Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown infection affecting Internet access


  • This topic is locked This topic is locked
24 replies to this topic

#1 dmslack

dmslack

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 08 February 2009 - 12:30 PM

A few days ago, I noticed none of Winamp's "online services" were working; they all complained about no Internet connection. After checking all the settings, I removed Winamp and installled the latest version.

After a reboot, I opened Firefox and it said it was updating to 3.0.6. Once it opened, every page visited gave a "Page Load Error". Attempting to connect to a web site via IP instead of name gives the error "Failed to Connect". Both say that while the site appears to be valid, the browser was unable to establish a connection.

I uninstalled Winamp and Firefox, rebooted and reinstalled Firefox only. The same problem persisted, so I switched to IE. While IE mostly works, there are sites I just cannot connect to (such as mail.yahoo.com).

I installed the latest Ad-Aware and MBAM. Neither could update because they couldn't get Internet access, and neither reported a problem after full scans.

I don't see any other odd behavior. Here are the contents of the DDS.txt file:


DDS (Ver_09-02-01.01) - NTFSx86
Run by dawn at 12:05:07.49 on Sun 02/08/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_11
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.1978.922 [GMT -5:00]

AV: Symantec AntiVirus *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Fisher-Price\Computer Cool School\FPCCSMiddleware.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\SMINST\BLService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\system32\vmnat.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Windows\system32\vmnetdhcp.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Users\dawn\Desktop\putty.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = about:blank
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb
uInternet Settings,ProxyOverride = *.local
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: NoExplorer - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [FPCCSMiddleware] c:\program files\fisher-price\computer cool school\FPCCSMiddleware.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [vmware-tray] "c:\program files\vmware\vmware workstation\vmware-tray.exe"
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\users\dawn\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: c:\windows\system32\wpclsp.dll
LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\dawn\appdata\roaming\mozilla\firefox\profiles\3qqwy666.default\
FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-2-7 64160]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\sminst\BLService.exe [2008-7-26 361808]
R2 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-11-28 122008]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-11-9 24652]
R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2008-10-28 54960]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-7-26 193840]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-12-19 99376]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-4 113664]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2008-6-13 41008]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 921936]

=============== Created Last 30 ================

2009-02-07 20:58 <DIR> --d----- c:\users\dawn\appdata\roaming\Malwarebytes
2009-02-07 20:58 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-02-07 20:58 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-07 20:58 <DIR> --d----- c:\programdata\Malwarebytes
2009-02-07 20:58 <DIR> --d----- c:\progra~2\Malwarebytes
2009-02-07 20:58 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-02-07 20:57 15,688 a------- c:\windows\system32\lsdelete.exe
2009-02-07 18:42 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-02-07 18:42 <DIR> -cd-h--- c:\programdata\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-07 18:42 <DIR> -cd-h--- c:\progra~2\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-07 18:42 <DIR> --d----- c:\programdata\Lavasoft
2009-02-07 18:42 <DIR> --d----- c:\program files\Lavasoft
2009-01-29 21:15 97,800 a------- c:\windows\system32\infocardapi.dll
2009-01-29 21:15 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-01-29 21:15 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-01-29 21:15 622,080 a------- c:\windows\system32\icardagt.exe
2009-01-29 21:15 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-01-29 21:15 11,264 a------- c:\windows\system32\icardres.dll
2009-01-29 21:15 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-01-29 21:14 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-01-29 21:07 96,760 a------- c:\windows\system32\dfshim.dll
2009-01-29 21:07 282,112 a------- c:\windows\system32\mscoree.dll
2009-01-29 21:07 41,984 a------- c:\windows\system32\netfxperf.dll
2009-01-29 21:07 158,720 a------- c:\windows\system32\mscorier.dll
2009-01-29 21:07 83,968 a------- c:\windows\system32\mscories.dll
2009-01-27 17:54 129,784 -------- c:\windows\system32\pxafs.dll
2009-01-25 10:16 <DIR> --d----- c:\program files\common files\PX Storage Engine
2009-01-25 10:15 <DIR> --d----- c:\program files\DivX
2009-01-21 13:12 <DIR> --d----- c:\windows\E80F62FF5D3C4A1984099721F2928206.TMP
2009-01-14 16:48 288,768 a------- c:\windows\system32\drivers\srv.sys

