Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Desktop PC with XP continuously says "Acquiring Network Address"


  • Please log in to reply
7 replies to this topic

#1 samandtabitha

samandtabitha

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:14 PM

Posted 07 January 2012 - 03:31 AM

A few months ago, before I found this forum, my desktop PC running XP with SP3 got one of the fake antivirus malwares. I attempted to remove it with SUPERAntispyware and Hitman PRO 3.5. Apparently I was not successful, and now my Local Area Connection (I'm directly connected to my router by wire) constantly shows "acquiring network address". I ran a few programs and obtained logs that I hope will help anyone who tries to help me with this program. I ran SecurityCheck, Farbar Service Scanner, MalwareBytes, and MiniToolBox. I am pasting the logs below. I am also currently running GMER. I will post as soon as it is finished if deemed necessary by the awesome experts helping us novice folk out :)

================================================================================================

Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Microsoft Security Essentials
Antivirus out of date! (On Access scanning disabled!)
```````````````````````````````
Anti-malware/Other Utilities Check:

SUPERAntiSpyware
Java™ 6 Update 20
Java 2 Runtime Environment, SE v1.4.2_02
Out of date Java installed!
Adobe Flash Player ( 10.0.12.36) Flash Player Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
``````````End of Log````````````

==============================================================================================

Farbar Service Scanner
Ran by Sam (administrator) on 07-01-2012 at 01:09:48
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.


Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error: Google IP is unreachable
Attempt to access Yahoo IP returend error: Yahoo IP is unreachable


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========
wuauserv Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wuauserv registry key. The service key does not exist.
Checking LEGACY_wuauserv: Attention! Unable to open LEGACY_wuauserv\0000 registry key. The key does not exist.

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS: "C:\WINDOWS\system32\qmgr.dll".


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
Attention! C:\WINDOWS\system32\Drivers\afd.sys is missing.
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
fssfltr(11) Gpc(3) IPSec(5) NetBT(6) NwlnkIpx(12) NwlnkNb(13) PSched(7) StreamSurge(9) Tcpip(4) Tcpip6(10)
0x0D0000000500000001000000020000000300000004000000060000000700000008000000090000000B0000000A0000000C0000000D000000
IpSec Tag value is correct.

**** End of log ****

==============================================================================================

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2011.12.24.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Sam :: DELLCUSTOMER [administrator]

1/7/2012 1:12:29 AM
mbam-log-2012-01-07 (01-39-34).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 263280
Time elapsed: 25 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> No action taken.

Registry Values Detected: 3
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Data: -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Data: a+߬H:; -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|4E3E0230AEBB4E96 (Trojan.SpyEyes) -> Data: C:\Recycle.Bin\Recycle.Bin.exe -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Recycle.Bin (Trojan.Spyeyes) -> No action taken.

Files Detected: 0
(No malicious items detected)

(end)

==============================================================================================

MiniToolBox by Farbar
Ran by Sam (administrator) on 07-01-2012 at 01:50:21
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

3Com 3C920 Integrated Fast Ethernet Controller (3C905C-TX Compatible) = Local Area Connection (Disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip



popd
# End of interface IP configuration




Windows IP Configuration



Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/07/2012 01:42:15 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/07/2012 00:35:25 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/07/2012 00:26:56 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/06/2012 10:48:00 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/06/2012 10:40:04 PM) (Source: Application Error) (User: )
Description: Faulting application MotoConnectService.exe, version 0.0.0.0, faulting module kernel32.dll, version 5.1.2600.5781, fault address 0x0002f395.
Processing media-specific event for [MotoConnectService.exe!ws!]

Error: (01/06/2012 10:39:55 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/06/2012 09:45:59 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/06/2012 09:35:30 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (11/17/2011 01:38:38 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (11/17/2011 01:33:37 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.


System errors:
=============
Error: (01/07/2012 01:48:49 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error:
%%2

Error: (01/07/2012 01:48:49 AM) (Source: Service Control Manager) (User: )
Description: The AFD service failed to start due to the following error:
%%2

Error: (01/07/2012 01:46:04 AM) (Source: DCOM) (User: SYSTEM)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (01/07/2012 01:45:34 AM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service terminated with service-specific error 2147952450 (0x80072742).

