Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Lost my internet connection after malwarebytes


  • Please log in to reply
8 replies to this topic

#1 Maha-ghazi

Maha-ghazi

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 25 February 2016 - 09:27 AM

My computer was infected by a virus and to get rid of it I downloaded some programs as antimalware and hitman pro but then I found that I lost my internet connection. I tried to look for solutions but they all require internet access or another computer which I don't have my only access to the Internet is my phone.. So I was hoping to get some help from you .. Thanks in advance

BC AdBot (Login to Remove)

 


#2 Maha-ghazi

Maha-ghazi
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 25 February 2016 - 09:31 AM

I ran an fss scan and this was the log .
Farbar Service Scanner Version: 27-01-2016
Ran by HP (administrator) on 25-02-2016 at 16:08:53
Running from "C:\Users\HP\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.


Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
LAN connected.
Attempt to access Google IP returned error. Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

#3 Maha-ghazi

Maha-ghazi
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 25 February 2016 - 09:57 AM

I have an hp 255 G3 laptop connected wirelessly to a Netgear router (DSL connection) ( router is almost 4 meters awy from the laptop)
And here is the MTB log
MiniToolBox by Farbar Version: 07-02-2016 01
Ran by HP (administrator) on 25-02-2016 at 16:45:44
Running from "C:\Users\HP\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Model: Manufacturer:
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Could not flush the DNS Resolver Cache: Function failed during execution.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================

Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Qualcomm Atheros QCA9565 802.11b/g/n WiFi Adapter = Wireless Network Connection (Media disconnected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : HP-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Qualcomm Atheros QCA9565 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : B8-86-87-7B-A9-C2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 58-20-B1-63-07-7D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : B8-86-87-7B-D8-A2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: NULL

Unable to initialize Windows Sockets interface. General failure.
Server: UnKnown
Address: NULL

Unable to initialize Windows Sockets interface. General failure.
Unable to initialize Windows Sockets interface. General failure.
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Winsock: Missing Catalog9 entry, broken internet access. <===== ATTENTION.
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
Winsock: Missing Catalog9-x64 entry, broken internet access. <===== ATTENTION.

========================= Event log errors: ================================

Could not start eventlog service, could not read events.

The Windows Event Log service is starting.
The Windows Event Log service could not be started.

A system error has occurred.

System error 1747 has occurred.

The authentication service is unknown.


=========================== Installed Programs ============================

Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.327.000 - Hewlett-Packard) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.12.256 - SurfRight B.V.)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Scanjet 2400 (HKLM\...\{D3A65B0A-403B-4C20-A488-BFED2BC5D2EF}) (Version: 13.0 - HP)
hpg2410 (HKLM-x32\...\{41E105E1-6E85-4828-8699-4B0227BB118F}) (Version: 14.0.0.0 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
hppLaserJetService (HKLM-x32\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (HKLM-x32\...\{853F464A-B2B8-404E-BA3E-B98FF6862C41}) (Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
K-Lite Codec Pack 6.4.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.4.0 - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.1.522.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Ralink Bluetooth Stack (HKLM\...\{1754C64C-CE72-BC8C-94D7-B3DE464B299C}) (Version: 11.0.749.0 - Mediatek)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.40 - Ralink)
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: - RealNetworks)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29080 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.86.508.2014 - Realtek)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
UltraISO Premium V9.6 (HKLM-x32\...\UltraISO_is1) (Version: - )
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.128.017 - Hewlett-Packard) Hidden
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 3553.12 MB
Available physical RAM: 2186.02 MB
Total Virtual: 7104.43 MB
Available Virtual: 5672.27 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:48.73 GB) (Free:16.51 GB) NTFS
2 Drive d: (Study) (Fixed) (Total:208.01 GB) (Free:201.16 GB) NTFS
3 Drive e: (Fun and Music) (Fixed) (Total:208.92 GB) (Free:208.39 GB) NTFS

========================= Users: ========================================

User accounts for \\HP-PC

Administrator Guest HP

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

22-02-2016 18:23:47 Checkpoint by HitmanPro
22-02-2016 18:28:08 Checkpoint by HitmanPro
22-02-2016 18:40:40 JRT Pre-Junkware Removal
22-02-2016 19:52:07 Installed Microsoft Fix it 50267

**** End of log ****

#4 RolandJS

RolandJS

  • Members
  • 4,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:12:38 PM

Posted 25 February 2016 - 09:57 AM

Do you have a public library close by?  Before the malware attack and removal, did you make any usb-boot-sticks and/or DVD boots?  If so, perhaps one of them can help you regain access to the internet.  In the meantime, what might work is Control Panel --> Device Manager --> find the wireless and the ethernet components, and consider uninstalling one out of the two -- do not click on remove the drivers! -- and either coldpost/coldboot or simply restart.  If you regain internet access with one being uninstalled and reinstalled, then do the other component.


Edited by RolandJS, 25 February 2016 - 10:11 AM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#5 Maha-ghazi

Maha-ghazi
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 25 February 2016 - 10:05 AM

Thanks for the reply .
I tried that but it didn't work still have no internet connection.

#6 Maha-ghazi

Maha-ghazi
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 25 February 2016 - 10:09 AM

And unfortunately I don't have a USB or DVD boot

#7 JohnC_21

JohnC_21

  • Members
  • 23,206 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:38 PM

Posted 25 February 2016 - 10:37 AM

Your Winsock is broken.

 

Open an elevated command prompt. CMD in the Search box > Right Click > Run As Administrator 

 

Type the following commands and then reboot.  

netsh winsock reset
netsh int ip reset c:\resetlog.txt

Edit: I revised  the tcp reset command to add c:\resetlog.txt


Edited by JohnC_21, 25 February 2016 - 10:40 AM.


#8 Maha-ghazi

Maha-ghazi
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 25 February 2016 - 11:02 AM

Well thanks a lot . I got my internet connection back.

#9 JohnC_21

JohnC_21

  • Members
  • 23,206 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:38 PM

Posted 25 February 2016 - 11:08 AM

No problem, glad that got it sorted out.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users