Internet only works in safe mode

S

Schmitty

I have an IBM T41 XP SP2 that was connecting fine then connected for 5 min or so and had to reboot to get back on line. Now it wont connect at all unless in safe mode. Have 2 other computers in the house that work fine one is wired one is wireless. The one having issues will not work wired or wireless. Have tried adware virus scan search and destroy, and malware. Still no go. Thanks in advance.

Attached is my Hijack this log
 

Attachments

  • hijackthis.log
    6.7 KB · Views: 4
What were you doing that required you to reboot? A possible software installation or update that may have knocked the ethernet and wifi drivers out of wack.


have you checked your tcp/ip settings? are you getting an ip at all? is it set to dhcp or set to static ip?

Also when you open your browser in the network settings. It could be possible that theres a proxy ip in the settings. This can be caused by adware and spyware. Though you said scans came up clean, its still worth to check.

What browser are you running? Internet explorer, firefox, google chrome?

Also what antivirus/firewall software are you running.

I do see black ice in the hijackthis log.

Also have you checked device manager to see if there are any driver issues with the Ethernet card or wireless card? I highly doubt this is a driver issue. Not to often do i see both wired and wireless drivers go bad. But i have very rarely seen a computer lose all its drivers due to a virus.

Hijack this log really didnt really show me much that could cause the problem.
 
I only rebooted to get back online. At first it would connect to internet for about 5 min or so and then would just stop opening new pages. I would restart to get back on for another 5 min. I messed with it again last light and thats wen it would not get on at all unless in safe mode. Im running IE8, was running 6 and upgraded thinking that was the issue but No luck.Ive tried Firefox as well, still same issue. TCP/IP are set to auto and I do get all ip addresses, sometimes it will even let me ping out to say yahoo, but most of the time it says I lost all 4 packs, It is set to DHCP. There is a proxy in the settings and Ive tried to delete it but when I go back its still there. This was a corporate computer set up on a network at one time. Was running Norton internet secruity but it would not finish updates when this started happening so I downloaded free version of Avira today and it found 1 adware TR/agent.32768.AB trojen, This also has ISS Proventia Firewall on that I cannot get rid of and when I did the gmer scan it stopped when it got to this and they were in RED. it ask if I wanted to do full scan but like the 8 steps said I clicked no. This is where I seen the Black ice too. What is that?? DDS scan would only run a few min and then lock up the computer completely. Tried it twice. Maleware showed clean as well. All drivers look good. I will attach my gmer scan results.
It wont let me copy and paste a link so I have to attach...

Thanks for you help by the way.
 

Attachments

  • gmer.log
    2.5 KB · Views: 3
it depends which blackice it is. Theres an antivirus black ice. then theres a virus called black ice.

It seems like that laptop has way to many things on it for antivirus. Are any of them paid subscriptions? If not I suggest removing all of them. I think you have a virus and some malware.

What version of windows are you running?

You said the laptop used to be a corporate laptop. So is it no longer and just for personal use? If so, I would recommended just wipping the hard drive totally and reinstall windows after you backup whatever files you have on it.

If you cant wipe the hard drive. Then you may want to try the following.

1. Uninstall all anti viruses and malware programs except one.

2. Check your Add/Remove programs for anything suspicious and remove them. Anything such as my search assistant or coupons, or viewpoint.

3. I suggest installing cc-cleaner as well and removal all temp files and cookies.

4. Enable your computer to view hidden system files and folders. Google on how to do that with version of windows if you dont know how.

4. Download this special super anti spyware portable version.
http://www.superantispyware.com/portablescanner.html

5. Run a full system scan and see if it catches anything. Remove the infected files and then reboot.

I think you have a virus as a normal proxy setting set could be it.

Also since it was a corporate computer thats why i suggest wiping the hard drive to get rid of any type of restrictions or file permissions that it may have.
 
I cant seem to be able to remove the proventia or mcafee programs just the Nortons because IT has it locked out. It was corporate but now personal. I still take it to work occasionlly and use it for company travel but cannot log into our network so I can wipe out hard drive. I was thinking of doing that anyway but I cant find the discs that came with it. Can I just buy a copy of XP and load that, and will it still have the wireless driver loaded, or will I have to go to IBM and download T41 drivers and options, I also have a old copy of XP home edition that was on my old desktop that I tossed. Should I use that disc. Again thanks for your help.
 
Yea there just seems to much crap and lockdowns. Best bet really is to wipe everything and yes you would need to download the drivers from another pc and toss it on a flashdrive or a disc.

Is there a windows sticker on the laptop? If it was a company laptop im assuming it was windows xp pro and not home edition. If you could grab a xp pro disc and install it then activate windows with the key on the laptop.

you have to install which ever windows copy of windows the sticker has. Because windows pro keys wont work with a windows home disc and visa versa. And if there is no key then you most likely have to go buy a new copy of windows xp.

Do me a favor and check your pm (Private Messages) on here for some more info.
 
I do have a sticker on the back with the product key and it is the pro version. The copy I own is only the Home Edition. BUT I also have 2 Rescue and recovery XP Pro SP3 discs for my new lap top but its an R400 IBM Lenovo. It also came with an extra Product Recovery because it originaly came with Vista( I know I cant use that one). Will they work with the T41.

P.S. Got your message but it says I can't reply back till I have 12 posts...... That sounds like a good plan if this doesnt work.

Thanks
 
Yep, any xp key should work on any machine as long as the key matches the disc you are using. A xp pro key with xp pro installation disk, or home key with home installtion disk. So backup all the major files you have. And make sure you can snag the drivers for when you wipe the hard drive before you actually wipe the hard drive. So your not stuck with a freshly formated pc and no drivers.

I believe this is the page with the drivers - http://www-307.ibm.com/pc/support/site.wss/migr-46258.html
 
OK ,I will try that this weekend. I guess the best way to get drivers is to see what I have on the machine now and then download those onto a flashdrive or disc from the web site and then load later?? There are a bunch of drivers on that site, do I need them all?? Thanks for everything you've done....
 
Yes open up device manager. You can do this by clicking start, run, and type devmgmt.msc and then enter. Go through the different drivers you might need. Major ones are Display Adapters, Network adapters, and sound and storage controllers mostly. Write what you have down and then match the drivers up for your model on this link. http://www-307.ibm.com/pc/support/site.wss/migr-46258.html

from the link above you really only need the following.
Audio Driver,
Bluetooth driver (only if you use bluetooth)
AMR soft modem adapter (only if you use dialup or anything)
Networking ethernet driver (Match up the model with what you have in device manager)
Wireless Driver (Match up the model with what you have in device manager)
Power Management (ACPI)
Video Driver
And Finally the Intel Chipset driver (which I usually install very first after a fresh copy of windows)
 
Well I started looking at the DNS Client because it wasnt running when I went to msconfig and there was no start button. I disables some things to try it one more time before re installing windows and of course it didnt work so when I went to check the drivers the networks window was empty. I tried to go back to msconfig and start everything again but it said to contact adminisrator to make changes so whatever I did I couldnt undo. So I cant get all the driver info. I went ahead and tried to install new windows anyway but when I hit F1 at start up redo everything it told me I needed a password to do it. We changed IT departments last year and this computor is 4 years old and has been off the network so long its not registered. They wont even take it back to reimage it because its out of warrenty. I think I may order a bigger hard drive and redo it that way. It only has the 40G in it.
 
Well if you said you couldnt get into bios because of a built in admin password. buying a new hard drive wont matter, as the bios chip is built into the motherboard. I figured you could remove the password by resetting the bios by pulling the built in bios out of the battery, but this is not the case.

You might need a whole new motherboard. But probably not worth the cost. I always reccomend, when ever you get a past company laptop, that its complelty wiped, and reformatted and all the passwords removed before you get it.
 
Well Im glad I didnt get a new hard drive yet. Yeah it lets me in but to do a reboot it asks for the admin password. I didnt realize it was built in to the motherboard. As I said it is an old laptop so I would hate to put in alot of money in it. Thanks so much for your input and advice.
 
I got everything back to the way it was before but still cannot connect to the internet. I can ping yahoo and google from command promp now but page doesnt display.
 
once again, it leads me to believe that a proxy or redirector virus or something is causing you problems. Did you try scanning with Super Anti Spyware Yet?
 
Not yet, Ive tried a couple others (malware and seach and destroy) but will try that one tonight. I found something in the services that enabled the proxy but it wouldnt let me disable it. I will look at that again as well. When I go to internet options-connections-LAN settings theres always a proxy from work listed but greyed out.The box for automatically detect setting is checked too. Everytime I delete it when I go back to that window its there again.
 
as long as automatic lan settings is enabled you should be fine. Run SAS. when you get a chance. Not sure what else to look at, withoyu physically looking at the pc.
 
OK, scanned with SAS and it found 31 adware and 1 rouge agent in the WSUSUpdate file. Still will not connect. I can ping out everything, even another laptop next to it, but I cant ping in to it from another laptop, It times out. Any thoughts
 
You must log in or register to reply here.

Similar threads

A
Stadia controllers can be converted to generic Bluetooth devices for one more year
Replies
1
Views
194
Theinsanegamer
T
E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
475
eriksnyman1
E
Cal Jeffrey
PS VR2 works "out of the box" on PC but only in cinema mode
Replies
5
Views
640
MakeMSGreatAgain
M

Latest posts

Back