Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to renew IP address, I cannot access the internet


  • Please log in to reply
16 replies to this topic

#1 Tim1731

Tim1731

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 02 August 2013 - 04:42 PM

First of all, hello to the BleepingComputer community.  I have been to this site before to find answers to problems, but I never had one so bad that I felt the need to create a topic.  Here we go:

 

I'm using Windows XP Service Pack 3.  I'm on a desktop computer with a wired connection.  The computer has a Trojan tracur virus that Malwarebytes cannot remove.  Every time I run the scan, it pops back up and this is what it says: 

Registry Keys detected: 1

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MESSENGER32  (Trojan.Tracur)

 

So I decided to install Ccleaner and run a scan.  (I know, I know).

 

I clicked on "Cleaner" not "Registry" on Ccleaner.  It removed over 400 MB.  I thought that the "Cleaner" scan was relatively safe.  But when I tried to get on the internet afterwards, it kept saying "Unable to renew ip address", "Unable to contact DHCP server".  When I do ipconfig/all, my default gateway is missing and the ip address and dns servers start with "fe80".

I've tried:

 

ipconfig /release, ipconfig /renew,

 

ipconfig /flushdns

 

I went to Network connections and made sure that "Obtain an IP address automatically" and "Obtain DNS server address automatically" were checked.

 

I have reset Winsock and reset TCP/IP.

 

I went under "Services" and everything was automatic and started.

 

I'm on a wireless network and the other computers work fine, but the desktop computer cant log on to the internet. I'm at a loss, and I don't know what needs to be done to reestablish a connection.  Any and all help would be appreciated.

 

Thanks,

 

Tim

 

 

 



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:20 PM

Posted 02 August 2013 - 08:54 PM

Hello Tim -

 

Note that all programs listed can be installed via USB Flash Drive if you do not have a connection -

 

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.
 

 

 

Please download MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files
 Click Go and copy / paste the result (Result.txt).

 

 

Please download TFC, or Temp File Cleaner by Old Timer
Usage Instructions:

  • Download TFC from the download link above and save the file on your desktop.
  • Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
  • Double-click on the TFC icon.
  • When the program opens, click on the Start button.  TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
  • When done, press OK to reboot your computer and finish the cleanup.

Note: Depending on how much data is currently stored in the Temp folders, this process can take quite a while to remove all of the files, so please be patient.

 

 

 

Please download AdwCleaner by Xplode onto your desktop.

* Close all open programs and internet browsers.
* Double click on adwcleaner.exe to run the tool.
* Click on Delete.
* Confirm each time with Ok.
* NOTE Your computer will be rebooted automatically. A text file will open after the restart.

* Please post the contents of that logfile with your next reply.
* You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

From here we can get a better look at how things are running -

 

Thanks -


Edited by noknojon, 02 August 2013 - 09:02 PM.


#3 Tim1731

Tim1731
  • Topic Starter

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 02 August 2013 - 09:35 PM

Hi, Noknojon.  I appreciate the reply.

 

I will follow those instructions and then post back.  My computer knowledge is okay at best, so it may take a little while.

 

Thank you.



#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:20 PM

Posted 02 August 2013 - 10:18 PM

Hi -

Take your time and always ask if you are not sure on anything.

If I can break down questions / replies, I will always try to do it -

 

Regards -

 



#5 Tim1731

Tim1731
  • Topic Starter

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 03 August 2013 - 12:43 AM

Here we go:

 

Results of screen317's Security Check version 0.99.71 

 

 Windows XP Service Pack 3 x86  
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Lavasoft Ad-Watch Live! Anti-Virus  
McAfee VirusScan Enterprise         
 Antivirus out of date! 
`````````Anti-malware/Other Utilities Check:`````````
 Ad-Aware
 SUPERAntiSpyware    
 Windows Defender   
 Malwarebytes Anti-Malware version 1.75.0.1300 
 CCleaner    
 Java 7 Update 21 
 Java™ SE Runtime Environment 6 Update 1
 Java™ 6 Update 2 
 Java™ 6 Update 3 
 Java™ 6 Update 5 
 Java™ 6 Update 7 
 Java 2 Runtime Environment, SE v1.4.2_03
 Java version out of Date!
 Adobe Flash Player     11.7.700.202 
 Adobe Reader 10.1.7 Adobe Reader out of Date! 
 Mozilla Firefox (22.0)
 Google Chrome 27.0.1453.110 
 Google Chrome 27.0.1453.116 
````````Process Check: objlist.exe by Laurent```````` 
 Windows Defender MSMpEng.exe
 Windows Defender MSASCui.exe
 Ad-Aware AAWService.exe
 Ad-Aware AAWTray.exe
 McAfee VirusScan Enterprise mcshield.exe 
 McAfee VirusScan Enterprise vstskmgr.exe 
 McAfee VirusScan Enterprise SHSTAT.EXE 
 Windows Defender MsMpEng.exe  
 Windows Defender MSASCui.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 9%
````````````````````End of Log``````````````````````
 

 

 

MiniToolbox results:

 

Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "127.0.0.1"
"network.proxy.http_port", 50889
"network.proxy.no_proxies_on", "localhost,127.0.0.1"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : user1

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Broadcast

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

        Physical Address. . . . . . . . . : 00-13-20-1B-47-77

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        Autoconfiguration IP Address. . . : 192.168.0.2

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        IP Address. . . . . . . . . . . . : fe80::213:20ff:fe1b:4777%4

        Default Gateway . . . . . . . . . :

        DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1

                                            fec0:0:0:ffff::2%1

                                            fec0:0:0:ffff::3%1



Tunnel adapter Teredo Tunneling Pseudo-Interface:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

        Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF

        Dhcp Enabled. . . . . . . . . . . : No

        IP Address. . . . . . . . . . . . : fe80::ffff:ffff:fffd%5

        Default Gateway . . . . . . . . . :

        NetBIOS over Tcpip. . . . . . . . : Disabled



Tunnel adapter Automatic Tunneling Pseudo-Interface:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface

        Physical Address. . . . . . . . . : C0-A8-00-02

        Dhcp Enabled. . . . . . . . . . . : No

        IP Address. . . . . . . . . . . . : fe80::5efe:192.168.0.2%2

        Default Gateway . . . . . . . . . :

        DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1

                                            fec0:0:0:ffff::2%1

                                            fec0:0:0:ffff::3%1

        NetBIOS over Tcpip. . . . . . . . : Disabled

Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server:  UnKnown
Address:  127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 20 1b 47 77 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.0.0    255.255.255.0      192.168.0.2     192.168.0.2      20
      192.168.0.2  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.0.255  255.255.255.255      192.168.0.2     192.168.0.2      20
        224.0.0.0        240.0.0.0      192.168.0.2     192.168.0.2      20
  255.255.255.255  255.255.255.255      192.168.0.2     192.168.0.2      1
===========================================================================
Persistent Routes:
  None

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/02/2013 01:04:59 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 - Update 'Security Update for Office 2003 (KB2817421): MSO' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/02/2013 01:04:53 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1402. Setup cannot open the registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS.  Verify that you have sufficient permissions to access the registry or contact your Information Technology department for assistance.

Error: (08/02/2013 01:04:01 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 - Update 'Security Update for Excel 2003 (KB2687481): EXCEL' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/02/2013 01:03:21 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1402. Setup cannot open the registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS.  Verify that you have sufficient permissions to access the registry or contact your Information Technology department for assistance.

Error: (08/01/2013 01:04:32 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 - Update 'Security Update for Office 2003 (KB2817421): MSO' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/01/2013 01:04:26 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1402. Setup cannot open the registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS.  Verify that you have sufficient permissions to access the registry or contact your Information Technology department for assistance.

Error: (08/01/2013 01:03:38 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 - Update 'Security Update for Excel 2003 (KB2687481): EXCEL' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/01/2013 01:03:06 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1402. Setup cannot open the registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS.  Verify that you have sufficient permissions to access the registry or contact your Information Technology department for assistance.

Error: (08/01/2013 00:14:03 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (07/31/2013 02:08:42 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 - Update 'Security Update for Office 2003 (KB2817421): MSO' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127


System errors:
=============
Error: (08/02/2013 05:42:56 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 479 minutes.
NtpClient has no source of accurate time.

Error: (08/02/2013 05:42:56 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 480
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (08/02/2013 05:42:56 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time-b.nist.gov,0x1'. NtpClient will try the DNS lookup again in 480
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (08/02/2013 01:42:55 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 239 minutes.
NtpClient has no source of accurate time.

Error: (08/02/2013 01:42:55 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 240
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (08/02/2013 01:42:55 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time-b.nist.gov,0x1'. NtpClient will try the DNS lookup again in 240
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (08/02/2013 01:08:23 PM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Office 2003 (KB2817421).

Error: (08/02/2013 01:04:06 PM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Excel 2003 (KB2687481).

Error: (08/02/2013 11:42:54 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 119 minutes.
NtpClient has no source of accurate time.

Error: (08/02/2013 11:42:54 AM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 120
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)


Microsoft Office Sessions:
=========================
Error: (08/02/2013 01:04:59 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft Office Professional Edition 2003Security Update for Office 2003 (KB2817421): MSO1603(NULL)

Error: (08/02/2013 01:04:53 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1402. Setup cannot open the registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS.  Verify that you have sufficient permissions to access the registry or contact your Information Technology department for assistance.(NULL)(NULL)(NULL)

Error: (08/02/2013 01:04:01 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft Office Professional Edition 2003Security Update for Excel 2003 (KB2687481): EXCEL1603(NULL)

Error: (08/02/2013 01:03:21 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1402. Setup cannot open the registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS.  Verify that you have sufficient permissions to access the registry or contact your Information Technology department for assistance.(NULL)(NULL)(NULL)

Error: (08/01/2013 01:04:32 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft Office Professional Edition 2003Security Update for Office 2003 (KB2817421): MSO1603(NULL)

Error: (08/01/2013 01:04:26 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1402. Setup cannot open the registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS.  Verify that you have sufficient permissions to access the registry or contact your Information Technology department for assistance.(NULL)(NULL)(NULL)

Error: (08/01/2013 01:03:38 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft Office Professional Edition 2003Security Update for Excel 2003 (KB2687481): EXCEL1603(NULL)

Error: (08/01/2013 01:03:06 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft Office Professional Edition 2003 -- Error 1402. Setup cannot open the registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS.  Verify that you have sufficient permissions to access the registry or contact your Information Technology department for assistance.(NULL)(NULL)(NULL)

Error: (08/01/2013 00:14:03 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (07/31/2013 02:08:42 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft Office Professional Edition 2003Security Update for Office 2003 (KB2817421): MSO1603(NULL)


=========================== Installed Programs ============================

4200 (Version: 40.0.105.000)
4200_Help (Version: 40.0.105.000)
4200Tour (Version: 40.0.105.000)
4200Trb (Version: 40.0.105.000)
Ad-Aware
Ad-Aware (Version: 8.3.0)
Ad-Aware SE Professional
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader X (10.1.7) (Version: 10.1.7)
AiO_Scan (Version: 40.0.105.000)
AIOMinimal (Version: 40.0.105.000)
AiOSoftware (Version: 40.0.105.000)
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOL Uninstaller (Choose which Products to Remove)
AOLIcon (Version: 1.00.0000)
ATI Control Panel (Version: 6.14.10.5120)
ATI Display Driver (Version: 8.051-040825a-017900C-Dell)
att.net Toolbar
BellSouth Application Management
BellSouth Internet Security - Alert Manager 1.3.20 (Version: 1.3.20)
BellSouth® FastAccess® DSL Help Center 4.0 (Version: 4.0.29)
Best Buy Digital Music Store
Best Buy Rhapsody
CCleaner (Version: 4.03)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant D850 56K V.9x DFVc Modem
Copy (Version: 5.35.0.065)
CouponBar
CreativeProjects (Version: 5.35.0.059)
Critical Update for Windows Media Player 11 (KB959772)
Dell Digital Jukebox Driver
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Media Experience (Version: 3.00)
Dell Photo Printer 720
Dell Photo Printer 720 Logger (Version: 1.0)
Dell Picture Studio v3.0 (Version: 3.0.0)
Dell System Restore (Version: 2.00.0000)
DellSupport (Version: 6.0.3062)
Digital Line Detect (Version: 1.10)
Director (Version: 5.35.0.051)
DocProc (Version: 3.5.0.0)
EarthLink setup files (Version: 2005.1.47.0)
Fax (Version: 40.0.105.000)
Get High Speed Internet! (Version: 1.00.0000)
Google Chrome (Version: 27.0.1453.116)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.149)
HP Image Zone 3.5 (Version: 3.5)
HP PSC & OfficeJet 3.5 (Version: 3.5)
HP Unload DLL Patch (Version: 1.00.0000)
HP Update (Version: 5.003.001.001)
HPSystemDiagnostics (Version: 1.5.0.0)
InstantShare (Version: 3.5.0.21)
InstantShareAlert (Version: 1.00.0000)
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections (Version: 8.00.5000)
Internet Explorer Default Page (Version: 1.00.03)
J2SE Runtime Environment 5.0 Update 10 (Version: 1.5.0.100)
J2SE Runtime Environment 5.0 Update 11 (Version: 1.5.0.110)
J2SE Runtime Environment 5.0 Update 8 (Version: 1.5.0.80)
Jasc Paint Shop Photo Album (Version: 4.0.4)
Jasc Paint Shop Photo Album 5 (Version: 5.21)
Jasc Paint Shop Pro 8 Dell Edition (Version: 8.10.0000)
Java 2 Runtime Environment, SE v1.4.2_03 (Version: 1.4.2_03)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Java™ 6 Update 2 (Version: 1.6.0.20)
Java™ 6 Update 3 (Version: 1.6.0.30)
Java™ 6 Update 5 (Version: 1.6.0.50)
Java™ 6 Update 7 (Version: 1.6.0.70)
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
Learn2 Player (Uninstall Only)
Macromedia Flash Player (Version: 7.0.19.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MapleStory
MapleStory (Version: 035)
McAfee VirusScan Enterprise (Version: 8.6.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Automated Troubleshooting Services Shim
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000)
Microsoft Easy Assist v2 (Version: 8.1.6416.0)
Microsoft Encarta Encyclopedia Standard 2005 (Version: 2005)
Microsoft Fix it Center (Version: 1.0.0100)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2005 (Version: 14)
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Meeting 2007 (Version: 8.0.6362.149)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Picture It! Library 10 (Version: 10.0.0612)
Microsoft Picture It! Premium 10 (Version: 10.0.0612)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Streets and Trips 2005 (Version: 12.00.07.1200)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works (Version: 08.04.0623)
Microsoft Works 2005 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word (Version: 8.0.0.0000)
Modem Helper (Version: 2.28)
Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSN
MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Musicmatch® Jukebox (Version: 9.00.5100)
My Way Search Assistant (Version: 1.0.256)
NetWaiting (Version: 2.5.12)
NetZeroInstallers (Version: 1.0.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenOffice.org Installer 1.0 (Version: 1.0.9221)
Overland (Version: 2.1.4)
overland (Version: 2.1.6.2)
PassAlong Software (Version: 2.2.04)
Photo Click (Version: 1.0.0)
PhotoGallery (Version: 5.35.0.059)
PowerDVD 5.5
PrintScreen (Version: 5.35.0.035)
QFolder (Version: 1.00.0000)
Qualxserve Service Agreement (Version: 1.11.0000)
QuickBooks Simple Start Special Edition (Version: )
QuickProjects (Version: 5.35.0.047)
QuickTime
Readme (Version: 40.0.105.000)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.5)
RealUpgrade 1.0 (Version: 1.0.0)
RealUpgrade 1.1 (Version: 1.1.0)
REXplorer Component Upgrade
Rhapsody Player Engine (Version: 1.0.604)
Rhapsody Player Engine (Version: 1.1.0)
Scan (Version: 3.5.0.0)
Shockwave
ShopAtHome.com Toolbar
SkinsHP1 (Version: 5.35.0.043)
SkinsHP2 (Version: 5.35.0.043)
Sonic DLA (Version: 4.95)
Sonic MyDVD LE (Version: 6.1.1)
Sonic RecordNow Audio (Version: 2.0.0)
Sonic RecordNow Copy (Version: 2.0.0.1)
Sonic RecordNow Data (Version: 2.0.0)
Sonic Update Manager (Version: 3.0.0)
SUPERAntiSpyware (Version: 5.6.1020)
TBS WMP Plug-in (Version: 1.00.518)
TrayApp (Version: 5.35.0.035)
Unload (Version: 3.5.0)
Update for Windows Internet Explorer 8 (KB971180) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 5.31.0.147)
Windows Defender (Version: 1.1.1593.21)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.5.0530.0)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
Works Upgrade (Version: 8.0.0.0000)
Yahoo! Software Update

========================= Memory info: ===================================

Percentage of memory in use: 57%
Total physical RAM: 1022.07 MB
Available physical RAM: 435.03 MB
Total Pagefile: 2460.57 MB
Available Pagefile: 1621.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.98 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:70.21 GB) (Free:26.15 GB) NTFS
5 Drive f: () (Removable) (Total:7.45 GB) (Free:4.77 GB) FAT32

========================= Users: ========================================

User accounts for \\user1

Administrator            user1                 user2
Guest                    Guest Access             HelpAssistant            
user3                 SUPPORT_388945a0         user4                   

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

 

 

AdwCleaner:

 

***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Documents and Settings\user2\Application Data\Mozilla\Firefox\Profiles\b7k2aqkl.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\user3\Application Data\Mozilla\Firefox\Profiles\wizw29dy.default\prefs.js

Deleted : user_pref("plugin.blocklisted.npviewpoint", true);

File : C:\Documents and Settings\user4\Application Data\Mozilla\Firefox\Profiles\h7eb2o6u.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\pldfe76c.default\prefs.js

C:\Documents and Settings\user1\Application Data\Mozilla\Firefox\Profiles\pldfe76c.default\user.js ... Deleted !

Deleted : user_pref("plugin.blocklisted.npviewpoint", true);

-\\ Google Chrome v27.0.1453.116

File : C:\Documents and Settings\user2\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\user3\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\user4\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\user1\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4551 octets] - [03/08/2013 00:36:20]

########## EOF - C:\AdwCleaner[S1].txt - [4611 octets] ##########
 

 

 



#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:20 PM

Posted 03 August 2013 - 02:05 AM

 Java 7 Update 21
 Java™ SE Runtime Environment 6 Update 1
 Java™ 6 Update 2
 Java™ 6 Update 3
 Java™ 6 Update 5
 Java™ 6 Update 7

Remove All old Java installs - The current and Only one should be Version7 Update25

 

 

Lavasoft Ad-Watch Live! Anti-Virus 
McAfee VirusScan Enterprise <   Antivirus out of date!      
Ad-Aware

These are all Antivirus programs, so you need to remove 2 of them (Is McAfee given via your ISP or work?)
Very few people will go out and purchase this privately today -

The other 2 have been greatly downgraded recently, so my personal would be to install another Free Antivirus of your choice.

 

 

You have SUPERAntiSpyware  and Malwarebytes Anti-Malware both installed, so I would like you to do a FULL Scan with both programs to see if we can find and pull out that infection. Also do a Full scan with McAfee to see if it finds anything.

 

Go - Start > Run box and type services.msc and press Enter > Look for TCP/IP NetBIOS Helper. Make sure the service is set to Started and Automatic

 

 

Thanks -



#7 Tim1731

Tim1731
  • Topic Starter

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 03 August 2013 - 03:09 AM

Okay, I will remove the old Java installs.  I've been hearing that it is vulnerable, I'm wondering if I should even install the new version?

 

I'll remove all of those anti-virus programs (other people use this computer, I don't know how 3 got on there).  I think the McAffe was from the ISP.  I'll download the free AVG.

 

I can't update Malwarebytes, so I'll have to download it to a USB drive and install it again.  I've already done that with Superantispyware.  I did the full scan with Superantispyware yesterday, and there were no results.  But I can do it again.

 

The TCP/IP NetBIOS Helper is set to Started and Automatic.

 

The Trojan Tracur virus kept popping up on every malware scan, but I never had a problem getting on the internet until the ccleaner scan.  The trojan had been slowing the computer down, but it hadn't stopped me from using the net.  

 

I'll post back after the scans.

 

Thanks for your help.



#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:20 PM

Posted 03 August 2013 - 06:06 AM

I'm wondering if I should even install the new version? : There are some games and installed programs that do need it, but you have just left the old ones build up a bit too much.

I'll download the free AVG. : Personally, I do think that one is the lower of the most  common ones.

NetBIOS over Tcpip. . . . . . . . : Disabled : From the MiniToolBox scan
Dhcp Enabled. . . . . . . . . . . : No : Again from the scan..........

I never had a problem getting on the internet until the ccleaner scan. : You have disabled something, so I will keep looking.

 

 

Physical Address. . . .  : 00-13-20-1B-47-77 ?? Are you in Malasia, and have you been using a MAC hardware IP address ??
Lot 8, Jalan Hi-tech 2/3 - Kulim Hi-Tech Park - Kulim Kedah 09000 - Malaysia ?? << Shows as IP ??



#9 Tim1731

Tim1731
  • Topic Starter

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 03 August 2013 - 03:07 PM

Hey, it took me a while to come back because I had to wait to borrow someone's laptop.

 

I removed the old Javas, Lavasoft Ad-Watch, and Ad-Aware.  I left McAfee on, because I want your recommendation on an anti-virus program since you said the AVG is not one of the best.  I did the full scan with Superantispyware, and there were no results.  Not even any cookies, since I haven't been on the internet.  I'm about to download another version of Malwarebytes now.

 

Under Services, the TCP/IP status is started and automatic.  Same thing for the DHCP client.  But when I do the ipconfig prompt, it says that TCP/IP is disabled, and that dhcp is not enabled.

 

And the Physical address?  I'm in the United States and I don't have a Mac.

 

Thanks.



#10 Tim1731

Tim1731
  • Topic Starter

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 03 August 2013 - 03:40 PM

I downloaded Malwarebytes, but I'm unable to use it.

 

It says an error has occurred.  PROGRAM_ERROR_UPDATING (0, 0, Host not found)



#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:20 PM

Posted 03 August 2013 - 05:32 PM

Please read > > http://forums.malwarebytes.org/index.php?showtopic=10138&view=findpost&p=439250
This is from Malwarebytes FAQ area

In this it states that you most likely need to have the computer checked - Please read this >>

 

Please follow the instructions in ==>This Guide<== starting at Step #6.  If you cannot complete a step, skip it and continue.

 

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<==

 

Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

 

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get.

 

If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

NOTE : Please Copy / Paste all logs requested, and do not use Attach unless specifically asked -

 

Good luck and be very patient, as the area can get very busy.

 

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

 

 

Thank You -



#12 Tim1731

Tim1731
  • Topic Starter

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 03 August 2013 - 08:09 PM

Oh, wow.  I'll go over those steps. 

 

It looks like a tough road ahead.

 

Noknojon, did you see my second to last post?  I was wondering if you could give some anti-virus software recommendations.



#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:20 PM

Posted 03 August 2013 - 09:50 PM

  • Avast Free - Free full featured antivirus software.
     
  • Avira Antivir Free - Free full featured antivirus software.
     
  • Microsoft Security Essentials - Free full featured antivirus software.
  • Sorry about the post to the Experts area but with those missing files I am unable to help you -

Here are a few from our list of Antivirus programs. Be careful not to install Extra Toolbars or Add-ons with any install.

 

Regards -



#14 Tim1731

Tim1731
  • Topic Starter

  • Members
  • 101 posts
  • OFFLINE
  •  
  • Local time:01:20 AM

Posted 03 August 2013 - 10:11 PM

Okay, thanks for that info.

 

I just ran the DDS scan.  When I start the new topic, how should I title it?  I don't know what type of infection this is.

 

Thanks



#15 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:20 PM

Posted 03 August 2013 - 10:26 PM

Start with something that will interest them like "Trojan tracur virus" and add "cannot access the internet"

or Trouble accessing internet

This way you cover all bases. Just add a quick idea of your problem, and the logs.

 

This is what they like to see, Nice and Simple .................

You can go into details once the topic has started -

Please post a link back here when you open the new topic, and the Moderators will then lock this topic -

 

 

Regards -






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users