Malware and loosing dhcp

Community Forums/General Help/Malware and loosing dhcp

ragtag

(Posted 2009) [#1]

Hi,

I've been trying to help a friend of mine get his heavily infected computer back online. His internet connection works, and I was even able to connect his machine to my iBook using a crossover cable, to transfer some tools to his machine. Malware Bytes found 40!!! things on the machine, ranging from adware, to trojans, backdoors, irc bots and lord knows what. After removing all the lard, I'm still unable to make the computer get an IP through DHCP. His machine runs Windows XP.

Any suggestion to what I can try next? Other malware/adware removal tools? I'm a bit stumped on this one.

Notably, his machine was running an updated version of Norton anti-virus....which clearly wasn't doing it's job properly. I've always kind of considered Norton to be malware too...it takes up lots of resources and is near impossible to remove from your system. :P

matibee

(Posted 2009) [#2]

Norton couldn't catch a cold, even eating 110% of your pc's resources trying :(

Pretty much the only removal tools I use;

Hijack this: http://majorgeeks.com/download3155.html cures most ailments.

And for when things get really nasty.. The avenger: http://swandog46.geekstogo.com

markcw

(Posted 2009) [#3]

Reinstall XP?

Or if your friend has nothing against it, set up a dual-boot with a Linux for much safer internet browsing.
For ubuntu see Partitioning your disks.

GfK	(Posted 2009) [#4]

Might be a silly question, but are you sure that DHCP hasn't been disabled on the router?

Ross C

(Posted 2009) [#5]

Have you tried going into safe mode with networking? If you can't get a connection in there, either reinstall, or check gfk's option.

xlsior

(Posted 2009) [#6]

I've seen Norton itself break DHCP after uninstalling it...

check out the following:
Control panel -> administrative tools -> services
look for DHCP Client service

First of all, double-check that it is running. If it isn't, try to start it.
should it fail, then open the properties of the service and check the dependencies tab -- These dependencies mean that the DHCP service won't start it not all of the dependencies are running first.

In my case Norton left itself as a dependency even after uninstalling it, so it was unable to get an IP from that moment on.
If this is indeed the problem and Norton left a dependency, you can use Norton's own removal tool to remove the last traces of the program which ought to fix it. If there is another malware program that left a dependency trace, you may need to manually remove it from the registry. I don't have a how-to handy, but a short trip with google should give you the answers.

hope this helps...

xlsior

(Posted 2009) [#7]

Note: If you do end up looking at dependencies, make sure that whatever is blocking is actually BAD, since there are also some valid dependencies such as the TCP/IP protocol driver. Obviously removing those may make things worse.