• Welcome to Tux Reports: Where Penguins Fly. We hope you find the topics varied, interesting, and worthy of your time. Please become a member and join in the discussions.

System Restore caused loss of LAN connection, any solutions?

F

Flora

Flightless Bird
Hello,

After a possible hacker attempt that resulted in my anti-virus program being
disabled, I did a System Restore and went back a few days; it showed as
successfully completed. However, my Internet connection was gone, and even
resetting my modem did not work. I spent a good deal of time on the phone
with my ISP trying to solve it, going through all my connectivity steps, and
she finally said it was probably a bad ethernet cable. I knew that was not
it, so I undid the restore and behold, my connection was back! Has anyone
else had this experience? I have never had that happen before!I really want
to do a restore but if this happens again I will just have to undo it. Is
there something I should do BEFORE I begin the process that would avoid this
issue?


--
Thank you,
Flora
 
A

Anteaus

Flightless Bird
The fact that your AV was successfully disabled suggests that malware gained
a foothold. If so I wouldn't assume that a system restore would remove it
completely. Unless you know the name and precise characteristics of the
malware, a reinstall is the safest option.

There are numerous areas which the malware could have tampered with to
cause this kind if issue. I assume you've checked your TCP/IP settings
(ipconfig /all) and can ping the router?

Have you tried a tracert to the IP address of a website, for example tracert
207.46.197.32 ? This can sometimes show-up where the problem lies. (not all
hosts do reply but if you get out past your ISP's routers then you are online)

Then try an nslookup, e.g. nslookup microsoft.com to see if you have DNS
problems.

It's possible the malware has inserted a shim into the IP stack, to
intercept communications. LSPFix should reveal this, if present.

http://www.cexx.org/lspfix.htm


"Flora" wrote:

> Hello,
>
> After a possible hacker attempt that resulted in my anti-virus program being
> disabled, I did a System Restore and went back a few days; it showed as
> successfully completed. However, my Internet connection was gone, and even
> resetting my modem did not work. I spent a good deal of time on the phone
> with my ISP trying to solve it, going through all my connectivity steps, and
> she finally said it was probably a bad ethernet cable. I knew that was not
> it, so I undid the restore and behold, my connection was back! Has anyone
> else had this experience? I have never had that happen before!I really want
> to do a restore but if this happens again I will just have to undo it. Is
> there something I should do BEFORE I begin the process that would avoid this
> issue?
>
>
> --
> Thank you,
> Flora
 
P

PA Bear [MS MVP]

Flightless Bird
There is a very good chance that you are seeing the effects of a hijackware
infection!

NB: If you had no anti-virus application installed or the subscription had
expired *when the machine first got infected* and/or your subscription has
since expired and/or the machine's not been kept fully-patched at Windows
Update, don't waste your time with any of the below: Format & reinstall
Windows. A Repair Install will NOT help!

Microsoft PCSafety provides home users (only) with no-charge support in
dealing with malware infections such as viruses, spyware (including unwanted
software), and adware.
https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1

Also available via the Consumer Security Support home page:
https://consumersecuritysupport.microsoft.com/

Otherwise...

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/malwareremove/default.mspx

NB: Run the FULL scan, not the QUICK scan! You may need to download the
MSRT on a non-infected machine, then transfer MRT.EXE to the infected
machine and rename it to SCAN.EXE before running it.

2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan (only!)
in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

2b. Vista or Win7=> Run this scan instead:
http://onecare.live.com/site/en-us/center/whatsnew.htm

3. Now run a thorough check for hijackware, including posting requested logs
in an appropriate forum, not here. DO NOT SKIP THIS STEP!!

Checking for/Help with Hijackware:
• http://mvps.org/winhelp2002/unwanted.htm
• http://inetexplorer.mvps.org/tshoot.html
• http://www.mvps.org/sramesh2k/Malware_Defence.htm
• http://www.elephantboycomputers.com/page2.html#Removing_Malware

**Chances are you will need to seek expert assistance in
http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5,
http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php,
http://aumha.net/viewforum.php?f=30 or other appropriate forums.**

If these procedures look too complex - and there is no shame in admitting
this isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.

Flora wrote:
> Hello,
>
> After a possible hacker attempt that resulted in my anti-virus program
> being
> disabled, I did a System Restore and went back a few days; it showed as
> successfully completed. However, my Internet connection was gone, and even
> resetting my modem did not work. I spent a good deal of time on the phone
> with my ISP trying to solve it, going through all my connectivity steps,
> and
> she finally said it was probably a bad ethernet cable. I knew that was not
> it, so I undid the restore and behold, my connection was back! Has anyone
> else had this experience? I have never had that happen before!I really
> want
> to do a restore but if this happens again I will just have to undo it. Is
> there something I should do BEFORE I begin the process that would avoid
> this
> issue?
 
Top