Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't aquire IP during/after 'AV Protection 2011' virus


  • Please log in to reply
11 replies to this topic

#1 bluefreakage

bluefreakage

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:54 AM

Posted 06 December 2011 - 03:44 AM

My laptop recently got the 'AV Proction 2011' virus and I cleared it with Rkill/Malwarebytes but ever since the virus hit I have been unable to get an IP

Running XP, here are the FSS and SystemLook txts
Please Help!thanks


Farbar Service Scanner
Ran by Hikaru (administrator) on 06-12-2011 at 01:16:01
Microsoft Windows XP Service Pack 3 (X86)
********************************************************

Service Check:
==============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

NetBt Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open NetBt registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open NetBt registry key. The service key does not exist.


File Check:
===========
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys
[2003-12-08 11:55] - [2008-04-13 12:20] - 0361344 ____A (Microsoft Corporation) 93EA8D04EC73A85DB02EB8805988F733

C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit

Connection Status:
==================
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error: Google IP is unreachable
Attempt to access Yahoo IP returend error: Yahoo IP is unreachable

**** End of log ****



(FOR DHCP)

SystemLook 30.07.11 by jpshortstuff
Log created at 01:21 on 06/12/2011 by Hikaru
Administrator - Elevation successful

========== reg ==========

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp]
"Type"= 0x0000000020 (32)
"Start"= 0x0000000002 (2)
"ErrorControl"= 0x0000000001 (1)
"ImagePath"="%SystemRoot%\System32\svchost.exe -k netsvcs"
"DisplayName"="DHCP Client"
"Group"="TDI"
"DependOnService"="Tcpip Afd NetBT"
"DependOnGroup"=" "
"ObjectName"="LocalSystem"
"Description"="Manages network configuration by registering and updating IP addresses and DNS names."

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Configurations]
"Options"=32 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 ff ff ff 7f 00 00 00 00 01 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 ff ff ff 7f 00 00 00 00 (REG_BINARY)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Linkage]
(No values found)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Linkage\Disabled]
(No values found)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Parameters]
"ServiceDll"="%SystemRoot%\System32\dhcpcsvc.dll"
"{80C706C1-A931-4999-87BE-75D063145EED}"=2e 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 89 32 d5 3f 08 00 00 00 2c 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 89 32 d5 3f 2b 86 c3 0a 2b 86 c3 0b 0f 00 00 00 00 00 00 00 11 00 00 00 00 00 00 00 89 32 d5 3f 69 74 64 2e 73 65 6c 2e 73 6f 6e 79 2e 63 6f 6d 00 00 00 00 01 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 89 32 d5 3f ff ff ff 00 36 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 89 32 d5 3f 2b 86 c3 0b 33 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 89 32 d5 3f 00 00 54 60 3b 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 89 32 d5 3f 00 00 49 d4 3a 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 89 32 d5 3f 00 00 2a 30 35 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 89 32 d5 3f 05 00 00 00 (REG_BINARY)
"{28BA5461-AD62-4EBF-AF24-F1D3B5910806}"=2e 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 46 86 d6 3f 08 00 00 00 2c 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 46 86 d6 3f 2b 86 c3 0a 2b 86 c3 0b 06 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 46 86 d6 3f 2b 86 c3 0a 0f 00 00 00 00 00 00 00 11 00 00 00 00 00 00 00 46 86 d6 3f 69 74 64 2e 73 65 6c 2e 73 6f 6e 79 2e 63 6f 6d 00 00 00 00 01 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 46 86 d6 3f ff ff ff 00 36 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 46 86 d6 3f 2b 86 c3 0a 33 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 46 86 d6 3f 00 00 54 60 3b 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 46 86 d6 3f 00 00 49 d4 3a 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 46 86 d6 3f 00 00 2a 30 35 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 46 86 d6 3f 05 00 00 00 (REG_BINARY)
"{EA0E193C-AF99-4596-809B-1B4006620320}"=06 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 1e 80 cd 4e c0 a8 00 01 03 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 1e 80 cd 4e c0 a8 00 01 01 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 1e 80 cd 4e ff ff ff 00 36 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 1e 80 cd 4e c0 a8 00 01 35 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 1e 80 cd 4e 05 00 00 00 fc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 85 9c cc 4e 3b 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 1e 80 cd 4e 00 01 27 50 3a 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 1e 80 cd 4e 00 00 a8 c0 33 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 1e 80 cd 4e 00 01 51 80 (REG_BINARY)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Parameters\Options]
(No values found)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Parameters\Options\1]
"KeyType"= 0x0000000007 (7)
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpSubnetMaskOpt SYSTEM\CurrentControlSet\Services\?\Parameters\Tcpip\DhcpSubnetMaskOpt"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Parameters\Options\15]
"KeyType"= 0x0000000001 (1)
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpDomain SYSTEM\CurrentControlSet\Services\TcpIp\Parameters\DhcpDomain"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Parameters\Options\220]
"KeyType"= 0x0000000003 (3)
"VendorType"= 0x0000000001 (1)
"RegSendLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\SoHRequest"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Parameters\Options\3]
"KeyType"= 0x0000000007 (7)
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpDefaultGateway SYSTEM\CurrentControlSet\Services\?\Parameters\Tcpip\DhcpDefaultGateway"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Parameters\Options\44]
"KeyType"= 0x0000000001 (1)
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Parameters\Options\46]
"KeyType"= 0x0000000004 (4)
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\DhcpNodeType"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Parameters\Options\47]
"KeyType"= 0x0000000001 (1)
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\DhcpScopeID"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Parameters\Options\6]
"KeyType"= 0x0000000001 (1)
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Parameters\Options\DhcpNetbiosOptions]
"KeyType"= 0x0000000004 (4)
"OptionId"= 0x0000000001 (1)
"VendorType"= 0x0000000001 (1)
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNetbiosOptions"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Security]
"Security"=01 00 14 80 90 00 00 00 9c 00 00 00 14 00 00 00 30 00 00 00 02 00 1c 00 01 00 00 00 02 80 14 00 ff 01 0f 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 8d 01 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 18 00 fd 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 2c 02 00 00 00 00 18 00 ff 01 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 fd 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 (REG_BINARY)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp\Enum]
"0"="Root\LEGACY_DHCP\0000"
"Count"= 0x0000000001 (1)
"NextInstance"= 0x0000000001 (1)


-= EOF =-



(FOR NETBT)

SystemLook 30.07.11 by jpshortstuff
Log created at 01:22 on 06/12/2011 by Hikaru
Administrator - Elevation successful

========== reg ==========

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\netbt]
(Unable to open key - key not found)

-= EOF =-




(FOR AFD)

SystemLook 30.07.11 by jpshortstuff
Log created at 01:23 on 06/12/2011 by Hikaru
Administrator - Elevation successful

========== reg ==========

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\afd]
"Type"= 0x0000000001 (1)
"Start"= 0x0000000001 (1)
"ErrorControl"= 0x0000000001 (1)
"ImagePath"="\SystemRoot\System32\drivers\afd.sys"
"DisplayName"="AFD Networking Support Environment"
"Group"="TDI"
"Description"="AFD Networking Support Environment"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\afd\Parameters]
(No values found)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\afd\Security]
"Security"=01 00 14 80 90 00 00 00 9c 00 00 00 14 00 00 00 30 00 00 00 02 00 1c 00 01 00 00 00 02 80 14 00 ff 01 0f 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 fd 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 ff 01 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8d 01 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 18 00 fd 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 (REG_BINARY)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\afd\Enum]
"0"="Root\LEGACY_AFD\0000"
"Count"= 0x0000000001 (1)
"NextInstance"= 0x0000000001 (1)


-= EOF =-

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:54 AM

Posted 08 December 2011 - 07:46 PM

You have one registry key missing.

Following steps involve registry editing. Please create new restore point before proceeding!!!

Download XP.zip file from here: http://www.smartestcomputing.us.com/files/download/9-registry-network-keys/
Unzip the file.
You'll find three files inside.
Right click on netbt.reg file, click "Merge".
Allow registry merge.
Restart computer and see if internet works.
Post new Farbar Service Scanner log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 bluefreakage

bluefreakage
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:54 AM

Posted 08 December 2011 - 10:22 PM

The NetBt merge worked to connect- got IPaddress, got packets flying both directions, and I was really excited...
but for some reason it still won't load web pages IE or FF.
FSS all "MD5 is legit" w/connection to Google and Yahoo IPs connected


Took laptop to location #2 where I am posting this and its back to the 0.0.0.0 and failed FSS
So I did the Netbt Merge again...reset...again it connected to wireless network, but no webpages loading.



here's the FSS
Farbar Service Scanner
Ran by Hikaru (administrator) on 08-12-2011 at 19:46:17
Microsoft Windows XP Service Pack 3 (X86)
********************************************************

Service Check:
==============

File Check:
===========
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit

Connection Status:
==================
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.

**** End of log ****


updated NETBT Syslook

SystemLook 30.07.11 by jpshortstuff
Log created at 20:07 on 08/12/2011 by Hikaru
Administrator - Elevation successful

========== reg ==========

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\netbt]
"Type"= 0x0000000001 (1)
"Start"= 0x0000000001 (1)
"ErrorControl"= 0x0000000001 (1)
"Tag"= 0x0000000006 (6)
"ImagePath"="system32\DRIVERS\netbt.sys"
"DisplayName"="NetBios over Tcpip"
"Group"="PNP_TDI"
"DependOnService"="Tcpip"
"DependOnGroup"=" "
"Description"="NetBios over Tcpip"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\netbt\Enum]
"0"="Root\LEGACY_NETBT\0000"
"Count"= 0x0000000001 (1)
"NextInstance"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\netbt\Linkage]
"OtherDependencies"="Tcpip"
"Bind"="\Device\Tcpip_{E6D314CC-9C15-45FF-9A9C-F5245BA6EAB7} \Device\Tcpip_{1574B666-940E-4AA1-8E3B-3102DD39BBC1} \Device\Tcpip_{A274D5B8-64BF-4AF4-9CE1-C8745118A562}"
"Route"=""Tcpip" "{E6D314CC-9C15-45FF-9A9C-F5245BA6EAB7}" "Tcpip" "NdisWanIp""
"Export"="\Device\NetBT_Tcpip_{E6D314CC-9C15-45FF-9A9C-F5245BA6EAB7} \Device\NetBT_Tcpip_{1574B666-940E-4AA1-8E3B-3102DD39BBC1} \Device\NetBT_Tcpip_{A274D5B8-64BF-4AF4-9CE1-C8745118A562}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\netbt\Parameters]
"NbProvider"="_tcp"
"NameServerPort"= 0x0000000089 (137)
"CacheTimeout"= 0x00000927c0 (600000)
"BcastNameQueryCount"= 0x0000000003 (3)
"BcastQueryTimeout"= 0x00000002ee (750)
"NameSrvQueryCount"= 0x0000000003 (3)
"NameSrvQueryTimeout"= 0x00000005dc (1500)
"Size/Small/Medium/Large"= 0x0000000001 (1)
"SessionKeepAlive"= 0x000036ee80 (3600000)
"TransportBindName"="\Device\"
"EnableLMHOSTS"= 0x0000000001 (1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\netbt\Parameters\Interfaces]
(No values found)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\netbt\Parameters\Interfaces\Tcpip_{1574B666-940E-4AA1-8E3B-3102DD39BBC1}]
"NameServerList"=" "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\netbt\Parameters\Interfaces\Tcpip_{A274D5B8-64BF-4AF4-9CE1-C8745118A562}]
"NameServerList"=" "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\netbt\Parameters\Interfaces\Tcpip_{E6D314CC-9C15-45FF-9A9C-F5245BA6EAB7}]
"NameServerList"=" "
"NetbiosOptions"= 0x0000000000 (0)
"DhcpNameServerList"="192.168.133.2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\netbt\Security]
"Security"=01 00 14 80 e8 00 00 00 f4 00 00 00 14 00 00 00 30 00 00 00 02 00 1c 00 01 00 00 00 02 80 14 00 ff 01 0f 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 b8 00 08 00 00 00 00 00 14 00 8d 01 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 18 00 9d 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 00 00 18 00 ff 01 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 18 00 ff 01 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 25 02 00 00 00 00 14 00 fd 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 14 00 40 00 00 00 01 01 00 00 00 00 00 05 13 00 00 00 00 00 14 00 40 00 00 00 01 01 00 00 00 00 00 05 14 00 00 00 00 00 18 00 9d 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 2c 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 (REG_BINARY)


-= EOF =-



Thanks for taking a look at this!
any other info I can give you?

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:54 AM

Posted 08 December 2011 - 10:39 PM

Some good news :)

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Users, Partitions and Memory size
Click Go and post the result.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 bluefreakage

bluefreakage
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:54 AM

Posted 08 December 2011 - 10:56 PM

Nice I was about to also post: under ipconfig/all the netbios over tcpip was disabled, but i see you replied already! so here is the minitool result, which says that and more.

