Network Status reversed; connected but shows not connected

Vista 32-bit, SP2 on Compaq Presario SR5710Y
AMD Athlon X2 4450e
Onboard 10/100
PCI Modem card

Quick turn-around if at all possible please!

I am baffled by a connection issue on a client's computer. System was brought to me about 3 weeks ago for bizarre internet behavior and sluggish performance. I found a trojan and a couple other minor malware infections that were very easily cleaned (SAS, Malwarebytes), but I also noticed the network status indicator was showing opposite of the actual status. I.e., when connected to my network (ethernet) I could surf the internet with any browser, but Windows Update and all other programs attempting to download updates said there was no connection.

When opening up the network and sharing options, it also shows not connected and no networks available, despite actually being able to surf the web.

When the ethernet cable is disconnected, it then shows it has a connection, but obviously nothing works.

Client needed the system back ASAP, so I finished the cleaning, but Windows Update reports last check for updates was February 9, 2011. The network status indication seems to be more than just a display bug, but is affecting the update capability of Windows and other installed software.

Client dropped the system back off today for me to finish up and again, needs it back ASAP. 96 year old WWII veteran and I would really like to resolve quickly as it is his primary form of entertainment.

I started by running malware scans again. SAS found the usual assortment of tracking cookings (total of only 5!), MBAM came back clean. So I continued with attempting to fix the network status. After much fruitless search, trial and error attempts, I managed to get Java, SAS, and MBAM to connect and download updates... but it still comes back clean and Windows Update still cannot update.

When using built-in diagnostics, I get a Windows did not find any problems with your internet connection, regardless of where I run the diagnostics from (N&S or LAN Connection\Status\Diagnose).

I thought I would redownload SP2 and reinstall it, hoping that might fix the issue, however after agreeing to the terms of service, the installation halts with an error stating Access Denied.

Although I'm not very familiar with RootRepeal, I ran a scan on the drivers and it found some suspicious items. Log file attached. I DID NOT clean anything yet with RootRepeal as it is a bit beyond my knowledge.

I currently have it running RootReal on Files and will post a log once it is completed (has been running for 3 hours now... seems long to me, but like I said, I'm not really familiar with it).

I've done some other work on it that currently escapes my memory, but any suggestions offered that I recall already attempting, I'll let you know. What I know for sure I've done:

Just about everything through an elevated command prompt I can think of, including: common netsh commands to reset everything, ipconfig /renew, etc... (current ipconfig /all attached)

Disabled IPv6
Uninstall/reinstalled NIC drivers
restored IE8 to default settings
MS firewall restored to default
System had Norton 360 installed. Uninstalled with Norton removal tool
Clean boot (safe mode w/networking) and duplicated other attempted repairs
disabled UAC
restarted all network services
set all network services that are default manual to automatic
reset all network services to default values
Attempted to uninstall IPv4 and 6 by editing nettcpip.inf [MS_TCPIP.PrimaryInstall] Characteristic = 0xA0 to 0x80, however access denied when trying to save.

Any help or suggestions would be greatly appreciated!

 

*Can a moderator please move this thread to the malware forums - I'm beginning to believe there is still hidden malware as the root cause to the problem and not just a networking issue*

RootRepeal ran all night searching files, but the computer was locked up this morning and still showing 9:39pm on the clock. No log was generated and I had to power off to get it unlocked and restarted.

Despite SAS and MBAM showing the system clean, I downloaded MS Security Essentials to put some protection back on the system until the owner decides if they want to continue with Norton or not. Ran a full scan, and MSSE found a Java exploit. So, after MSSE did it's cleaning, I uninstalled Java completely (using Revo Uninstaller), then rebooted. The network status monitor still indates "backwards". I went to the Oracle website and reinstalled the latest Java release.

The system is now running significantly better than it has been since it was brought over, in fact there appears on the surface to be absolutely nothing wrong with it... except the network status still shows not connected when it is. However, there has been a change.... When the network cable is unplugged, the indicator remains showing disconnected! At this point, I call that progress.

In addition, I created and ran a batch file as indicated here:

http://answers.microsoft.com/en-us/...80070005/3b00bcc8-f44a-4134-af68-e727605ad647

After reboot, the network status indicator actually showed it was attempting to connect, network sharing said it was indentifying the network. However, once it finally connected, it is back to the usuall trickery... showing not connected and no networks available as before, even though it is connected. Still baffled, but if anyone has any suggestions I would appreciate it!

 

i asked the same thing earlier today, let me see if I can "report" you again. It does sound like an issue i had last year with incomplete removal of malware.