anuneznyc
asked on
Cannot Browse Internet from Desktop Computers Using Verizon DSL
Helping a non-profit client who has been having connectivity issues during the past week or so.
They have Verizon DSL high speed access w/ a statically assigned IP address. They have a Netgear Wireless N ADSL2+ Modem Router DGN2000.
Odd thing is that the wireless access is just fine. However, all three desktops that connect via ethernet cable are having intermittent problems.
The desktop I'm sitting in front of (running Windows XP Pro SP3) is plugged in via Ethernet but cannot access the internet. The system tray shows that it has a 100Mbps connection, but no access to the internet
When I type in a URL in Internet Explorer, the lower left status bar says "Website found. Waiting for reply" but then just sits there forever and never connects, but also never gives an error message.
Firefox says "Waiting for google.com" for about 15 seconds before getting an "Address Not Found" message.
Pinging out to yahoo.com from the command prompt sometimes and other times just gives "Request Timed Out" message. It's inconsistent.
The Netgear Wireless router is not using the default UID & PW and I don't have that info so I cannot log into it view settings. Yes, I could do a hard reset to factory settings but that may break the wifi connectivity, which I don't want to do.
I have attached ipconfig /all results below.
I desperately need some guidance as to how I can resolve this. Thanks in advance.
They have Verizon DSL high speed access w/ a statically assigned IP address. They have a Netgear Wireless N ADSL2+ Modem Router DGN2000.
Odd thing is that the wireless access is just fine. However, all three desktops that connect via ethernet cable are having intermittent problems.
The desktop I'm sitting in front of (running Windows XP Pro SP3) is plugged in via Ethernet but cannot access the internet. The system tray shows that it has a 100Mbps connection, but no access to the internet
When I type in a URL in Internet Explorer, the lower left status bar says "Website found. Waiting for reply" but then just sits there forever and never connects, but also never gives an error message.
Firefox says "Waiting for google.com" for about 15 seconds before getting an "Address Not Found" message.
Pinging out to yahoo.com from the command prompt sometimes and other times just gives "Request Timed Out" message. It's inconsistent.
The Netgear Wireless router is not using the default UID & PW and I don't have that info so I cannot log into it view settings. Yes, I could do a hard reset to factory settings but that may break the wifi connectivity, which I don't want to do.
I have attached ipconfig /all results below.
I desperately need some guidance as to how I can resolve this. Thanks in advance.
Windows IP Configuration
Host Name . . . . . . . . . . . . : mcc-office-new
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-0D-56-81-8C-98
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.117
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 68.237.161.12
71.250.0.12
Could you post the Ipconfig /all for the wireless machines as well.
paste result of
ping 192.168.1.1
tracert 68.237.161.12
tracert yahoo.com
i think its resolving websites but not getting reply isnt? somewhere its getting blocked
have disabled firewalls?
ping 192.168.1.1
tracert 68.237.161.12
tracert yahoo.com
i think its resolving websites but not getting reply isnt? somewhere its getting blocked
have disabled firewalls?
ASKER
Here is the ipconfig output from one of the laptops:
Windows IP Configuration
Host Name . . . . . . . . . . . . : SK_Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-22-5F-B2-8D-A9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4d53:429b:45cb:a55d%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.109(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, April 06, 2010 1:32:05 PM
Lease Expires . . . . . . . . . . : Wednesday, April 07, 2010 1:32:03 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 68.237.161.12
71.250.0.12
NetBIOS over Tcpip. . . . . . . . : Enabled
Are the machines by any odd chance set to use a Proxy (alot of recent rogue malwares do this)....
IE>Tools>Options>Connectio ns>LAN Settings.
IE>Tools>Options>Connectio
ASKER
No, no proxy set.
Try flipping a desktop to DHCP as well, and renew an address....
requested info from acl-puzz would be helpful
ASKER
Thanks Guys. Gotta run. Just outputted results of the tracerts to usb stick. Will post them in the next hour.
Where are the Desktops connected to? Wireless Router or another Router on the Network?
ok and also check if any bad program running kill their process download process explorer
http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
and remove an weird entry there you see in autoruns download from here
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
Download Comboxfix and malwarebytes to scan system drive some malicious programs can do this also
http://www.combofix.org/download.php
http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html
do report back!
http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
and remove an weird entry there you see in autoruns download from here
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
Download Comboxfix and malwarebytes to scan system drive some malicious programs can do this also
http://www.combofix.org/download.php
http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html
do report back!
According to your ipconfig output the desktop systems are set to static IP assignment. The DHCP server might be assigning those same IPs the the wireless clients. Without being able to log into the router its hard to tell the ip range. Do the desktops require a static ip?
ASKER
CP. The desktop I was working on was connected via ethernet cable into the back of the Netgear wireless router.
The other 2 desktops are on a different floor via a cable that connects down to another non-wifi router.
The other 2 desktops are on a different floor via a cable that connects down to another non-wifi router.
ASKER
Result of tracert 68.237.161.12 from desktop:
Tracing route to nsnyny01.verizon.net [68.237.161.12]
over a maximum of 30 hops:
1 1 ms <1 ms <1 ms 192.168.1.1
2 * * 27 ms 217.NY325-DSL-RTR14.verizo n-gni.net [70.107.244.1]
3 * * 132 ms at-3-2-1-1736.NY325-CORE-R TR1.verizo n-gni.net [130.81.9.177]
4 27 ms * * nsnyny01.verizon.net [68.237.161.12]
5 * 33 ms 32 ms nsnyny01.verizon.net [68.237.161.12]
Trace complete.
Tracing route to nsnyny01.verizon.net [68.237.161.12]
over a maximum of 30 hops:
1 1 ms <1 ms <1 ms 192.168.1.1
2 * * 27 ms 217.NY325-DSL-RTR14.verizo
3 * * 132 ms at-3-2-1-1736.NY325-CORE-R
4 27 ms * * nsnyny01.verizon.net [68.237.161.12]
5 * 33 ms 32 ms nsnyny01.verizon.net [68.237.161.12]
Trace complete.
ASKER
Tracing route to yahoo.com [69.147.125.65]
over a maximum of 30 hops:
1 1 ms * * 192.168.1.1
2 * 47 ms 48 ms 217.NY325-DSL-RTR14.verizo n-gni.net [70.107.244.1]
3 69 ms * 104 ms at-3-2-1-1736.NY325-CORE-R TR1.verizo n-gni.net [130.81.9.177]
4 93 ms 80 ms * so-4-0-0-0.NY325-BB-RTR1.v erizon-gni .net [130.81.20.24]
5 112 ms * * so-10-0-0-0.LCC1-RES-BB-RT R1-RE1.ver izon-gni.n et [130.81.19.111]
6 * * 45 ms so-6-0-0-0.ASH-PEER-RTR2-r e1.verizon -gni.net [130.81.17.177]
7 * 35 ms 34 ms 130.81.14.98
8 35 ms * * ae-6.pat2.dce.yahoo.com [216.115.102.176]
9 * 40 ms * ae1-p141.msr1.re1.yahoo.co m [216.115.108.19]
10 * 46 ms * te-8-1.bas-a1.re1.yahoo.co m [66.196.112.205]
11 75 ms * * ir1.fp.vip.re1.yahoo.com [69.147.125.65]
12 * * * Request timed out.
13 35 ms * * ir1.fp.vip.re1.yahoo.com [69.147.125.65]
14 * 36 ms * ir1.fp.vip.re1.yahoo.com [69.147.125.65]
15 * * 36 ms ir1.fp.vip.re1.yahoo.com [69.147.125.65]
Trace complete.
over a maximum of 30 hops:
1 1 ms * * 192.168.1.1
2 * 47 ms 48 ms 217.NY325-DSL-RTR14.verizo
3 69 ms * 104 ms at-3-2-1-1736.NY325-CORE-R
4 93 ms 80 ms * so-4-0-0-0.NY325-BB-RTR1.v
5 112 ms * * so-10-0-0-0.LCC1-RES-BB-RT
6 * * 45 ms so-6-0-0-0.ASH-PEER-RTR2-r
7 * 35 ms 34 ms 130.81.14.98
8 35 ms * * ae-6.pat2.dce.yahoo.com [216.115.102.176]
9 * 40 ms * ae1-p141.msr1.re1.yahoo.co
10 * 46 ms * te-8-1.bas-a1.re1.yahoo.co
11 75 ms * * ir1.fp.vip.re1.yahoo.com [69.147.125.65]
12 * * * Request timed out.
13 35 ms * * ir1.fp.vip.re1.yahoo.com [69.147.125.65]
14 * 36 ms * ir1.fp.vip.re1.yahoo.com [69.147.125.65]
15 * * 36 ms ir1.fp.vip.re1.yahoo.com [69.147.125.65]
Trace complete.
ASKER
Pinging 192.168.1.1 with 32 bytes of data:
Reply from 192.168.1.1: bytes=32 time=2ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Ping statistics for 192.168.1.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 2ms, Average = 0ms
Reply from 192.168.1.1: bytes=32 time=2ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Ping statistics for 192.168.1.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 2ms, Average = 0ms
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you very much to everyone who has made suggestions so far! I will be at the client site at 11am EST to implement your suggestions. I will post a follow-up as soon as I am able.
ASKER
Ran Malware Bytes and removed some spyware infections on the desktop PC. Was still unable to go online.
I ran "netsh int ip reset resetlog.txt" and then rebooted. Now the system tray shows the status of the local area connection as "limited or no connectivity." Click on "Repair Local Area Connection" option but got following error message:
"Windows could not finish repairing the problem b/c the following action cannot be completed: Renewing your IP address."
Going to try running ComboFix next.
I ran "netsh int ip reset resetlog.txt" and then rebooted. Now the system tray shows the status of the local area connection as "limited or no connectivity." Click on "Repair Local Area Connection" option but got following error message:
"Windows could not finish repairing the problem b/c the following action cannot be completed: Renewing your IP address."
Going to try running ComboFix next.
While you at it run a scan with Hitmanpro
http://www.surfright.nl/en/hitmanpro
Can you post Mbam's and Combofix's logfiles
http://www.surfright.nl/en/hitmanpro
Can you post Mbam's and Combofix's logfiles
"Now the system tray shows the status of the local area connection as "limited or no connectivity."
simply open lan properties and uncheck the box says "Notify me when this computer have limited connectivity"
""Windows could not finish repairing the problem b/c the following action cannot be completed: Renewing your IP address."
that means it did not get ip from DHCP server issue these command
ipconfig /release
ipconfig /renew
if you got infection then i hope after removing those you shold get internet working
do report back!
simply open lan properties and uncheck the box says "Notify me when this computer have limited connectivity"
""Windows could not finish repairing the problem b/c the following action cannot be completed: Renewing your IP address."
that means it did not get ip from DHCP server issue these command
ipconfig /release
ipconfig /renew
if you got infection then i hope after removing those you shold get internet working
do report back!
ASKER
Running ipconfig /renew at command prompt resulted in following message:
"An error occurred while renewing interface local area connection : unable to contact your DHCP server. Request has timed out."
"An error occurred while renewing interface local area connection : unable to contact your DHCP server. Request has timed out."
ASKER
Here is the ComboFix log:
ComboFix 10-04-06.05 - admin 04/07/2010 11:58:21.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.133 [GMT -4:00]
Running from: c:\documents and settings\admin\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\admin\My Documents\ZbThumbnail.info
c:\windows\desktop
c:\windows\desktop\ServantPC Website.url
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\wiaserviv.log
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MYWEBSEARCHSERVICE
((((((((((((((((((((((((( Files Created from 2010-03-07 to 2010-04-07 )))))))))))))))))))))))))))))))
.
2010-04-07 15:12 . 2010-04-07 15:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-04-06 16:37 . 2010-04-06 16:37 -------- d-----w- c:\documents and settings\admin\Application Data\Malwarebytes
2010-04-06 16:37 . 2010-03-30 04:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-06 16:37 . 2010-04-06 16:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-06 16:37 . 2010-04-07 15:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-06 16:37 . 2010-03-30 04:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-05 19:12 . 2010-04-05 19:12 -------- d-----w- c:\documents and settings\David\Application Data\Yahoo!
2010-04-05 19:12 . 2010-04-05 19:12 -------- d-----w- c:\documents and settings\David\Local Settings\Application Data\Google
2010-04-05 19:11 . 2010-04-05 19:11 -------- d-----w- c:\documents and settings\David\Local Settings\Application Data\LogMeIn
2010-04-05 19:11 . 2010-04-05 19:11 -------- d-----w- c:\documents and settings\David\Local Settings\Application Data\Symantec
2010-04-05 19:10 . 2010-04-05 19:10 60720 ----a-w- c:\documents and settings\David\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-05 19:08 . 2010-04-05 19:08 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\LogMeIn
2010-03-26 20:34 . 2010-03-26 20:34 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2010-03-23 16:21 . 2010-03-23 16:33 -------- d-----w- c:\documents and settings\admin\Application Data\Apple Computer
2010-03-23 16:20 . 2009-05-18 18:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-03-23 16:20 . 2008-04-17 17:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-03-23 16:18 . 2010-03-23 16:18 -------- d-----w- c:\program files\iPod
2010-03-23 16:17 . 2010-03-23 16:20 -------- d-----w- c:\program files\iTunes
