Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No Internet Access after google redirect


  • Please log in to reply
7 replies to this topic

#1 Manticore78

Manticore78

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:57 AM

Posted 23 December 2011 - 06:02 PM

Good afternoon bleepingcomputer.com!

So here is my particular issue and I have read many similar posts in your forums but did not try and do any of these fixes as I saw many moderators request people to post instead as each individual case is unique to a degree. So my wife apparently got a google redirect virus. She then called her brother over who "knows" something about computers and he ran ComboFix to try and solve the problem. The internet was working before but it was simply redirecting searches to another engine. However, after his so-called "fix" the internet stopped completely. Both wireless and wired connections show that they are connected to the network router but have no internet access. I did flush DNS and ip release etc. as that is essentially the extent to my networking. I also uninstalled and reinstalled drivers after updating them but to no avail. A friend I explained my problem to encouraged me to check you guys out as you work magic. Let me know what you need from me to help you help me. I would greatly appreciate your assistance so that I can get my wife off of my work computer. It is annoying to always return to it on the pinterest website. Thank you!

Manticore

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:57 PM

Posted 23 December 2011 - 07:42 PM

Welcome aboard Posted Image

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Manticore78

Manticore78
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:57 AM

Posted 23 December 2011 - 08:18 PM

Here is the file you requested and thank you for being so speedy!

Farbar Service Scanner
Ran by Stephanie (administrator) on 23-12-2011 at 12:58:08
Microsoft Windows 7 Professional Service Pack 1 (X86)
********************************************************

Internet Services:
=================

Connection Status:
=================
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Yahoo IP is accessible.


System Restore:
==============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
==============================


File Check:
==========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys
[2011-06-15 17:01] - [2011-04-24 18:18] - 0338944 ____A () 331F94519685F23447A5C4C62A29F9E4

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit

**** End of log ****

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:57 PM

Posted 23 December 2011 - 08:23 PM

It looks like afd.sys is corrupted or infected.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

64-bit users go HERE
  • Double-click SystemLook.exe to run it.
  • Vista\Win 7 users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following box and paste it into the main textfield:
    :filefind
    afd.sys
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 Manticore78

Manticore78
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:57 AM

Posted 24 December 2011 - 01:52 AM

Thank you for working on my problem during the holidays, and sorry it took so long to get back to you. The timing of this fiasco is quite hectic with all of the family commotion going on. here is the log you requested.

SystemLook 30.07.11 by jpshortstuff
Log created at 22:44 on 23/12/2011 by Stephanie
Administrator - Elevation successful

========== filefind ==========

Searching for "afd.sys"
C:\Windows\System32\drivers\afd.sys --a---- 338944 bytes [01:01 16/06/2011] [02:18 25/04/2011] 331F94519685F23447A5C4C62A29F9E4
C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_d7be98b5bfc0b4c1\afd.sys --a---- 338944 bytes [23:12 13/07/2009] [23:12 13/07/2009] DDC040FDB01EF1712A6B13E52AFB104C
C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_d81220b5bf827af7\afd.sys --a---- 338944 bytes [01:01 16/06/2011] [02:35 25/04/2011] 0DB7A48388D54D154EBEC120461A0FCD
C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_d864ad9ad8c98d1f\afd.sys --a---- 338944 bytes [01:01 16/06/2011] [02:27 25/04/2011] C114AB7A1550D42EA1700FFD4179CF5A
C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_d9efac7dbcaf385b\afd.sys --a---- 338944 bytes [03:55 07/06/2011] [08:40 20/11/2010] 1151FD4FB0216CFED887BFDE29EBD516
C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys --a---- 338944 bytes [01:01 16/06/2011] [02:18 25/04/2011] 331F94519685F23447A5C4C62A29F9E4
C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_da774a9ad5cea29e\afd.sys --a---- 338944 bytes [01:01 16/06/2011] [03:24 25/04/2011] C427F91A748CD342A2B3F9278D9FD6A5

-= EOF =-

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:57 PM

Posted 24 December 2011 - 11:16 AM

Restart computer in Safe Mode.
Open Windows Explorer.
Navigate to C:\Windows\System32\drivers folder.
Rename afd.sys to afd.old.
Copy afd.sys file from C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_d7be98b5bfc0b4c1 folder and paste it to C:\Windows\System32\drivers folder.

Restart computer, check internet connection, post new FSS log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 Manticore78

Manticore78
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:57 AM

Posted 24 December 2011 - 01:54 PM

Thank you! Everything seems to be working and the FSS log looks the same except it says that the internet connection is good! Problem solved! You guys are amazing and Merry Xmas!

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:57 PM

Posted 24 December 2011 - 01:59 PM

Posted Image

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users