Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hard Trancid / split topic


  • Please log in to reply
10 replies to this topic

#1 Hard Trancid

Hard Trancid

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 05 March 2010 - 08:37 PM

I have a similar issue, I can ping google.ca and it returns, resolves the IP. The Browser IE 7 will not load just says connection error. So I installed Firefox same thing. Malwarebytes doesn't find anything nor does Avast. Also ran Combofix. This is an odd problem, from command prompt can ping any site and nothing works in Browers.... Are there any points to look at in the registry that can be causing this? Thanks for any tips (Hard to download tools to fix this since can't get on any websites) I am currently remotely Connected from home to this PC via RDP. Thanks!

BC AdBot (Login to Remove)

 


#2 Hard Trancid

Hard Trancid
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 05 March 2010 - 08:45 PM

Windows IP Configuration



Host Name . . . . . . . . . . . . : DANIELLELE

Primary Dns Suffix . . . . . . . : TRIWEST

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : TRIWEST

triwest.local



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . : triwest.local

Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-16-17-36-60-F2

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.5.126

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.5.1

DHCP Server . . . . . . . . . . . : 192.168.5.3

DNS Servers . . . . . . . . . . . : 192.168.5.4

Lease Obtained. . . . . . . . . . : Friday, March 05, 2010 5:14:13 PM

Lease Expires . . . . . . . . . . : Sunday, March 07, 2010 5:14:13 PM

This is a PC on our LAN on TRIWEST Domain, there are 50 other PC's all working fine (Including our 5 Servers). In fact, I am remotely connected right now, and there are no connection issues. This one is baffling.

#3 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:02:20 AM

Posted 05 March 2010 - 08:48 PM

All getting the same IPs ?

#4 Hard Trancid

Hard Trancid
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 05 March 2010 - 08:52 PM

Yes the DNS is running on our Domain Controller (Win 2003 Server) and none of the other PC's are affected. The ipconfig looks ok, this is what is baffling me, I mean I am sitting at home on that machine remotely, I am pinging sites, they are working from Command but nothing works in the browers. This machine has definately been compromised, I'd like to run smitfraud on it but I cannot access any sites on the browers... Wish there was an FTP Download available, any ideas?

#5 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:02:20 AM

Posted 05 March 2010 - 09:24 PM

Check your messages.

#6 Hard Trancid

Hard Trancid
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 05 March 2010 - 09:36 PM

Thanks I am getting No Buffer Space supported errors now with the FTP app from Command prompt. argghh Gonna do a quick HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters tweak and see if that helps. Thanks I appreciate your help.

#7 Hard Trancid

Hard Trancid
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 05 March 2010 - 11:27 PM

Didn't work.

Edited by Hard Trancid, 06 March 2010 - 12:21 AM.


#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:02:20 AM

Posted 06 March 2010 - 11:34 AM

This may sound odd but try replacing the network cards.

#9 Hard Trancid

Hard Trancid
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 06 March 2010 - 02:31 PM

Replace the NIC? I don't see how that would help but I'll give it a shot on Monday when I get back to the office... I mean I'm able to RDP into the machine remotely, ping any site from the command prompt... I noticed a wierd thing when I FTP from the command prompt saying something about no buffer space which leads me to believe its a corrupt registry entry...

#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:02:20 AM

Posted 06 March 2010 - 02:32 PM

Replace the NIC? I don't see how that would help but I'll give it a shot on Monday when I get back to the office... I mean I'm able to RDP into the machine remotely, ping any site from the command prompt... I noticed a wierd thing when I FTP from the command prompt saying something about no buffer space which leads me to believe its a corrupt registry entry...



I was once experiencing a weird issue with one of my linux servers. I could SSH to the box but nothing else would work http, mail, ftp, and other tcp related services were dead. I replaced the NIC and it fixed my issue.

#11 Hard Trancid

Hard Trancid
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:20 PM

Posted 06 March 2010 - 02:35 PM

Ok, I'll give it a shot. Thanks for the tip.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users