1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

(Solved) Internet Connection Works Selectively?

Discussion in 'Web & Email' started by CyBerAliEn, Oct 2, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. CyBerAliEn

    CyBerAliEn Thread Starter

    Joined:
    Nov 25, 2001
    Messages:
    1,209
    Alright...

    My internet connection is a cable internet connection. It connects into an external cable modem. This modem then connects into a router. From the router are connected 4 computers (the family computer, a spare computer, my desktop computer, and my laptop).

    I am able to do EVERYTHING perfectly fine on the spare computer, my desktop, and my laptop. I can access email, instant messengers, internet (websites), network drives, etc.

    To also add, the family computer (and all my other computers) are all running Windows XP.

    So saying the above, and hoping people actually read this before replying, obviously there is not a problem with the network connections or internet connections themselves.


    *******************************


    Now this is my problem and it has me rather baffled...

    On the family computer (the one with the problem, and the only one with the problem), I am unable to access ANY site through Internet Explorer. It keeps coming up with Page Cannot be Displayed after attempting to load it.

    If I try to connect to MSN, and it is unable to connect.

    If I try to connect to AIM, and it is unable to connect.

    However, it is able to perfectly fine connect into Kazaa, as well as download through Kazaa.

    If go to the command prompt, I am able to ping my other computers on the network. I am also able to access network drives that are on other computers in the network from this computer.

    From any other computer on the network, I can also ping the family computer and access its network drive.

    I went into my router configuration thing and it showed of course that the family computer was connected to it.

    I've disabled and enable the connection and it has had no effect.

    I have "repaired" the connection, with no effect.

    I have gone into the command prompt and entered "ipconfig" and it pulls up the correct information.

    The computer was working completely fine about three days ago and nothing has been changed on the computer and suddenly something changed.




    What exactly is going on with the computer? I find it completely baffling what is going on with it. How do I get this fixed ASAP?


    Thanks in advance to those who respond and help out! :D
     
  2. Davey7549

    Davey7549

    Joined:
    Feb 28, 2001
    Messages:
    11,584
    CyBerAliEn
    I will assume you have done the routine items like cleaning Temp Internet files but another consideration is you are using Kazaa. With that app comes risks such as Viruses, Spyware, Hijackjacking BHO's and the like.
    Have you Run the security drill like housecalls, Spybot S&D and HiJackThis?
    You may want to consider doing that if nothing else turns up as a problem. Kazaa will turn up as spyware using Spybot S&D and I would suggest using an alternative like WinMX to replace Kazaa.
    That is all I can suggest at this time.
    Here is the drill link if you wish to explore it.
    http://forums.techguy.org/t157045/s.html

    Dave
     
  3. CyBerAliEn

    CyBerAliEn Thread Starter

    Joined:
    Nov 25, 2001
    Messages:
    1,209
    I went through Spybot S&D and cleared out everything.

    Of course, it still isn't working.

    Any idea why Kazaa is able to get onto the internet (and download from Kazaa), but instant messengers, internet explorer, etc don't work?

    It's possible there might be another program that can get through the internet on the family computer, but I obviously haven't found it yet (if it even exists ;)).
     
  4. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,196
    First Name:
    Derek
    Do this on the family computer, I suspect the latest hosts file hijack

    go to http://www.spywareinfo.com/~merijn/files/hijackthis.zip , and download 'Hijack This!'.
    Unzip, doubleclick HijackThis.exe, and hit "Scan".

    When the scan is finished, the "Scan" button will change into a "Save Log" button.
    Press that, save the log somewhere, and please copy & paste its contents to the forum.

    It will possibly show issues deserving our attention, but most of what it lists will be harmless or even required, so do NOT fix anything yet.
    Someone here will be happy to help you analyze the results.
     
  5. Davey7549

    Davey7549

    Joined:
    Feb 28, 2001
    Messages:
    11,584
    Kazaa has protocol and port settings in it I believe. I helped my Step Daughter set up WinMX and one of the steps was that.
    You may look inside Kazaa to see if there is some problem there. I am not familiar with Kazaa's inner workings since I refused anyone here to use it.
    Have you looked to see if you have anything listed in your hosts file? If not do a search\find typing in hosts only. There may be several files displayed but the one you wish to explore is named just Hosts. Open it in notepad and see if there is a string of items listed there.

    Dave

    PS: I see DVK is going down the same path I am!:D :D :cool:
     
  6. CyBerAliEn

    CyBerAliEn Thread Starter

    Joined:
    Nov 25, 2001
    Messages:
    1,209
    OK.

    I will be getting to that in about an hour or so after I finish up some things. So when I am able to, I will do the HijackThis and put the log in here and do the search regarding the "hosts" thing.

    What exactly is a "hosts" file or what does it do?

    Thanks for the advice so far!


    Andrew
     
  7. CyBerAliEn

    CyBerAliEn Thread Starter

    Joined:
    Nov 25, 2001
    Messages:
    1,209
    OK, below is the log from Hijack This.

    I scanned through it myself, and the only thing that really pops out at me is:

    Startup: haha.exe

    Doesn't look to be a normal program to me.


     
  8. Davey7549

    Davey7549

    Joined:
    Feb 28, 2001
    Messages:
    11,584
  9. Davey7549

    Davey7549

    Joined:
    Feb 28, 2001
    Messages:
    11,584
    CyBerAliEn
    Here are the results of the review of your log. As you can see there is allot of spyware, hijacked items, and malware involved.
    I strongly suggest you get rid of Kazaa and if the kids need a P2P app then use WinMX. Much safer currently.

    Rerun Hijack This and place checkmarks in front of of items listed below and have HiJack This remove them. If you decide to remove Kazaa uninstall first and run an updated Spybot S&D to remove the scraps and other found before running HiJack for cleaning.

    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.searchenhancement.com...sm&sstring=
    R3 - URLSearchHook: (no name) - {9368D063-44BE-49B9-BD14-BB9663FD38FC} - (no file)
    O1 - Hosts: 66.230.146.42 gator.com #cooklop
    O1 - Hosts: 66.230.146.42 tripod.com #cooklop
    O1 - Hosts: 66.230.146.42 www.tripod.com #cooklop
    O1 - Hosts: 66.230.146.42 geocities.com #cooklop
    O1 - Hosts: 66.230.146.42 www.geocities.com #cooklop
    O1 - Hosts: 66.230.146.42 adultfriendfinder.com #cooklop
    O1 - Hosts: 66.230.146.42 www.adultfriendfinder.com #cooklop
    O1 - Hosts: 66.230.146.42 cj.com #cooklop
    O1 - Hosts: 66.230.146.42 www.cj.com #cooklop
    O1 - Hosts: 66.230.146.42 paypopup.com #cooklop
    O1 - Hosts: 66.230.146.42 www.paypopup.com #cooklop
    O1 - Hosts: 66.230.146.42 worldsex.com #cooklop
    O1 - Hosts: 66.230.146.42 www.worldsex.com #cooklop
    O1 - Hosts: 66.230.146.42 free6.com #cooklop
    O1 - Hosts: 66.230.146.42 www.free6.com #cooklop
    O1 - Hosts: 66.230.146.42 trafficmp.com #cooklop
    O1 - Hosts: 66.230.146.42 www.trafficmp.com #cooklop
    O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
    O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - C:\Program Files\Kontiki\bin\bh304181.dll
    O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
    O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL

    O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
    O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL

    O4 - HKLM\..\Run: [win32app] C:\WINDOWS\System32\winpup32.exe
    ...Note: After Rebooting locate and delete the Winpup.exe

    ... Below is Kazaa related items. I encourage you to uninstall Kazaa and use Spybot to clean the rest!
    O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
    O4 - HKLM\..\Run: [KAZAA] C:\Program Files\Kazaa\kazaa.exe /SYSTRAY
    ......
    O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s

    O4 - HKCU\..\Run: [cnet] "C:\Program Files\Kontiki\bin\kontiki.exe" -s cnet -q
    O4 - HKCU\..\RunOnce: [BullguardoptIn] C:\WINDOWS\Temp\BullGuard\bulldownload.exe
    O4 - Startup: haha.exe

    O8 - Extra context menu item: Get It With Kontiki - res://C:\Program Files\Kontiki\bin\bh304181.dll/201

    O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = mydomain.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\windows: NameServer = 69.57.146.14
    O17 - HKLM\System\CCS\Services\Tcpip\..\{03C20CA5-188A-4556-AA53-7497D0924D07}: NameServer = 69.57.146.14
    O17 - HKLM\System\CS1\Services\VxD\MSCTP: Domain = mydomain.com
    O17 - HKLM\System\CS1\Services\VxD\MSTCP: NameServer = 69.57.146.14
    O17 - HKLM\System\CS1\Services\Tcpip\..\windows: NameServer = 69.57.146.14
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 69.57.146.14

    ----------------------------------

    After HiJack This does it trick then restart system, delete Winpup as instructed, rerun HiJack This and post new log back here for review.

    Dave
     
  10. CyBerAliEn

    CyBerAliEn Thread Starter

    Joined:
    Nov 25, 2001
    Messages:
    1,209
    OK, I will get the Hijack This removal stuff done.

    How do I scan the computer for "haha"?

    As noted, I am unable to access the internet on that computer. I do not have an anti-virus on that computer. The only computer that has one is my laptop (since I bring it to work and connect it into other networks outside of home) and I have never gotten a virus before or such before in the last 6 years. The only person who uses the "family" computer is my cousin who is staying with me again. So I guess he's gotten some viruses on it already, lol...

    My laptop has Norton by the way.

    I'll get going on that stuff though...

    Thanks again!


    Andrew
     
  11. CyBerAliEn

    CyBerAliEn Thread Starter

    Joined:
    Nov 25, 2001
    Messages:
    1,209
    You can sratch the "how do I scan".

    Went through the site and found I could also scan network drives.

    So it is scanning it now. So far it has found and removed one malware.

    What is "malware"? :confused:


    Andrew
     
  12. Davey7549

    Davey7549

    Joined:
    Feb 28, 2001
    Messages:
    11,584
    CyBerAliEn
    Well were caught in a catch 22 then!
    Remove all the items as specified and Kazaa to if your agree. After HiJack does its magic your Internet connection should work and then run to housecalls and remove the HaHa Trojan.

    Dave
     
  13. Davey7549

    Davey7549

    Joined:
    Feb 28, 2001
    Messages:
    11,584
    To my understanding.....
    Malware = MaliciousWare very similiar to trojans but do not replicate as viruses do.

    Dave
     
  14. CyBerAliEn

    CyBerAliEn Thread Starter

    Joined:
    Nov 25, 2001
    Messages:
    1,209
    I have no problem removing Kazaa, I never used it.

    If I remove it, is it going to remove all the stuff my cousin downloaded through it?

    Also, is Kazaa the only cause of this? Or could something else had been it? I'd really like to have talk with my cousin about what to and not to install, lol

    ...Still scanning for viruses...
     
  15. Davey7549

    Davey7549

    Joined:
    Feb 28, 2001
    Messages:
    11,584
    CyBerAliEn
    Kazaa is a major source of the junk but I am sure without an active antivirus nowadays one will pick-up more than bargined for in other places.
    You may want to consider using AVG Antivirus by Grisoft. They still have a free version and I here it is quite nice.
    http://www.grisoft.com/us/us_dwnl7.php

    As far as the music or whatever your cousin downloaded you may want to see what folder the stuff is located in and copy it to a "My Docs" folder to be safe.

    Dave
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/169160

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice