+ Post New Thread
Page 1 of 6 12345 ... LastLast
Results 1 to 15 of 81
Windows Thread, Impossible To Fix ? in Technical; Right if anyone can help me fix this without the usual 'cop out' of re-build it - then there is ...
  1. #1

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,229
    Thank Post
    1,056
    Thanked 1,066 Times in 623 Posts
    Rep Power
    739

    Impossible To Fix ?

    Right if anyone can help me fix this without the usual 'cop out' of re-build it - then there is a pint in it for them.

    PC with XP on. [ This is a work college's PC ]
    Problem - Won't go out on the internet however at users home, it will if you point it through a proxy !! All other network traffic is fine etc.
    PC has had [ but is now CLEAR ] the following nasties on:

    TROJ_RENOS.EO TDSSba6c.TMP
    TROJ_Generic.A 0216736.EXE
    TROJ_VIRANTIX.BF A0230524.SYS
    BKDR_TDSS.T TDSSnrsr.DLL
    BKDR_TDSS.V TDSSriqp.DLL

    I have tried the following:

    Static IP - no Joy
    Firefox Browser - no Joy
    Stopping Windows Firewall - no Joy
    Putting 127.0.0.1 in proxy settings - no Joy
    Updated Network Card Drivers - no Joy
    Checking proxycfg settings [ and deleting them ] - no Joy
    Done a full SpyBoy S&D - found Delf.Spool.Cn - now removed. - no Joy
    Stuck SP3 on [ over lunch ] - no Joy

    PC CAN ping domain names - [ bbc.co.uk ] - but won't show them in any browser. When IE halts it gives you the diagnose connection problem option - run it [ for a laugh ] It checks connectivity and states it did not detect any problems......
    Also flushed DNS, registered DNS, reset IP stack.
    The PC IS in the DMZ and set to by pass the proxy server - still nothing - only works through the proxy.

    Like I said - there is a pint in it for someone who comes with the answer or close to...... [ no re-build bollox ]

    P.S. C:\WINDOWS\TEMP\AOE4A4.EXE - this is what I am currently working on, but killing the .exe does not fix it either.


    Here is the Hijackthis log:


    Logfile of HijackThis v1.99.1
    Scan saved at 14:51:54, on 07/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\VTtrayp.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\atwtusb.exe
    C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Boots F2CD\Picture Suite\InsDetect.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
    C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
    C:\WINDOWS\TEMP\AOE4A4.EXE
    C:\Program Files\Windows Live Toolbar\msn_sl.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Admin Bar\admins admin bar.exe
    C:\Admin Bar\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = OvalChat (Banger Racing Forum)
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iQon Technologies :: The Smarter Choice :: Home / Office Products
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 10.0.0.2:8080
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: (no name) - {C9628A86-858E-4352-94DB-A06D1946A3E3} - (no file)
    O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Program Files\Camfrog\CamfrogBar\CamfrogBar.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
    O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Boots Insert Detect] C:\Program Files\Boots F2CD\Picture Suite\InsDetect.exe
    O8 - Extra context menu item: &Search - ?p=ZRYYYYYYLCGB
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - Add to Windows Live Favorites
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
    O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
    O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Broken Internet access because of LSP provider 'lsp32.dll' missing
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=http://www.iqon.ie
    O17 - HKLM\System\CCS\Services\Tcpip\..\{25C02B4A-6A6C-4AC2-B9E9-C629B461B221}: NameServer = 10.0.0.3,10.0.0.6
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: karna.dat_
    O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: lxby_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbycoms.exe
    O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
    O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe

  2. #2

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    10,045
    Thank Post
    1,680
    Thanked 2,021 Times in 1,495 Posts
    Rep Power
    673
    Have you tried connecting in Safe Mode with Networking? Can you get to the internet then?

  3. #3

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,229
    Thank Post
    1,056
    Thanked 1,066 Times in 623 Posts
    Rep Power
    739
    Quote Originally Posted by elsiegee40 View Post
    Have you tried connecting in Safe Mode with Networking? Can you get to the internet then?
    Yep, tried that - no Joy

  4. #4

    Join Date
    Jun 2005
    Posts
    223
    Thank Post
    6
    Thanked 8 Times in 8 Posts
    Rep Power
    29
    Or install Firefox to see if it's an IE issue or something at a deeper level.


