Jump to content

Recommended Posts

Posted

Hi Starbuck,

 

I can connect every time using the ethernet but if I want to connect wirelessly I have to - Go into WIRELESS NETWORK CONNECTION PROPERTIES, then into WIRELESS NETWORKS then, USE WINDOWS TO CONFIGURE MY WIRELESS NETWORK SETTINGS - tick the box - this was unticked and I've got to tick it everytime I log on wirelessly.

 

I guess that I am causing confusion because I am jumping from one problem to another? There seems to be so many to me and no doubt I am causing you a headache? It is not my intention and I do appreciate your help. Suffice to say that when I try to go onto Microsoft Window Update I get the DNS ERROR message and this shows on every Windows website.

 

I do hope that I haven't caused more confusion for you and I sincerely hope that you won't give up on me? Once again, my apologies for the hassle that I am causing.

  • Replies 113
  • Created
  • Last Reply

Top Posters In This Topic

Posted

Hi Twiceshy

 

I sincerely hope that you won't give up on me?
You won't get rid of me that easily. :p

 

If the system had been reformatted and then a reinstall done, you shouldn't have any problems at all.... as everything would be as new.

But it seems as though 'Microsoft' sites are being blocked.

This would normally point to malware, possibly altering the hosts file.

 

Let's get the hosts file reset and then run a malware scan and see if anything is on the system..... but after a reformat/reinstall there shouldn't be.

 

Step 1

Download HostsXpert.zip

  • Extract (unzip) HostsXpert.zip to a permanent folder on your hard drive such as C:\HostsXpert
  • Double-click HostsXpert.exe to run the program.
  • Click "Make Hosts Writable?" in the upper left corner (Only If available).
  • Click "Restore Microsoft's Hosts file" and then click "OK".
  • Click the X to exit the program.
  • Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.

 

 

Step 2

Please download Malwarebytes Anti-Malware and save it to your desktop.

 

  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware

     

    [*]Then click Finish.

    [*]MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.

    [*]On the Scanner tab:

    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.

     

    [*]If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.

    [*]The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.

    [*]When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".

    [*]Click OK to close the message box and continue with the removal process.

    [*]Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.

    [*]Make sure that everything is checked, and click Remove Selected.

    [*]When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)

    [*]The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.

    [*]Copy and paste the contents of that report in your next reply and exit MBAM.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

 

In your next reply, please submit:

MBAM scan report.

 

 

Thanks.

Member of:

UNITE

Posted

Starbuck, I am following Step One, but it doesn't give the option of 'Make Hosts Writable' only provides options:

Make Read Only

Back up? Restore

Import Options

Restore MS Hosts File

File Handling

Editing

Download

Tools

Help

Which one should I choose?

Posted

Hi Twiceshy,

 

but it doesn't give the option of 'Make Hosts Writable' only provides options:
That's ok then.

The reason we add:

Click "Make Hosts Writable?" in the upper left corner (Only If available).
is because, if it was there, we would need to change it.

As that option isn't there, just carry on with the other instructions:

Click "Restore Microsoft's Hosts file" and then click "OK".

Click the X to exit the program.

Member of:

UNITE

Posted
Bother! Now I have moved onto STEP TWO and as soon as I click on the link that you have given, once again - DNS ERROR :( I am connected and have even tried to manually type into Google, but the same DNS ERROR message appears....AGH!!!
Posted

Ok, so it would seem that it's not only Microsoft that is blocked.

Not to worry, we're not out of ideas yet. :cool:

I'm beginning to think that maybe the hard drive wasn't reformatted.

If this is the case, there may be remnants of "SECURITY TOOLS" on the system.

 

Let's see if this throws up anything.

 

Please download exeHelper to your desktop.

If your AV program throws up a warning about the program, ignore the warning. Some AV's flag this program because of how it works... that's all.

 

  • Double-click on exeHelper.com to run the fix.
  • A black window should pop up, press any key to close once the fix is completed.
  • Post the contents of exehelperlog.txt ( Will be created in the directory where you ran exeHelper.com and should open at the end of the scan)

 

Note : If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together ( they will both be in the one file ).

 

Btw: do you only have the one pc/laptop?or do you have another one you have access to?

Member of:

UNITE

Posted

exeHelper by Raktor

Build 20091220

Run at 16:34:34 on 02/23/10

Now searching...

Checking for numerical processes...

Checking for sysguard processes...

Checking for bad processes...

Checking for bad files...

Checking for bad registry entries...

Resetting filetype association for .exe

Resetting filetype association for .com

Resetting userinit and shell values...

Resetting policies...

--Finished--

 

Only have one laptop...

Posted

Hi Twiceshy,

 

Hopefully I did it right and this is the info you need?
Yep, you're getting good at this now. :)

Report tells us that nothing of the old infection remains, so the problem isn't there.

 

Question:

Do you have a router/modem ( in one) or are they separate?

Member of:

UNITE

Posted
Hi Twiceshy,

 

Question:

Do you have a router/modem ( in one) or are they separate?

 

They are are separate.....( BT Home Hub which you can connect to wirefree or connect to it by ethernet cable)

Posted

Here we go again Twiceshy,

Can you see the confused look on my face? :confused:

 

They are are separate.....( BT Home Hub which you can connect to wirefree or connect to it by ethernet cable)
a BT Home Hub is a modem and router in one.

It doesn't need anything else.

Is this what you are using:

BT Home Hub Explored

 

do you get your broadband connection from BT?

 

which you can connect to wirefree
what is 'Wirefree'? ... or do you mean wireless?

Member of:

UNITE

Posted

Useful Info...Perhaps?

 

Starbuck,

 

You said in a previous post, "I'm beginning to think that maybe the hard drive wasn't reformatted." I don't know if this info will help shed some light on my problem? I have checked in My Documents and found the following:

 

* DOWNLOADS - ZIPPED

 

QCOM2157

RALINK

REALTEK376

REALTEK612

REALTEK_CARDREAD203

TOUCHPAD8016

TVTUNER

TVTUNER910

 

* ADVENT 7096 DRIVERS ( in folders)

Ad wifi drivers

AMD K8 Processor

ATI RADEON Xpress Series

ATI SMBUS

REALTEK AC'97 AUDIO

REALTEK RTL8139 810x Family

Fast Ethernet NIC

 

Like I said, perhaps this info may be helpful...hope so :confused:

Posted
Here we go again Twiceshy,

Can you see the confused look on my face? :confused:

 

a BT Home Hub is a modem and router in one.

It doesn't need anything else.

Is this what you are using:

BT Home Hub Explored

 

do you get your broadband connection from BT?

 

what is 'Wirefree'? ... or do you mean wireless?

 

:o :o :o I hold my head in shame....!

 

Yes, that is what I am using.

Yes, I get my broadband connection from BT

Yes, I mean wireless....

and YES my head is still hung in shame...HONESTLY!

Posted
Yes, that is what I am using.

Yes, I get my broadband connection from BT

Yes, I mean wireless....

See, the fog is clearing already. :p

 

and YES my head is still hung in shame...HONESTLY!
It's ok, for a beginner you have had a lot of work to do.

 

The reason i wanted to be sure about your router, is that i can find no malware on your system. But i don't know exactly what malware was on there before your friend reinstalled everything.

Some malware actually infects the router.

So if you are still having problems after we have found nothing, this would be the next place to check.

It's normally a case of just resetting the router.

Some routers need to be reset a little different to others, so i wanted to make sure what you was actually using.

 

This is what i've found:

BT Home Hub (original version)

 

Press and hold the wireless association button on the Hub’s back panel for at least 15 seconds, then release it. The reset process may take several minutes. The Hub is reset and ready for normal use when its Broadband and Internet lights are glowing steady green.

BT Home Hub (new version - buttons on side)

 

 

  1. Locate the recessed Reset to Defaults button on the side of your Hub
  2. Press and hold the button for 2-3 seconds until your Hub lights go out
  3. Stop pressing and wait for the Hub’s Broadband light to glow green. This may take several minutes

Remember: resetting your Hub means you have to activate your BT Broadband Talk service again.

If you would prefer to speak to BT and get them to walk you through it, then by all means do that.

 

If you are still experiencing problems with the connection after that, i suggest you post about the problem here:

Networking

Networking isn't really my field and the guys there will have a lot more experience than i do.

 

To clear the programs etc we have asked you to download, follow this instruction:

 

  • Please double-click OTL.exe to run it.
  • You should see a CleanUp! button, press that button,
     
    http://img.photobucket.com/albums/v708/starbuck50/cleanupbutton.png
  • This will remove any programs we have asked you to download along with there associated folders.. plus itself.

 

 

If you have any questions feel free to ask, i'll keep an eye on this thread.

Member of:

UNITE

Posted

Hi Starbuck,

 

Your continued patience, help and understanding are to be applauded and once again I thank you.

 

The latest........ re. resetting the router has already been carried out. I also called BT just to check and was informed that they are upgrading the system. Which I have been advised will last until 27th feb. (Feel a right fool....sorry).

 

I still have the problem with the DNS ERROR message though and still cannot connect onto Windows Update Site because of this. Are you still able to help me with this or have I totally done your head in??? I will understand if your patience has been exhausted by me, but I do hope not :) ?

Posted
Your continued patience, help and understanding are to be applauded and once again I thank you.

mmm flattery will get you everywhere :)

 

I still have the problem with the DNS ERROR message though and still cannot connect onto Windows Update Site because of this. Are you still able to help me with this or have I totally done your head in??? I will understand if your patience has been exhausted by me, but I do hope not
Ok, you talked me into it. :p

 

Ok, let's review what we have... or what we know.

Normally malware will try and stop sites like this, but we see no evidence of malware.

Router has been reset, so that's not the problem.

We've reset your hosts file, so that shouldn't be the problem.

 

mmmmm ... thinking heavily here.

 

Right, we have 3 options:

Check for rootkits, just incase there is something hiding.... but i doubt it.

 

Manually look at your hosts file, just incase something has added Microsoft to it.

Normally bad sites are added to the file, so when you try to go to a bad site it redirects you back to your own computer. ... worth a try.

You can also add an allowed site to the hosts file.... worth trying.

 

Try to reset all your windows update files on your system ... in case one is corrupt or missing.

 

Let's try 2 and 3 first:

 

You're going to be good at all this by the time we have finished. :D

 

Step 1

Make sure that you can see hidden files.

 

  1. Click Start.
  2. Click My Computer.
  3. Select the Tools menu and click Folder Options.
  4. Select the View Tab.
  5. Under the Hidden files and folders heading select Show hidden files and folders.
  6. Uncheck the Hide protected operating system files (recommended) option.
  7. Click Yes to confirm.
  8. Uncheck the Hide file extensions for known file types.
  9. Click OK.

 

 

Navigate to the following folder:

C:\Windows\System32\drivers\etc\Hosts

 

This means, from 'my computer', click on the 'C' drive >>> then click on 'Windows' >>> then 'System32' folder >> .... until you get to 'Hosts'.

 

Now right click on 'Hosts' and select 'open with' ..... select notepad.

 

Copy and paste the contents in your next reply.

 

Do that first, then we'll move on to resetting all your windows updates files.

Member of:

UNITE

Posted

 

Navigate to the following folder:

C:\Windows\System32\drivers\etc\Hosts

 

This means, from 'my computer', click on the 'C' drive >>> then click on 'Windows' >>> then 'System32' folder >> .... until you get to 'Hosts'.

 

Now right click on 'Hosts' and select 'open with' ..... select notepad.

.

 

Hi Starbuck,

Have followed instructions to the letter but as soon as I click on the 'System32' folder there is nothing that shows Hosts. The only thing similar to it is hostname.exe :(

 

( Just in case this was the one that you meant , I did try to open it but a blue box appeared, then disappeared and nothing else happened. When I moved my cursor over hostname.exe it brought up a box saying:

Description: Hostname App

Company: Microsoft Corporation

File Version: 5.1.2600.0

Date Created: 04/08/2004 12:00

Size: 7.50

 

I have followed your instructions 3 times now just to check that I AM following your instructions correctly and each time, after checking what I am doing, I still get the same result....Feel like such a Numpty but I don't know what to do other than post this and let you know what is happening....:confused:

Posted

Hi Twiceshy,

 

I don't know what to do other than post this and let you know what is happening.
That's fine, if you are unsure of anything..... always ask.

 

as I click on the 'System32' folder there is nothing that shows Hosts.

The 'Hosts' .... is actually inside a folder called 'Etc', you will need to open that first:

 

C:\Windows\System32\drivers\etc\Hosts

 

after you open the 'system32' folder... click on the 'Drivers' folder to open it ..... then click on the 'etc' folder.

You should then see the 'Hosts'.

Member of:

UNITE

Posted

Hi Starbuck.....Numpty warning!!!

 

I must truly admit that I am becoming slightly reluctant to post now :o It is so unfair that once what was enjoyment, is now an overwhelming state of fear and hesitation...namely my laptop and the beggars who infected it! You are helping me and I feel so 'thick'. :(

 

I have followed - 'after you open the 'system32' folder... click on the 'Drivers' folder to open it ..... then click on the 'etc' folder.

You should then see the 'Hosts'.'

I did this but when I clicked on DRIVERS it only brought up, DRIVER CACHE. When I clicked on this it showed a single folder i386 ?????

 

Rather reluctantly I post this......:o

Posted

Hi Twiceshy,

 

If you haven't lost your sense of humour.... all is not lost. :)

 

I'm thinking that maybe the reinstall wasn't completed properly.

When you had the laptop, did you get the windows installation disc? also was there any separate discs which contained extra drivers?

In other words.... what discs did you get with the laptop?

 

also:

Have you still got the disc that came with the BT home Hub?

Member of:

UNITE

Posted

Unfortunately the discs that I got with the laptop have accidentally been thrown out and so I have none :( I cannot remember which discs I got as it is over 3 years ago that I bought the laptop.

I have however, the disc that came with the BT Home Hub....

Posted
Unfortunately the discs that I got with the laptop have accidentally been thrown out and so I have none
so what did your friend use to reinstall the OS?

Or is there a reinstall partition on the hard drive?

 

What is the make and model of your laptop?

Member of:

UNITE

Posted
Starbuck, it sounds to me like something might have replaced a dll file that handles the dns requests. I have seen it before, and it was resolved by replacing a key file, though I cannot remember which one exactly.
Posted
so what did your friend use to reinstall the OS?

Or is there a reinstall partition on the hard drive?

 

What is the make and model of your laptop?

 

I have been trying constantly to contact the guy who worked on my laptop but unfortunately I cannot :( I've left tons of messages but to no avail so I'm sorry but I cannot answer your first two questions.

 

As for make and model, it is an Advent 7096 series 331. (Hope that this is the right info.?) :)

Posted

Hi Twiceshy,

 

I have been trying constantly to contact the guy who worked on my laptop but unfortunately I cannot
No problem, we don't need him now.

 

As for make and model, it is an Advent 7096 series 331. (Hope that this is the right info.?)
Spot on. :)

Ok, now we can relax a bit. Your Advent computer uses the latest recovery system that doesn't require any CDs or DVDs to restore your PC to it's original factory condition. It's all pre-installed.

 

Let's see if this will help with your windows updates, if not..... it looks like we'll have to go for the system recovery.

You're gonna love this: http://fc06.deviantart.com/fs4/i/2004/250/7/1/ROFL_by_b4sti.gif

 

Download Dial-a-fix from:

 

Link 1

Link 2

  • Download to your desktop
     
    http://img.photobucket.com/albums/v708/starbuck50/DAF1.png
     
  • Unzip the files to a folder of your choice
     
    Right click on the downloaded zip file and select 'Extract'.
    Note the new folder location:
     
  • Open that folder and Double click the gear wheel
     
    http://img.photobucket.com/albums/v708/starbuck50/new%20forum/daf4.png
     
  • Check the "Fix Windows update" box
     
    http://img.photobucket.com/albums/v708/starbuck50/new%20forum/daf2.png
     
  • Clicking the "Flush Softwaredistribution" button is optional:
    The Flush SoftwareDistribution button will erase all of the data that WU/WUAU has collected about which patches you need, which ones are already downloaded but not yet installed, and which ones still need to be downloaded. If you're constantly being told by Windows Update to install the same patches over and over again, or you don't actually meet the prerequisites to even be installing them, then flush the SoftwareDistribution button.
    If you find out through Event Viewer that the DataStore.edb file is corrupted, then flushing SoftwareDistribution will take care of this.
  • Click "Go" - bottom left corner
     
    http://img.photobucket.com/albums/v708/starbuck50/new%20forum/daf3.png
     
  • Let it run
  • Restart your pc
  • Try the windows updates again
  • Delete or uninstall Dial-a-fix

Also a 'how-to' here: http://wiki.djlizard.net/Dial-a-fix

 

Let me know how it goes.

Btw: you have MS office 2007 installed, do you have the disc for this?

It wouldn't normally have come with Windows XP.

Member of:

UNITE

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...