Error: (01/07/2012 01:45:34 AM) (Source: DCOM) (User: SYSTEM)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (01/07/2012 01:45:12 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error:
%%2

Error: (01/07/2012 01:45:12 AM) (Source: Service Control Manager) (User: )
Description: The AFD service failed to start due to the following error:
%%2

Error: (01/07/2012 01:45:06 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error:
%%2

Error: (01/07/2012 01:45:06 AM) (Source: Service Control Manager) (User: )
Description: The AFD service failed to start due to the following error:
%%2

Error: (01/07/2012 01:45:04 AM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service terminated with service-specific error 2147952450 (0x80072742).


Microsoft Office Sessions:
=========================
Error: (01/07/2012 01:42:15 AM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/07/2012 00:35:25 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80070424beginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/07/2012 00:26:56 AM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/06/2012 10:48:00 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80070424beginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/06/2012 10:40:04 PM) (Source: Application Error)(User: )
Description: MotoConnectService.exe0.0.0.0kernel32.dll5.1.2600.57810002f395

Error: (01/06/2012 10:39:55 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/06/2012 09:45:59 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80070424beginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (01/06/2012 09:35:30 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (11/17/2011 01:38:38 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80070424beginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (11/17/2011 01:33:37 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry80070424beginsearchsearch3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL


=========================== Installed Programs ============================

Torrent (Version: 2.0.0)
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Adobe AIR (Version: 1.5.3.9130)
Adobe Digital Editions
Adobe Flash Player 10 ActiveX (Version: 10.3.183.5)
Adobe Flash Player 10 Plugin (Version: 10.0.12.36)
Adobe Reader 9.3.2 (Version: 9.3.2)
ATI Display Driver
Barnes & Noble Desktop Reader
Bonjour (Version: 2.0.1.2)
Canon iP2600 series User Registration
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
CDisplay 1.8
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)
Dungeon Crawl Stone Soup (Version: 0.9.0)
Google Chrome (Version: 14.0.835.202)
Google Update Helper (Version: 1.3.21.79)
Hitman Pro 3.5 (Version: 3.5.9.130)
InstallMgr (Version: 1.0.39.0)
IsoBuster 2.6 (Version: 2.6)
Java 2 Runtime Environment, SE v1.4.2_02 (Version: 1.4.2_02)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 20 (Version: 6.0.200)
Junk Mail filter update (Version: 14.0.8117.416)
Kobo (Version: 1.8)
League of Legends (Version: 1.0020)
Linksys Wireless-N USB Network Adapter WUSB300N (Version: 1.0)
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Default Manager (Version: 1.1.53.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office Live Add-in 1.3 (Version: 2.0.2313.0)
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Search Enhancement Pack (Version: 1.3.59.0)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Motorola Driver Installation 3.7.0 (Version: 3.7.0)
Motorola Software Update (Version: 01.11.84)
Mp3Decode
MSN Toolbar (Version: 1.0.39.0)
MSN Toolbar (Version: 3.0.1125.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Pando Media Booster (Version: 2.3.4.0)
PDF Converter Pro v8.8 - (Free Trial) (Version: PDF Converter Pro)
PIXMA Extended Survey Program
PRS-500 USB driver (Version: 1.0.00.08110)
QuickTime (Version: 7.66.71.0)
Reader Library by Sony (Version: 3.1.00.12040)
Segoe UI (Version: 14.0.4327.805)
SUPERAntiSpyware (Version: 5.0.1108)
System Requirements Lab CYRI (Version: 4.3.1.0)
UTStarcom USB Modem Software
Ventrilo Client (Version: 3.0.5)
Wal-Mart Digital Photo Manager (Version: 1.3.0.106)
WebFldrs XP (Version: 9.50.6513)
Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080) (Version: 08/08/2006 1.0.03.08080)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Family Safety (Version: 14.0.8118.427)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live OneCare safety scanner
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Toolbar (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPcap 3.1 (Version: 3.1.0.27)
WinRAR archiver
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Devices: ================================

Name: 3Com 3C920 Integrated Fast Ethernet Controller (3C905C-TX Compatible)
Description: 3Com 3C920 Integrated Fast Ethernet Controller (3C905C-TX Compatible)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: 3Com
Service: EL90XBC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 511.01 MB
Available physical RAM: 222.84 MB
Total Pagefile: 1246.88 MB
Available Pagefile: 832.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.28 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:74.55 GB) (Free:28.78 GB) NTFS
4 Drive e: () (Removable) (Total:15.1 GB) (Free:14.08 GB) FAT32

========================= Users: ========================================

User accounts for \\DELLCUSTOMER

Administrator ASPNET Guest
HelpAssistant Sam SUPPORT_388945a0


**** End of log ****

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:14 PM

Posted 07 January 2012 - 09:34 AM

Launch the farbar service scanner again and type

afd.sys in the BOX

and click on search files

Post the generated log

Edited by narenxp, 07 January 2012 - 09:34 AM.


#3 samandtabitha

samandtabitha
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:14 PM

Posted 07 January 2012 - 11:51 AM

Here is the log:

Farbar Service Scanner
Ran by Sam (administrator) on 07-01-2012 at 10:37:28
Microsoft Windows XP Service Pack 3 (X86)

************************************************
================== Search: "afd.sys" ===================

C:\WINDOWS\system32\afd.sys
[2012-01-07 03:39] - [2008-10-16 22:35] - 0138368 ____A (Microsoft Corporation) 885B2F107A071EEBFC87D4CB16E2A6C3

C:\WINDOWS\system32\drivers\afd.sys
[2008-06-20 05:40] - [2011-02-16 07:22] - 0138496 ____A (Microsoft Corporation) 355556D9E580915118CD7EF736653A89

C:\WINDOWS\system32\dllcache\afd.sys
[2008-06-20 05:40] - [2011-02-16 07:22] - 0138496 ___AC (Microsoft Corporation) 355556D9E580915118CD7EF736653A89

C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\afd.sys
[2004-08-04 00:14] - [2004-08-04 00:14] - 0138496 ____A (Microsoft Corporation) 5AC495F4CB807B2B98AD2AD591E6D92E

C:\WINDOWS\ServicePackFiles\i386\afd.sys
[2009-01-26 00:56] - [2008-04-14 00:49] - 0138112 ____N (Microsoft Corporation) 322D0E36693D6E24A2398BEE62A268CD

C:\WINDOWS\$NtUninstallKB956803$\afd.sys
[2009-01-28 12:40] - [2008-06-20 05:40] - 0138496 ____C (Microsoft Corporation) E3049B90FE06F3F740B7CFDA44995E2C

C:\WINDOWS\$NtUninstallKB951748$\afd.sys
[2009-01-28 12:37] - [2008-04-14 00:49] - 0138112 ____C (Microsoft Corporation) 322D0E36693D6E24A2398BEE62A268CD

C:\WINDOWS\$NtUninstallKB2509553$\afd.sys
[2011-04-13 02:03] - [2008-08-14 04:04] - 0138496 ____C (Microsoft Corporation) 7E775010EF291DA96AD17CA4B17137D7

C:\WINDOWS\$NtUninstallKB2503665$\afd.sys
[2011-06-16 02:08] - [2008-10-16 08:43] - 0138496 ____C (Microsoft Corporation) 7618D5218F2A614672EC61A80D854A37

C:\WINDOWS\$NtServicePackUninstall$\afd.sys
[2009-01-26 00:47] - [2003-07-16 10:17] - 0131968 ____C (Microsoft Corporation) 51B1872B62D1C335BAC53313913C8D5B

C:\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys
[2009-01-26 17:30] - [2008-08-14 04:34] - 0138496 ____A (Microsoft Corporation) 4D43E74F2A1239D53929B82600F1971C

C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
[2008-06-20 05:48] - [2008-06-20 05:48] - 0138496 ____A (Microsoft Corporation) D6EE6014241D034E63C49A50CB2B442A

C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\afd.sys
[2008-10-16 09:07] - [2008-10-16 09:07] - 0138496 ____A (Microsoft Corporation) 38D7B715504DA4741DF35E3594FE2099

C:\WINDOWS\$hf_mig$\KB2503665\SP3QFE\afd.sys
[2011-06-15 21:45] - [2011-02-16 07:25] - 0138496 ____A (Microsoft Corporation) 8D499B1276012EB907E7A9E0F4D8FDA4

====== End Of Search ======

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:14 PM

Posted 07 January 2012 - 11:37 PM

Boot into safemode with networking

Navigate to this path

C:\WINDOWS\ServicePackFiles\i386

Copy afd.sys from the location and paste it in C:/Windows/system32/drivers folder

Restart the PC and check your browser

Good luck

Edited by narenxp, 07 January 2012 - 11:38 PM.


#5 samandtabitha

samandtabitha
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:14 PM

Posted 08 January 2012 - 08:13 PM

Well that definitely improved the situation. Instead of the LAN saying "Acquiring Network Address", it now says "connected"! It even shows that data is being downloaded/uploaded through the connection. BUT the browser still says "cannot display the webpage." Any ideas on what I should do now?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:14 PM

Posted 08 January 2012 - 08:37 PM

Download

Winsock fix


Launch it ,Click on FIX

Restart your PC after it gets completed

Check your browser.If that doesnt work try this


PLEASE create a restore point before trying this


Please copy the entire contents of the codebox below into Notepad:



REGEDIT4

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock]

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2]



Open a notepad ,copy the script,save it as

Filename:winsock.reg
save as type:All files


Launch it and click YES to add it to registry

After that, Reboot your computer.

After the restart,

Go to Network Connections
Right click on your normal connection icon, and choose Properties
Click the Install button
Choose Protocol then click Add
Click Have disk
In the drop down box, type in: C:\WINDOWS\INF and click OK
In the next dialog, click Internet Protocol (TCP/IP) then click OK
Click Close to leave the properties box

After that, restart your computer and see if you can browse now.


Post the new FSS log

Edited by narenxp, 08 January 2012 - 08:38 PM.


#7 samandtabitha

samandtabitha
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:14 PM

Posted 08 January 2012 - 11:21 PM

I followed all directions, and so far no change with either fix. I wanted to note also that even though I have Automatic selected for Windows Updates, my balloon keeps popping up saying Windows Update is disabled. Not sure if this is relevant, but it definitely doesn't seem right to me. Here is the new FSS log.

======================================================================================================================================================

Farbar Service Scanner
Ran by Sam (administrator) on 08-01-2012 at 22:17:35
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========
wuauserv Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wuauserv registry key. The service key does not exist.
Checking LEGACY_wuauserv: Attention! Unable to open LEGACY_wuauserv\0000 registry key. The key does not exist.


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
fssfltr(11) Gpc(3) IPSec(5) NetBT(6) NwlnkIpx(12) NwlnkNb(13) PSched(7) StreamSurge(9) Tcpip(4) Tcpip6(10)
0x0D0000000500000001000000020000000300000004000000060000000700000008000000090000000B0000000A0000000C0000000D000000
IpSec Tag value is correct.

**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:14 PM

Posted 09 January 2012 - 02:58 AM

Now you should be able to browse according to your logs,if you have issues

Download

http://go.microsoft.com/?linkid=9662461

Run the fixit.

Press Windows+R key and type

cmd and click ok,run the commands one by one

netsh i i r r
netsh winsock reset
ipconfig /registerdns
ipconfig /flushdns
ipconfig /release
ipconfig /renew



Uninstall any antivirus or third party firewalls ,clear your browser cookies and cache.Restart your PC and try browsing.

Lets look into windows update issue after fixing internet

Good luck.

Edited by narenxp, 09 January 2012 - 03:25 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users