  5. #5

    Join Date
    Jan 2006
    Location
    Liverpool
    Posts
    76
    Thank Post
    30
    Thanked 10 Times in 9 Posts
    Rep Power
    18
    Had something similar a while ago cured it by repairing winsock, by type netsh winsock reset at the command prompt retart is required. Worked for me

    Dave

  6. #6

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    12,965
    Thank Post
    587
    Thanked 1,494 Times in 1,340 Posts
    Rep Power
    397
    Firefox Browser - no Joy
    he has done that allready.

    Ben

  7. #7
    WithoutMotive's Avatar
    Join Date
    Feb 2006
    Location
    Wigan, UK
    Posts
    580
    Thank Post
    37
    Thanked 35 Times in 30 Posts
    Rep Power
    24
    Quote Originally Posted by mattx View Post
    Right if anyone can help me fix this without the usual 'cop out' of re-build it - then there is a pint in it for them.
    It's broke. I'd rebuild it.

  8. #8
    Oops_my_bad's Avatar
    Join Date
    Jan 2007
    Location
    Man chest hair
    Posts
    1,738
    Thank Post
    438
    Thanked 53 Times in 50 Posts
    Rep Power
    29
    uninstall tcp/ip stack and re-install it. I rememebr you could do it windows 9x but not sure about XP/vista

  9. #9

    SYSMAN_MK's Avatar
    Join Date
    Sep 2005
    Posts
    3,978
    Thank Post
    484
    Thanked 1,330 Times in 721 Posts
    Rep Power
    425
    Had a similar problem. In the end I used XPs System Restore and went back a month or so and then all was fine.

  10. #10

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,229
    Thank Post
    1,056
    Thanked 1,066 Times in 623 Posts
    Rep Power
    739
    Quote Originally Posted by _Bob_ View Post
    Or install Firefox to see if it's an IE issue or something at a deeper level.

    Read original posting - near top of my list.

  11. #11

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,229
    Thank Post
    1,056
    Thanked 1,066 Times in 623 Posts
    Rep Power
    739
    Quote Originally Posted by Oops_my_bad View Post
    uninstall tcp/ip stack and re-install it. I rememebr you could do it windows 9x but not sure about XP/vista
    Done that - read original posting.

  12. Thanks to mattx from:

    Oops_my_bad (7th November 2008)

  13. #12


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    338
    It's broke. I'd rebuild it.
    If it takes more than 30minutes to fix then it's faster to rebuilt it

  14. #13

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,229
    Thank Post
    1,056
    Thanked 1,066 Times in 623 Posts
    Rep Power
    739
    Quote Originally Posted by SYSMAN_MK View Post
    Had a similar problem. In the end I used XPs System Restore and went back a month or so and then all was fine.
    Tried that - sorry forgot to put it down on my list !!!

  15. #14

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    12,965
    Thank Post
    587
    Thanked 1,494 Times in 1,340 Posts
    Rep Power
    397
    have you tried sfc.exe /scannow to check all the xp protected files are correct and intact?

    Ben

  16. #15

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,229
    Thank Post
    1,056
    Thanked 1,066 Times in 623 Posts
    Rep Power
    739
    Quote Originally Posted by CyberNerd View Post
    If it takes more than 30minutes to fix then it's faster to rebuilt it
    Cop out. Don't learn anything that way.

SHARE:
+ Post New Thread
Page 1 of 6 12345 ... LastLast

Similar Threads

  1. [Website] How to fix the Internet
    By mighty.grey.eagle in forum Jokes/Interweb Things
    Replies: 1
    Last Post: 18th April 2008, 08:04 PM
  2. Impossible Task? 4.55GB ISO FILE...!
    By tech_guy in forum How do you do....it?
    Replies: 9
    Last Post: 9th March 2008, 07:49 PM
  3. Replies: 1
    Last Post: 2nd March 2007, 03:10 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •