoint\ipoint.exe) has opened key \REGISTRY\USER\S-1-5-21-1925592742-456944920-4000667399-1008\Software\Policies
Process 2704 (\Device\HarddiskVolume2\Program Files\Microsoft IntelliPoint\ipoint.exe) has opened key \REGISTRY\USER\S-1-5-21-1925592742-456944920-4000667399-1008\Software\Microsoft\Windows NT\CurrentVersion
Process 2704 (\Device\HarddiskVolume2\Program Files\Microsoft IntelliPoint\ipoint.exe) has opened key \REGISTRY\USER\S-1-5-21-1925592742-456944920-4000667399-1008\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
Process 2704 (\Device\HarddiskVolume2\Program Files\Microsoft IntelliPoint\ipoint.exe) has opened key \REGISTRY\USER\S-1-5-21-1925592742-456944920-4000667399-1008\Software
Process 2704 (\Device\HarddiskVolume2\Program Files\Microsoft IntelliPoint\ipoint.exe) has opened key \REGISTRY\USER\S-1-5-21-1925592742-456944920-4000667399-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,917 posts
  • MVP

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer Errors
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
 


  • 0

#3
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

MTB Log.

Process Explorer Log.


Edited by phickspc, Today, 08:58 AM.

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,917 posts
  • MVP

Appears your system is trying to use ipv6 and it's not working.  Let's turn it off and see if that helps.

 

Download the attached ipv6.zip file. 

Attached File  ipv6.zip   341bytes   3 downloads

 

Save then right click and Extract All.  Extract.  Right click on ipv6.reg and MERGE.  Ignore any warnings.

 

Reboot and run Minitoolbox again.

 

Shouldn't cause any problems but if for some reason you get knocked off line you can go into regedit, navigate to

HKEY_LOCAL_MACHINE, SYSTEM, CurrentControlSet, services, TCPIP6 and Parameters.  Delete the DisabledComponents entry.


  • 0

#5
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

Merged ipv6 reg key.

Restarted.

Didn't have to delete reg key.

MTB Log v2.


  • 0

#6
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

Additionally, the network status for the adaptor now shows "No network access" under ipv6 Connectivity.


  • 0






Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP