Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Networking Networking
Search Search
Search for:
Tech Support Guy > > >

Windows 7 Advanced DNS problem


(!)

kremkrem's Avatar
kremkrem kremkrem is offline
Junior Member with 20 posts.
THREAD STARTER
 
Join Date: Oct 2011
09-Oct-2011, 07:38 AM #16
Sorry, but you know, this F-Secure software uses Java Applet for scanning (that's ok) and IE to show the results (more than bad). In other words, it doesn't work.
Please, if you can, choose some software I can download without any extern downloaders, and it should work fine.
Those errors are caused by the problem we're trying to solve. I mention it just to make sure you know why I've got these problems.
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,458 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
09-Oct-2011, 01:58 PM #17
Do you have an internet connection?

Did you set up the following Proxy

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 8.8.8.8:80
kremkrem's Avatar
kremkrem kremkrem is offline
Junior Member with 20 posts.
THREAD STARTER
 
Join Date: Oct 2011
09-Oct-2011, 04:17 PM #18
First, I have an internet connection. I post from the machine I have problems with, using Firefox. As I said in the very first post, the situation with my system is weird: there is a connection, but for most apps resolving hostnames doesn't work (but in Firefox works). So, I can connect using Firefox, or, sometimes, using raw IP.
Second... I barely understand the notation you just have used. But checked the Windows options... yes, I set the 8.8.8.8:80 proxy, I surely remember doing so. Found it was Google DNS server, and tried as a possible solution. But it didn't work, so I turned off using proxy for system (by unchecking a box). And the fact that the adress is typed, doesn't (or at least shouldn't) matter.
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,458 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
09-Oct-2011, 04:49 PM #19
When you turned off the proxy by removing the tick from "Proxy server" under Lan settings did you put a tick in "Automatically detect setting" under automatic configuration? see attached image

Also what can you tell me about this program ALLPlayer did you install it? Read the information at the following links:

http://www.threatexpert.com/files/allupdate.exe.html

http://www.prevx.com/filenames/61275...PDATE.EXE.html

I ask about this program because it was installed by user not by malware...

Kevin
Attached Thumbnails
Windows 7 Advanced DNS problem-ie.jpg  
kremkrem's Avatar
kremkrem kremkrem is offline
Junior Member with 20 posts.
THREAD STARTER
 
Join Date: Oct 2011
10-Oct-2011, 02:15 PM #20
Yeah...
Well, I hadn't switched the "automaticly detect" option on, I forgot about that. Now I've done it.
AllPlayer... yup, that was me. I've installed it. Avast was suspicious about the allupdate.exe, so I've either blocked it or let it on in sandbox (because that one was default). Well, when I've reconsidered that, I concluded I don't really need it anymore. Therefore I uninstalled it.
In short: it didn't work.
Let's try something else. I don't really like the vision of reinstalling the system... especially that it came with machine, so I don't have the CD/DVD...
PS. I've noticed you like Ubuntu, while I personally love it. As a coincidence, I've got a liveUSB with 10.04 lucid on board. If you're thinking about trick involving it, feel free to do so, I like Ubuntu, and I'm not a moron who is scared by its bash (aka terminal).
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,458 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
10-Oct-2011, 02:43 PM #21
I`m only looking for malware on your system, you mentioned having issues for approximately 8 months, All Player was installed February of this year so it was a definite suspect.

OK I`d like to see an in depth scan with an AV to check that Combofix missed nothing, as you had problems with ESET and F-Secure we can use Avast.

Right click on the Avast Icon next to your clock and select "open avast user interface"
On the interface select Scan Computer



On the next window select Boot time scan



Onthe next window select Schedule now



On the next window select Restart Computer



Let your system re-boot and carry out the boot time scan, let me know what it finds. Also tell me if Internet Explorer works now since turning on the "Automatically detect" option...

Regarding Ubuntu, I only use that for online banking and anything with financial implications, I just dont trust windows....(any version)
kremkrem's Avatar
kremkrem kremkrem is offline
Junior Member with 20 posts.
THREAD STARTER
 
Join Date: Oct 2011
11-Oct-2011, 08:33 AM #22
I've just done the on-boot scan. It said that it scanned everything (unlike the in-Windows scan), but found nothing.
I've just noted that your suspicion about AllPlayer was wrong, because I forgot to tell you, that the problem was caused by a stopped trial of installing an infected proxy software (that fact was mentioned by me in the very first post). Terrible thing I forgot the name of this application, but, as I searched on the net the day I got the problem, it was known to install rootkits and trojans.
But it was such a long time ago that I don't remember the name! Stupid, stupid, stupid, stupid, stupid, stupid, stupid, stupid.....
PS
It sometimes take time to answer, because there is big time difference between the place I live in and that forum's time (my time indicates 9 hours forward).

Last edited by kremkrem; 11-Oct-2011 at 08:38 AM.. Reason: Precising
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,458 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
11-Oct-2011, 09:38 AM #23
What is the status of your system now, is IE working? do have any issues/concerns
kremkrem's Avatar
kremkrem kremkrem is offline
Junior Member with 20 posts.
THREAD STARTER
 
Join Date: Oct 2011
11-Oct-2011, 11:45 AM #24
Nothing has changed: IE doesn't load any pages, services that haven't worked doesn't work, and ones that have worked work.
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,458 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
11-Oct-2011, 01:32 PM #25
Run Fixit for Internet Explorer, available here http://support.microsoft.com/kb/318378 Lets see if IE responds to the fix
kremkrem's Avatar
kremkrem kremkrem is offline
Junior Member with 20 posts.
THREAD STARTER
 
Join Date: Oct 2011
12-Oct-2011, 03:27 AM #26
FixIt couldn't do anything because of failed attempt to connect to the (Microsoft) server. Dang, Microsoft sometimes really sucks.

Last edited by kremkrem; 12-Oct-2011 at 03:27 AM.. Reason: bad grammar
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,458 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
12-Oct-2011, 03:51 AM #27
Back up YOUR REGISTRY with ERUNT.....
  • Download ERUNT
    (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
  • Install ERUNT by following the prompts
    (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
  • Start ERUNT
    (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
  • Choose a location for the backup
    (the default location is C:\WINDOWS\ERDNT which is acceptable).
  • Make sure that at least the first two check boxes are ticked
  • Press OK
  • Press YES to create the folder.


Next,

Please follow these instructions carefully:

Open Notepad, check the Format Menu and make sure Word Wrap is NOT selected. Then copy and paste the following from inside the code box to Notepad:

Code:
Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate\DisableWindowsUpdateAccess]		

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoWindowsUpdate"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoWindowsUpdate"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoUpdate"=dword:00000000
"AUOptions"=dword:00000000

[-HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate]

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDevMgrUpdate"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"NoUpdateCheck"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate]
"DisableWindowsUpdateAccess"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoWindowsUpdate"=dword:00000000

Next, Click on the File Menu, then Save As ... and click on the drop down menu to change the file type to All Files.

Next navigate to your desktop, and enter the file name fixme.reg, and click Save.

You should now find a new file on your desktop named fixme.reg. Double click on fixme.reg. You will get a warning,
agree to the merge, and then a message the file has been merged will immediately pop up.

Then reboot.

Next,


Add the Windows Update Web site and the Microsoft Update Web site to the Trusted Sites list, follow these steps:
  • Start Windows Internet Explorer:
  • On the Tools menu, click Internet Options.
  • Note If you are using Internet Explorer 7, and the menu is not available, press the ALT key on your keyboard to access the Internet Explorer Menu.
  • Click the Security tab, and then click Trusted Sites.
  • Click Sites, and then click to clear the Require server verification (https for all sites in this zone check box.
  • In the Add this Web site to the zone box, type the following addresses, and then click Add after you type each address:

    http://*.windowsupdate.microsoft.com
    http://*.windowsupdate.com
    http://update.microsoft.com

  • Click OK two times.

Try the updates again.
kremkrem's Avatar
kremkrem kremkrem is offline
Junior Member with 20 posts.
THREAD STARTER
 
Join Date: Oct 2011
12-Oct-2011, 11:42 AM #28
ERUNT... hey, I already know this app! Ok, I've done backup.
Now there's some neat register editing file... have run that.
Restart, added the 3 trusted sites and cleared the https: verification box.
Nothing changed. (try update? What did you mean? I've tried to run fixit again as an update, but nothing)

Last edited by kremkrem; 12-Oct-2011 at 11:42 AM.. Reason: bad grammar
kevinf80's Avatar
kevinf80   (Kevin) kevinf80 is offline kevinf80 is authorized to help remove malware. kevinf80 has a Profile Picture
Computer Specs
Malware Removal Specialist with 9,458 posts.
 
Join Date: Mar 2006
Location: Sunderland UK
Experience: Intermediate
12-Oct-2011, 03:55 PM #29
Do the following :

Select the Windows Key and R Key together, in the open box either type or copy and paste services.msc

In the new window scroll to Background Intelligence Service, what is the Status and Start up type? They should be Started and Automatic (delayed) respectively.

Also check the following dependencies:

Com + Event system this should be Started and Automatic

Remote Procedure Call (RPC) this also should be Started and Automatic

Let me know if the above are correct.....
kremkrem's Avatar
kremkrem kremkrem is offline
Junior Member with 20 posts.
THREAD STARTER
 
Join Date: Oct 2011
13-Oct-2011, 07:18 AM #30
I think I've managed to translate the service names right.
Background Intelligence Service (Usługa Inteligentnego Transferu w Tle)
Status: Started, Start up type: Automatic (delayed)

COM+ Event System (System Zdarzeń COM+)
Status: Started, Start up type: Automatic

Remote Procedure Call (RPC) (Zdalne wywoływanie procedur (RPC))
Status: Started, Start up type: Automatic
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


Tags
dns, network, networking, problem, windows

(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