AnimeSuki Forums

Register Forum Rules FAQ Members List Social Groups Search Today's Posts Mark Forums Read

Go Back   AnimeSuki Forum > AnimeSuki & Technology > Tech Support

Reply
 
Thread Tools
Old 2008-04-08, 03:20   Link #1
The Bloodlust Kid
Needs a better screenname
 
 
Join Date: Dec 2005
Age: 26
Send a message via AIM to The Bloodlust Kid
AIM can't connect but Firefox will

Not just AIM, but a whole mess of other programs (such as Bittorrent).

I can't go into specifics now as I'm in a hurry so I'll get back to that so for now, somebody tell me possible problems and solutions.
The Bloodlust Kid is offline   Reply With Quote
Old 2008-04-08, 03:57   Link #2
Danj
Tech Bloke
 
 
Join Date: Feb 2006
Location: Peterlee, DURHAM, UK
Age: 35
Send a message via ICQ to Danj Send a message via AIM to Danj Send a message via MSN to Danj Send a message via Yahoo to Danj
You gave us too little information.

Possible explanations that occur offhand with the tiny amount of info you gave:

Your ISP has a DNS problem.
There is a routing issue somewhere between you and the servers you're trying to connect to.
You have some sort of spyware or virus on your machine that is preventing you from connecting to these servers.
There is a problem with your DSL or cable modem or router.

There are any of a million other things that it could be, so please give more information.
__________________
Danj is offline   Reply With Quote
Old 2008-04-08, 17:54   Link #3
The Bloodlust Kid
Needs a better screenname
 
 
Join Date: Dec 2005
Age: 26
Send a message via AIM to The Bloodlust Kid
Alright:

-This happened right after a Blue Screen of Death (didn't capture any of the data)
-My sound got messed up because of the above (fixed that)
-Ran Ad-Aware and it found Malware.Trojan.A (got cut off here)

Some technical stuff:
- I have a Dell XPS
- Firewall is off
- Modem is a [Intel(R) 82562V 10/100 Network Connection
The Bloodlust Kid is offline   Reply With Quote
Old 2008-04-08, 19:23   Link #4
Ledgem
Love Yourself
 
 
Join Date: Mar 2003
Location: Northeast USA
Age: 28
Quote:
Originally Posted by The Bloodlust Kid View Post
- Modem is a [Intel(R) 82562V 10/100 Network Connection
This isn't your modem, this is your ethernet card.

I'm in a rush too (ah, we're all forum addicts) but I'd imagine that the trojan you were infected with altered your DNS tables. You can Google for more information about what you were infected with (if I have time I'll do it later) and see if that's something that it does. If it does, fixing that should set you on your way.
__________________
Ledgem is offline   Reply With Quote
Old 2008-04-08, 21:10   Link #5
SeijiSensei
AS Oji-kun
 
 
Join Date: Nov 2006
Location: Mucking about
Age: 64
There's a file called "hosts" somewhere in the C:\Windows tree. (Maybe in system32? I don't run Windows anymore.). This file overrides the normal hostname<=>IP address pairings that you would otherwise get from your provider's "DNS" server. Malware often creates a new hosts file so that you'll think you're visiting one site while actually visiting something else (usually a "phishing" site masquerading as a bank, etc.).

Find your hosts file and see if it contains anything other than, perhaps, an entry for "localhost" associated with the IP address 127.0.0.1. (The localhost=127.0.0.1 mapping is an Internet standard and is true on nearly any computer with a TCP/IP network stack.) If there are other entries in there, delete them.

You'll probably need to have administrator rights to do this.

I suspect it's also possible for malware to reconfigure your computer to use the malware author's DNS servers instead of your provider's. That's an even more dangerous situation since you don't have any local evidence like an altered hosts file. Changes like this are usually buried in the Windows "registry" and fixing them can be a daunting task.

See why I don't run Windows anymore?
__________________
SeijiSensei is offline   Reply With Quote
Old 2008-04-09, 01:27   Link #6
bayoab
Senior Member
 
Join Date: Nov 2003
What firewall do you run? Is the firewall still actually operating properly? (Ex: Norton Firewall 2002/2003 was known to corrupt itself and block all internet traffic that wasn't already in the rules.)

Is your DNS working correctly?
(Load a command prompt and type "nslookup login.oscar.aol.com" and paste the result.)


Quote:
Originally Posted by SeijiSensei View Post
That's an even more dangerous situation since you don't have any local evidence like an altered hosts file. Changes like this are usually buried in the Windows "registry" and fixing them can be a daunting task.
There are tons of tools now to find those modifications though.

Hijackthis will pick up some of them.
Host modifications, modifications to the registry, etc.

LSPfix will pick up others. (As this program says: Do not use if you don't know what you are doing!)

And there are tons of others (Winsockfix, Restoresock.reg*, etc).

*A custom reg file I made from a freshly installed and patched XP machine.
bayoab is offline   Reply With Quote
Old 2008-04-09, 03:15   Link #7
The Bloodlust Kid
Needs a better screenname
 
 
Join Date: Dec 2005
Age: 26
Send a message via AIM to The Bloodlust Kid
-I didn't have one installed.

-The command prompt moved too quickly but all I got was:
[Server: homeportal.gateway.2wire.net
[Address: 172.16.0.1
The Bloodlust Kid is offline   Reply With Quote
Old 2008-04-09, 03:17   Link #8
Potatochobit
Certified Organic
 
Join Date: Dec 2005
call your cable company, do you live in an old apartment?

do a ping test.

before this happened to me, I could browse the internet but I got 0 ping and couldnt play any games or programs

it was the really bad wires in the old apartment, the cable guy had to fix it

and have you paid your AOL bill?
__________________
*Retired*
Potatochobit is offline   Reply With Quote
Old 2008-04-09, 03:47   Link #9
The Bloodlust Kid
Needs a better screenname
 
 
Join Date: Dec 2005
Age: 26
Send a message via AIM to The Bloodlust Kid
I honestly don't think it's that because my sister's computer is connected to the same router (I think that's what it's called) and her's is doing fine.
The Bloodlust Kid is offline   Reply With Quote
Old 2008-04-09, 06:48   Link #10
Danj
Tech Bloke
 
 
Join Date: Feb 2006
Location: Peterlee, DURHAM, UK
Age: 35
Send a message via ICQ to Danj Send a message via AIM to Danj Send a message via MSN to Danj Send a message via Yahoo to Danj
It sounds like you probably have more than one piece of spyware or virus on there, that is messing up your connections. You could try following this guide to do a full clean of your system, or if you don't have time to do that then find your nearest computer store and they should be able to do it for you for a fee.
__________________
Danj is offline   Reply With Quote
Old 2008-04-09, 07:17   Link #11
SeijiSensei
AS Oji-kun
 
 
Join Date: Nov 2006
Location: Mucking about
Age: 64
Quote:
Originally Posted by bayoab View Post
There are tons of tools now to find those modifications though.
How on earth would most ordinary Windows users find and evaluate these "tons of tools?" I recall using just AdAware and Spybot back in the day, but your comment suggests that I'd now need to spend hours just finding the array of tools I'd need.

Perhaps you know of a good cheat-sheet that gives a list of what's available and what's appropriate for different symptoms? That would be a boon to the Windows users here I'm sure.

Edit I just saw that Danj provided such a link. I count nine different pieces of software in the list at the top. Even with this page in hand, the Windows users I know would see this list and soon be driving down to the local Best Buy to have the Geek Squad reinstall Windows.
__________________
SeijiSensei is offline   Reply With Quote
Old 2008-04-09, 11:03   Link #12
Danj
Tech Bloke
 
 
Join Date: Feb 2006
Location: Peterlee, DURHAM, UK
Age: 35
Send a message via ICQ to Danj Send a message via AIM to Danj Send a message via MSN to Danj Send a message via Yahoo to Danj
Quote:
Originally Posted by SeijiSensei View Post
I just saw that Danj provided such a link. I count nine different pieces of software in the list at the top. Even with this page in hand, the Windows users I know would see this list and soon be driving down to the local Best Buy to have the Geek Squad reinstall Windows.
Well, you won't necessarily need all of them, it's just that the more different utilities you use the more likely you are to have completely rid your system of spyware. They don't all detect the same items. Also it's worth noting that in general, unlike with antivirus programs, it's okay to have more than one antispyware program on your system. So for example when you're done with the scans I'd recommend keeping at least Windows Defender and Spybot S&D.

Reinstalling Windows is, obviously, a solution (in the trade we like to call it "nuke it from orbit, it's the only way to be sure") but it's pretty extreme and unless you already backed it up then it means the loss of your important data. Stores typically charge more for a Windows reinstall than for a virus removal too.
__________________
Danj is offline   Reply With Quote
Old 2008-04-09, 13:21   Link #13
bayoab
Senior Member
 
Join Date: Nov 2003
Quote:
Originally Posted by The Bloodlust Kid View Post
-The command prompt moved too quickly but all I got was:
[Server: homeportal.gateway.2wire.net
[Address: 172.16.0.1
Did you run->"cmd" first or did you just type it in the run window? If you opened a command prompt window and it suddenly closed, you likely have a virus problem.

If you forgot to run->"cmd" first, do that and paste the results. Also, trace the result by typing "tracert <ip>".

Ex:
Code:
C:\>nslookup login.oscar.aol.com
Server:  (will depend on your settings)
Address:  " "

Non-authoritative answer:
Name:    login.messaging.aol.com 
Address:  64.12.200.89
Aliases:  login.oscar.aol.com

C:\>tracert 64.12.200.89
(You might not get the same IP address as I do, but it should have the same name.)




Quote:
Originally Posted by SeijiSensei View Post
How on earth would most ordinary Windows users find and evaluate these "tons of tools?"
Many of them are not for ordinary windows users. Many are meant toward tech people or to be used with instructions from tech people. I learned about them from searching the internet for solutions when my current ones didn't work. (Or I was looking for tools by the same author as another tool to see if it was legit.)

My understanding is that spyware/malware has evolved to the point where ordinary users will have real trouble fully cleaning their systems from some of the most common ones using just adaware/spybot/etc.

Quote:
Perhaps you know of a good cheat-sheet that gives a list of what's available and what's appropriate for different symptoms? That would be a boon to the Windows users here I'm sure.
Here's another list that I ran into and used to find new stuff on: subratam.org
There are a few other good ones out there too.
bayoab is offline   Reply With Quote
Old 2008-04-09, 15:56   Link #14
The Bloodlust Kid
Needs a better screenname
 
 
Join Date: Dec 2005
Age: 26
Send a message via AIM to The Bloodlust Kid
It doesn't say alias. It said "can't find login" and " domain not found".
The Bloodlust Kid is offline   Reply With Quote
Old 2008-04-09, 19:31   Link #15
Epyon9283
Geek
 
 
Join Date: Dec 2005
Location: New Jersey
Age: 30
Send a message via ICQ to Epyon9283 Send a message via AIM to Epyon9283
I'm guessing that since stuff stopped working after you ran adaware that it partially deleted a piece of malware that had inserted itself into your network stack.

If you want, run the following command so we can look at your winsock catalog:
Code:
netsh winsock show catalog > Desktop\winsock.txt
That will output the contents of your winsock catalog to a text file on your desktop called winsock.txt. Post it here.
Epyon9283 is offline   Reply With Quote
Old 2008-04-09, 20:39   Link #16
The Bloodlust Kid
Needs a better screenname
 
 
Join Date: Dec 2005
Age: 26
Send a message via AIM to The Bloodlust Kid
No, it did happen before the Adaware scan. But here it is anyway:

Spoiler for length:


EDIT: I just found something odd. While all my other programs have a hard time connecting, eMule connects just fine. Is there a way I can use this to my advantage?

Last edited by The Bloodlust Kid; 2008-04-14 at 00:44.
The Bloodlust Kid is offline   Reply With Quote
Old 2008-04-24, 00:11   Link #17
The Bloodlust Kid
Needs a better screenname
 
 
Join Date: Dec 2005
Age: 26
Send a message via AIM to The Bloodlust Kid
Okay, I think I found another symptom (if that's even the right word) that could possibly pinpoint the problem easier.

I tried to load up Internet Explorer but it won't connect. When I tried to go to Google. It starts refreshing automatically nonstop making you have to close it. (since I have default sound settings, it starts nonstop clicking noises).

So am I getting warmer to the problem?
The Bloodlust Kid is offline   Reply With Quote
Old 2008-04-24, 00:30   Link #18
Ledgem
Love Yourself
 
 
Join Date: Mar 2003
Location: Northeast USA
Age: 28
It sounds like you either have malware on your system, or malware that you had before messed something up. You mentioned that you used Ad-Aware and that it found something, but did you ever run a virus scan?
__________________
Ledgem is offline   Reply With Quote
Old 2008-04-24, 01:41   Link #19
The Bloodlust Kid
Needs a better screenname
 
 
Join Date: Dec 2005
Age: 26
Send a message via AIM to The Bloodlust Kid
Quote:
Originally Posted by Ledgem View Post
It sounds like you either have malware on your system, or malware that you had before messed something up. You mentioned that you used Ad-Aware and that it found something, but did you ever run a virus scan?
I'm having a lot of problems with virus scanners.
Norton is stuck in limbo (got stuck halfway and now I can't uninstallor reinstall it).

I was trying to get NOD3 but even in Firefox, it won't connect to the download page.
The Bloodlust Kid is offline   Reply With Quote
Old 2008-04-24, 01:45   Link #20
Ledgem
Love Yourself
 
 
Join Date: Mar 2003
Location: Northeast USA
Age: 28
What was the behavior with Norton - did it freeze up during a scan or so? Was it behaving normally before all of this? The reason that I ask is because it isn't uncommon for viruses to break virus scanners these days, sadly. The bad news is that it makes removal and precise detection/identification of the virus more difficult. The good news is that... well, you know you're infected with something, and can go from there
__________________
Ledgem is offline   Reply With Quote
Reply

Tags
computer security, malware

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 02:15.


Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
We use Silk.