Hi Brian,
Ken has asked to to have a look at your Internet problem and I have also looked at your log files over in malware removal to see if any of them can shed any light on the lack of Internet connectivity that is causing such a problem.
When you have suffered a major malware attack, its sometimes difficult to figure out exactly what problems are likely to be configuration errors, what effects the bad guys have had on your machine. or what ,if any, effects some of the powerful malware cleaning tools have had....
I am conscious that you will not be able to read this thread until you are back at work on Monday so the usual fault finding process, of me asking questions, and then you giving a reply and then me following up with further questions, (thus narrowing down the causes of the problem) may not be appropriate...........So here's a large chunk of stuff for you to get your teeth into!
Lets start with some housekeeping issues first:
Please take the opportunity to bring your back up/archive/copy of all your important stuff 100% up to date, check that it's accurate, reproducible and held securely on removable media (not your hard drive)......the idea here is to ensure that all your important data, files, spreadsheets, work, music, emails, log in details, user names, address book, drivers, letters, invoices, videos etc....in fact everything that is important to you (stuff that you would not like to permanently lose) is safe on external media.
Whilst you are doing this collect together all your application installation discs (or downloaded installation executables) serial numbers, product licence keys (including the one for Windows
itself and the Microsoft Windows XP installation disc and or Manufacturer's Restore and Driver utilities disc, and put them somewhere safe.
1 Your Anti Virus is CA anti virus, but you are also running Norton...(It may not look as though its running but your last HJT log definitely indicate that some elements of it are running!)
This is not good as two AV programs tend to fight. You mentioned in your other thread that when you uninstalled Norton it may not have completely uninstalled properly, and here I think you were spot on. See if you have any entries in Add & Remove Programs Applet called Norton or Symantec if so uninstall them and do not forget to close down your machine and wait 30 seconds with a blank black screen before restarting your machine (its necessary to do this when you uninstall most programs)...if you cannot find any entries for Norton or Symantec, then don't worry, but go to step 2 below.
2 Go here and download the Norton uninstall tool
http://service1.syma...o...ment&Click=
follow the directions, when it has finished, don't forget to restart your machine.
3 Your logs indicate that you have installed at some time P2P File sharing programs........There are legitimate uses for P2P File sharing, but a lot that I come across are used for the downloading of files,(especially music, videos, games etc) that breach both National and International rules on copyright. There is currently a major crackdown on folks who use File Sharing to break copyright rules and heavy penalties are being imposed......often it's the young folks who are tempted to do this, their parents often being unaware, but it might be as well to check that your machine is squeaky clean in this respect, just to be on the safe side.
File sharing is a well known vector for the distribution of malicious code and large numbers of machines are infected by this route, the effects can be devastating and sometimes a format and reinstall of the operating system is necessary......For these reasons I recommend that you uninstall all P2P file sharing or similar applications, utorrent . Ares etc
4 Your logs indicate that you currently use a British Telecom route to the Internet, and BT-Yahoo is specified, however you also have traces of AOL version 8 on your machine and possibly an AOL icon (maybe hidden) in your notification area. If you use AOL then you should at least update it to Version 9...if you don't use it then see if you can uninstall it (it is notoriously difficult to uninstall sometimes) don't worry if you cant uninstall it just move on to the next step.
5 Your logs indicate that at one time your machine was connected to the Internet by means of an ADSL USB modem probably a Thomson Speedtouch, but comments in your thread indicate that you are now using a router/modem.......I am proceeding on the basis that it's the router you are using now, but please come back and correct me if I'm wrong. (full make, model numbers,etc and a brief note of which wire goes where would be helpful so I can visualise your set up) If you are using a wireless router then please advise if you have inhibited the broadcast of SSID and the type of encryption you are using (WEP, WPA, WPA2 etc)
6 Assuming you are using a router (if not please stop here and report back) then please go to:
Start>Control Panel>Network Connections....your LAN should be shown/set to "connected" or "enabled" (Generally you should only have one enabled connection , but for this you can ignore the 1394 (Firewire) connection as this does not interfere with things.)
Right click on this (Lan) connection
Click on Properties
Scroll to Internet Protocol TCP/IP and highlight it and click on Properties
ensure that there is a dot in the radio buttons labelled:
obtain an IP address auto..... and
obtain DNS server address auto......
Click OK
7 Still in Control Panel go to:
Internet Options
Click on the Connections Tab
ensure there is a dot in the radio button "Never dial a connection"
OK your way out.
7A Check that your network adaptor card(s) is recognised (look in Device Manager) check that the card is present and that there is no Yellow or Red marker against it
In Device Manager make sure that the properties for your network adaptor card show that it is working correctly.
8 Now power cycle your router/modem, as was explained in your malware thread) but repeated here:
1. Shut down your system
2. Unplug the power cable from your modem
3. Unplug your power cable from your router
4. Keep them unplugged for about 3 or 4 minutes, this will clear out the junk and let them reset themselves.
5. Plug the power cable for the modem back in and make sure all the lights come on
6. Plug the power to your router back in and wait until all the lights come on.
7. Boot up your system and check your internet connection.
9 Next Try your Internet connection for a short test with your software firewall and your anti virus turned off (don't forget to turn it on when you have done. and don't do anything like downloading emails with your AV off!)
10 If you now have Internet then.......... rejoice........
if not:
11 Go here and download winsockfix
http://www.softpedia...load-15337.html
12 be sure to read all the instructions and notes before you run it (also create a System Restore Point...Start>all Programs>Accessories>System Tools> System Restore) Now please repeat all the stages of Step 8 again....
Has this helped?
if not, then:
13 Please now go to Start>run and in the white box type
cmd
at the command prompt, type
ipconfig /all
(note the space is necessary)
hit the enter key
and copy the output into your reply so we can see what is currently going on,
when you have finished type
exit
hit the enter key
and the command prompt will disappear
Let us know how you get on.
Regards
paws
Edited by paws, 26 July 2008 - 07:25 AM.