Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Another case of invalid IP address after removing SECURITY PROTECTION


  • Please log in to reply

#16
hate169IP

hate169IP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Hi Ron,

Sorry, was out of town myself for a bit. Here's the info:




! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT
Type REG_DWORD 0x1
Start REG_DWORD 0x1
ErrorControl REG_DWORD 0x1
Tag REG_DWORD 0x5
ImagePath REG_EXPAND_SZ system32\DRIVERS\netbt.sys
DisplayName REG_SZ NetBios over Tcpip
Group REG_SZ PNP_TDI
DependOnService REG_MULTI_SZ Tcpip\0\0
DependOnGroup REG_MULTI_SZ \0
Description REG_SZ NetBios over Tcpip

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Linkage
OtherDependencies REG_MULTI_SZ Tcpip\0\0
Bind REG_MULTI_SZ \Device\Tcpip6_{591BAF43-B505-4152-83EF-753539F9E66E}\0\Device\Tcpip6_{FE9C6D4E-B5F0-46AD-8D8B-3E06CB3185B4}\0\Device\Tcpip6_{F660E6A5-4AA5-4548-AC5B-C247F5FB49FC}\0\Device\Tcpip_{C767D1E7-E595-422B-A3A4-30F20CF72642}\0\Device\Tcpip_{FE9C6D4E-B5F0-46AD-8D8B-3E06CB3185B4}\0\Device\Tcpip_{591BAF43-B505-4152-83EF-753539F9E66E}\0\Device\Tcpip_{2810EB22-763D-4D0C-9450-64BBD1758685}\0\Device\Tcpip_{531D3D38-B38F-4A40-9052-52EFBA55506B}\0\0
Route REG_MULTI_SZ "Tcpip6" "{591BAF43-B505-4152-83EF-753539F9E66E}"\0"Tcpip6" "{FE9C6D4E-B5F0-46AD-8D8B-3E06CB3185B4}"\0"Tcpip6" "{F660E6A5-4AA5-4548-AC5B-C247F5FB49FC}"\0"Tcpip" "{C767D1E7-E595-422B-A3A4-30F20CF72642}"\0"Tcpip" "{FE9C6D4E-B5F0-46AD-8D8B-3E06CB3185B4}"\0"Tcpip" "{591BAF43-B505-4152-83EF-753539F9E66E}"\0"Tcpip" "NdisWanIp"\0\0
Export REG_MULTI_SZ \Device\NetBT_Tcpip6_{591BAF43-B505-4152-83EF-753539F9E66E}\0\Device\NetBT_Tcpip6_{FE9C6D4E-B5F0-46AD-8D8B-3E06CB3185B4}\0\Device\NetBT_Tcpip6_{F660E6A5-4AA5-4548-AC5B-C247F5FB49FC}\0\Device\NetBT_Tcpip_{C767D1E7-E595-422B-A3A4-30F20CF72642}\0\Device\NetBT_Tcpip_{FE9C6D4E-B5F0-46AD-8D8B-3E06CB3185B4}\0\Device\NetBT_Tcpip_{591BAF43-B505-4152-83EF-753539F9E66E}\0\Device\NetBT_Tcpip_{2810EB22-763D-4D0C-9450-64BBD1758685}\0\Device\NetBT_Tcpip_{531D3D38-B38F-4A40-9052-52EFBA55506B}\0\0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Parameters
NbProvider REG_SZ _tcp
NameServerPort REG_DWORD 0x89
CacheTimeout REG_DWORD 0x927c0
BcastNameQueryCount REG_DWORD 0x3
BcastQueryTimeout REG_DWORD 0x2ee
NameSrvQueryCount REG_DWORD 0x3
NameSrvQueryTimeout REG_DWORD 0x5dc
Size/Small/Medium/Large REG_DWORD 0x1
SessionKeepAlive REG_DWORD 0x36ee80
TransportBindName REG_SZ \Device\
EnableLMHOSTS REG_DWORD 0x1
DhcpNodeType REG_DWORD 0x2

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Parameters\Interfaces

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Parameters\Interfaces\Tcpip_{2810EB22-763D-4D0C-9450-64BBD1758685}
NameServerList REG_MULTI_SZ \0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Parameters\Interfaces\Tcpip_{531D3D38-B38F-4A40-9052-52EFBA55506B}
NameServerList REG_MULTI_SZ \0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Parameters\Interfaces\Tcpip_{591BAF43-B505-4152-83EF-753539F9E66E}
NameServerList REG_MULTI_SZ \0
NetbiosOptions REG_DWORD 0x0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Parameters\Interfaces\Tcpip_{C767D1E7-E595-422B-A3A4-30F20CF72642}
NameServerList REG_MULTI_SZ \0
NetbiosOptions REG_DWORD 0x0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Parameters\Interfaces\Tcpip_{FE9C6D4E-B5F0-46AD-8D8B-3E06CB3185B4}
NameServerList REG_MULTI_SZ \0
NetbiosOptions REG_DWORD 0x0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Security
Security REG_BINARY 01001480E8000000F4000000140000003000000002001C000100000002801400FF010F000101000000000001000000000200B80008000000000014008D01020001010000000000050B000000000018009D0102000102000000000005200000002302000000001800FF010F000102000000000005200000002002000000001800FF010F000102000000000005200000002502000000001400FD01020001010000000000051200000000001400400000000101000000000005130000000000140040000000010100000000000514000000000018009D0102000102000000000005200000002C020000010100000000000512000000010100000000000512000000

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Enum
0 REG_SZ Root\LEGACY_NETBT\0000
Count REG_DWORD 0x1
NextInstance REG_DWORD 0x1


Windows IP Configuration



No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.

An error occurred while renewing interface Local Area Connection 2 : unable to contact your DHCP server. Request has timed out.



Windows IP Configuration



Host Name . . . . . . . . . . . . : James

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Peer-Peer

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Wireless Network Connection 2:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection

Physical Address. . . . . . . . . : 00-1F-3C-7C-0A-AE



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller

Physical Address. . . . . . . . . : 00-1C-23-5A-73-10

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Autoconfiguration IP Address. . . : 169.254.89.107

Subnet Mask . . . . . . . . . . . : 255.255.0.0

IP Address. . . . . . . . . . . . : ?

Default Gateway . . . . . . . . . :

DNS Servers . . . . . . . . . . . : ?

?

?



Tunnel adapter Teredo Tunneling Pseudo-Interface:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : ?

Default Gateway . . . . . . . . . :

NetBIOS over Tcpip. . . . . . . . : Disabled
  • 0

Advertisements


#17
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
I don't see:

net start dhcp >> \junk.txt

in the text file.

Ron
  • 0

#18
hate169IP

hate169IP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Hi Ron,

Please let me know if anything is missing.

Best,

James


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT
Type REG_DWORD 0x1
Start REG_DWORD 0x1
ErrorControl REG_DWORD 0x1
Tag REG_DWORD 0x5
ImagePath REG_EXPAND_SZ system32\DRIVERS\netbt.sys
DisplayName REG_SZ NetBios over Tcpip
Group REG_SZ PNP_TDI
DependOnService REG_MULTI_SZ Tcpip\0\0
DependOnGroup REG_MULTI_SZ \0
Description REG_SZ NetBios over Tcpip

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Linkage
OtherDependencies REG_MULTI_SZ Tcpip\0\0
Bind REG_MULTI_SZ \Device\Tcpip6_{591BAF43-B505-4152-83EF-753539F9E66E}\0\Device\Tcpip6_{FE9C6D4E-B5F0-46AD-8D8B-3E06CB3185B4}\0\Device\Tcpip6_{F660E6A5-4AA5-4548-AC5B-C247F5FB49FC}\0\Device\Tcpip_{C767D1E7-E595-422B-A3A4-30F20CF72642}\0\Device\Tcpip_{FE9C6D4E-B5F0-46AD-8D8B-3E06CB3185B4}\0\Device\Tcpip_{591BAF43-B505-4152-83EF-753539F9E66E}\0\Device\Tcpip_{2810EB22-763D-4D0C-9450-64BBD1758685}\0\Device\Tcpip_{531D3D38-B38F-4A40-9052-52EFBA55506B}\0\0
Route REG_MULTI_SZ "Tcpip6" "{591BAF43-B505-4152-83EF-753539F9E66E}"\0"Tcpip6" "{FE9C6D4E-B5F0-46AD-8D8B-3E06CB3185B4}"\0"Tcpip6" "{F660E6A5-4AA5-4548-AC5B-C247F5FB49FC}"\0"Tcpip" "{C767D1E7-E595-422B-A3A4-30F20CF72642}"\0"Tcpip" "{FE9C6D4E-B5F0-46AD-8D8B-3E06CB3185B4}"\0"Tcpip" "{591BAF43-B505-4152-83EF-753539F9E66E}"\0"Tcpip" "NdisWanIp"\0\0
Export REG_MULTI_SZ \Device\NetBT_Tcpip6_{591BAF43-B505-4152-83EF-753539F9E66E}\0\Device\NetBT_Tcpip6_{FE9C6D4E-B5F0-46AD-8D8B-3E06CB3185B4}\0\Device\NetBT_Tcpip6_{F660E6A5-4AA5-4548-AC5B-C247F5FB49FC}\0\Device\NetBT_Tcpip_{C767D1E7-E595-422B-A3A4-30F20CF72642}\0\Device\NetBT_Tcpip_{FE9C6D4E-B5F0-46AD-8D8B-3E06CB3185B4}\0\Device\NetBT_Tcpip_{591BAF43-B505-4152-83EF-753539F9E66E}\0\Device\NetBT_Tcpip_{2810EB22-763D-4D0C-9450-64BBD1758685}\0\Device\NetBT_Tcpip_{531D3D38-B38F-4A40-9052-52EFBA55506B}\0\0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Parameters
NbProvider REG_SZ _tcp
NameServerPort REG_DWORD 0x89
CacheTimeout REG_DWORD 0x927c0
BcastNameQueryCount REG_DWORD 0x3
BcastQueryTimeout REG_DWORD 0x2ee
NameSrvQueryCount REG_DWORD 0x3
NameSrvQueryTimeout REG_DWORD 0x5dc
Size/Small/Medium/Large REG_DWORD 0x1
SessionKeepAlive REG_DWORD 0x36ee80
TransportBindName REG_SZ \Device\
EnableLMHOSTS REG_DWORD 0x1
DhcpNodeType REG_DWORD 0x2

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Parameters\Interfaces

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Parameters\Interfaces\Tcpip_{2810EB22-763D-4D0C-9450-64BBD1758685}
NameServerList REG_MULTI_SZ \0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Parameters\Interfaces\Tcpip_{531D3D38-B38F-4A40-9052-52EFBA55506B}
NameServerList REG_MULTI_SZ \0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Parameters\Interfaces\Tcpip_{591BAF43-B505-4152-83EF-753539F9E66E}
NameServerList REG_MULTI_SZ \0
NetbiosOptions REG_DWORD 0x0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Parameters\Interfaces\Tcpip_{C767D1E7-E595-422B-A3A4-30F20CF72642}
NameServerList REG_MULTI_SZ \0
NetbiosOptions REG_DWORD 0x0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Parameters\Interfaces\Tcpip_{FE9C6D4E-B5F0-46AD-8D8B-3E06CB3185B4}
NameServerList REG_MULTI_SZ \0
NetbiosOptions REG_DWORD 0x0

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Security
Security REG_BINARY 01001480E8000000F4000000140000003000000002001C000100000002801400FF010F000101000000000001000000000200B80008000000000014008D01020001010000000000050B000000000018009D0102000102000000000005200000002302000000001800FF010F000102000000000005200000002002000000001800FF010F000102000000000005200000002502000000001400FD01020001010000000000051200000000001400400000000101000000000005130000000000140040000000010100000000000514000000000018009D0102000102000000000005200000002C020000010100000000000512000000010100000000000512000000

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\NetBT\Enum
0 REG_SZ Root\LEGACY_NETBT\0000
Count REG_DWORD 0x1
NextInstance REG_DWORD 0x1


Windows IP Configuration



No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.

An error occurred while renewing interface Local Area Connection 2 : unable to contact your DHCP server. Request has timed out.



Windows IP Configuration



Host Name . . . . . . . . . . . . : James

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Peer-Peer

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Wireless Network Connection 2:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection

Physical Address. . . . . . . . . : 00-1F-3C-7C-0A-AE



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller

Physical Address. . . . . . . . . : 00-1C-23-5A-73-10

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Autoconfiguration IP Address. . . : 169.254.89.107

Subnet Mask . . . . . . . . . . . : 255.255.0.0

IP Address. . . . . . . . . . . . : ?

Default Gateway . . . . . . . . . :

DNS Servers . . . . . . . . . . . : ?

?

?



Tunnel adapter Teredo Tunneling Pseudo-Interface:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : ?

Default Gateway . . . . . . . . . :

NetBIOS over Tcpip. . . . . . . . : Disabled



Windows IP Configuration



No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.

An error occurred while renewing interface Local Area Connection 2 : unable to contact your DHCP server. Request has timed out.



Windows IP Configuration



Host Name . . . . . . . . . . . . : James

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Peer-Peer

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Wireless Network Connection 2:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection

Physical Address. . . . . . . . . : 00-1F-3C-7C-0A-AE



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller

Physical Address. . . . . . . . . : 00-1C-23-5A-73-10

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Autoconfiguration IP Address. . . : 169.254.89.107

Subnet Mask . . . . . . . . . . . : 255.255.0.0

IP Address. . . . . . . . . . . . : ?

Default Gateway . . . . . . . . . :

DNS Servers . . . . . . . . . . . : ?

