Solved [Unable to connect to internet, use messenger or AVG, etc]

The I386 folder and it's contents are valid. I'm going to be out of pocket for a couple of days and will get back with you then.

 

Dave,

Tinytuba has brought this computer home to see if I can figure out what is wrong with it. Not sure exactly what is going on with it but I noticed a few things. The only page it will load is google, and she says that only happened after she did something you instructed her to do. I noticed that google will load and it will search but none of the links for the results will display. Don't know if it is related or not but the time is set to military and can't be changed.

Also took her card out and put it in this machine to make sure it wasn't the issue, and connected no problems.

 

Hi Val

The machine is unable to resolve dns, meaning it can't translate text to IP addresses. Google's IP address was added to the HOSTS file. MSN was too, so I'm a bit stumped as to why it won't resolve. We'll check that later too.

Click Start>Run on that machine and type the following address, then hit enter.

http://noahdfear.net/downloads/clock_fix.exe

If it opens a file download dialog, you can select Save or Run, doesn't matter.
If you save it, just run it when the download is complete.
If necessary, download and transfer it to the PC.
If the default format shown by the tool is not what you want, press R and hit Enter to set it from the International Settings control panel.
Reboot when done.
Let me know how that goes.

Lets get another look at things too .... in case I've missed something along the way.

Download a fresh copy of ComboFix from the following address.

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Make sure it is on the Desktop, then close out all other programs and run it using the following command in the Run dialog.

"%userprofile%\desktop\combofix.exe" /skipfix

Post the resulting log (C:\ComboFix.txt) here.

 

Will do. Will be back with results shortly.

 

Combofix logfile:

ComboFix 08-08-18.05 - Brian 2008-08-20 0:36:53.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.635 [GMT -4:00]
Running from: C:\Documents and Settings\Brian.BULLSHIT\desktop\combofix.exe
Command switches used :: /skipfix

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
- REDUCED FUNCTIONALITY MODE -
.

((((((((((((((((((((((((( Files Created from 2008-07-20 to 2008-08-20 )))))))))))))))))))))))))))))))
.

2008-08-19 14:23 . 2008-08-19 14:23 <DIR> d-------- C:\Program Files\Common Files\Funk Software
2008-08-19 14:23 . 2008-08-19 14:23 <DIR> d-------- C:\Documents and Settings\All Users.WINXP\Application Data\Avg8
2008-08-19 14:22 . 2008-08-19 14:22 <DIR> d-------- C:\WINXP\system32\en
2008-08-19 14:22 . 2008-08-19 14:22 <DIR> d-------- C:\WINXP\system32\bits
2008-08-19 12:13 . 2008-08-19 14:16 <DIR> d-------- C:\Documents and Settings\Administrator.TINY
2008-08-19 07:30 . 2008-08-19 14:16 <DIR> d-------- C:\Documents and Settings\Guest
2008-08-19 07:18 . 2008-08-19 14:16 <DIR> d-------- C:\Documents and Settings\Other Users
2008-08-18 12:16 . 2008-08-18 12:16 <DIR> d-------- C:\Program Files\Motorola Wireless
2008-08-18 12:16 . 2004-03-05 09:53 1,044,480 --a------ C:\WINXP\system32\ROBOEX32.DLL
2008-08-18 12:16 . 2004-03-25 20:49 336,256 --a------ C:\WINXP\system32\drivers\wind502u.sys
2008-08-18 12:16 . 2003-07-16 22:43 94,208 --a------ C:\WINXP\system32\W32N50CT.dll
2008-08-18 12:16 . 2003-07-16 22:28 17,142 --a------ C:\WINXP\system32\CBTNDIS5.sys
2008-08-18 12:16 . 1998-05-13 00:00 4,716 --a------ C:\WINXP\system32\VERSION.LIB
2008-08-18 12:15 . 2008-08-18 12:15 <DIR> d-------- C:\Program Files\Funk Software
2008-08-18 12:15 . 2003-05-14 16:01 62,673 -ra------ C:\WINXP\system32\drivers\odysseyIM3.sys
2008-07-28 12:58 . 2007-09-06 00:22 289,144 --a------ C:\WINXP\system32\VCCLSID.exe
2008-07-28 12:58 . 2006-04-27 17:49 288,417 --a------ C:\WINXP\system32\SrchSTS.exe
2008-07-28 12:58 . 2008-05-29 09:35 86,528 --a------ C:\WINXP\system32\VACFix.exe
2008-07-28 12:58 . 2008-05-18 21:40 82,944 --a------ C:\WINXP\system32\IEDFix.exe
2008-07-28 12:58 . 2008-07-02 13:33 82,432 --a------ C:\WINXP\system32\IEDFix.C.exe
2008-07-28 12:58 . 2008-05-23 18:21 81,920 --a------ C:\WINXP\system32\404Fix.exe
2008-07-28 12:58 . 2003-06-05 21:13 53,248 --a------ C:\WINXP\system32\Process.exe
2008-07-28 12:58 . 2004-07-31 18:50 51,200 --a------ C:\WINXP\system32\dumphive.exe
2008-07-28 12:58 . 2007-10-04 00:36 25,600 --a------ C:\WINXP\system32\WS2Fix.exe
2008-07-28 12:58 . 2008-07-28 13:00 1,244 --a------ C:\WINXP\system32\tmp.reg
2008-07-26 12:12 . 2008-07-26 12:12 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-26 12:12 . 2008-07-26 12:12 <DIR> d-------- C:\Deckard

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-19 18:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-19 18:20 --------- d-----w C:\Documents and Settings\All Users.WINXP\Application Data\Microsoft Help
2008-08-19 18:17 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-07-19 01:23 --------- d-----w C:\Program Files\Belarc
2008-07-18 05:00 --------- d-----w C:\Program Files\GameSpy Arcade
2008-07-18 00:37 --------- d-----w C:\Program Files\Microsoft Works
2008-07-18 00:36 --------- d-----w C:\Program Files\MSBuild
2008-07-18 00:24 --------- d-----w C:\Program Files\Microsoft.NET
2008-07-17 23:26 --------- d-----w C:\Program Files\Finale 2007
2008-07-12 10:39 --------- d-----w C:\Program Files\Java
2008-07-10 16:44 --------- d-----w C:\Documents and Settings\All Users.WINXP\Application Data\Lavasoft
2008-07-10 15:26 --------- d-----w C:\Program Files\The Weather Channel FW
2008-06-20 17:41 245,248 ----a-w C:\WINXP\system32\mswsock.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24 1694208]
"ctfmon.exe "= "C:\WINXP\system32\ctfmon.exe" [2004-08-10 08:00 15360]
"DW6 "= "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2008-06-10 16:18 785520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint "= "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2005-12-04 20:39 461584]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"TkBellExe "= "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-05-19 09:02 185896]
"MaxtorOneTouch "= "C:\Program Files\Maxtor\ManagerApp\Onetouch.exe" [2006-08-11 08:45 712704]
"mxomssmenu "= "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" [2006-08-11 11:15 81920]

C:\Documents and Settings\All Users.WINXP\Start Menu\Programs\Startup\
Motorola Wireless USB Adapter.lnk - C:\Program Files\Motorola Wireless\WU830G USB Adapter\Startup.EXE [2008-08-18 12:16:06 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle "= C:\WINXP\Resources\Themes\Royale\Royale.msstyles
"InstallTheme "= C:\WINXP\Resources\Themes\Royale.theme

[HKLM\~\startupfolder\C:^Documents and Settings^Brian.BULLSHIT^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=C:\Documents and Settings\Brian.BULLSHIT\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=C:\WINXP\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
--a------ 2005-11-02 23:01 50792 C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
--a------ 2005-08-12 18:43 45056 C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol]
--a------ 2003-09-17 14:43 57344 C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
--a------ 2005-08-05 13:56 64512 C:\WINXP\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
--a------ 2005-11-02 23:01 50792 C:\Program Files\Common Files\AOL\1137307829\ee\aolsoftware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 12:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
--a------ 2004-10-14 18:42 1404928 C:\Program Files\Analog Devices\Core\smax4pnp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
--------- 2000-05-11 05:00 90112 C:\WINXP\Updreg.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17Helper]
--a------ 2004-06-10 12:51 60928 C:\WINXP\system32\P17.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe "=
"C:\\Program Files\\Common Files\\AOL\\1137307829\\ee\\AOLServiceHost.exe "=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe "=
"C:\\Program Files\\Messenger\\msmsgs.exe "=
"C:\\Program Files\\Common Files\\AOL\\1137307829\\ee\\aolsoftware.exe "=
"C:\\Program Files\\Common Files\\AOL\\1137307829\\ee\\aim6.exe "=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe "=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe "=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe "=
"C:\\Program Files\\AIM6\\aim6.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=

