TCP/IP problem

Hello--

I am having issues with one of network connections "wireless network connection #2". There is a red "X" on the icon for "wireless network connection #2". Screen shot of icon and the IP address field is attached.

I was issues with malware as well, but followed step by step instructions and the malware has been removed.

However, prior to starting using this forum, i ran combofix on my own on 12/11/11. I beleive this either changed the registry settings for my IP address/gateway default/subnet mask. I then used combo again on 12/17/11, as directed to help remove the malware, so i created a new regisrty save from 12/17/11, at which point the VPN was still not working. (ie, there is no way to recreate my registry from 12/11/11 when the VPN was still working). I was trying to fix the IP address settings in the registry after running combofix, as cisco never connected properly after running combofix for the first time, and am wondering if I put the wrong IP address in by mistake or possibly put it into the wrong registry setting?

I beleive it also mayhave and/or deleted files related to the network connections.

I keep getting and error message from cisco when I try to connect to the vpn stating that "The vpn client was unable to setup IP filtering. vpn connection will not be established".

When I open the network connections, there is not any IP address saved. We tried some fixes for the network in my previous malware thread, but those fixes did not work.

http://forums.majorgeeks.com/showthread.php?t=249358

Any help would be appreciated, Thanks!

 

It sounds to me like you didn't set up the VPN connection yourself (it's for work or something). I would recommend getting the correct IP information from whoever controls the VPN server-side (your network guy at work probably), since all the registry editing in the world won't help you if the IP information is off by even a single digit. Once you know that you have that right and it's STILL not working, then we can start looking at other stuff.

 

Yes the VPN is for work. However, I didnt set up the VPN. It is an internet download directly from cisco with a login associated with my company, so when I uninstall and then reinstall, comes up with our company info, etc

So you are saying the IP address of my company network server needs to be entered into the "network connection 2" adapter on my computer? Network connection 2 icon in network settings has a red "X" next to it, and the only field I can get to is the "properties", then I can access IP4 or IP6 among other options. Would that be resolved if I enter the IP address of the server for my work in the properties area?

Since I last posted, I also have noticed that my nintendo wii is not properly connecting to the wifi. I picks up the wifi signal, as the date/time is correct on wii, but it is not letting surf the web, and is saying i need to connect through a proxy

 

Were you ever able to solve this problem? I am having the exact same issue! Very frustrating.

 

No i havent been able to solve it. So you have a red "x" next to the wirless network 2 "icon", and your vpn doesnt connect and you get that same error message?

Im beginning to think its a bug in windows 7.... read this thread: http://social.technet.microsoft.com...g/thread/df17c593-e78f-4878-97b0-7569307934c5

 

I'm not sure what it is you need to do, right now I'm trying to get as much information as I can to figure out what the real problem is. The red x you are seeing is Windows' way of saying that there is nothing connected to that adapter; usually, that there is a cable disconnected. In the case of a VPN, I imagine it really means that you are not communicating with anything else.

Is the computer you're using now conencted to the internet via cable to your router or wi-fi? Do you have any devices connected to that access point that are drawing internet service?

 

Ok. I have secured the IP address to my network that Im trying to connect to using the vpn. I have attached a screenshot of my network and settings adapters.

The computer I am using currently is hardwired via cable to my router, so it does connect to the internet fine.

Since I last posted, I was also able to connect to the wireless network.

The issue only seems to be with the VPN/Cisco adapter in my network settings (but is not the one with the red X next to it).

The "netowrk connection 2" adapter is not really used for anything. Should I just delete it?

Now when I open the cisco/vpn icon on my desktop it says "host is unreachable"

 

SOLVED:

The malware deleted my base filter engine and windows firewall services. I had to dowload the registry keys for 2 services.

Then there was an issue w/ permissions for BFE, as the BFE is dependent on numerous other services.

I had to create an "owner" in those registry keys named "nt authority\bfe" and then give them full ownership.

Cisco any other vpn issues would not work without this fix.

 

Hey dude I have been facing the same problem and its my work laptop too. The IT guys haven't figured it out and they are asking me to reinstall windows.

But I know that the virus/combofix may have changed my registry settings.

So can you please let me know exactly what needed to be done. It will be much appreciated.

 

That's interesting how Cisco VPN is somehow tied into BFE (Base Filtering Engine). After reviewing your logs from the thread we had, BFE was indeed not started. BFE is one of the services we have been noticed lately being turned off and deleted from the registry to prevent Windows Vista/7 Firewall from being turned on again. However, ComboFix should not have tampered with it. It could have been a bug for a short period of time. Hopefully it's been fixed now as you three are the only ones with Cisco VPN that I know have posted something about this.

Nonetheless, sUBs (the author of ComboFix) has released a tool that is supposed to repair BFE.
You can download it here: http://download.bleepingcomputer.com/sUBs/MiniFixes/RestoreBFE.exe

Please let us know if it works accordingly.

 

Great Job Thisisu, it worked like a charm and relives a lot of pain!!

 

Glad to hear that worked
Thanks for letting us know!

 

Hey - I had the same problem, too. I didn't use combofix, but the Sophos Virus Removal Tool and Malwarebytes to deal with a trojan and couldn't get Cisco to work again afterwards.
Now everything works again!
Thanks guys!

 

Thanks for sharing, Karen

 

Hi, I have used the BFE fix and ran Malwarebytes to find some evil file (have no idea what it was) and this are now working perfectly! Thanks for posting all the info!

 

The base restore fixed my issue to! I had the same problem after the user got a virus.