Go Back   Technibble Forums > General Computers > Tech-to-Tech Computer Help

  Technibble Sponsor

Reply
 
Thread Tools Display Modes
  #1  
Old 01-04-2012, 09:19 PM
Xtreme's Avatar
Xtreme Xtreme is offline
 
Join Date: Jul 2009
Location: Louisville, Ky
Posts: 154
Xtreme is an unknown quantity at this point
Default WinXP reverts back to state before the repair after I shut down PC. Need some help.

I have a computer that was infected and I ran all the offline scans to remove the viruses and even used D7 to do some repairs. My issue is I can not get it connected to the internet.

I ran a Windows Repair and after that was finished everything worked like a charm. Updated AV and other things before I wrapped it up. I was required to restart the computer as normal and thats when things went back to the way it was; not able to connect to the internet.

Its got something to do with the services and the dependencies when its not working. I cant open the firewall to enable it, it asks me if I want to start the internet and firewall service so I click yes and I get an error 2 code.

Now windows repair fixes this problem but I cant keep it locked in after I reboot the machine. Ive repaired system restore and created a restore point after the Windows Repair and then used that restore point after the reboot (when things go back to not working) and that does not help.

To me it sounds like something might be getting deleted once the OS shuts down.

Any suggestions?
__________________
Reply With Quote
  #2  
Old 01-05-2012, 01:25 AM
cgrant cgrant is offline
 
Join Date: Dec 2011
Posts: 11
cgrant is an unknown quantity at this point
Default

I had the same problem with a clients computer which I still have not been able to figure out. I ran the Windows Firewall Repair and other repair apps restarted and still having the same problem. Can't connect to the network. No Domain on the computer, just using a netgear router with DHCP assigned IP address.

Did not have time to finish it and will try again over the weekend. If I figure something out I will definitely let you know.
__________________
Chris Grant
Grant-Tech
www.grant-tech.net
"Computer Problems Solved"
Reply With Quote
  #3  
Old 01-05-2012, 02:02 AM
Xtreme's Avatar
Xtreme Xtreme is offline
 
Join Date: Jul 2009
Location: Louisville, Ky
Posts: 154
Xtreme is an unknown quantity at this point
Default

Thanks I would greatly appreciate that.

I did run combofix and it found Zero.Access Rootkit but of course after combofix did its thing Im still having the same problems. Im about to give this a shot from ESET about removing this to make sure its gone.
__________________
Reply With Quote
  #4  
Old 01-05-2012, 02:28 AM
dk99 dk99 is offline
 
Join Date: Jun 2010
Location: Youngstown Ohio
Posts: 160
dk99 is an unknown quantity at this point
Default

Quote:
Originally Posted by Xtreme View Post
Thanks I would greatly appreciate that.

I did run combofix and it found Zero.Access Rootkit but of course after combofix did its thing Im still having the same problems. Im about to give this a shot from ESET about removing this to make sure its gone.
Read this thread

http://www.technibble.com/forums/sho...d.php?t=33460p
Reply With Quote
  #5  
Old 01-05-2012, 03:26 AM
Xtreme's Avatar
Xtreme Xtreme is offline
 
Join Date: Jul 2009
Location: Louisville, Ky
Posts: 154
Xtreme is an unknown quantity at this point
Default

Thank you. Im about to give this a shot! This has been a pain in my side now for a while. Be glad to get this fixed soon.
__________________
Reply With Quote
  #6  
Old 01-05-2012, 12:45 PM
Xtreme's Avatar
Xtreme Xtreme is offline
 
Join Date: Jul 2009
Location: Louisville, Ky
Posts: 154
Xtreme is an unknown quantity at this point
Default

I made several different attempts but to no avail. I went ahead with a format reload. I have a log I will post later from GMER and ComboFix. Also I will have to find a copy of this rootkit and try on my virtual machine. Kind of frustrating not being able to fix this problem.
__________________
Reply With Quote
  #7  
Old 01-05-2012, 02:49 PM
Dagooseisloose Dagooseisloose is offline
 
Join Date: Dec 2011
Posts: 49
Dagooseisloose is an unknown quantity at this point
Default

Ive had this issue with two computers yesterday. Both computers were windows XP and both were infected and "cleaned". Both systems wouldnt connect to Exchange 2010 through Outlook 2010. Me being the Exchange admin I got called in. After spending like an hour with one I sent it back down to get scanned again. ComboFix and it worked. Gave it back to the user and low and behold Outlook No worky no more. Ran nslookup and came back with ordinal 1108 cannot be found in Wsock32.dll. Great Winsocko is housed. Ran a couple of winsock fix utilities and still no go.

In the end I Nuked and Paved both. I know what some people are going to say. Im a half assed tech who cant fix things just a reinstalls. It took me 3 hours to reload both PC's. I spent at least 3 hours trying to fix one with no success between scanning and diagnoising. Its quicker for me to reload. In the end I feel the client gets a better product anyway.
Reply With Quote
  #8  
Old 01-05-2012, 08:57 PM
Xtreme's Avatar
Xtreme Xtreme is offline
 
Join Date: Jul 2009
Location: Louisville, Ky
Posts: 154
Xtreme is an unknown quantity at this point
Default

Quote:
Originally Posted by Dagooseisloose View Post
In the end I Nuked and Paved both. I know what some people are going to say. Im a half assed tech who cant fix things just a reinstalls. It took me 3 hours to reload both PC's. I spent at least 3 hours trying to fix one with no success between scanning and diagnoising. Its quicker for me to reload. In the end I feel the client gets a better product anyway.
I always try to steer clear from N/P, but if your spending too much time on a machine sometimes thats your only option and the best way to guarantee quality.

Hell my last job designed their business around N/P. The owners had no experience in computers what so ever. It was a joke. lol
__________________
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 11:23 PM.


Powered by vBulletin®
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Technibble.com is based out of MELBOURNE, AUSTRALIA.