MiniToolBox by Farbar
Ran by Hikaru (administrator) on 08-12-2011 at 20:50:35
Microsoft Windows XP Professional Service Pack 3 (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Intel® PRO/Wireless 2200BG Network Connection = Wireless Network Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
Intel® PRO/100 VE Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=static addr=192.168.222.155 mask=255.255.255.0
set address name="Local Area Connection" gateway=192.168.222.5 gwmetric=0
set dns name="Local Area Connection" source=static addr=206.127.64.130 register=PRIMARY
add dns name="Local Area Connection" addr=206.127.64.131 index=2
set wins name="Local Area Connection" source=static addr=none

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : Sally

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 08-00-46-E5-6F-9D



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® PRO/Wireless 2200BG Network Connection

Physical Address. . . . . . . . . : 00-0E-35-3D-18-DB

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.21

Subnet Mask . . . . . . . . . . . : 255.255.255.0

IP Address. . . . . . . . . . . . : fe80::20e:35ff:fe3d:18db%7

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 69.145.248.4

69.146.17.2

69.144.49.29

fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

NetBIOS over Tcpip. . . . . . . . : Disabled

Lease Obtained. . . . . . . . . . : Thursday, December 08, 2011 7:43:50 PM

Lease Expires . . . . . . . . . . : Friday, December 09, 2011 7:43:50 PM



Tunnel adapter Teredo Tunneling Pseudo-Interface:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : fe80::ffff:ffff:fffd%6

Default Gateway . . . . . . . . . :

NetBIOS over Tcpip. . . . . . . . : Disabled



Tunnel adapter Automatic Tunneling Pseudo-Interface:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : C0-A8-00-15

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : fe80::5efe:192.168.0.21%2

Default Gateway . . . . . . . . . :

DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

NetBIOS over Tcpip. . . . . . . . : Disabled

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 69.145.248.4

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Ping request could not find host google.com. Please check the name and try again.

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 69.145.248.4

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Ping request could not find host yahoo.com. Please check the name and try again.

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 69.145.248.4

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Ping request could not find host bleepingcomputer.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x3 ...08 00 46 e5 6f 9d ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
0x20002 ...00 0e 35 3d 18 db ...... Intel® PRO/Wireless 2200BG Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.21 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.0.21 192.168.0.21 20
192.168.0.0 255.255.255.0 192.168.0.21 192.168.0.21 25
192.168.0.21 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.0.255 255.255.255.255 192.168.0.21 192.168.0.21 25
224.0.0.0 240.0.0.0 192.168.0.21 192.168.0.21 25
255.255.255.255 255.255.255.255 192.168.0.21 3 1
255.255.255.255 255.255.255.255 192.168.0.21 192.168.0.21 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 05 C:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/08/2011 01:16:44 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.51.0.1118, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/08/2011 02:54:23 AM) (Source: Application Error) (User: )
Description: Faulting application e35.exe, version 0.0.0.0, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000109bf.
Processing media-specific event for [e35.exe!ws!]

Error: (12/08/2011 02:53:50 AM) (Source: Application Error) (User: )
Description: Faulting application 3d18d.exe, version 0.0.0.0, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00011780.
Processing media-specific event for [3d18d.exe!ws!]

Error: (12/08/2011 02:50:35 AM) (Source: Application Error) (User: )
Description: Faulting application e35.exe, version 0.0.0.0, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00011782.
Processing media-specific event for [e35.exe!ws!]

Error: (12/08/2011 02:42:51 AM) (Source: Application Error) (User: )
Description: Faulting application 3d18d.exe, version 0.0.0.0, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00011780.
Processing media-specific event for [3d18d.exe!ws!]

Error: (12/08/2011 02:39:58 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (12/08/2011 02:28:43 AM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.51.0.1118, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/03/2011 02:25:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 71225777

Error: (12/03/2011 02:25:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 71225777

Error: (12/03/2011 02:25:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (12/08/2011 08:29:09 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 59 minutes.
NtpClient has no source of accurate time.

Error: (12/08/2011 08:29:09 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (12/08/2011 07:59:08 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 29 minutes.
NtpClient has no source of accurate time.

Error: (12/08/2011 07:59:08 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (12/08/2011 07:44:08 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (12/08/2011 07:44:08 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (12/08/2011 07:41:59 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 15 minutes.
NtpClient has no source of accurate time.

Error: (12/08/2011 07:41:59 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (12/08/2011 07:40:21 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (12/08/2011 07:33:42 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1053" attempting to start the service gupdate1caf4b2ee2e9280 with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}


Microsoft Office Sessions:
=========================
Error: (12/08/2011 01:16:44 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.51.0.1118hungapp0.0.0.000000000

Error: (12/08/2011 02:54:23 AM) (Source: Application Error)(User: )
Description: e35.exe0.0.0.0ntdll.dll5.1.2600.6055000109bf

Error: (12/08/2011 02:53:50 AM) (Source: Application Error)(User: )
Description: 3d18d.exe0.0.0.0ntdll.dll5.1.2600.605500011780

Error: (12/08/2011 02:50:35 AM) (Source: Application Error)(User: )
Description: e35.exe0.0.0.0ntdll.dll5.1.2600.605500011782

Error: (12/08/2011 02:42:51 AM) (Source: Application Error)(User: )
Description: 3d18d.exe0.0.0.0ntdll.dll5.1.2600.605500011780

Error: (12/08/2011 02:39:58 AM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: bind() failed (Socket error 10050)

Error: (12/08/2011 02:28:43 AM) (Source: Application Hang)(User: )
Description: mbam.exe1.51.0.1118hungapp0.0.0.000000000

Error: (12/03/2011 02:25:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 71225777

Error: (12/03/2011 02:25:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 71225777

Error: (12/03/2011 02:25:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 1018.42 MB
Available physical RAM: 587.45 MB
Total Pagefile: 2448 MB
Available Pagefile: 2134.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1980.81 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:20 GB) (Free:1.39 GB) NTFS
2 Drive d: () (Fixed) (Total:12.25 GB) (Free:9.68 GB) NTFS
5 Drive g: () (Removable) (Total:1.84 GB) (Free:1.84 GB) FAT

========================= Users: ========================================

User accounts for \\SALLY

Administrator ASPNET Guest
HelpAssistant Hikaru SUPPORT_388945a0
Yamada


**** End of log ****

Edited by bluefreakage, 08 December 2011 - 10:58 PM.


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:54 AM

Posted 08 December 2011 - 11:02 PM

You have "hosts" file missing and DNS is messed up.

Open Notepad.
Paste the following text into it:

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#  	102.54.94.97 	rhino.acme.com      	# source server
#   	38.25.63.10 	x.acme.com          	# x client host

127.0.0.1   	localhost

Go File>Save As and...

1. Name the file hosts. (no extension; make sure there is just a "dot" at the end <--- VERY IMPORTANT!)
2. Make sure, "Save as type:" is set to "All Files (*.*)
3. Make sure the file is saved to C:\WINDOWS\SYSTEM32\DRIVERS\ETC folder

Posted Image

============================================================================================

Then.....

Make sure, your settings are correct.
1. Go Start>Settings>Control Panel (Vista/7 users: Start>Control Panel)
2. Double click Network Connections (Vista/7 users: Network and Sharing Center)
3. Vista/7 users - From the list of tasks on the left, click Manage network connections.
4. For a wired network connection, right-click Local Area Connection, and then select Properties.
For a wireless network connection, right-click Wireless Network Connection, and then select Properties.
5. From the General tab (Vista/7 users: Networking tab), click Internet Protocol version 4 (TCP/IPv4), make sure it is checked, and then click Properties
6. Make sure Obtain an IP Address Automatically and Obtain DNS server address Automatically are checked.
7. Click on "Advanced" button and make sure "IP Settings" tab looks like this:
Posted Image
Make sure "DNS" tab looks like this:
Posted Image
Make sure "WINS" tab looks like this:
Posted Image
8. Still in Control Panel double click on "Internet options" then "Connections" tab then "LAN Settings" button. Make sure "Automatically detect settings" is checked.
If you made any changes OK your way out.
Restart computer.


If that doesn't work...
Turn off computer. Disconnect router, and modem from power source for 1 minute. At the same time disconnect ethernet cable as well.
Reconnect everything.
Restart computer.

If that doesn't work, bypass router, and connect computer straight to the modem.

If that doesn't work...
Go Start>Run (Start search in Vista), type in:
cmd
Click OK (in Vista and 7, while holding CTRL, and SHIFT, press Enter).

In Command Prompt window, type in following commands, and hit Enter after each one:
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
net stop "dns client"
net start "dns client"


Restart computer.

If that doesn't work...
Go Start>Run (Start search in Vista and 7), type in:
cmd
Click OK (in Vista, while holding CTRL, and SHIFT, press Enter).

At Command Prompt, type in:
netsh int ip reset reset.log
Hit Enter.
Type in:
netsh winsock reset catalog
Hit Enter.

Restart computer.


If that doesn't work...
Download, install, and run WinSockFix: http://www.softpedia.com/get/Tweak/Network-Tweak/WinSockFix.shtml (doesn't work in Vista and 7)
Restart computer, and check again.

If that doesn't work...
Download Dial-A-Fix (DAF) (doesn't work in Vista and 7):
http://wiki.lunarsoft.net/wiki/Dial-a-fix#Mirrors.2Fdownload_locations.2C_and_articles

Have XP CD available in case DAF needs a file. Likely not!

Check all boxes on the screen (clear any restrictions if it shows any)
Then click GO!

When the entire page is finished click the HammerHead at bottom to go to the second DAF page.

Here, one at a time, do the below:

Reinstall BITS
Reinstall Windows Firewall
Repair Permissions
Reset networking

Watch for any File not found or other errors and make note as this may lead to the fix!

Restart computer.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 bluefreakage

bluefreakage
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:54 AM

Posted 09 December 2011 - 01:26 AM

got to the restart after "net start dns client"
and got this message

SMART Failure Predicted on Hard Disk 0: HITACHI_DK13FA-40-(PM)
WARNING: Immediately back-up your data and replace your hard disk drive. Aa failure may be imminent

Press f1 to Continue

sounds bad eh?

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:54 AM

Posted 09 December 2011 - 06:09 PM

It does.
Back up your data immediately.

Then...

Run hard drive diagnostics: http://www.tacktech.com/display.cfm?ttid=287 (or http://www.bleepingcomputer.com/forums/index.php?showtopic=28744&hl=hard+drive+diagnostic)
Make sure, you select tool, which is appropriate for the brand of your hard drive.
Depending on the program, it'll create bootable floppy, or bootable CD.
If downloaded file is of .iso type, use ImgBurn: http://www.imgburn.com/ to burn .iso file to a CD (select "Write image file to disc" option), to make the CD bootable.
For Toshiba hard drives, see here: http://sdd.toshiba.com/main.aspx?Path=ServicesSupport/FujitsuDrivesUSandCanada/SoftwareUtilities#diagnostic

Note : If you do not know how to set your computer to boot from CD follow the steps HERE

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 bluefreakage

bluefreakage
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:54 AM

Posted 10 December 2011 - 02:12 AM

Computer is off until I can get to the resources to back it up.

I was looking through the log above and was unfamiliar with these, both of there errors repeat and I was wondering if you had any ideas on it, I am pretty sure I deleted folders for these when I saw the date created was the day of the 'infection' but maybe that was a mistake or still part of the issue.?
'E35.exe' and '3D18D.exe'


Error: (12/08/2011 02:54:23 AM) (Source: Application Error) (User: )
Description: Faulting application e35.exe, version 0.0.0.0, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000109bf.
Processing media-specific event for [e35.exe!ws!]

Error: (12/08/2011 02:53:50 AM) (Source: Application Error) (User: )
Description: Faulting application 3d18d.exe, version 0.0.0.0, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00011780.
Processing media-specific event for [3d18d.exe!ws!]

Error: (12/08/2011 02:50:35 AM) (Source: Application Error)(User: )
Description: e35.exe0.0.0.0ntdll.dll5.1.2600.605500011782

Error: (12/08/2011 02:42:51 AM) (Source: Application Error)(User: )
Description: 3d18d.exe0.0.0.0ntdll.dll5.1.2600.605500011780

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:54 AM

Posted 10 December 2011 - 12:42 PM

At this point your main concern is to run hard drive diagnostic.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 bluefreakage

bluefreakage
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:54 AM

Posted 13 December 2011 - 02:45 AM

A few updates, when i was backing up data the virus AND the Internet started working again. so...meh been quarantining the when it showed up.
Turned off the computer and ran a Hitachi diagnostic which said 'there is an error on a non-Hitachi drive' when scanning the drive obviously labeled Hitachi,
So now running a different diagnostic with a few splatters of red sections showing up. Should I re-map and start over?

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:54 AM

Posted 13 December 2011 - 11:37 AM

It looks like you need a new drive.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users