TCP/IP stack whacked by malware; no DNS resolution

2013-06-08  Source: Original Site  Category:Windows NT / 2000 / XP  Views:0 

Advertisement

A friend of mine's kid got a bad load of malware and viruses into his network. I cleared everything out as far as I can tell and repaired one machine, but I think one of the nasties stomped on the TCP/IP stack of the other box pretty hard. I think I've covered all the bases and am now looking at a reinstall of the OS, but I thought I'd see if anyone else has run across this before I do that.

LAN setup:
- Comcast cable modem (motorola); Linksys BEFSR41 router; Linksys WAP11 into one of the Ethernet ports on the router. Router acts as DHCP server to LAN.

- Old Compaq Presario desktop machine running 98SE; wired connection to router. Among other nasty deeds, the malware did the LSP Fandango on the box, but I was able to repair it. This box is fine now.

- New Dell Inspiron 8600 laptop running XP Home (the problem machine).
Laptop has:
- Broadcom 440x Ethernet
- Dell TrueMobile 1300 Wi-Fi

Known conditions:

- LAN/Internet infrastructure is working. Win 98 box and my laptop (connected by either Ethernet or wireless) function perfectly.

- Both machines can ping each other by IP, as well as the router.

- Both machines can ping Internet locations by IP.

- Laptop cannot ping by URL- ping requests time out.

- Laptop can ping the loopback device using either "127.0.0.1" or "localhost"

- Laptop cannot browse by URL (using IE or Firefox).

- Outlook Express on laptop cannot resolve the Comcast mail servers' names. The servers are up and running.

- DNS server IP are correct.

- Laptop can ping and browse (using IE or Firefox) when booted into safe mode with networking support!

- Laptop exhibits the same problem using wired or wireless connection to LAN; both physical devices are working and configured correctly as far as I can see.

- The laptop exhibits the same behaviour on my network, using my DNS server IPs. Also- static vs. dynamic addressing is not the issue; been there, done that.

History/steps already taken:

- Ad Aware, SpyBot, HJT, etc. show the laptop to be clean now. (Was able to d/l latest updates for the programs while booted into safe mode).

- Firewalling is not the issue.

- I killed any unnecessary processes that I could identify (using Norton's Process Viewer)- no change in problem.

- Using "netsh int ip bla,bla" did not fix the problem.

- As per a Microsoft article related to the problem, I tried deleting the HKLM\System\CurrentControlSet\Services Winsock and Winsock2 entries and then reinstalling the TCP/IP protocol- still no change.

- Tried the WinSockXPfix.exe utility- it found nothing to fix.

- Rolled the system back to a restore point well before the date my friend said this started happening. Zip, zilch, nada- no change.

Have I missed something here, or is the system just yea and verily b0rked?

Related articles
  • TCP/IP stack whacked by malware; no DNS resolution 2013-06-08

    A friend of mine's kid got a bad load of malware and viruses into his network. I cleared everything out as far as I can tell and repaired one machine, but I think one of the nasties stomped on the TCP/IP stack of the other box pretty hard. I think I'

  • Any Body Who Know about TCP/IP stack in windows and how can we delete , insert or modify some packet 2012-01-27

    i am going to make an application firewall for that purpose i want to know about the vc++ programming of packet sniffer and proxy server and i want to know about tcp/ip stack working in windows and i want to handel it using vc++ . please tell me abou

  • TCP/IP Stack Implementation 2012-01-27

    Hi I am new to network programming and I have decided to base my final year project on TCP/IP stack implementation but since I am new to it I dont really know where to start from. I am looking for ideas on what/how to implement the protocol stack so

  • How can I disable TCP/IP Stack from My computer 2012-04-07

    Hei Gurus, How can I disable TCP/IP Stack from my system in windows OS (windows Xp,2000,98 etc...)

  • Best Linux distribution for drastic changes in TCP/IP stack and features 2012-07-06

    Hi I will be getting into some linux kernel programming and network internal. Please tell me which is the best Linux distribution to install on my computers for making drastic changes to the TCP/IP stack and making new features, and possibly distribu

  • How to port tcp/ip stack 2012-07-23

    Please let me know how to port tcp/ip stack on microcontroller. I am using Linux. Please provide me any Documents or materails. Please help me. I sincerely appreciate and

  • Ubuntu modify the tcp/ip stack 2012-12-24

    I need to modify the tcp/ip stack for which i must know where it resides. Can I get the exact path address to the interface between the data link layer and the network layer and any other that I should know. This is for my thesis.

  • kernel Iptables/TCP/IP stack 2013-03-24

    what is the specifics on connecting the IPtables to the kernel? Where can I get info on these specifics? I also need specifics on how the TCP/IP stack connects to the kernel.

  • Oracle TCP/IP Stacks 2013-05-26

    I just saw an employment ad. in a local paper. The company is looking for an Oracle DBA. One of the requirements for the post is the knowledge of "TCP/IP Stacks". What exactly is "TCP/IP Stacks"? Thks.

  • Problem with MS TCP/IP stack 2013-07-24

    I seem to be having a problem with the TCP/IP stack on MS Windows Server 2003 SP 2. The sender/receiver both advertise a window size of 65535 with the windows scale option set to 1, so that should make a grand total of around 130 Kbytes. The sender i

  • c source code for TCP IP stack 2013-07-29

    can anyone help me in finding a c source code for TCP IP stack, which is simple enough for me to edit to suit data transmission from user buffer(my c program). I would like to avoid too much platform dependent libraries as I like to use this source c

  • TCP/IP Stack Issues 2014-02-10

    Just repaired Windows through the OS Disk, not the command prompt. Coming back, all looks great, except one LARGE issue. Cannot get into the internet at all. I can get a valid ip address, and can ping websites and other computers, but CANNOT ping the

  • Dead TCP/IP Stack = DEAD VISTA !! 2014-02-17

    I managed to wreck Windows Vista accidently in record breaking time, only a few minutes needed: 1. Remove all protocols from "connections". 2. Remove network device. 3. Wait until Vista detects it's a non genuine copy or it's trail has expired. 4. Re

  • TCP/IP stack 2014-04-24

    Hye.I am working on voip so can anyone plz grant me the source code for a TCP/IP stack.I will be very grateful for ur time and help.

  • Need Assistance: Enable TCP/ IP stack of Ethernet chip 2014-05-10

    Facing problems to send/ receive packets between Linux PC and Development Board through RJ45 Ethernet cable. Development Board has microcontroller A( master) which monitors all other interfaces. There is a enc28j60 Ethernet chip mounted on the Develo

  • Ubuntu using WINE to install cisci vpn client says no microsoft TCP/IP stack is installed 2014-07-28

    When using WINE to install cisci vpn client it says no microsoft TCP/IP stack is installed. After this error it does install but the CISCI VPN client does not work as expected. I have a licenced copy of Microsoft XP should I install the DLL's to fix

  • Ubuntu TCP/IP Stack 2014-11-04

    I was currently working in ubuntu (Feisty Fawn) and I tried to install a CISCO VPN program. During the installation it said it may not work properly if I do not install the TCP/IP Stack for Microsoft. I don't know why, but I selected "YES" to install

  • the TCP/IP stack 2014-11-04

    I am new to TCP/IP stack. I got a question: If I have a TCP/IP stack and a device driver. The device driver basically implement the data link layer and MAC layer. When I pass a buffer, i.e. buffer A to TCP/IP stack through a scoket. The TCP/IP proces

  • Windows & TCP/IP stack 2014-11-13

    I need to write an application that will send frames over Ethernet by the use of windows TCP/IP stack. I heard that windows itself periodically sends some frames through the Ethernet port, so that the interface is shared between the application and w

  • Ubuntu The Microsoft TCP/IP Stack 2015-06-13

    Greetings! I'm trying to run one of the programs I have on Ubuntu with Wine I get this error: Error 28001: The Microsoft TCP/IP stack is not installed. To install the [ProtectName] safely, you should first install an IP stack. Any idea where or how c