Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't connect to Internet after infection with Vista Security 2012


  • Please log in to reply
19 replies to this topic

#1 Kelly4212

Kelly4212

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 15 December 2011 - 04:02 PM

Hello I was recently infected with Vista Security 2012. I already ran the registry fix, but I can't get on the Internet to do the next step. I have a acer aspire using windows vista. Can someone please help?

Edited by hamluis, 16 December 2011 - 08:34 AM.
Moved from Vista to Am I Infected.


BC AdBot (Login to Remove)

 


#2 Kelly4212

Kelly4212
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 18 December 2011 - 12:00 AM

Sorry, I forgot to say that I an getting this message: Windows could not start the dhcp client service. Error 1075. Has the virus done something to my registry or services? Pls help guys!

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:44 PM

Posted 18 December 2011 - 10:22 AM

http://download.bleepingcomputer.com/farbar/FSS.exe

and run it on the computer with the issue.

* Press "Scan".
* It will create a log (FSS.txt) in the same directory the tool is run.
* Please copy and paste the log to your reply.

#4 aflopez

aflopez

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 19 December 2011 - 01:28 PM

I am having the same problem as the original poster. I ran the FSS application and these were the results. I'm really trying to avoid having to reformat my computer. Any help is appreciated.

Farbar Service Scanner
Ran by Andy (administrator) on 19-12-2011 at 13:20:48
Microsoft® Windows Vista™ Home Basic (X86)
********************************************************

Service Check:
==============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
Checking LEGACY_Dnscache: Attention! Unable to open LEGACY_Dnscache\0000 registry key. The key does not exist.
The ServiceDll of Dnscache service is OK.

tdx Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open tdx registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open tdx registry key. The service key does not exist.


File Check:
===========
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
Attention! C:\Windows\system32\Drivers\tdx.sys is missing.
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit

Connection Status:
==================
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.

**** End of log ****

#5 Kelly4212

Kelly4212
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 19 December 2011 - 10:06 PM

Thank you for your help. Perhaps aflopez should start his own topic?!
Here's my log.

Farbar Service Scanner
Ran by rene (administrator) on 18-12-2011 at 21:07:29
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
********************************************************

Service Check:
==============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
Checking LEGACY_Dnscache: Attention! Unable to open LEGACY_Dnscache\0000 registry key. The key does not exist.
The ServiceDll of Dnscache service is OK.

tdx Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open tdx registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open tdx registry key. The service key does not exist.


File Check:
===========
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
Attention! C:\Windows\system32\Drivers\tdx.sys is missing.
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit

Connection Status:
==================
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Yahoo IP is accessible.

**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:44 PM

Posted 20 December 2011 - 12:16 AM

@Kelly4212 and aflopez

Download

system look

Launch it ,now copy this script

:filefind
tdx.sys
:reg
HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\tdx /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_Dnscache /s


Paste it in the BOX,click on LOOK ,post the generated log file here

Edited by narenxp, 20 December 2011 - 12:17 AM.


#7 aflopez

aflopez

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 21 December 2011 - 08:44 AM

Hi and thanks for the help. This is what I got on search:

SystemLook 30.07.11 by jpshortstuff
Log created at 08:39 on 21/12/2011 by Andy
Administrator - Elevation successful

========== filefind ==========

Searching for "tdx.sys"
C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6000.16386_none_e807064fdf2a97e3\tdx.sys --a---- 68096 bytes [08:57 02/11/2006] [08:57 02/11/2006] 31FCDE69AF19247274E53B2775538B91

========== reg ==========

[HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\tdx]
(Unable to open key - key not found)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_Dnscache]
(Unable to open key - key not found)

-= EOF =-

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:44 PM

Posted 21 December 2011 - 10:11 AM

Click on start button,go to RUN and copy this

C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6000.16386_none_e807064fdf2a97e3


Click ok

Now copy the tdx.sys from the location and paste it in C:Windows/system32/drivers folder

Now Download

tdx.reg for windows vista

http://www.mediafire.com/?uz72of2i5691cvm

Launch it and click YES and import it into registry

Restart and check if you can browse


Good luck

Edited by narenxp, 21 December 2011 - 10:14 AM.


#9 Kelly4212

Kelly4212
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 23 December 2011 - 07:59 PM

Thanks for your help :)
Here's my log:

SystemLook 30.07.11 by jpshortstuff
Log created at 18:59 on 22/12/2011 by rene
Administrator - Elevation successful

========== filefind ==========

Searching for "tdx.sys"
C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6000.16386_none_e807064fdf2a97e3\tdx.sys --a---- 68096 bytes [08:57 02/11/2006] [08:57 02/11/2006] AB4FDE8AF4A0270A46A001C08CBCE1C2
C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys --a---- 71680 bytes [09:28 25/06/2008] [05:55 19/01/2008] D09276B1FAB033CE1D40DCBDF303D10F
C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys --a---- 72192 bytes [07:43 17/09/2009] [04:45 11/04/2009] CF4EEE53B6783C17A6ADE3D3450D7993

========== reg ==========

[HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\tdx]
(Unable to open key - key not found)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_Dnscache]
(Unable to open key - key not found)

-= EOF =-

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:44 PM

Posted 24 December 2011 - 02:47 AM

@kelly4212

Click on start button

Go to RUN (Windows + R key) and copy this line

C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6000.16386_none_e807064fdf2a97e3\tdx.sys

Click ok

Now copy the tdx.sys file and paste it in C:/Windows/system32/drivers folder


Download tdx.reg

http://www.mediafire.com/?uz72of2i5691cvm

Launch it and Click YES to import it to registry

Restart your PC.See if you have can browse now

Good luck

#11 Kelly4212

Kelly4212
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 24 December 2011 - 02:05 PM

When I download tdx.reg, it saves as a text file. So when I move it to my computer from my laptop, how do I get it into my registry? Sorry.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:44 PM

Posted 24 December 2011 - 05:16 PM

Click on start button and type

regedit and press ENTER

On the File menu, click Import

Select the tdx.reg text file and import

Restart your PC and check your internet

Good luck

Edited by narenxp, 24 December 2011 - 05:16 PM.


#13 Kelly4212

Kelly4212
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 24 December 2011 - 06:04 PM

I really appreciate your help. I followed your instructions but internet is still not working. It says the DHCP service is not running. I did the diagnose and repair, which tried to restart the dhcp client, and reset local area connection, but it still is giving me limited connectivity. Wifi still works, thank God...

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:44 PM

Posted 24 December 2011 - 06:55 PM

Did you restart the PC?

Can you run FSS again and post the logs

#15 Kelly4212

Kelly4212
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 24 December 2011 - 10:15 PM

Farbar Service Scanner
Ran by rene (administrator) on 23-12-2011 at 21:21:29
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
********************************************************

Service Check:
==============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
Checking LEGACY_Dnscache: Attention! Unable to open LEGACY_Dnscache\0000 registry key. The key does not exist.
The ServiceDll of Dnscache service is OK.

tdx Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open tdx registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open tdx registry key. The service key does not exist.


File Check:
===========
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit

Connection Status:
==================
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Yahoo IP is accessible.

**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users