Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

rebooted my router and wireless network vanished


  • Please log in to reply
3 replies to this topic

#1 fmac43

fmac43

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 02 October 2011 - 09:10 PM

CatByte has been helping me (link follows) and suggested I now post to you for help. This might be a little long.

In a nutshell, I have a desktop that runs Windows XP and a laptop that runs Vista. I have a Dynex wireless router, and had a secure home wireless network. CatByte helped me getting rid of multiple Trojans and viruses on both computers, laptop first, including the Google redirect that seems to be going around. I use my laptop for work, working at home. My husband is the only user of the desktop, and he was getting bumped off the Internet multiple times in a session (3 times in 15 minutes, he says) after the virus symptoms started happening. CatByte suggested that sounded like a router issue and suggested I reset my router and flush the DNS. That's when this new set of problems began. Viruses and trojans seem to be resolved; scans are clear.

I had to use the Dynex installation CD in order to get anywhere when I put "http://192.168.1.1" into the browser. Now I can get online with the desktop computer but cannot with the laptop. My secured wireless network has vanished since resetting the router, replaced with an unsecured Dynex-named one that I can't access via my laptop and can't figure out how to find in Windows XP to see if I can change it. The e-mail on the connected desktop doesn't work now either -- I get a message saying I'm not connected to the Internet, even when a browser window is open. A local tech guy set up my wireless router originally and I remember that it was a real pain; my ISP is Earthlink, which apparently causes no end of awkwardness when trying to set stuff up.

In order for the router connection to my laptop to work in general, I can't have "check settings automatically" checked; I have to have the specific IP and DNS address numbers in the box. This has always been the case, and was the only way he could get Earthlink e-mail to work on the laptop wireless connection.

When I click on "network connections" on my laptop, I see my original connection name, but that is not listed as an available connection, just the unsecured Dynex. So now I have a partially working, unsecured router connection that I don't know how to secure or make work properly. CatByte thinks a virus might have hijacked the router and this is the aftermath. I hope you can help. Thanks.

Here's the link for my original thread with CatByte: http://www.bleepingcomputer.com/forums/topic419389.html

Edit: Moved topic from Web Browsing/Email and Other Internet Applications to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 fmac43

fmac43
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 03 October 2011 - 09:19 AM

Thanks for moving this, Animal!

My laptop is a Toshiba Satellite and my desktop is a Dell, by the way. The desktop is right next to the router, literally inches away. My laptop is on a separate desk about 6 feet away, in the same room. I have DSL. And here is the report for my laptop from the mini toolbox. I'm online with my laptop now at a different location; does that affect the report? I can run it again at home when I'm not connected.

MiniToolBox by Farbar
Ran by Janet (administrator) on 03-10-2011 at 10:18:06
Windows Vista ™ Home Premium Service Pack 2 (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Wireless Network Connection" nexthop=192.168.2.1
add address name="Wireless Network Connection" address=192.168.2.3


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Janet-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : earthlink.net

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : earthlink.net
Description . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter
Physical Address. . . . . . . . . : 00-1F-E1-01-06-F7
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9513:609d:cb95:40bb%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 184557537
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-FC-A5-0D-00-1E-EC-35-8B-3F
DNS Servers . . . . . . . . . . . : 207.69.188.185
207.69.188.186
207.69.188.187
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
Physical Address. . . . . . . . . : 00-1E-EC-35-8B-3F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Connection-specific DNS Suffix . : earthlink.net
Description . . . . . . . . . . . : isatap.earthlink.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.2.3%14(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 207.69.188.185
207.69.188.186
207.69.188.187
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2cda:104a:3f57:fdfc(Preferred)
Link-local IPv6 Address . . . . . : fe80::2cda:104a:3f57:fdfc%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{38345E4D-9E2C-42F5-AC8A-C5DAC44F2AD7}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: rns1.earthlink.net
Address: 207.69.188.185

Name: google.com
Addresses: 74.125.73.106
74.125.73.147
74.125.73.99
74.125.73.103
74.125.73.104
74.125.73.105



Pinging google.com [74.125.73.105] with 32 bytes of data:

