 cannot connect to internet |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Forum Guidelines
Read this topic before posting a log. DO NOT post a ComboFix log unless requested to. Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
  |
 Jun 29 2009, 06:05 PM
Post
#16
|
|
  Group: HJT Team Posts: 6,891 Joined: 10-March 08 Member No.: 195,473  |
Would you consider installing Internet Explorer 8? That would almost certainly repair the problem. With Regards, The Panda -------------------- |
 |
 
|
|
Jun 29 2009, 06:11 PM
Post
#17
|
|
 Member Group: Members Posts: 63 Joined: 1-August 05 Member No.: 29,474 |
Hi PropagandaPanda, I think you read my mind would certainly install ie8 only problem i have with that is i cannot open add/remove programs if it doesn't work... Best regards pacman123 |
|
|
|
|
Jun 29 2009, 06:46 PM
Post
#18
|
|
|
Group: HJT Team Posts: 6,891 Joined: 10-March 08 Member No.: 195,473 |
Hello pacman123 .
Let's install Windows updates. Installing SP2 should replace many of the system files, and possibly repair the control panel issue. Install From Windows Updates Whenever a security problem in its software is found, Microsoft will create a patch for it. After the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malware being installed on your computer.
Take a new DDS.txt log after. With Regards, The Panda -------------------- |
|
|
|
|
Jun 30 2009, 02:58 AM
Post
#19
|
|
|
Member Group: Members Posts: 63 Joined: 1-August 05 Member No.: 29,474 |
Hi PropagandaPanda,
Best regards pacman123 I have tried to install ie8, a window opens that says:-set up cannot continue because a more recent version of internet explorer has been detected on this computer.so still cannot open explorer to download updates. DDS Report:- 
DDS.zip ( 4.21k )
Number of downloads: 3
Attach.zip ( 2.65k )
Number of downloads: 2Best regards pacman123 |
|
|
|
|
Jun 30 2009, 03:01 AM
Post
#20
|
|
|
Member Group: Members Posts: 63 Joined: 1-August 05 Member No.: 29,474 |
Hi PropagandaPanda,
Best regards pacman123 I have tried to install ie8, a window opens that says:-set up cannot continue because a more recent version of internet explorer has been detected on this computer.so still cannot open explorer to download updates. DDS Report:-
DDS.zip ( 4.21k )
Number of downloads: 3
Attach.zip ( 2.65k )
Number of downloads: 2Best regards pacman123 |
|
|
|
|
Jun 30 2009, 09:21 AM
Post
#21
|
|
|
Group: HJT Team Posts: 6,891 Joined: 10-March 08 Member No.: 195,473 |
Hello pacman123.
EDIT: Looks like IE8 was installed. Vista does not need the Internet Explorer to download updates. Please follow the directions here on updating. With Regards, The Panda This post has been edited by PropagandaPanda: Jun 30 2009, 09:21 AM -------------------- |
|
|
|
|
Jun 30 2009, 05:02 PM
Post
#22
|
|
|
Member Group: Members Posts: 63 Joined: 1-August 05 Member No.: 29,474 |
Hi PropagandaPanda,
Tried to download and install updates by following directions,there were two important updates to install:- Microsoft.Net Framework 3.5 service pack 1 and .Net Framework 3.5 family update (KB951847)X86 Windows Malicious Software removal tool.April 2009 (KB890830) Both failed with error code 802440C windowa update encountered unknown error. I am know thinking it could be something to do with the 3G Dongle so tomorrow i am going to try a different wireless connection,unless you can think of anything i might be doing wrong or there is still something preventing me connecting. ( wrong thought i think different connection still won't open explorer) One small question i have if i may,after fixing HJT there are still some entries for mywebsearch in the 023 lines should i have HJT fix those? Best regards and thank for all your help pacman123 This post has been edited by pacman123: Jul 1 2009, 01:40 AM |
|
|
|
|
Jul 1 2009, 08:48 AM
Post
#23
|
|
|
Group: HJT Team Posts: 6,891 Joined: 10-March 08 Member No.: 195,473 |
Hello.
Yes please try that. You can fix those lines with HJT without a problem. With Regards, The Panda -------------------- |
|
|
|
|
Jul 2 2009, 02:48 AM
Post
#24
|
|
|
Member Group: Members Posts: 63 Joined: 1-August 05 Member No.: 29,474 |
Hi PropagandaPanda,
I have deleted lines in HJT,if laptop is clean then i think i should send it back to owner and ask him to do a repair using recovery disc(shame he didn't send it with laptop) i have done new HJT and DDS reports for you to take a look,
hijackthis.zip ( 2.71k )
Number of downloads: 4
DDS_1.zip ( 4.08k )
Number of downloads: 3
Attach.zip ( 2.33k )
Number of downloads: 3Best regards pacman123 DDS (Ver_09-06-26.01) - NTFSx86 Run by jonny wilbus at 8:33:59.82 on 03/07/2009 Internet Explorer: 8.0.6001.18702 Microsoft?Windows Vista?Home Basic 6.0.6001.1.1252.44.1033.18.1014.238 [GMT -12:00] AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} SP: Norton Internet Security *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A} FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe C:\Program Files\ATKGFNEX\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\agrsmsvc.exe C:\PROGRA~1\AVANQU~1\Fix-It\mxtask.exe C:\Program Files\Orange\ICON 225 USB Connect\GtDetectSc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files\Wireless Console 2\wcourier.exe C:\Program Files\ASUS\Splendid\ACMON.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\PROGRA~1\AVANQU~1\Fix-It\mxtask.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\ACEngSvr.exe C:\Windows\system32\taskeng.exe C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe C:\Program Files\ATKOSD2\ATKOSD2.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\igfxpers.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Users\jonny wilbus\Desktop\Blubster\Blubster.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Users\jonny wilbus\Desktop\MI VIDS\BitTorrent\bittorrent.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Orange\ICON 225 USB Connect\ICON 225 USB Connect.exe C:\Program Files\3\3Connect\AutoUpdateSrv.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Windows\system32\igfxsrvc.exe C:\Users\jonny wilbus\Desktop\Blubster\BGCheck.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe F:\dds.scr C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uSearch Bar = Preserve uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS mURLSearchHooks: H - No File TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll TB: {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - No File TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.5\CoIEPlg.dll TB: My Web Search: {07b18ea9-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL TB: BearShare MediaBar: {d3dee18f-db64-4beb-9ff1-e1f0a5033e4a} - c:\program files\bearshare applications\bearshare mediabar\BearShareMediaBar.dll TB: iMesh MediaBar: {b7d3e479-cc68-42b5-a338-938ece35f419} - c:\program files\imesh applications\imesh mediabar\iMeshMediaBar.dll uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden uRun: [BitTorrent] "c:\users\jonny wilbus\desktop\mi vids\bittorrent\bittorrent.exe" uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [RemoteControl] "c:\program files\asustek\asusdvd\PDVDServ.exe" mRun: [LanguageShortcut] "c:\program files\asustek\asusdvd\language\Language.exe" mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe" mRun: [P2Go_Menu] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0" mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [HControlUser] c:\program files\asus\atk hotkey\HControlUser.exe mRun: [ADSMTray] c:\program files\asus\asus data security manager\ADSMTray.exe mRun: [ATKOSD2] "c:\program files\atkosd2\ATKOSD2.exe" mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [Performance Center] c:\program files\ascentive\performance center\ApcMain.exe -m mRun: [PC SpeedScan Pro] c:\program files\ascentive\pc speedscan pro\PCSpeedScan.exe -m mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [Blubster] c:\users\jonny wilbus\desktop\blubster\Blubster.exe SILENT dRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\icon22~1.lnk - c:\program files\orange\icon 225 usb connect\ICON 225 USB Connect.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\update~1.lnk - c:\program files\3\3connect\AutoUpdateSrv.exe mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - c:\program files\winferno\pc confidential\PCConfidential.exe IE: {925DAB62-F9AC-4221-806A-057BFB1014AA} - c:\program files\winferno\pc confidential\PCConfidential.exe IE: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - {6FAC4823-815E-4361-836E-46D65ED2550B} - c:\program files\smart-shopper\bin\2.5.1\Smrt-Shpr.dll IE: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - {4CF088BD-BE95-40a5-BE9B-677F8683EDEA} - c:\program files\smart-shopper\bin\2.5.1\Smrt-Shpr.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/WebfettiInitialSetup1.0.1.1.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab Notify: igfxcui - igfxdev.dll AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL LSA: Notification Packages = scecli c:\program files\asus\asus data security manager\ASPWDFLT ============= SERVICES / DRIVERS =============== R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20090129.001\IDSvix86.sys [2009-1-30 270384] R2 Fix-It Essentials Task Manager;Fix-It Essentials Task Manager;c:\progra~1\avanqu~1\fix-it\mxtask.exe -service --> c:\progra~1\avanqu~1\fix-it\mxtask.exe -Service [?] R2 GtDetectSc;GtDetectSc;c:\program files\orange\icon 225 usb connect\GtDetectSc.exe [2007-12-18 196704] S2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-2-6 149352] S2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe [2009-2-13 28762] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-12 23888] S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-11-6 30192] S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2007-11-13 106112] S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2007-10-9 59264] S3 GTPTSER;GT PT SER;c:\windows\system32\drivers\gtptser.sys [2007-3-30 8064] S3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2008-6-13 41008] =============== Created Last 30 ================ 2009-06-28 23:17 0 a------- c:\windows\system32\settings.dat 2009-06-28 21:36 872,192 a------- c:\windows\system32\drivers\mod7700.sys 2009-06-28 21:36 103,680 a------- c:\windows\system32\drivers\ewusbfake.sys 2009-06-28 21:36 101,632 a------- c:\windows\system32\drivers\ewusbmdm.sys 2009-06-28 21:36 100,864 a------- c:\windows\system32\drivers\ewusbnet.sys 2009-06-28 21:36 23,424 a------- c:\windows\system32\drivers\ewdcsc.sys 2009-06-28 21:34 76,118 a------- c:\windows\Huawei ModemsUninstall.exe 2009-06-26 06:48 <DIR> --d----- c:\programdata\SUPERAntiSpyware.com 2009-06-26 06:48 <DIR> --d----- c:\progra~2\SUPERAntiSpyware.com 2009-06-26 06:48 <DIR> --d----- c:\users\jonnyw~1\appdata\roaming\SUPERAntiSpyware.com 2009-06-26 06:48 <DIR> --d----- c:\program files\SUPERAntiSpyware 2009-06-21 05:06 <DIR> --d----- c:\program files\Trend Micro 2009-06-15 01:11 <DIR> --d----- c:\users\jonnyw~1\appdata\roaming\Malwarebytes 2009-06-15 01:11 <DIR> --d----- c:\programdata\Malwarebytes 2009-06-15 01:11 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-06-15 01:11 <DIR> --d----- c:\progra~2\Malwarebytes ==================== Find3M ==================== 2009-07-01 07:42 45,056 a------- c:\windows\system32\acovcnt.exe 2009-06-28 21:36 143,360 a------- c:\windows\inf\infstrng.dat 2009-06-28 21:36 51,200 a------- c:\windows\inf\infpub.dat 2009-06-28 21:36 86,016 a------- c:\windows\inf\infstor.dat 2008-11-06 08:27 665,600 a------- c:\windows\inf\drvindex.dat 2008-01-20 14:57 174 a--sh--- c:\program files\desktop.ini 2006-11-02 00:39 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat 2006-11-02 00:39 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat 2006-11-02 00:39 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat 2006-11-02 00:39 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat 2006-11-01 21:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat 2006-11-01 21:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat 2006-11-01 21:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat 2006-11-01 21:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat ============= FINISH: 8:35:09.00 =============== This post has been edited by PropagandaPanda: Jul 2 2009, 04:53 PM |
|
|
|
|
Jul 2 2009, 04:55 PM
Post
#25
|
|
|
Group: HJT Team Posts: 6,891 Joined: 10-March 08 Member No.: 195,473 |
Hello.
Open HijackThis. Click View List of Backups. Select and restore all the O2 entries that we removed, since that does not look like it was related to the IE problem. You had not the Windows disk when performing the SFC? With Regards, The Panda -------------------- |
|
|
|
|
Jul 2 2009, 05:37 PM
Post
#26
|
|
|
Member Group: Members Posts: 63 Joined: 1-August 05 Member No.: 29,474 |
Hi PropagandaPanda,
Opend HJT and restored 02 entries,rebooted tried to connect to internet 3 dongle say's connected but still cannot open explorer. with regards to sfc no i don't have recovery discs as per post 5. Have run HJT and now there are no 02 lines showing:-
hijackthis.zip ( 2.71k )
Number of downloads: 1would you like me to try system restore? Best regards pacman123 This post has been edited by pacman123: Jul 2 2009, 05:45 PM |
|
|
|
|
Jul 3 2009, 08:11 AM
Post
#27
|
|
|
Group: HJT Team Posts: 6,891 Joined: 10-March 08 Member No.: 195,473 |
Hello.
Please open HijackThis using Run As Administrator. Select the Backups selection and restore the O2s. This issue does not appear to be malware related. I would consider starting a topic in the Windows Vista forum. With Regards, The Panda -------------------- |
|
|
|
|
Jul 3 2009, 10:44 AM
Post
#28
|
|
|
Member Group: Members Posts: 63 Joined: 1-August 05 Member No.: 29,474 |
Hi PropagandaPanda, There was only one 02 entry in back up i have restored that,i will open topic in windows vista forum. I would like to thank you for all your time and help it's very much appreciated. Best regards pacman 123 |
|
|
|
|
Jul 18 2009, 03:02 PM
Post
#29
|
|
|
Group: HJT Team Posts: 6,891 Joined: 10-March 08 Member No.: 195,473 |
Hello.
Since the member is being helped in another part of the forum, this topic is now closed. If you are the topic starter and need this topic reopened, send me a message. Everyone else, please begin a new topic. With Regards, The Panda -------------------- |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 24th November 2009 - 04:37 PM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.