R3 CBTNDIS5;CBTNDIS5 NDIS Protocol Driver;C:\WINXP\system32\CBTNDIS5.SYS [2003-07-16 22:28]
R3 wind502u;Motorola Wireless USB Adapter WU830G Windows Driver;C:\WINXP\system32\DRIVERS\wind502u.sys [2004-03-25 20:49]
S0 Spssys;Toshiba SPS Service;C:\WINXP\system32\drivers\spssys.sys []
S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINXP\system32\DRIVERS\A3AB.sys [2005-03-22 20:17]
S3 MAC607;MAC607 Filter;C:\WINXP\system32\DRIVERS\MAC607.sys [2007-06-25 02:35]
S3 xbreader;MaxDrive XBox Driver (xbreader.sys);C:\WINXP\system32\Drivers\xbreader.sys [2001-01-02 23:53]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\LaunchU3.exe -a
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Brian.BULLSHIT\Application Data\Mozilla\Firefox\Profiles\xs70nloq.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.com
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-20 00:37:04
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-20 0:38:28
ComboFix-quarantined-files.txt 2008-08-20 04:38:18
ComboFix2.txt 2008-08-20 04:18:21
ComboFix3.txt 2008-08-02 04:48:56

Pre-Run: 45,859,635,200 bytes free
Post-Run: 45,847,777,280 bytes free

141 --- E O F --- 2008-07-19 14:44:57

 

Is the clock fixed?

Looks to be in order. Please post the log C:\qoobox\ComboFix2.txt

What brand is the wireless adapter?
Is the computer still using wireless?
Did you test it hardwired?

 

No the clock is not fixed, but I kinda skipped it. (simply forgot to do it It is still using the wireless, the brand is motorola I have not tested it hard wired yet that is the next step

 

omboFix 08-08-18.05 - Brian 2008-08-20 0:15:23.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.664 [GMT -4:00]
Running from: E:\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\Brian.BULLSHIT\Cookies\brian@clicksor[1].txt
C:\Documents and Settings\Brian.BULLSHIT\Cookies\brian@ehg-idgentertainment.hitbox[2].txt
C:\Documents and Settings\Brian.BULLSHIT\Cookies\brian@myspace[3].txt
C:\Documents and Settings\Brian.BULLSHIT\UserData
C:\Documents and Settings\Brian.BULLSHIT\UserData\81E74DEB\oWindowsUpdate[1].xml
C:\Documents and Settings\Brian.BULLSHIT\UserData\index.dat
C:\Documents and Settings\Brian.BULLSHIT\UserData\KLQZSX63\oXMLStore[1].xml
C:\Documents and Settings\Brian.BULLSHIT\UserData\KLQZSX63\YL[1].xml
C:\Documents and Settings\Brian.BULLSHIT\UserData\W12BCDE3\BlogIt[1].xml
C:\Documents and Settings\Brian\UserData
C:\Documents and Settings\Brian\UserData\index.dat
C:\Documents and Settings\Brian\UserData\SPY381Q7\obe[1].xml

.
((((((((((((((((((((((((( Files Created from 2008-07-20 to 2008-08-20 )))))))))))))))))))))))))))))))
.

2008-08-19 14:23 . 2008-08-19 14:23 <DIR> d-------- C:\Program Files\Common Files\Funk Software
2008-08-19 14:23 . 2008-08-19 14:23 <DIR> d-------- C:\Documents and Settings\All Users.WINXP\Application Data\Avg8
2008-08-19 14:22 . 2008-08-19 14:22 <DIR> d-------- C:\WINXP\system32\en
2008-08-19 14:22 . 2008-08-19 14:22 <DIR> d-------- C:\WINXP\system32\bits
2008-08-19 12:13 . 2008-08-19 14:16 <DIR> d-------- C:\Documents and Settings\Administrator.TINY
2008-08-19 07:30 . 2008-08-19 14:16 <DIR> d-------- C:\Documents and Settings\Guest
2008-08-19 07:18 . 2008-08-19 14:16 <DIR> d-------- C:\Documents and Settings\Other Users
2008-08-18 12:16 . 2008-08-18 12:16 <DIR> d-------- C:\Program Files\Motorola Wireless
2008-08-18 12:16 . 2004-03-05 09:53 1,044,480 --a------ C:\WINXP\system32\ROBOEX32.DLL
2008-08-18 12:16 . 2004-03-25 20:49 336,256 --a------ C:\WINXP\system32\drivers\wind502u.sys
2008-08-18 12:16 . 2003-07-16 22:43 94,208 --a------ C:\WINXP\system32\W32N50CT.dll
2008-08-18 12:16 . 2003-07-16 22:28 17,142 --a------ C:\WINXP\system32\CBTNDIS5.sys
2008-08-18 12:16 . 1998-05-13 00:00 4,716 --a------ C:\WINXP\system32\VERSION.LIB
2008-08-18 12:15 . 2008-08-18 12:15 <DIR> d-------- C:\Program Files\Funk Software
2008-08-18 12:15 . 2003-05-14 16:01 62,673 -ra------ C:\WINXP\system32\drivers\odysseyIM3.sys
2008-07-28 12:58 . 2007-09-06 00:22 289,144 --a------ C:\WINXP\system32\VCCLSID.exe
2008-07-28 12:58 . 2006-04-27 17:49 288,417 --a------ C:\WINXP\system32\SrchSTS.exe
2008-07-28 12:58 . 2008-05-29 09:35 86,528 --a------ C:\WINXP\system32\VACFix.exe
2008-07-28 12:58 . 2008-05-18 21:40 82,944 --a------ C:\WINXP\system32\IEDFix.exe
2008-07-28 12:58 . 2008-07-02 13:33 82,432 --a------ C:\WINXP\system32\IEDFix.C.exe
2008-07-28 12:58 . 2008-05-23 18:21 81,920 --a------ C:\WINXP\system32\404Fix.exe
2008-07-28 12:58 . 2003-06-05 21:13 53,248 --a------ C:\WINXP\system32\Process.exe
2008-07-28 12:58 . 2004-07-31 18:50 51,200 --a------ C:\WINXP\system32\dumphive.exe
2008-07-28 12:58 . 2007-10-04 00:36 25,600 --a------ C:\WINXP\system32\WS2Fix.exe
2008-07-28 12:58 . 2008-07-28 13:00 1,244 --a------ C:\WINXP\system32\tmp.reg
2008-07-26 12:12 . 2008-07-26 12:12 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-26 12:12 . 2008-07-26 12:12 <DIR> d-------- C:\Deckard

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-19 18:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-19 18:20 --------- d-----w C:\Documents and Settings\All Users.WINXP\Application Data\Microsoft Help
2008-08-19 18:17 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-07-19 01:23 --------- d-----w C:\Program Files\Belarc
2008-07-18 05:00 --------- d-----w C:\Program Files\GameSpy Arcade
2008-07-18 00:37 --------- d-----w C:\Program Files\Microsoft Works
2008-07-18 00:36 --------- d-----w C:\Program Files\MSBuild
2008-07-18 00:24 --------- d-----w C:\Program Files\Microsoft.NET
2008-07-17 23:26 --------- d-----w C:\Program Files\Finale 2007
2008-07-12 10:39 --------- d-----w C:\Program Files\Java
2008-07-10 16:44 --------- d-----w C:\Documents and Settings\All Users.WINXP\Application Data\Lavasoft
2008-07-10 15:26 --------- d-----w C:\Program Files\The Weather Channel FW
2008-06-20 17:41 245,248 ----a-w C:\WINXP\system32\mswsock.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24 1694208]
"ctfmon.exe "= "C:\WINXP\system32\ctfmon.exe" [2004-08-10 08:00 15360]
"DW6 "= "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2008-06-10 16:18 785520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint "= "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2005-12-04 20:39 461584]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"TkBellExe "= "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-05-19 09:02 185896]
"MaxtorOneTouch "= "C:\Program Files\Maxtor\ManagerApp\Onetouch.exe" [2006-08-11 08:45 712704]
"mxomssmenu "= "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" [2006-08-11 11:15 81920]

C:\Documents and Settings\All Users.WINXP\Start Menu\Programs\Startup\
Motorola Wireless USB Adapter.lnk - C:\Program Files\Motorola Wireless\WU830G USB Adapter\Startup.EXE [2008-08-18 12:16:06 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle "= C:\WINXP\Resources\Themes\Royale\Royale.msstyles
"InstallTheme "= C:\WINXP\Resources\Themes\Royale.theme

[HKLM\~\startupfolder\C:^Documents and Settings^Brian.BULLSHIT^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=C:\Documents and Settings\Brian.BULLSHIT\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=C:\WINXP\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
--a------ 2005-11-02 23:01 50792 C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
--a------ 2005-08-12 18:43 45056 C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol]
--a------ 2003-09-17 14:43 57344 C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
--a------ 2005-08-05 13:56 64512 C:\WINXP\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
--a------ 2005-11-02 23:01 50792 C:\Program Files\Common Files\AOL\1137307829\ee\aolsoftware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 12:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
--a------ 2004-10-14 18:42 1404928 C:\Program Files\Analog Devices\Core\smax4pnp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
--------- 2000-05-11 05:00 90112 C:\WINXP\Updreg.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17Helper]
--a------ 2004-06-10 12:51 60928 C:\WINXP\system32\P17.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe "=
"C:\\Program Files\\Common Files\\AOL\\1137307829\\ee\\AOLServiceHost.exe "=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe "=
"C:\\Program Files\\Messenger\\msmsgs.exe "=
"C:\\Program Files\\Common Files\\AOL\\1137307829\\ee\\aolsoftware.exe "=
"C:\\Program Files\\Common Files\\AOL\\1137307829\\ee\\aim6.exe "=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe "=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe "=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe "=
"C:\\Program Files\\AIM6\\aim6.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=

R3 CBTNDIS5;CBTNDIS5 NDIS Protocol Driver;C:\WINXP\system32\CBTNDIS5.SYS [2003-07-16 22:28]
R3 wind502u;Motorola Wireless USB Adapter WU830G Windows Driver;C:\WINXP\system32\DRIVERS\wind502u.sys [2004-03-25 20:49]
S0 Spssys;Toshiba SPS Service;C:\WINXP\system32\drivers\spssys.sys []
S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINXP\system32\DRIVERS\A3AB.sys [2005-03-22 20:17]
S3 MAC607;MAC607 Filter;C:\WINXP\system32\DRIVERS\MAC607.sys [2007-06-25 02:35]
S3 xbreader;MaxDrive XBox Driver (xbreader.sys);C:\WINXP\system32\Drivers\xbreader.sys [2001-01-02 23:53]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\LaunchU3.exe -a
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Brian.BULLSHIT\Application Data\Mozilla\Firefox\Profiles\xs70nloq.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.com
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-20 00:16:55
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-20 0:18:20
ComboFix-quarantined-files.txt 2008-08-20 04:18:05
ComboFix2.txt 2008-08-02 04:48:56

Pre-Run: 45,847,814,144 bytes free
Post-Run: 45,832,491,008 bytes free

155 --- E O F --- 2008-07-19 14:44:57

 

I inquired about the wireless card brand because there are services for both Motorola and D-Link wireless adapters. We might come back to this.

Please do check the connectivity wired and let me know.

 

will check but, getting a bit sleepy now so will test later in the am.

 

I'm off to bed soon anyway. See you tomorrow evening.

 

ok a bit of an update...I am beginning to suspect some other problem. I tried connecting with a 56k modem and a standard dial up connection. It show the connection (sent and received packets) but couldn't load any pages including google. Now it tells me that the page cannot be found. also tried inputing ip address (for google and windows bbs, since google had worked previously, winbbs I just put in to see if it would translate. no luck yet....
I removed and uninstalled the motorola wireless adapter. as well as the netgear wireless card. so now I am wondering if something else is interfering. I know I had a similar problem with my computer after putting avg 8.0 on this machine, but it was resolved by changing my firewall settings. TinyTuba's computer doesn't have any firewall or antivirus at this point. I think it is time to do a bit of reading, and backtracking her posts to see where this problem started.

Not sure if this makes a difference but the error message is server not found:
firefox can't find the server at www.google.com...same message no matter what the address.

 

ran the clock fix and the time seems to be working normally now. Also noticed a few other changes... when booting up the computer at the xp login screen only one profile is there. Before there was one main, a guest, and other users. Now not only is there just one but it was the profile of the previous owner (not TinyTuba's profile).

 

Right click My Computer and select Properties.
Select the Advanced tab.
Click Settings in the Startup and Recovery section.
Click Edit.
Post it's contents here please.

What Service Pack version does it show on the General tab of My Computer properties?

Click Start>Run and type the following command, then hit Enter.

regsvr32 dnsapi.dll

Reboot and see if there's any change in connectivity.

 

service pack 2, automatic update tried to install sp 3 but had and error and didn't complete (earlier today)

Regsver32:
dnsapi.dll was loaded, but the dllregisterserver entry point was not found. This file can not be registered.

[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(2)\WINXP
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINXP= "Windows XP Media Center Edition" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS= "Windows XP Media Center Edition" /noexecute=optin /fastdetect


no change in connectivity. ie still gives page cannot be displayed error, when I put in an address it gives me the error message that IE cannot open the search page.

 

Update on the computer: the computer has been moved back to the dorm to try a LAN connection, and that has failed. Tooki it to a friend, and connected to his network through a cable, and it blocked the pages. Could ping the router and dns server, but could not browse. In the dorm, I can only ping the computer itself. I cant ping the network. My guess is because I am missing the required software that the school network requires in order to connect to the internet completely. Its supposed to redirect me to those pages within the network to download that software. What ever is blocking the browsers also blocks that too. I have been told that I should format the HDD. the computer cannot read the OEM discs for XP when I boot from CD.

This probably should be moved into another forum, since I don't think its virus or malware. If it is, it is really good at hiding from combofix.

 

If software is required to get an external internet connection, then yes, that would indeed be a problem.

Question ..... did you try to ping google.com from the friend's connection? My guess is that you were pinging by IP address alone, which had not been a problem before. So, from your own connection you can no longer ping google by IP?

Ummm, whay happens with the OEM disc? Does it boot the computer and begin setup?


If you insert the cd in normal mode, does it autorun setup, or can you right click the cd drive from My Computer, select Browse and navigate through the contents of the disc?

 

I can browse the contents, but it gives me a warning telling me that its an older version of XP. It doesnt allow me to click continue to override that. In the details, it told me to boot from CD. I'm getting ready to get the software from another computer and install it on there to see if that helps. No, google didn't work from the friend's network. Not even using the IP address as we did before.

The CD does auto run setup. I just can't install anything. I told it to boot from cd and it started setup. It gave me the choice continue installing windows, or do a new install. In both cases, it said setup could not find the CD rom, and the Hard drive. Booting the computer in safe mode and trying to connect doesnt work either.

Edit: I can only download one of the two programs. EKU's website is not allowing me to download symantec antivirus to my flash drive. Its requiring me to be on my computer.

 

Symantec av shouldn't in all likelihood be a requirement. What is the other software?

Are you able to ping google now? Still using a wireless connection? Id like to see the results of an ipconfig /all output.

 

Clean Access agent. a program used to detect if you have the current microsoft up dates installed and an up to date version of EKU symantec Av. Google doesn't come up either. It says I am connected to a network called ekuwifi, but I cant ping anything but the computer.

Ipconfig:



Windows IP Configuration



Host Name . . . . . . . . . . . . : TINY

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Mixed

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : eku.edu



Ethernet adapter Wireless Network Connection 6:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : NETGEAR WG311v3 802.11g Wireless PCI Adapter #2

Physical Address. . . . . . . . . : 00-1B-2F-C6-D7-35



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . : eku.edu

Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller
Physical Address. . . . . . . . . : 00-11-11-80-46-E1
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 157.89.187.51
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 157.89.187.128
DHCP Server . . . . . . . . . . . : 157.89.89.15
DNS Servers . . . . . . . . . . . : 157.89.36.108
157.89.36.109
Primary WINS Server . . . . . . . : 157.89.89.17
Lease Obtained. . . . . . . . . . : Sunday, August 24, 2008 1:20:46 AM
Lease Expires . . . . . . . . . . : Sunday, August 31, 2008 1:20:46 AM