Member Avatar for artnarb

Hi, we're not able to connect to the internet with a desktop that was recently infected. After cleaning with multiple runs of MBAM and ComboFix, PC is showing a connection and strong signal with our wireless router, but packet exchange is almost nil. All of the installed browsers (Chrome, FF, IE) open but none are able to connect. I just ran FSS and am pasting the log below--thanks!

Farbar Service Scanner
Ran by jane (administrator) on 04-01-2012 at 16:49:31
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.


Connection Status:
==============
Localhost is blocked.
There is no connection to network.
Attempt to access Google IP returned error: Other errors
Attempt to access Yahoo IP returend error: Other errors


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys
[2004-08-04 05:00] - [2008-04-13 14:19] - 0075264 ____A () 2D96AAC32A0A9B768946AA7546537928

C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.

**** End of log ****

Edited by artnarb because: n/a
  • 2 Contributors
  • 3 Replies
  • 187 Views
  • 1 Week Discussion Span
  • Latest Post Latest Post by artnarb

Recommended Answers

All 3 Replies

Member Avatar for artnarb

Any ideas? Thx!

Member Avatar for TurcoLoco

Any ideas? Thx!

This sounded like a filesystem issue with either corrupt system files or possibly registry (WinSock) settings.

If all else failed, give this tool a shot: WinSock XP Fix 1.2

Here is more info on this easy-to-use, standalone fix that I think anyone can use:

Fixes the winsock settings on your Windows XP machine. This tool is recommended for IT professionals only. Please read license.

It can often cure the problem of lost connections after the removal of Adware components or improper uninstall of firewall applications or other tools that modify the XP network and Winsock settings.

If you encounter connection problems after removing network related software, Adware or after registry clean-up; and all other ways fail, then give WinSock XP Fix a try.

It can create a registry backup of your current settings, so it is fairly safe to use. We actually tested it on a test machine that was having a Winsock problem due to some Adware removal, and after running the utility and rebooting, the connectivity was restored.

Edited by TurcoLoco because: n/a
Member Avatar for artnarb

If all else failed, give this tool a shot: WinSock XP Fix 1.2

Thanks Turco, have run WinSockXP Fix several times with no luck.

The problem in this thread...

http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/398230/page2

...looks very similar to mine. The fix was an ESET online scan. They were able to establish a wired connection to the inet.

I'll see if that or an air card can do the same for us, and if so, run an ESET scan.

This is premature until I've tried the other connection methods, but it doesn't look like I can download the free ESET scanner onto a portable drive--anyone know if that's the case?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.