?

?



Tunnel adapter Teredo Tunneling Pseudo-Interface:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : ?

Default Gateway . . . . . . . . . :

NetBIOS over Tcpip. . . . . . . . : Disabled
  • 0

#19
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Just got back from a trip. Sorry for the delay.

Somehow you are not running:

net start dhcp

Try it again with just the one command:

net start dhcp > \junk.txt

notepad \junk.txt
  • 0

#20
hate169IP

hate169IP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Hey Ron,

So I ran only that, and the message I got was as follows:

"The requested service has already been started.

More help is available by typing NET HELPMSG 2182."

I restarted and tried it again, and got the same message.

Any ideas?

Thanks!

James
  • 0

#21
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
The DHCP service is started is a good sign. I think we need to download a new driver for the Ethernet card: Broadcom NetXtreme 57xx Gigabit Controller. Hook up your wireless and go to:
http://www.broadcom....loaddrivers.php to download a new one. Save it and run it and it should install. (Go to: http://www.broadcom....mine_driver.php and follow the instructions to get the device id to make sure you get the right one.)

Ron
  • 0

#22
hate169IP

hate169IP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Hi Ron,

So I followed the instructions to try to find out which driver was the correct one, and when I expand "network adapters" I don't see any Broadcom NetXtreme 57xx Gigabit controller. All I have are the following:

1394 Net Adapter
Intel(P) PRO/Wireless 3945ABG Network Connection

I wonder if it somehow got deleted? If so, can I get it back? I have a Dell Latitude D630, if that's at all useful...

Thanks,

James
  • 0

#23
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Broadcom 57XX Gigabit Integrated Controller driver from dell support for your Latitude D630:

http://support.dell....1&fileid=201410

I expect you can download it, save it and run it.

Ron
  • 0

#24
hate169IP

hate169IP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
OK, got it, installed it. Still says can't renew IP address. Should I go to that site and download the new driver for the Ethernet card, or have I done that already by downloading the driver from the Dell site?

Thanks,

James
  • 0

#25
hate169IP

hate169IP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Update: I found the correct driver, saved it to a flash drive on my working comp, transferred that file to my desktop on the infected comp. It's a .sys file--how exactly do I install it? (Sorry probably a stupid question.) It is asking me to "Open With"...and I'm not sure what to open it with.

Thanks,

James
  • 0

Advertisements


#26
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
After you downloaded the R151327.exe file from the link I gave you, you should run it and it will extract itself into a folder somewhere. Go into the folder and look for setup.exe and click on it. That should create the entry in Device Manager that is missing. IF it still doesn't work then there is also a Diagnostics download:

http://support.dell....1&fileid=201425

You can try it.
  • 0

#27
hate169IP

hate169IP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Hi Ron,

OK, the entry in the device manager is there! Cool. But I'm still getting the same problem--it says I have no connectivity, and when I try to repair it says it can't renew my IP. The initial message is: "Limited or no connectivity. You might not be able to access the Internet or some network resources. This problem occurred becasue the network did not assign a network address to the computer."

Any thoughts?

James
  • 0

#28
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
If you right click on the entry in Device Manager and select Properties does it say: This device is working properly. ??

Go into Control panel, Network Connections and find the Local Area Connection. right click on it and Disable it and then reenable it. right click and Select Properties. Do you see Internet protocl TCP/IP in the list? Click on it and select Properties. Make sure it says Obtain an IP Address Automatically. Also Obtain DNS server address automatically. You could manually put in the IP info from the wireless connection then disable the wireless and see if it can talk then.

Directly under where it says what kind of network adapter this is should be something like Configure. Click that. Sometimes one of the tabs will be a diagnostic program.

Ron
  • 0

#29
hate169IP

hate169IP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Yes, it says the device is working properly. It was set on obtain IP address automatically, same for DNS server address. I plugged in the wireless IP address, to no avail. What's odd is that it appeared to work when I plugged in the wireless IP: it says it's connected and firewalled, all that, with no little yellow caution sign or anything. But then when I try to use the internet, it doesn't work.

I also didn't see a diagnostic program under the "Configure" tab.

Thanks,

James
  • 0

#30
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
OK. I misunderstood you. Thought you said wireless was working but you meant just that it was getting an IP address not that it can connect to anything. Perhaps this will work now that we have removed all the bad guys:

Start, All Programs, Accessories, Command Prompt. Type with an Enter after each line in the code box:

ipconfig /flushdns

netsh  winsock  reset catalog

netsh  int ip reset reset.log


(I use two spaces in the code box so you will be sure to see where 1 space goes.)

Reboot and test.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP