Hardware and Software
>
Microsoft Windows
>
Viruses, Spyware and other Nasties
>
IP addresses ping but not site names no internet connections
Start New Discussion Reply to this Discussion IP addresses ping but not site names no internet connections
I removed a virus via MSE and afterwards have lost the ability to connect to the internet. This is a windows 7 professional 32 bit laptop. Staticly i can set the ip address and dns server and can ping the DG and the DNS server. I can also ping google by IP address. However cannot reach the website through IP address. I have tried winsock resets along with reinstallation of network adapter drivers. Even have done a system restore to a month back but so far none have worked. I have been scouring the web for the last 4 hours looking for a solution to fix the problem but have yet to find anything. Also i have uninstalled all antivirus software aside from MBAM. I hope that I can find a solution through this community.
2
Contributors5
Replies3 Days
Discussion Span1 Year Ago
Last Updated7
ViewsQuestion
Answered
Answered
Related Article: ping.exe has got me
is a Viruses, Spyware and other Nasties discussion thread by Tuckinator that has 5 replies and was last updated 1 year ago.
- Microsoft Exchange 2010 and DHCP internal IP address… - 7 replies
- Going Nuts with My connection - 1 reply
- Virus Protection Keeps being turned off and/or removed - 8 replies
- News Story: Breaking: Acronis blames 'technical issue' for customer… - 1 reply
- Internet Explorer 8 & 9 Stops and Starts and Stops… - 2 replies
- Solved: ping.exe and uncloseable pop-ups - 5 replies
- Solved: PING.exe and possibly others - 7 replies
- Ping.exe virus - 27 replies
- Find IP Adress that have accesed my hotmail the last… - 4 replies
mflexnet
Newbie Poster
4 posts since Jan 2012
Reputation Points: 10
Solved Threads: 0
Skill Endorsements: 0
I hope that I can find a solution through this community.
We can try :)
-- Do you have any logs from the malware removal process? If so, please post them.
-- Please download and run Farbar Service Scanner
Check all the boxes and hit scan. It should produce a log. Please post the FSS.txt for us.
-- Please follow the steps in the linky below to obtain the GMER scanlogs and the DDS Logs:
I or another volunteer will try to check back as time permits.
-- 'Course, if you have issues connecting the ill machine, you'll need a flash drive to transfer the tools and scanlogs....
Cheers :)
PP
PhilliePhan
Central Scrutinizer
Moderator
1,965 posts since Dec 2006
Reputation Points: 184
Solved Threads: 112
Skill Endorsements: 4
fss log here.
Farbar Service Scanner
Ran by jmartinez (administrator) on 13-01-2012 at 15:35:47
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
afd Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open afd registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open afd registry key. The service key does not exist.
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.
System Restore Disabled Policy:
========================
Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.
Windows Update:
===========
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
File Check:
========
C:\windows\system32\nsisvc.dll => MD5 is legit
C:\windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\windows\system32\dhcpcore.dll => MD5 is legit
Attention! C:\windows\system32\Drivers\afd.sys is missing.
C:\windows\system32\Drivers\tdx.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\windows\system32\dnsrslvr.dll => MD5 is legit
C:\windows\system32\mpssvc.dll => MD5 is legit
C:\windows\system32\bfe.dll => MD5 is legit
C:\windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\windows\system32\SDRSVC.dll => MD5 is legit
C:\windows\system32\vssvc.exe => MD5 is legit
C:\windows\system32\wscsvc.dll => MD5 is legit
C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\wuaueng.dll => MD5 is legit
C:\windows\system32\qmgr.dll => MD5 is legit
C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
**** End of log ****
mflexnet
Newbie Poster
4 posts since Jan 2012
Reputation Points: 10
Solved Threads: 0
Skill Endorsements: 0
nslookup gives an UnKnown cant find XXXX No response from server.
I did run FSS and it kicked out a log file that the machine is missing afd.sys under windows\system32\drivers folder. I have run a search and found other afd.sys files inside the winsxs folder and supposedly. According to http://www.smartestcomputing.us.com/topic/49786-no-internet-connection-after-virusmalware-removal-fix/ I can just replace the missing file. Trying this now.
.
.
.
Well that didn't work either. Windows network diagnostic tool responds with DNS server isn't responding. Yet I can ping the DNS server. Ive tried the reset in explorer and also have tried using firefox.
Just checked services.msc and there are many, many, many services with a
<Failed to Read Description. Error Code: 8>
some in particular: network connections, DNS client
Some show as started however and can be restarted. Earlier today the DNS client wouldn't start at all but with some registry work around by going to HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Services\ DNS and removing the DependOnService then rebooting a new one was created and DNS client service finally started.
mflexnet
Newbie Poster
4 posts since Jan 2012
Reputation Points: 10
Solved Threads: 0
Skill Endorsements: 0
It looks like you are on the right track.
I'd like to see the other logs I requested because, if the rootkitted malware is still active, it'll just reinfect another driver and you'll be back at square one.
This malware infects a random driver (from a small predetermined pool) and cleaning attempts bork the internet connection because they do not replace the infected driver, nor do they address the registry damage.
-- Did you back up the registry before hacking it? If not, I suggest you do so with a tool such as ERUNT.
Anyhoo, please post the logs and we'll go from there.
Cheers :)
PP
PhilliePhan
Central Scrutinizer
Moderator
1,965 posts since Dec 2006
Reputation Points: 184
Solved Threads: 112
Skill Endorsements: 4
Just for closure. Wound up just doing an hp recovery after backing up profile with windows easy transfer. Everything is back to normal.
mflexnet
Newbie Poster
4 posts since Jan 2012
Reputation Points: 10
Solved Threads: 0
Skill Endorsements: 0
Question Answered as of 1 Year Ago by
PhilliePhan
This question has already been solved: Start a new discussion instead
You
View similar articles that have also been tagged:
connection dns ipaddress network ping
© 2013 DaniWeb® LLC
Page rendered in 0.0891 seconds
using 3.01MB
RSS Feed