Win7 can't connect

[Humboldt]

sorry for wrong forum, not sure if this would be networking or hardware.

Main machine won't connect to DSL, Win7 w/ onboard LAN says "unidentified network, no internet access"
NIC card is identified in device manager and shows no problems.

Other machine on the NetGear router connects fine.

Tried rebooting modem, rebooting machine, uninstalling NIC card, new drivers, reset winsock, chkdsk /f /r, sfc.exe scannow, release and renew.

Know squat about networking but seems to be getting an APIPA address, and in Network and Sharing Center "network discovery" is turned off.
Even when I turn it on and save settings, it immediately reverts back to off.

Any suggestions appreciated.

Thanks

[Humboldt]

Windows Network Diagnostics:
Local Area Connection doesn't have valid IP configuration...not fixed

[Ahren]

Does adding a static IP address make a difference?

[Humboldt]

Does adding a static IP address make a difference?

Hey Ahren Hope you're doing well. Happy New year!

No, static address didn't help.
Turns out I had a bitch of a ZeroAccess Root kit, got that cleaned up but no joy with connecting w/ the Win 7 machine.

"Windows could not automatically detect this network's proxy settings"

[Ahren]

Happy New Year to you too, Humboldt!

From from I can see, the rootkit or cleaning the rootkit deleted some registry keys...

I'll keep looking but my internet connection is taking a dump tonight (Thanks Rogers for the free upgrade!).

It may be time to wipe and rebuild though. I wouldn't hesitate were it me.

[Humboldt]

WTF?

Have I mentioned that Win7 turns off both "network discovery" and "file and printer sharing" in network and sharing center?
Turn them on, save changes, right back to off. Home/work and public.

[YeOldeStonecat]

There's more damage from the zero access rootkit...which it often does damage windows a bit.
What steps did you take in cleaning the rig?
Recommend running COMBOFIX from bleepingcomputer...it will do some in depth tcp and winsock repairs. Naturally I'll insert my "caution" about running Combofix on your system..as it is a figurative nuclear bomb of a repair utility....it can render your system useless (but honestly we've had good lucking using it)
But yeah...zeroaccess can reach deep into your system...so any system that caught that bug usually needs a whole trunkload of repair/cleaning tools thrown at it.

[TonyT]

WTF?

Have I mentioned that Win7 turns off both "network discovery" and "file and printer sharing" in network and sharing center?
Turn them on, save changes, right back to off. Home/work and public.

Network Discovery OFF is normal UNLESS you setup a Homegroup. You don't need Homegroup either, use password sharing. File and Printer Sharing can't be enabled unless there's a recognized network connection.

[YeOldeStonecat]

Network Discovery runs outside of Homegroup....default behavior changes based on public/work/home. It's off by default...but he's stating that it will not stay on after he flips it on.
My laptop is not setup on homegroup right now....I'm at home..and network discovery is on and working.

Network Discovery is dependent on quite a few other network related services...including DNS...and zero access messes many of those services around. Seeing odd quirks like this is typical of a machine that has been hit by the zero access rootkit.

[Humboldt]

Ran Malwarebytes, MSE, Kapersky TDSSKiller first and found nothing. Not having any redirects or browser hijacking. Just couldn't connect.
Ran ComboFix and it found zero access. Everything seems fine except that I can't connect through this machine. Not seeing any errors, the NIC shows fine. Have tried bypassing the router, makes no difference.

[YeOldeStonecat]

From an elevated command prompt (right click..run as admin)......
netsh int ip reset
netsh interface ipv4 reset
netsh interface ipv6 reset

reboot

[Mark]

change the cat5 cable ?

just my longshot guess LOL

[Humboldt]

From an elevated command prompt (right click..run as admin)......
netsh int ip reset
netsh interface ipv4 reset
netsh interface ipv6 reset

reboot

Nope.

I'll try it again when I get home from work but tried that several times yesterday and this morning.

[Humboldt]

change the cat5 cable ?

just my longshot guess LOL

Tried that too
No difference.

[Humboldt]

Got it

Sfc /scannow wouldn't work yesterday.
Tried the resets again along with a DNS flush, sfc scannow, and we're good.

Thanks for the suggestions guys.

[TonyT]

Network Discovery runs outside of Homegroup....default behavior changes based on public/work/home. It's off by default...but he's stating that it will not stay on after he flips it on.
My laptop is not setup on homegroup right now....I'm at home..and network discovery is on and working.

Network Discovery is dependent on quite a few other network related services...including DNS...and zero access messes many of those services around. Seeing odd quirks like this is typical of a machine that has been hit by the zero access rootkit.

Yes, but what I'm saying is that when not on a homegroup, network discovery will be ticked as off in network and sharing center. You can tick it to on, close out the window, return and it will be ticked off. It doesn't mean that its services won't run when needed. It just stays ticked in the off position until needed. Connect to a share on another computer and the services will start, provided dependencies are also capable of starting or already started.

Note, unlike Windows XP, SSDP Discovery service must be set to at least manual for Network Discovery to remain "ticked on". Otherwise it will not stay ticked on. On XP, one could still access shares on other computers if SSDP was disabled, it's not really needed or utilized for file & printer sharing in XP.