ARGHH! Can't get this laptop to connect

'putertutor

'putertutor

Well-Known Member
Reaction score
75
Location
Montana
I've got a laptop that is giving me a headache. It came in with no internet connectivity both wired and wireless. Pinging 127.0.0.1 results in a general failure.

I did my basic malware removal which caught the normal stuff, but still no connection.
A quick boot into linux and both the wireless and ethernet connections run fine.
I updated drivers, completely uninstalled and re-installed the drivers, no luck.
Flushed dns. Nothing
Reset TCP/IP (netsh int ip reset resetlog.txt), also with no change
Ran NetAdapterRepair, which has helped in similar circumstances in the past. Nothing

This is happening on both wireless and wired connections. The AP is working fine and all other devices on it can get online. This also happened before it go to my network, so that isn't it.

Not sure where to go from here. Looking for a little advice.
 
You've proved the hardware is working so the issue is software. Looks like you've done everything i could think of except the hosts file and check out lan network connections, possibly delete them and let windows recreate them.

Edit: Desperate, try the tweaking.com Windows Repair AIO thingy..
 
Output of ipconfig /all?
What does the hosts - usually %systemroot%\system32\drivers\etc\- file say?
Ping FQDN and IP's?
Remove all firewall and AV software using OEM software removal tools?

At any rate I'd probably be recommending a nuke and pave if it's not a major issue with the EU. Trying to resolve these mysterious M$ no network connections issues usually result in hours of trial and error and then still have to do a nuke and pave.
 
Check to make sure its not running in selective startup, also check if you can start windows defender. Fire up autoruns to see if you spot anything weird running or missing. Definitely run AIO, Try installing a USB wifi just to see if it does anything different. Check for hidden device drivers. That's it for now....
 
ipconfig /all shows an autoconfig ip address and a bad dns server address (fec0:0:0: etc). That's the same both with and without av and firewall. Nothing unusual in the hosts file.

I ran AIO and no change either. I think I might be up against an N&P, bummer as I haven't had to do on of those for something like this in a long time.
 
Is there an antivirus hidden driver installed like Norton possibly? It's a long shot but I've had this happen after uninstalling antiviruses and then had to use the removal tool for said antivirus to get the network adapters to work again.
 
Kinda reminds me of the zero access fix for XP, where you had to uninstall/reinstall tcp/ip. Can you get to the properties page for tcp/ip?
 
I removed some Mcafee drivers, but didn't find anything else suspicious. Tomorrow I'll do a repair installation - I've been holding off in the hopes I could hunt this thing down the old fashioned way. It's late and I'm taking a college visit road trip with my daughter tomorrow [sniff] so I've got to get up early. Thanks for the help so far, guys.
 
What happens if you just jam in the correct IP/DNS/GATEWAY settings into the network card properties? I've had that procedure shake something loose in the past... I would also try installing a known-working USB wifi adapter. Delete the network cards from device manager, let them redetect. Turn off IPv6 - that bad DNS address you posted looks like the beginning of a v6 address.
 
We've seen two of these in the last couple days. We check the network adapter and plenty of packets coming and going but nothing on the computer knows it's connected to the Internet. I guess I should back up; the laptops will connect to wireless and the port but any software and the browsers believe it's not connected. Malware scans didn't solve it. Popped open command prompt, doesn't resolve any addresses but again all sorts of packet activity so we know it's connected and talking to someone. Sniffed the packets and found it talking to an IP in 100 A-Block. I should of copied the full IP but remember the 100. something. So I knew it had a proxy installed somewhere. Checked host file, clean and of course it wasn't just related to browsers but checked them anyways and all clean. Scanned the registry for the IP and found the bugger. 3 entries directing all tcp traffic through that IP. Strange hitmanpro and rougekiller didn't catch them but dumped those keys and presto all fixed.

Not sure if related to what OP saw but just sharing that there is a rather new infection redirecting packets through the registry. The second machine came in with the exact same problem from a pizza tech panicking because his client had to go to College in a few hours and he spent 2 days trying to fix it. He even tried new adapters and could get the laptop to recognize it WAS connected to the Internet. :D

If we see it again, I'll better document the registry keys and rouge IP addy.
 
inbargains said:
We've seen two of these in the last couple days. We check the network adapter and plenty of packets coming and going but nothing on the computer knows it's connected to the Internet. I guess I should back up; the laptops will connect to wireless and the port but any software and the browsers believe it's not connected. Malware scans didn't solve it. Popped open command prompt, doesn't resolve any addresses but again all sorts of packet activity so we know it's connected and talking to someone. Sniffed the packets and found it talking to an IP in 100 A-Block. I should of copied the full IP but remember the 100. something. So I knew it had a proxy installed somewhere. Checked host file, clean and of course it wasn't just related to browsers but checked them anyways and all clean. Scanned the registry for the IP and found the bugger. 3 entries directing all tcp traffic through that IP. Strange hitmanpro and rougekiller didn't catch them but dumped those keys and presto all fixed.

Not sure if related to what OP saw but just sharing that there is a rather new infection redirecting packets through the registry. The second machine came in with the exact same problem from a pizza tech panicking because his client had to go to College in a few hours and he spent 2 days trying to fix it. He even tried new adapters and could get the laptop to recognize it WAS connected to the Internet. :D

If we see it again, I'll better document the registry keys and rouge IP addy.
Click to expand...
You should add this to the Resource Discussion section.
 
inbargains said:
We've seen two of these in the last couple days. We check the network adapter and plenty of packets coming and going but nothing on the computer knows it's connected to the Internet. I guess I should back up; the laptops will connect to wireless and the port but any software and the browsers believe it's not connected. Malware scans didn't solve it. Popped open command prompt, doesn't resolve any addresses but again all sorts of packet activity so we know it's connected and talking to someone. Sniffed the packets and found it talking to an IP in 100 A-Block. I should of copied the full IP but remember the 100. something. So I knew it had a proxy installed somewhere. Checked host file, clean and of course it wasn't just related to browsers but checked them anyways and all clean. Scanned the registry for the IP and found the bugger. 3 entries directing all tcp traffic through that IP. Strange hitmanpro and rougekiller didn't catch them but dumped those keys and presto all fixed.

Not sure if related to what OP saw but just sharing that there is a rather new infection redirecting packets through the registry. The second machine came in with the exact same problem from a pizza tech panicking because his client had to go to College in a few hours and he spent 2 days trying to fix it. He even tried new adapters and could get the laptop to recognize it WAS connected to the Internet. :D

If we see it again, I'll better document the registry keys and rouge IP addy.
Click to expand...
wow, nice work. I reckon I saw this a while ago shortly before a N&P.
 
Pacific Blue IT said:
What did you use to sniff the packets and determine IP?
Wireshark?
Crowdinspect?
Click to expand...


I just use sysinternals TCPView. It picked it right up showing the IP and large number of packets passing back and forth. Pretty obvious when you think you have a system not connected to the outside world and but it's passing 11,000 packets in a matter of minutes to someone :)
 
Maybe a good idea to blend that into the routine for final checks on infected PC's. Would this catch attempts to contact Tor and I2P?

Now, if we could get a daily list of infected Wordpress sites...
 
inbargains said:
We've seen two of these in the last couple days. We check the network adapter and plenty of packets coming and going but nothing on the computer knows it's connected to the Internet. I guess I should back up; the laptops will connect to wireless and the port but any software and the browsers believe it's not connected. Malware scans didn't solve it. Popped open command prompt, doesn't resolve any addresses but again all sorts of packet activity so we know it's connected and talking to someone. Sniffed the packets and found it talking to an IP in 100 A-Block. I should of copied the full IP but remember the 100. something. So I knew it had a proxy installed somewhere. Checked host file, clean and of course it wasn't just related to browsers but checked them anyways and all clean. Scanned the registry for the IP and found the bugger. 3 entries directing all tcp traffic through that IP. Strange hitmanpro and rougekiller didn't catch them but dumped those keys and presto all fixed.

Not sure if related to what OP saw but just sharing that there is a rather new infection redirecting packets through the registry. The second machine came in with the exact same problem from a pizza tech panicking because his client had to go to College in a few hours and he spent 2 days trying to fix it. He even tried new adapters and could get the laptop to recognize it WAS connected to the Internet. :D

If we see it again, I'll better document the registry keys and rouge IP addy.
Click to expand...
You sir, are a genius. This is a great suggestion and post. As soon as I get back from this college tour, I will check that and hope I have the same issue. Regardless, well played.
 
You must log in or register to reply here.

Similar threads

HCHTech
New+old Unifi setup struggles
Replies
8
Views
1K
HCHTech
HCHTech
HCHTech
No internet
2
Replies
25
Views
4K
YeOldeStonecat
YeOldeStonecat
thecomputerguy
Issues connecting a computer to two networks LAN & WiFi
Replies
2
Views
800
thecomputerguy
thecomputerguy
D
Can't connect to ANY websites, Can ping just fine, strangest problem I've ever seen!
2 3
Replies
42
Views
7K
nextechinc
N
C
A few computers refused to get an ip address.
Replies
16
Views
2K
HCHTech
HCHTech
Back
Top