Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

internet not recognized


  • Please log in to reply
4 replies to this topic

#1 mmmMapleSyrup

mmmMapleSyrup

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:40 PM

Posted 22 February 2009 - 08:38 PM

So my computer had a bunch of viruses and nasty stuff on it that I thought I had removed; however, now I can't get on the internet at all. Wireless and through an ethernet cable. Every time I shut down I get an end program for explorer.exe so that can't be good. Thanks!




DDS (Ver_09-02-01.01) - NTFSx86
Run at 17:27:00.23 on 2009-02-22
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.959.650 [GMT -8:00]

FW: Norton Internet Worm Protection *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
mWinlogon: Userinit=c:\windows\explorer.exe,
BHO: {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} - c:\windows\system32\fccBSMGa.dll
BHO: {b036f778-44a8-400d-a4f0-dbc2f2a783fe} - c:\windows\system32\blackbo.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [MsmqIntCert] regsvr32 /s mqrt.dll
mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [RecGuard] c:\windows\sminst\RecGuard.exe
mRun: [WildTangent CDA] "c:\program files\wildtangent\apps\cda\gamedrvr.exe" /startup "c:\program files\wildtangent\apps\cda\cdaEngine0500.dll"
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Ckololu] rundll32.exe "c:\windows\umayenev.dll",e
mRun: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
dRun: [nttwlvod.exe] c:\windows\nttwlvod.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\nkbmon~1.lnk - c:\program files\nikon\pictureproject\NkbMonitor.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: fccbsmga - fccBSMGa.dll
AppInit_DLLs: wpbaxo.dll
SEH: {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} - c:\windows\system32\fccBSMGa.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\andrew~1\applic~1\mozilla\firefox\profiles\ed77c2u5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - HiddenExtension: XUL Cache: {C289B5B2-2A7E-467A-A584-514705F5B983} - c:\documents and settings\\local settings\application data\{C289B5B2-2A7E-467A-A584-514705F5B983}

============= SERVICES / DRIVERS ===============

R0 aruiophy;aruiophy;c:\windows\system32\drivers\aruiophy.sys [2006-3-15 23424]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 116224]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-1-10 45132]
S1 ethymnny;ethymnny;c:\windows\system32\drivers\ethymnny.sys [2009-2-16 137664]
S3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ;c:\windows\system32\drivers\5U870CAP.sys [2006-6-6 61952]
S3 IKFileFlt;File Filter Driver;c:\windows\system32\drivers\ikfileflt.sys [2007-3-31 39248]
S3 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2007-3-31 52304]
S3 IkSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2007-3-31 59472]
S3 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2007-3-31 83536]
S3 sdAuxService;Spyware Doctor Auxiliary Service;c:\program files\spyware doctor\svcntaux.exe [2007-3-31 707080]
S3 sdCoreService;Spyware Doctor Service;c:\program files\spyware doctor\swdsvc.exe [2007-3-31 1302272]

=============== Created Last 30 ================

2009-02-20 11:28 <DIR> --d----- c:\windows\LastGood.Tmp
2009-02-20 11:28 <DIR> --d----- c:\program files\Broadcom
2009-02-19 14:51 <DIR> --d----- c:\windows\pss
2009-02-16 08:44 137,664 a------- c:\windows\system32\drivers\ethymnny.sys
2009-02-16 08:44 31,744 a---h--- c:\documents and settings\\ptktyu.exe
2009-02-16 08:44 53,248 a------- c:\windows\system32\drivers\ndisio.sys
2009-02-16 08:44 67,072 ----h--- c:\windows\system32\secupdat.dat
2009-02-16 08:44 25,601 a------- c:\windows\system32\11.tmp
2009-02-16 08:44 3,584 a------- c:\windows\nttwlvod.exe
2009-02-16 08:44 168 a------- c:\windows\system32\D.tmp
2009-02-15 22:36 84 a------- c:\windows\system32\8.tmp
2009-02-15 22:08 1 a------- c:\windows\system32\5.tmp
2009-02-15 20:55 1 a------- c:\windows\system32\B.tmp
2009-02-15 20:54 84 a------- c:\windows\system32\A.tmp
2009-02-15 20:46 1 a------- c:\windows\system32\3.tmp
2009-02-15 20:46 84 a------- c:\windows\system32\2.tmp
2009-02-15 17:54 1 a------- c:\windows\system32\7.tmp
2009-02-15 17:54 84 a------- c:\windows\system32\6.tmp
2009-02-15 15:12 12,160 a------- c:\windows\system32\drivers\mouhid.sys
2009-02-15 15:12 9,600 a------- c:\windows\system32\drivers\hidusb.sys
2009-02-15 15:11 31,616 a------- c:\windows\system32\drivers\usbccgp.sys
2009-02-15 13:03 132,608 a------- c:\windows\umayenev.dll
2009-02-15 10:37 99,696 a------- c:\windows\system32\drivers\5dafcf44.sys
2009-02-15 10:37 40,448 a------- C:\xyephkl.exe
2009-02-15 10:37 103,424 a------- C:\dykhyp.exe
2009-02-15 10:37 2 a------- C:\376963449
2009-02-15 10:37 61,440 a------- C:\cwxwwgtl.exe
2009-02-15 10:36 72,704 a------- c:\windows\system32\ccoddisa.dll
2009-02-14 09:55 302,592 a------- c:\windows\system32\mlJCuvuV.dll.vir
2009-02-14 09:50 36,352 a------- c:\windows\system32\fccBSMGa.dll
2009-02-11 19:35 <DIR> --d----- c:\program files\PokerStars
2009-02-09 19:49 942,080 a------- c:\windows\system32\rn.tmp
2009-02-04 20:24 <DIR> a-dshr-- C:\cmdcons
2009-02-04 20:22 179,200 a------- c:\windows\SWREG.exe
2009-02-04 20:22 115,712 a------- c:\windows\sed.exe
2009-02-01 12:14 <DIR> --d----- c:\program files\Trend Micro
2009-02-01 01:15 96,256 a------- c:\windows\system32\blackbo.dll
2009-01-31 00:38 96,256 a------- c:\windows\system32\atrac.dll

==================== Find3M ====================

2009-02-20 11:28 822,272 a------- c:\windows\system32\drivers\BCMWL5.SYS
2009-02-16 13:06 5,866 a------- c:\docume~1\andrew~1\applic~1\wklnhst.dat
2008-12-12 09:27 3,067,392 -------- c:\windows\system32\dllcache\mshtml.dll
2008-12-11 03:57 333,184 -------- c:\windows\system32\dllcache\srv.sys
2008-08-19 15:10 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLec.DAT
2008-08-19 15:10 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLds.DAT

============= FINISH: 17:27:44.75 ===============

Edited by jgweed, 22 September 2010 - 08:34 AM.
removed Name at Member's request.jgw


BC AdBot (Login to Remove)

 


#2 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:01:40 AM

Posted 24 February 2009 - 01:09 PM

Hello MmmMapleSyrup and welcome to Bleeping Computer,

1. Please download GooredFix and save it to your Desktop.
  • Select "2. Fix Goored" by typing 2 and pressing Enter.
  • Make sure all instances of Firefox are closed at this point.
  • Type y at the prompt and press Enter again.
  • A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called GooredLog.txt).
Note: If you receive a message saying that GooredFix needs your system to be restarted, please close all applications and reboot your system. Please also allow any registry changes that may be prompted by any of your security programs.

2. Please read this tutorial carefully to download ComboFix from one of the locations specified, and save it to your Desktop.
Double click the ComboFix icon to run it.
If ComboFix askes you to install the Recovery Console, please do so..
The Windows Recovery Console will allow you to boot up into a special recovery mode, in case your computer has a problem after an attempted removal of malware. This allows us to help you.
Once the Recovery Console is installed, continue with the malware scan.

Note: Make sure not to click ComboFix's window while it's running. That may cause it to stall or freeze.

Please post the log from ComboFix (can also be found as C:\ComboFix.txt) in your next reply. :thumbup2:

If you have any questions along the way, STOP and ask them before proceeding !!

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#3 mmmMapleSyrup

mmmMapleSyrup
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:40 PM

Posted 28 February 2009 - 03:22 PM

Yo! So I ran goored and got this:

GooredFix v1.91 by jpshortstuff
Log created at 11:47 on 28/02/2009 running Option #2 (Andrew)
Firefox version 3.0.6 (en-US)

=====Goored Deletions=====

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"{C289B5B2-2A7E-467A-A584-514705F5B983}"="C:\Documents and Settings\Andrew\Local Settings\Application Data\{C289B5B2-2A7E-467A-A584-514705F5B983}"
->Backing up value... Done.
->Deleting value... Done.

C:\Documents and Settings\Andrew\Local Settings\Application Data\{C289B5B2-2A7E-467A-A584-514705F5B983}
->Backing up folder... Done.
->Emptying folder... Done.
->Deleting folder... Done.

=====Dumping Registry Values=====

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.6\extensions]
"Plugins"="C:\Program Files\Mozilla Firefox\plugins"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.6\extensions]
"Components"="C:\Program Files\Mozilla Firefox\components"


Then I did the combofix and got this annoying little error:

Date Error: 2009-02-28
Check your settings.

My date and clock look to be showing the correct time...again I can't sync with windows as I can't get on the internet.

Thanks for the help

#4 mmmMapleSyrup

mmmMapleSyrup
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:40 PM

Posted 28 February 2009 - 03:49 PM

HELP!

So I was obviously not smart and tried to change the date, I tried the day before and got the same result, but then I tried the day after and combofix ran fine...it then restarted itself, but can't log into windows. I have restarted a bunch of times (including in safe mode) and it just gets stuck. It will make the windows logging on noise and then the logging off noise and show the welcome screen. Then I will hit my icon and it will say loading your personal settings like usual, but then immediately it will say logging off.

#5 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:01:40 AM

Posted 02 March 2009 - 01:26 PM

Hello MmmMapleSyrup,

The symptoms you are describing look a lot like what you get when trying to log on on an illegal Windows version where the activation period has expired.
Did you get a warning Wndows needed to be activated ?

Can you still start up in safe mode ?

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users