Reply from 74.125.73.105: bytes=32 time=58ms TTL=49

Reply from 74.125.73.105: bytes=32 time=58ms TTL=49



Ping statistics for 74.125.73.105:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 58ms, Maximum = 58ms, Average = 58ms

Server: rns1.earthlink.net
Address: 207.69.188.185

Name: yahoo.com
Addresses: 209.191.122.70
67.195.160.76
72.30.2.43
98.137.149.56
98.139.180.149



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=85ms TTL=53

Reply from 209.191.122.70: bytes=32 time=70ms TTL=53



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 70ms, Maximum = 85ms, Average = 77ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 1f e1 01 06 f7 ...... Atheros AR5007EG Wireless Network Adapter
10 ...00 1e ec 35 8b 3f ...... Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
1 ........................... Software Loopback Interface 1
14 ...00 00 00 00 00 00 00 e0 isatap.earthlink.net
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
13 ...00 00 00 00 00 00 00 e0 isatap.{38345E4D-9E2C-42F5-AC8A-C5DAC44F2AD7}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.3 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.3 281
192.168.2.3 255.255.255.255 On-link 192.168.2.3 281
192.168.2.255 255.255.255.255 On-link 192.168.2.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.3 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.2.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 18 ::/0 On-link
1 306 ::1/128 On-link
12 18 2001::/32 On-link
12 266 2001:0:4137:9e76:2cda:104a:3f57:fdfc/128
On-link
11 281 fe80::/64 On-link
12 266 fe80::/64 On-link
14 286 fe80::5efe:192.168.2.3/128
On-link
12 266 fe80::2cda:104a:3f57:fdfc/128
On-link
11 281 fe80::9513:609d:cb95:40bb/128
On-link
1 306 ff00::/8 On-link
12 266 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/03/2011 10:04:17 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (10/03/2011 10:04:17 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (10/03/2011 10:04:09 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (10/03/2011 10:04:09 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (10/03/2011 10:04:09 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (10/03/2011 10:04:09 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (10/03/2011 10:04:09 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (10/03/2011 10:04:09 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (10/03/2011 10:04:09 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

Error: (10/03/2011 10:04:09 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.


System errors:
=============
Error: (10/01/2011 08:27:08 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (10/01/2011 06:55:18 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.2.3 for the Network Card with network address 001FE10106F7 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (10/01/2011 06:25:49 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.18 for the Network Card with network address 001FE10106F7 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

Error: (10/01/2011 00:49:26 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer OFFICELAPTOP-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{295766FE-0F4B-40C5-AA95-FE.
The master browser is stopping or an election is being forced.

Error: (09/25/2011 00:27:40 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/25/2011 00:27:24 PM) (Source: Microsoft-Windows-ResourcePublication) (User: LOCAL SERVICE)
Description: Provider\Microsoft.Base.Publication/Publication/Computer

Error: (09/25/2011 11:12:19 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/25/2011 11:12:04 AM) (Source: Microsoft-Windows-ResourcePublication) (User: LOCAL SERVICE)
Description: Provider\Microsoft.Base.Publication/Publication/Computer

Error: (09/24/2011 07:42:07 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/24/2011 07:41:40 PM) (Source: Microsoft-Windows-ResourcePublication) (User: LOCAL SERVICE)
Description: Provider\Microsoft.Base.Publication/Publication/Computer


Microsoft Office Sessions:
=========================

========================= Memory info: ===================================

Percentage of memory in use: 57%
Total physical RAM: 2037.69 MB
Available physical RAM: 856.79 MB
Total Pagefile: 4322.66 MB
Available Pagefile: 2958.65 MB
Total Virtual: 2047.88 MB
Available Virtual: 1958.67 MB

========================= Partitions: =====================================

1 Drive c: (SQ004680V03) (Fixed) (Total:110.32 GB) (Free:51.87 GB) NTFS

========================= Users: ========================================

User accounts for \\JANET-PC

Administrator Guest Janet


**** End of log ****

#3 fmac43

fmac43
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:02:32 PM

Posted 04 October 2011 - 05:38 PM

All issues are resolved. I can't figure out how to delete this topic, but I'm all set now. A new, better router seemed to do the trick.

#4 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:03:32 PM

Posted 08 October 2011 - 03:30 PM

Glad your problem was resolved. :thumbup2:

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users