Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan Removal Attempt has broke computer - help!


  • Please log in to reply

#31
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
c:\windows\system32\drivers\tcpip.sys not .exe

Please try it again.
  • 0

Advertisements


#32
DaveFoxall

DaveFoxall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
My fault, ran it again, similar results by the looks of it?

Attached Files


  • 0

#33
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
You did something different this time since it can't find any of the files. Not sure exactly what is going on.

c:\windows\system32\drivers\tcpip.sys
c:\windows\System32\wsock32.dll
c:\windows\System32\wshtcpip.dll
  • 0

#34
DaveFoxall

DaveFoxall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
3rd time lucky!

Attached Files


  • 0

#35
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
from a command prompt type:

netsh  int  ip  reset  \reset.log

What error do you get? Does it create a file C:\reset.log if so attach it to your next reply.
  • 0

#36
DaveFoxall

DaveFoxall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Reset log

Attached Files


  • 0

#37
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
Still no connectivity and no sc start tcpip I assume. Forgot to tell you to reboot after you did the reset. So do that now then try the sc start tcpip again.
  • 0

#38
DaveFoxall

DaveFoxall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
After restart:

[SC] StartService FAILED 2:
The system cannot find the file specified.


Still no conectivity.

(Thank you for all the help so far, going to bed now so will try and catch you when you're online next.)
  • 0

#39
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
The only thing we have left to try is the total tcp reset:

Do you have the file:

C:\WINDOWS\inf\nettcpip.inf

IF so. Back up your registry:

http://pcsupport.abo...backupxpreg.htm

Then see if you can follow the steps in the Hardcore method when nothing else is working section on

http://smokeys.wordp...p3-tcpip-stack/
  • 0

#40
DaveFoxall

DaveFoxall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
I think I've tried all that from the initial thread where it was suggested there. I do have that file, I managed to back up my registry, but the problem was I don't have a Windows installation CD as it was preinstalled with the computer.

Will it now come down to the fact that I simply need a restart and a new Windows installation CD? I have a product key sticker on the case of the computer, just don't have the actual CD.
  • 0

Advertisements


#41
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
Are you sure you did this:

1. Locate the Nettcpip.inf file in %winroot%\inf, and then open the file in Notepad.
2. Locate the [MS_TCPIP.PrimaryInstall] section.
3. Edit the Characteristics = 0xa0 entry and replace 0xa0 with 0×80.
4. Save the file, and then exit Notepad.
5. In Control Panel, double-click Network Connections, right-click Local Area Connection, and then select Properties.
6. On the General tab, click Install, select Protocol, and then click Add.
7. In the Select Network Protocols window, click Have Disk.
8. In the Copy manufacturer’s files from: text box, type c:\windows\inf, and then click OK.
9. Select Internet Protocol (TCP/IP), and then click OK.
Note This step will return you to the Local Area Connection Properties screen, but now the Uninstall button is available.
10. Select Internet Protocol (TCP/IP), click Uninstall, and then click Yes.
11. Restart

Succesfull uninstallation of TCP/IP will remove numerous keys from the registry including:

HKLM/system/CurrentControlSet/services/tcpip
HKLM/system/CurrentControlSet/services/dhcp
HKLM/system/CurrentControlSet/services/dnscache
HKLM/system/CurrentControlSet/services/ipsec
HKLM/system/CurrentControlSet/services/policyagent
HKLM/system/CurrentControlSet/services/atmarpc
HKLM/system/CurrentControlSet/services/nla

These represent various interconnected and interdependant services.

For good measure you should delete the following keys before reinstalling TCP/IP in step #2:

HKLM/system/CurrentControlSet/services/winsock
HKLM/system/CurrentControlSet/services/winsock2

Step #2

Reinstall of TCP/IP

Following the above substep #3, replace the 0×80 back to 0xa0, this will eliminate the related “unsigned driver” error that was encountered during the uninstallation phase.

Return to “local area connection”> properties > general tab > install > Protocol > TCP/IP

You may receive an “Extended Error” failure upon trying to reinstall the TCP/IP, this is related to the installer sub-system conflicting with the security database status.

To check the integrity of the security database
esentutl /g c:\windows\security\Database\secedit.sdb

There may be a message saying database is out of date
First try the recovery option
esentutl /r c:\windows\security\Database\secedit.sdb

If this don’t work for you, you needthe repair option
esentutl /p c:\windows\security\Database\secedit.sdb

Rerun the /g option to ensure that integrity is good and database is up to date.

Now return to the “local area network setup”
Choose install > protocol > TCP/IP and try again

Reboot.
  • 0

#42
DaveFoxall

DaveFoxall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
Followed all that as best I could, didn't get any of the error messages predicted, but still no connectivity despite two reboots.
  • 0

#43
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
What make and model (and Service tag if it has one) is this?

Is the network builtin to the motherboard or a separate card?
  • 0

#44
DaveFoxall

DaveFoxall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
It's an "HP Compaq dc5750 microtower BU ALL"
Has an 'hp s/n' and 'p/n' reference numbers underneath too if they are relevant?
  • 0

#45
DaveFoxall

DaveFoxall

    Member

  • Topic Starter
  • Member
  • PipPip
  • 36 posts
I believe it's attatched to the motherboard but I'm not 100% sure. Let me know if you'd like me to open it up and have a look?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP