Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Connected to Network but Limited Access


  • Please log in to reply
4 replies to this topic

#1 Superbleeder

Superbleeder

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:38 PM

Posted 19 December 2011 - 08:19 PM

Like many i was infected by the Windows 7 Antivirus 2012 virus and seemed to successfully remove it seeing as my Laptop is running much faster than before and with no pop ups. The main issue now is i cannot get online. I can connect to my desired network but it keeps saying i have Limited Access(with that yellow triangle and exclamation point over the wireless signal strength icon). I'm not sure this helps but i also had errors with windows firewall at first( i assume the virus screwed it up) and was able to get it working again. I've searched for 2 days now and have tried numerous fixes such as resetting winsock and ipv4 and ipv6, uninstalling and re-installing my wireless card, and a numerous of cmd netsh resets.

Laptop Model: Lenovo Thinkpad T510 series
OS: Windows 7 32 bit
Router: Near Gear N600 Wireless Dual Broadband
Internet: Cable(Comcast XFINITY)

Also system restore does not work because it claims i have no available restores even though i should, also for the life of me i cant figure out how to interrupt the booting so i can boot from last known goo configuration(is that the same as system restore?). lastly sometimes when i run the windows diagnostics the error i receive is something like "Windows could not automatically connect to the servers proxy" even though i have checked and there are no proxies nor have added one.

Here is the minitoolbox report and if you need the Farbar results i can post that too

MiniToolBox by Farbar
Ran by mcqueeneym (administrator) on 19-12-2011 at 19:30:27
Microsoft Windows 7 Professional Service Pack 1 (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================



127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90

There are 14864 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6200 AGN = Wireless Network Connection (Connected)
MAC Bridge Miniport = Network Bridge (Hardware not present)
Intel® 82577LM Gigabit Network Connection = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : WITR95KKKX
Primary Dns Suffix . . . . . . . : wit.private
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : wit.private

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-27-10-25-24-09
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6200 AGN
Physical Address. . . . . . . . . : 00-27-10-25-24-08
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9deb:5301:f8ec:dd30%20(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.221.48(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82577LM Gigabit Network Connection
Physical Address. . . . . . . . . : F0-DE-F1-01-8C-4A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A45A5C18-561E-42A1-A2F6-BB397214EEA6}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{249DF448-5DE2-4398-9530-66E997301D7A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6F7086DF-D219-4D65-A803-AFC40CAF749A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: fec0:0:0:ffff::1

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: fec0:0:0:ffff::1

Ping request could not find host yahoo.com. Please check the name and try again.
Server: UnKnown
Address: fec0:0:0:ffff::1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
21...00 27 10 25 24 09 ......Microsoft Virtual WiFi Miniport Adapter
20...00 27 10 25 24 08 ......Intel® Centrino® Advanced-N 6200 AGN
10...f0 de f1 01 8c 4a ......Intel® 82577LM Gigabit Network Connection
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 169.254.221.48 281
169.254.221.48 255.255.255.255 On-link 169.254.221.48 281
169.254.255.255 255.255.255.255 On-link 169.254.221.48 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 169.254.221.48 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 169.254.221.48 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
20 281 fe80::/64 On-link
20 281 fe80::9deb:5301:f8ec:dd30/128
On-link
1 306 ff00::/8 On-link
20 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/19/2011 07:28:32 PM) (Source: LabVIEW) (User: )
Description: LabVIEW information: Error: Can't listen for HTTP on :8080 .

Error: (12/19/2011 07:28:32 PM) (Source: LabVIEW) (User: )
Description: LabVIEW information: Error: Can't open a socket on , port 8080 .

Error: (12/19/2011 07:28:31 PM) (Source: LabVIEW) (User: )
Description: LabVIEW information: Error: Can't start MPR services .

Error: (12/19/2011 07:28:31 PM) (Source: LabVIEW) (User: )
Description: LabVIEW information: Error: Probable system network configuration error .

Error: (12/19/2011 07:28:31 PM) (Source: LabVIEW) (User: )
Description: LabVIEW information: Error: Can't open a select UDP port between : 9473 and 9483 on any network address .

Error: (12/19/2011 07:28:31 PM) (Source: LabVIEW) (User: )
Description: LabVIEW information: Error: Can't open a select UDP port between : 9473 and 9483 on 127.0.0.1) .

Error: (12/19/2011 07:28:26 PM) (Source: LabVIEW) (User: )
Description: LabVIEW information: Error: Can't listen for HTTP on :3580 .

Error: (12/19/2011 07:28:26 PM) (Source: LabVIEW) (User: )
Description: LabVIEW information: Error: Can't open a socket on , port 3580 .

Error: (12/19/2011 07:28:24 PM) (Source: NI Variable Engine) (User: SYSTEM)SYSTEM
Description: C:\Program Files\National Instruments\Shared\Tagger\ni_tagger_plugin_mxs.dll: Failure to load plugin: Unexpected Error: Unable to get the Interface from the plug-in.

Error: (12/19/2011 07:28:24 PM) (Source: NI Variable Engine) (User: SYSTEM)SYSTEM
Description: Unable to load the MXS configuration plugIn: Failed to get MAX Configuration interface for Tagger: 0x8004032f


System errors:
=============
Error: (12/19/2011 07:32:23 PM) (Source: Service Control Manager) (User: )
Description: The HTTP service failed to start due to the following error:
%%22

Error: (12/19/2011 07:32:23 PM) (Source: Service Control Manager) (User: )
Description: The HTTP service failed to start due to the following error:
%%22

Error: (12/19/2011 07:32:08 PM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service terminated with service-specific error %%-2147014846.

Error: (12/19/2011 07:32:08 PM) (Source: Microsoft-Windows-Bits-Client) (User: SYSTEM)
Description: The BITS service failed to start. Error 2147952450.

Error: (12/19/2011 07:32:05 PM) (Source: DCOM) (User: )
Description: {80C25488-192B-4DE2-8150-5B2D2A2F835E}

Error: (12/19/2011 07:32:00 PM) (Source: Service Control Manager) (User: )
Description: The Sophos Agent service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (12/19/2011 07:31:42 PM) (Source: Service Control Manager) (User: )
Description: The Sophos Message Router service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (12/19/2011 07:31:38 PM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service terminated with service-specific error %%-2147014846.

Error: (12/19/2011 07:31:38 PM) (Source: Microsoft-Windows-Bits-Client) (User: SYSTEM)
Description: The BITS service failed to start. Error 2147952450.

Error: (12/19/2011 07:31:08 PM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service terminated with service-specific error %%-2147014846.


Microsoft Office Sessions:
=========================
Error: (12/19/2011 07:28:32 PM) (Source: LabVIEW)(User: )
Description: LabVIEW information: Error: Can't listen for HTTP on :8080

Error: (12/19/2011 07:28:32 PM) (Source: LabVIEW)(User: )
Description: LabVIEW information: Error: Can't open a socket on , port 8080

Error: (12/19/2011 07:28:31 PM) (Source: LabVIEW)(User: )
Description: LabVIEW information: Error: Can't start MPR services

Error: (12/19/2011 07:28:31 PM) (Source: LabVIEW)(User: )
Description: LabVIEW information: Error: Probable system network configuration error

Error: (12/19/2011 07:28:31 PM) (Source: LabVIEW)(User: )
Description: LabVIEW information: Error: Can't open a select UDP port between : 9473 and 9483 on any network address

Error: (12/19/2011 07:28:31 PM) (Source: LabVIEW)(User: )
Description: LabVIEW information: Error: Can't open a select UDP port between : 9473 and 9483 on 127.0.0.1)

Error: (12/19/2011 07:28:26 PM) (Source: LabVIEW)(User: )
Description: LabVIEW information: Error: Can't listen for HTTP on :3580

Error: (12/19/2011 07:28:26 PM) (Source: LabVIEW)(User: )
Description: LabVIEW information: Error: Can't open a socket on , port 3580

Error: (12/19/2011 07:28:24 PM) (Source: NI Variable Engine)(User: SYSTEM)SYSTEM
Description: C:\Program Files\National Instruments\Shared\Tagger\ni_tagger_plugin_mxs.dll: Failure to load plugin: Unexpected Error: Unable to get the Interface from the plug-in.

