After removing malware XP can't get IP address

  bfoc 10:53 AM 13 Sep 10
Locked

A friend had problems with their XP (SP 3) machine and asked me to check it. I used a Kaspersky Linux based bootable CD to check their machine. It found and cleaned a large amount of malware.

The machine works fine now but it is unable to get an IP address to allow it to connect to the internet. This happens with both a wireless and wired connection and isn't hardware related as the Linux based Kaspersky CD can download updates.

I have tried releasing all IP addresses and flushing the DNS cache, all to no avail. I also cannot access Windows Firewall. The friends cannot locate their XP CD – if they had one.

Any suggestions?

  mgmcc 12:50 PM 13 Sep 10

Run ipconfig /all in a Command Prompt window. Go to “Start > Run”, type…

cmd.exe /k ipconfig /all

...and press Enter. This will show details of all network adapters installed in the PC. Right click in the Command Prompt window, "Select All" and press Enter to copy the details to the clipboard. Paste the details into a forum reply here.

If you are unable to paste the details directly from the computer, because it cannot get online, paste them instead into a blank "Notepad" file, transfer the file to a working PC and copy/paste the details from there.

  bfoc 13:16 PM 13 Sep 10

Thanks for that response.

I'll do that a bit later when I have access to the machine again. As it can't access the internet I'll then have to transfer them to my machine to post them.

I'm pretty sure that for the ethernet adapter it had no entries at all under:
IP Address:
Subnet Mask:
Default Gateway:

But I'll post the full results shortly.

  T0SH 13:38 PM 13 Sep 10

While you are at it check in internet options on the connections tab at the bottom click on the Lan Settings button in the window that opens there should be no ticks in any of the boxes

Cheers HC

  bfoc 13:39 PM 13 Sep 10

Windows IP Configuration
Host Name . . . . . . . . . . . . : FAMILY
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 4:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-13-72-B1-05-B1
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 0.0.0.0

Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 802.11 USB Wireless LAN Card
Physical Address. . . . . . . . . : 00-1F-1F-62-EC-0C
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 0.0.0.0

  bfoc 13:48 PM 13 Sep 10

There are currently no boxes ticked but I have tried it with Automatically Detect Settings both ticked and unticked.

  mgmcc 21:33 PM 13 Sep 10

You said in your original post that you'd "released" all IP addresses, presumably by running IPCONFIG /RELEASE

Did you follow that with IPCONFIG /RENEW to force the adapters to request new addresses from the DHCP server?

Something else to try is to repair the TCP/IP stack and Winsock. Open a Command Prompt window ("Start > Run", type CMD and click OK).

To repair the TCP/IP stack, at the prompt, type...

netsh int ip reset resetlog.txt

...and press Enter

(note the spaces in the command line). The original prompt will reappear, exit the Command Prompt window and reboot the PC.

To reset Winsock entries, at the prompt, type...

netsh winsock reset catalog

...and press Enter

Exit the Command Prompt window and reboot the PC. (If running both repairs, reboot only after running the second command.)

  bfoc 22:07 PM 13 Sep 10

I have done both of those steps and re-started but to no avail.

I had also tried the ipconfig /renew previously but tried it again and an error message came up that the RPC Server was not available.

I have checked via the Admin Tools and the RPC service is listed as started. It doesn't show any dependencies.

  mgmcc 22:37 PM 13 Sep 10

You could try allocating fixed IP addresses but, if that doesn't work and in view of your having removed a lot of malware, I'm inclined to think a reinstall of Windows may be necessary.

...unless someone else has another solution.

  bfoc 22:42 PM 13 Sep 10

Unfortunately as they can't locate a Windows XP CD, then this may be difficult.

  Ashrich 22:08 PM 14 Sep 10

Quite often after a virus/malware removal the TCP/IP stack get corrupted .

It is simple to reset this by opening a command prompt and typing in ( without quote marks ) " netsh int ip reset resetlog.txt " and then press enter . Might as well do the Winsock as well , again from the command prompt type in " netsh winsock reset catalog " and press enter . You will be prompted to reboot the system . See if that helps .

Ashley

Advertisement

This thread is now locked and can not be replied to.

Sony Xperia Z5 review: Hands-on with the phone which the Z3+ should have been

1995-2015: How technology has changed the world in 20 years

How to choose a photographer

iPhone 6S preview: What to expect from Apple's next iPhone