Sign in with
Sign up | Sign in
Your question

Network issues after Virus removal

Tags:
  • IP Address
  • Virus
  • Windows XP
Last response: in Windows XP
Share
November 4, 2011 5:27:12 PM

Hello,
Good day, I recently was troubleshooting an issue on my fathers system where he had a virus that was bluescreening his computer. I had no luck removing the virus on the machine itself as the virus was too clever. I decided to slave the drive on a clean windows 7 machine and ran bitdefender and avast scans on it. This cleaned up a bunch of files however after I reinstalled the drive into the laptop, I found that the network on it would not work.

The system was not able to get an IP address because the DHCP service could not start. I did some reading and I ended up replacing the netbt.sys file as it was missing. Now DHCP starts and the system now gets a valid IP address. I can ping the gateway ie. 192.168.0.1 fine but I couldn't ping www.google.com or anything by name. I noticed that the other systems on my network used my providers DNS servers but this xp system was trying to use 192.168.0.1 (my router) as its dns server. So I tried hardcoding the IP address of my providers DNS serves in the TCP/IP properties of the physical NIC. I still can't ping www.google.com or anthing outside my network by name. I can however ping google by its IP address. I can also surf to google by IP address. I imagine I can surf anywhere by IP.

The DNS service is running on my system.

Anyone have any ideas? This system was my mothers, who passed away. My Dad is soooo scared to loose something of her's and will not settle for a complete system backup as I have proposed.

More about : network issues virus removal

November 4, 2011 5:50:25 PM

bbcac said:
Hello,
Good day, I recently was troubleshooting an issue on my fathers system where he had a virus that was bluescreening his computer. I had no luck removing the virus on the machine itself as the virus was too clever. I decided to slave the drive on a clean windows 7 machine and ran bitdefender and avast scans on it. This cleaned up a bunch of files however after I reinstalled the drive into the laptop, I found that the network on it would not work.

The system was not able to get an IP address because the DHCP service could not start. I did some reading and I ended up replacing the netbt.sys file as it was missing. Now DHCP starts and the system now gets a valid IP address. I can ping the gateway ie. 192.168.0.1 fine but I couldn't ping www.google.com or anything by name. I noticed that the other systems on my network used my providers DNS servers but this xp system was trying to use 192.168.0.1 (my router) as its dns server. So I tried hardcoding the IP address of my providers DNS serves in the TCP/IP properties of the physical NIC. I still can't ping www.google.com or anthing outside my network by name. I can however ping google by its IP address. I can also surf to google by IP address. I imagine I can surf anywhere by IP.

The DNS service is running on my system.

Anyone have any ideas? This system was my mothers, who passed away. My Dad is soooo scared to loose something of her's and will not settle for a complete system backup as I have proposed.



What is in your hosts file ? Sounds like you are pretty capable of editiing it, but in case you need it,

http://kb.simplywebhosting.com/idx/0/045/article/
m
0
l
November 4, 2011 6:16:18 PM

The hosts file looks normal as i remember as I did check this orginally before taking the drive out of the laptop and slaving on my computer.

I will double check to make sure that is still the case when I get home. The issue seems to be larger then that as every site I try causes issues. Yet surfing to them by IP address works fine.
m
0
l
Related resources
November 4, 2011 8:47:43 PM

bbcac said:
The hosts file looks normal as i remember as I did check this orginally before taking the drive out of the laptop and slaving on my computer.

I will double check to make sure that is still the case when I get home. The issue seems to be larger then that as every site I try causes issues. Yet surfing to them by IP address works fine.


Have you tried reacquiring the DNS:

ipconfig release

ipconfig flush

ipconfig renew


m
0
l
November 5, 2011 2:56:52 AM

hosts file looks normal with no entries in it.

the ipconfig steps also did not change anything
m
0
l
November 5, 2011 4:36:07 AM

bbcac said:
hosts file looks normal with no entries in it.

the ipconfig steps also did not change anything



I may be wrong here, but I think tcp/ip utilities like ping use hosts file for dns name resolution if not using dhcp.
m
0
l
November 5, 2011 11:49:32 AM

i think you are incorrect
i have seen alot of host files and they rarely have any entries in them.
i think that wins / dns are the primary name to adress resolution methods although the hosts file would likely trump them, we don't see them get used very often

m
0
l
November 5, 2011 1:36:24 PM

bbcac said:
i think you are incorrect
i have seen alot of host files and they rarely have any entries in them.
i think that wins / dns are the primary name to adress resolution methods although the hosts file would likely trump them, we don't see them get used very often



I just did a ping, successful.

removed the dns name from host file

got a time out.
m
0
l
November 5, 2011 10:45:27 PM

No computer in my house or place of work has a single address in the hosts file (other then the loopback) yet I can ping fine. what os do you use and what is the location of the hosts file
m
0
l
November 6, 2011 7:43:34 AM

bbcac said:
No computer in my house or place of work has a single address in the hosts file (other then the loopback) yet I can ping fine. what os do you use and what is the location of the hosts file


Windows XP (Home and PRO) -- I have both
Hosts file is located in:

c:\windows\system32\drivers\etc\


I use Hostsmanager, for protection against malicious websites as well as advertising servers, and host file protection, so my hostfile has over 250,000 entries. I selected one at random, pinged it ok, deleted it from hosts, pinged again and got timeout, so the TCP/IP utility does in my case use the host file. I do not use dhcp servers for the dsn resolution, nor do I run behind a router.
m
0
l
!