Error: (12/19/2011 07:28:24 PM) (Source: NI Variable Engine)(User: SYSTEM)SYSTEM
Description: Unable to load the MXS configuration plugIn: Failed to get MAX Configuration interface for Tagger: 0x8004032f


========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 3059.67 MB
Available physical RAM: 1790.13 MB
Total Pagefile: 6117.63 MB
Available Pagefile: 4760.05 MB
Total Virtual: 2047.88 MB
Available Virtual: 1934.7 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:297.99 GB) (Free:59.79 GB) NTFS

========================= Users: ========================================

User accounts for \\

Administrator Guest Home
Mcx1-WITR95KKKX serviceacct setup
SophosSAUWITR95KKKX0


**** End of log ****

Two programs i haven't tried are combo fix and ccleaner but i know running combofix can be tricky.

IDEA: i have a desktop that runs 32 bit win 7 could i create a repair disk on it and use it on my laptop or will it break it more because of the different hardware

Lastly im not sure if everyone who has this problem has download your FIXNCR.reg but could that be the problem?

Thanks in advanced for any help you can offer

-Superbleeder

BC AdBot (Login to Remove)

 


#2 Superbleeder

Superbleeder
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:38 PM

Posted 20 December 2011 - 01:25 PM

Here is the Farbar Scan as well

Farbar Service Scanner
Ran by mcqueeneym (administrator) on 20-12-2011 at 13:20:11
Microsoft Windows 7 Professional Service Pack 1 (X86)
********************************************************

Service Check:
==============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

afd Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open afd registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open afd registry key. The service key does not exist.


File Check:
===========
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit

Connection Status:
==================
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Yahoo IP is accessible.

**** End of log ****

#3 computerxpds

computerxpds

    Bleepin' Comp


  • Moderator
  • 4,483 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:01:38 PM

Posted 20 December 2011 - 02:10 PM

You are going to need to reset the hosts file and remove the 10000 entries that loopback to localhost. To do this see here: http://support.microsoft.com/kb/972034

This will clear your hosts file and set it back to normal.
sigcomp.png 
If I have replied to a topic and you reply and I haven't gotten back to you within 48 hours (2 days) then send me a P.M.
Some important links: BC Forum Rules | Misplaced Malware Logs | BC Tutorials | BC Downloads |
Follow BleepingComputer on: Facebook! | Twitter! | Google+| Come join us on the BleepingComputer Live Chat on Discord too! |

#4 Superbleeder

Superbleeder
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:38 PM

Posted 20 December 2011 - 02:17 PM

***FIXED***

Reading the Farbar Service report i noticed the AFD issue so i checked my registry turns out the whole AFD folder was missing( HLKM/CurrentControlSet/Services) so i got a copy of it from my windows 7 desktop and rebooted and the internet is working again hopefully this will help anyone with the same problem

#5 computerxpds

computerxpds

    Bleepin' Comp


  • Moderator
  • 4,483 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:01:38 PM

Posted 20 December 2011 - 09:38 PM

Well glad you got it fixed, and thank you for posting how you fixed it.

Happy Holidays
sigcomp.png 
If I have replied to a topic and you reply and I haven't gotten back to you within 48 hours (2 days) then send me a P.M.
Some important links: BC Forum Rules | Misplaced Malware Logs | BC Tutorials | BC Downloads |
Follow BleepingComputer on: Facebook! | Twitter! | Google+| Come join us on the BleepingComputer Live Chat on Discord too! |




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users