==================== Find3M ====================

2009-01-08 21:51 124,464 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-08 21:51 10,635 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-08 21:51 806 a------- c:\windows\system32\drivers\SYMEVENT.INF
2009-01-08 15:41 86,016 a------- c:\windows\inf\infstrng.dat
2009-01-08 15:41 51,200 a------- c:\windows\inf\infpub.dat
2009-01-08 15:41 86,016 a------- c:\windows\inf\infstor.dat
2008-12-23 03:47 138,240 a------- c:\windows\system32\drivers\Rtlh86.sys
2008-12-19 13:35 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-12 11:18 87,336 a------- c:\windows\system32\dns-sd.exe
2008-12-12 11:11 61,440 a------- c:\windows\system32\dnssd.dll
2008-12-10 19:33 200,704 a------- c:\windows\system32\dtu100.dll
2008-12-10 19:33 86,016 a------- c:\windows\system32\dpl100.dll
2008-12-08 21:28 593,920 a------- c:\windows\system32\dpuGUI11.dll
2008-12-08 21:28 344,064 a------- c:\windows\system32\dpus11.dll
2008-12-08 21:28 294,912 a------- c:\windows\system32\dpu11.dll
2008-12-08 21:28 57,344 a------- c:\windows\system32\dpv11.dll
2008-12-02 05:37 10,240 a------- c:\windows\system32\RtNicProp32.dll
2008-07-25 22:46 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-20 21:57 174 a--sh--- c:\program files\desktop.ini
2006-11-02 07:39 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:39 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:39 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:39 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 12:05:39.92 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 dmslack

dmslack
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 09 February 2009 - 01:02 PM

In addition, I have tried running both Kaspersky and TrendMicro online scans and both report that they cannot run because I don't have Java 1.6 installed (I do), or it is disabled in the browser (it is not).

#3 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:29 PM

Posted 14 February 2009 - 08:03 PM

Hello. I am PropagandaPanda (Panda or PP for short), and I will be helping you.

Download and Run DDS
If you already have a copy of DDS, there is no need to download a new one.

DDS is a tool that gives us a general overview of the condition of your machine.

Download DDS by sUBs from any of the links below:
DDS.com, DDS.scr, DDS.pif

Double click its icon to run it. If you are using Windows Vista, right click it and select "Run as Administrator".
When the scan is finished, two logs will open.
Post DDS.txt directly into your reply. Attach Attach.txt.

Download and Run Scan with GMER
We will use GMER to scan for rootkits.

Please download GMER.zip to your desktop from any of the links below:
LINK1, LINK2
  • Right click on GMER.zip and select "Extract All".
  • Close all other open programs as there is a slight chance your computer will crash.
  • Double click GMER.exe. If you are using Windows Vista, right click the icon and select "Run as Administrator". Your security programs may detect GMER's driver trying to load. Allow it.
  • You may see a warning saying "GMER has detected rootkit activity". If so, select NO.
  • Leaving the settings at default, click Scan.
  • When the scan is complete, click Save and save the log onto your desktop.
Please include the log in your next reply.
Please tell me what changes have been made to the computer since your topic was started. Also give me an update on any symptoms.

With Regards,
The Panda

#4 dmslack

dmslack
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 15 February 2009 - 01:07 PM

Hi, thanks for the reply!

Here is the DDS.txt, and I am attaching Attach.txt:




DDS (Ver_09-02-01.01) - NTFSx86
Run by dawn at 12:54:55.39 on Sun 02/15/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_11
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.1978.1011 [GMT -5:00]

AV: Symantec AntiVirus *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\SMINST\BLService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\system32\vmnat.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\vmnetdhcp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Fisher-Price\Computer Cool School\FPCCSMiddleware.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\igfxsrvc.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\servicing\TrustedInstaller.exe
C:\Users\dawn\Desktop\BleepingComputer\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.bleepingcomputer.com/forums/topic201709.html
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb
uInternet Settings,ProxyOverride = *.local
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: NoExplorer - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [FPCCSMiddleware] c:\program files\fisher-price\computer cool school\FPCCSMiddleware.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [vmware-tray] "c:\program files\vmware\vmware workstation\vmware-tray.exe"
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\users\dawn\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: c:\windows\system32\wpclsp.dll
LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\dawn\appdata\roaming\mozilla\firefox\profiles\3qqwy666.default\
FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-2-7 64160]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 921936]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\sminst\BLService.exe [2008-7-26 361808]
R2 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-11-28 122008]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-11-9 24652]
R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2008-10-28 54960]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-7-26 193840]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-12-19 99376]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-4 113664]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2008-6-13 41008]

=============== Created Last 30 ================

2009-02-07 20:58 <DIR> --d----- c:\users\dawn\appdata\roaming\Malwarebytes
2009-02-07 20:58 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-02-07 20:58 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-07 20:58 <DIR> --d----- c:\programdata\Malwarebytes
2009-02-07 20:58 <DIR> --d----- c:\progra~2\Malwarebytes
2009-02-07 20:58 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-02-07 20:57 15,688 a------- c:\windows\system32\lsdelete.exe
2009-02-07 18:42 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-02-07 18:42 <DIR> -cd-h--- c:\programdata\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-07 18:42 <DIR> -cd-h--- c:\progra~2\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-07 18:42 <DIR> --d----- c:\programdata\Lavasoft
2009-02-07 18:42 <DIR> --d----- c:\program files\Lavasoft
2009-01-29 21:15 97,800 a------- c:\windows\system32\infocardapi.dll
2009-01-29 21:15 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-01-29 21:15 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-01-29 21:15 622,080 a------- c:\windows\system32\icardagt.exe
2009-01-29 21:15 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-01-29 21:15 11,264 a------- c:\windows\system32\icardres.dll
2009-01-29 21:15 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-01-29 21:14 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-01-29 21:07 96,760 a------- c:\windows\system32\dfshim.dll
2009-01-29 21:07 282,112 a------- c:\windows\system32\mscoree.dll
2009-01-29 21:07 41,984 a------- c:\windows\system32\netfxperf.dll
2009-01-29 21:07 158,720 a------- c:\windows\system32\mscorier.dll
2009-01-29 21:07 83,968 a------- c:\windows\system32\mscories.dll
2009-01-27 17:54 129,784 -------- c:\windows\system32\pxafs.dll
2009-01-25 10:16 <DIR> --d----- c:\program files\common files\PX Storage Engine
2009-01-25 10:15 <DIR> --d----- c:\program files\DivX
2009-01-21 13:12 <DIR> --d----- c:\windows\E80F62FF5D3C4A1984099721F2928206.TMP

==================== Find3M ====================

2009-02-09 11:52 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-08 21:51 124,464 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-08 21:51 10,635 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-08 21:51 806 a------- c:\windows\system32\drivers\SYMEVENT.INF
2009-01-08 15:41 86,016 a------- c:\windows\inf\infstrng.dat
2009-01-08 15:41 51,200 a------- c:\windows\inf\infpub.dat
2009-01-08 15:41 86,016 a------- c:\windows\inf\infstor.dat
2008-12-23 03:47 138,240 a------- c:\windows\system32\drivers\Rtlh86.sys
2008-12-12 11:18 87,336 a------- c:\windows\system32\dns-sd.exe
2008-12-12 11:11 61,440 a------- c:\windows\system32\dnssd.dll
2008-12-10 19:33 200,704 a------- c:\windows\system32\dtu100.dll
2008-12-10 19:33 86,016 a------- c:\windows\system32\dpl100.dll
2008-12-08 21:28 593,920 a------- c:\windows\system32\dpuGUI11.dll
2008-12-08 21:28 344,064 a------- c:\windows\system32\dpus11.dll
2008-12-08 21:28 294,912 a------- c:\windows\system32\dpu11.dll
2008-12-08 21:28 57,344 a------- c:\windows\system32\dpv11.dll
2008-12-02 05:37 10,240 a------- c:\windows\system32\RtNicProp32.dll
2008-07-25 22:46 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-20 21:57 174 a--sh--- c:\program files\desktop.ini
2006-11-02 07:39 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:39 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:39 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:39 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 12:55:37.01 ===============




Nothing has changed on the computer since my initial report, in fact it has been powered off for most of the time.

I tried to run gmer.exe, but got a message from Windows that it "has stopped working". The 'problem details' are as follows:

Problem signature:
Problem Event Name: APPCRASH
Application Name: gmer.exe
Application Version: 1.0.12.12011
Application Timestamp: 456c4664
Fault Module Name: gmer.dll
Fault Module Version: 1.0.12.12011
Fault Module Timestamp: 456c4642
Exception Code: c0000005
Exception Offset: 000156eb
OS Version: 6.0.6001.2.1.0.768.2

Should I try running these in safe mode?

Attached Files



#5 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:29 PM

Posted 15 February 2009 - 01:38 PM

Hello.

Yes, please try running GMER in safe mode.

With Regards,
The Panda

#6 dmslack

dmslack
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 15 February 2009 - 02:33 PM

Finally got it working in Safe Mode after having the same problem initially. Here is the log:

GMER 1.0.14.14536 - http://www.gmer.net

Rootkit scan 2009-02-15 14:22:18

Windows 6.0.6001 Service Pack 1





---- Registry - GMER 1.0.14 ----



Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xAA 0x16 0xDB 0x4C ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xF2 0xD8 0xD9 0x01 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x65 0xFE 0x2A 0x72 ...

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xAA 0x16 0xDB 0x4C ...

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xF2 0xD8 0xD9 0x01 ...

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x65 0xFE 0x2A 0x72 ...



---- EOF - GMER 1.0.14 ----

#7 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:29 PM

Posted 15 February 2009 - 03:56 PM

Hello.

Those logs look clean.

Please give me the date when this issue occured. I want to try to use the system restore.

With Regards,
The Panda

#8 dmslack

dmslack
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 15 February 2009 - 05:28 PM

It started around the 6th of February, I am not sure when exactly. In system restore, I have the following:

2/2 - System: Scheduled Checkpoint
2/3 - System: Scheduled Checkpoint
2/3 - Install: Windows Update
2/4 - System: Scheduled Checkpoint
2/5 - System: Scheduled Checkpoint
2/6 - System: Scheduled Checkpoint
2/6 - Install: Windows Update
2/7 - System: Scheduled Checkpoint
2/7 - System: Scheduled Checkpoint
2/7 - Install: Ad-aware Checkpoint
2/9 - System: Scheduled Checkpoint
2/9 - Uninstall: Removed Java ™ 6 Update 11
2/9 - Install: Installed Java ™ 6 Update 11
2/9 - Install: Windows Update

Any of those look good?

#9 dmslack

dmslack
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 15 February 2009 - 09:33 PM

Hey Panda -- I did a system restore and looks like I am back in business. Thanks for the help and the suggestions, I appreciate it. The topic can be closed as resolved, thanks again!

Looks like I am wrong.. I still cannot get anywhere in Firefox, and only some places in IE.

I did the system restore back to the 5th, which was the oldest I could get when I went to do it. So, no good, unfortunately :thumbup2: Any thoughts?

Edited by dmslack, 15 February 2009 - 10:05 PM.


#10 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:29 PM

Posted 16 February 2009 - 01:48 PM

Hello.

Please give me some specifics. What sites in IE? What sites can't you access (if any in particular)?

Have you tried reinstalled FireFox?

With Regards,
The Panda

#11 dmslack

dmslack
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 16 February 2009 - 03:48 PM

I can't seem to uninstall Firefox anymore. After the system restore, I tried to uninstall it and install the latest, but going into Programs, selecting it and choosing 'Uninstall'... nothing happened. Even after a reboot, it just doesn't seem to recognize that I am trying to uninstall it. Other programs uninstall without problem.

Re: IE, I can get to say, bleepingcomputer.com, cnn.com or google.com, but not mail.yahoo.com or calendar.google.com. When I put these sites in the address bar, it actually searches for them in Google. The first result that comes up is for the real site, so I click on it... and then I get a 'could not connect' message from IE. In addition, I couldn't get to many of the download links you sent in this post via IE - I had to boot into Linux or use my other PC to download them. Firefox cannot get to any site, even if IE can.

#12 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:29 PM

Posted 16 February 2009 - 04:24 PM

Hello.

Please download the FireFox installer. Install that ontop of the current installation.

Does FireFox work now?

With Regards,
THe Panda

#13 dmslack

dmslack
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 16 February 2009 - 04:47 PM

No, I tried that too, installing 3.0.6 on top of 3.0.3. The install went fine, but the new browser had the same problem :thumbup2:

#14 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:29 PM

Posted 16 February 2009 - 06:04 PM

Hello.

In Internet Explorer -> Tools -> Internet Options -> Advanced -> Reset.
Follow the prompts to reset the IE.

Are you still unable to access those sites?

With Regards,
The Panda

#15 dmslack

dmslack
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 16 February 2009 - 08:28 PM

Still cannot access, and I can't install the Google search provider to IE now because I am "not connected to the Internet". I can still get out to some sites (like here), and I can get out via SSH, etc.... Not sure what is going on...

BTW, I logged into another user's account on the machine and the same behavior is happening there.

Edited by dmslack, 16 February 2009 - 08:45 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users