Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot Connect To Internet


  • This topic is locked This topic is locked
3 replies to this topic

#1 ScarletteM

ScarletteM

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:43 PM

Posted 24 December 2011 - 04:18 AM

I too had the same problem as RogueZ. I followed all the steps here to remove this virus and now I am out of my home network. Since our situation was mostly identical I followed all the steps through to post #10 working on Legacy_tdx. However, I am still not cured. I hope its ok to continue this here. Please let me know if I need to start a new thread. Below is my last FSS file after the Legacy_tdx procedure.

Farbar Service Scanner
Ran by Scarlette (administrator) on 24-12-2011 at 04:02:10
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.
Checking LEGACY_Dnscache: Attention! Unable to open LEGACY_Dnscache\0000 registry key. The key does not exist.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.


Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking LEGACY_MpsSvc: Attention! Unable to open LEGACY_MpsSvc\0000 registry key. The key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.
Checking LEGACY_bfe: Attention! Unable to open LEGACY_bfe\0000 registry key. The key does not exist.

mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
Checking LEGACY_SDRSVC: Attention! Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
Attention! C:\Windows\system32\Drivers\tdx.sys is missing.
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll
[2009-09-24 06:36] - [2009-04-11 01:28] - 0407552 ____A (Microsoft Corporation) 5DE62C6E9108F14F6794060A9BDECAEC

C:\Windows\system32\bfe.dll
[2009-09-24 06:35] - [2009-04-11 01:28] - 0334848 ____A (Microsoft Corporation) C789AF0F724FDA5852FB9A7D3A432381

C:\Windows\system32\Drivers\mpsdrv.sys
[2008-01-20 21:24] - [2008-01-20 21:24] - 0064000 ____A (Microsoft Corporation) 22241FEBA9B2DEFA669C8CB0A8DD7D2E

C:\Windows\system32\SDRSVC.dll
[2008-01-20 21:23] - [2008-01-20 21:23] - 0104960 ____A (Microsoft Corporation) 716313D9F6B0529D03F726D5AAF6F191

C:\Windows\system32\vssvc.exe
[2009-09-24 06:35] - [2009-04-11 01:28] - 1055232 ____A (Microsoft Corporation) DB3D19F850C6EB32BDCB9BC0836ACDDB

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

Edited by hamluis, 24 December 2011 - 01:38 PM.
Mistakenly deleted, corrected, sent PM to new OP..


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:43 PM

Posted 24 December 2011 - 08:26 PM

Download

system look

Launch it,copy this script

:filefind
tdx.sys


Paste it in the BOX

Click on Look

Post the log

#3 ScarletteM

ScarletteM
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:43 PM

Posted 24 December 2011 - 10:01 PM

TO LUIS (hamluis)

Please close this post. I did as you asked and opened my query under a new thread (see here).

Thank you for your help and attention. I am currently working with Broni to solve my problem.
Please feel free to either close or delete this thread.

Thanks again.
Scarlette

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,493 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:43 PM

Posted 26 December 2011 - 03:10 PM

Closed yhis is working at new topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users