2010-03-23 16:17 . 2010-03-23 16:20 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-03-23 16:16 . 2010-03-23 16:16 -------- d-----w- c:\program files\Bonjour
2010-03-23 16:11 . 2010-03-23 16:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-03-23 16:07 . 2010-03-23 16:07 -------- d-----w- c:\documents and settings\admin\Local Settings\Application Data\Apple
2010-03-23 16:06 . 2010-03-23 16:06 -------- d-----w- c:\program files\Apple Software Update
2010-03-23 16:06 . 2010-03-23 16:20 -------- dc----w- c:\windows\system32\DRVSTORE
2010-03-23 16:04 . 2010-03-23 16:17 -------- d-----w- c:\program files\Common Files\Apple
2010-03-23 16:04 . 2010-03-23 16:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-03-23 16:03 . 2010-03-23 22:32 -------- d-----w- c:\documents and settings\admin\Local Settings\Application Data\Apple Computer
2010-03-18 03:31 . 2010-03-18 03:31 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Temp
2010-03-10 19:56 . 2009-10-23 15:28 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-07 16:11 . 2004-07-28 16:14 -------- d-----w- c:\program files\Symantec AntiVirus
2010-04-07 13:59 . 2009-02-12 18:59 -------- d-----w- c:\program files\LogMeIn
2010-03-31 17:27 . 2009-07-23 22:15 2865 ----a-w- c:\documents and settings\All Users\Application Data\Intuit\QuickBooks 2008\qbbackup.sys
2010-03-24 18:59 . 2009-02-19 23:51 -------- d-----w- c:\program files\skcms50
2010-03-23 16:24 . 2009-03-30 21:32 -------- d-----w- c:\program files\QuickTime
2010-02-15 22:41 . 2010-02-15 22:41 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-13 68856]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-03-18 4363504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2004-02-10 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2004-02-10 118784]
"DVDSentry"="c:\windows\System32\DSentry.exe" [2002-08-15 28672]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2004-02-29 66680]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2004-03-12 124128]
"NGClient"="c:\program files\Symantec\Ghost\ngctw32.exe" [2003-10-03 431272]
"PrintServer Diagnostic"="c:\program files\Print Server\PTP\PSDiagnostic.exe" [2005-06-03 266240]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-19 149280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2009-4-24 972064]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-10-01 14:53 87352 ----a-w- c:\windows\SYSTEM32\LMIinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\SYSTEM32\\SPOOL\\DRIVERS\\W32X86\\3\\UM_ENDMC.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2008\\QBDBMgrN.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 GhMon;GhostMountMonitor - Boot Phase Driver;c:\windows\SYSTEM32\DRIVERS\GhMon.sys [10/3/2003 11:33 AM 6784]
R0 GhPostConfig;GhostPostConfig - Boot Phase Driver;c:\windows\SYSTEM32\DRIVERS\ghpcw2k.sys [10/3/2003 11:33 AM 199328]
R1 hwinterface;hwinterface;c:\windows\SYSTEM32\DRIVERS\hwinterface.sys [3/26/2009 3:49 PM 3026]
R2 ASFAgent;ASF Agent;c:\program files\Intel\ASF Agent\ASFAgent.exe [2/10/2003 6:52 AM 114688]
R2 AsfAlrt;AsfAlrt;c:\windows\SYSTEM32\DRIVERS\Asfalrt.sys [12/18/2002 6:31 AM 36064]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [7/24/2008 7:46 PM 12856]
R2 NGClient;Symantec Ghost Client Agent;c:\program files\Symantec\Ghost\ngctw32.exe [10/3/2003 12:11 PM 431272]
S2 GhPostConfig_Auto;GhostPostConfig - Auto Phase Driver;c:\windows\SYSTEM32\DRIVERS\ghpcw2k.sys [10/3/2003 11:33 AM 199328]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/3/2010 4:19 PM 135664]
S3 brfilt;Brother MFC Filter Driver;c:\windows\SYSTEM32\DRIVERS\BrFilt.sys [10/21/2008 1:42 PM 2944]
S3 BrSerWDM;Brother WDM Serial driver;c:\windows\SYSTEM32\DRIVERS\BrSerWdm.sys [10/21/2008 1:42 PM 60416]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\SYSTEM32\DRIVERS\BrUsbMdm.sys [10/21/2008 1:42 PM 11008]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [3/12/2004 4:18 PM 169192]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
2010-03-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
2010-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 20:18]
2010-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 20:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\admin\Application Data\Mozilla\Firefox\Profiles\20sj0gz4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.365gay.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - plugin: c:\documents and settings\admin\Application Data\Move Networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\admin\Application Data\Mozilla\Firefox\Profiles\20sj0gz4.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nprmsl.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-07 12:17
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(460)
c:\windows\system32\LMIinit.dll
- - - - - - - > 'explorer.exe'(2916)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\Symantec AntiVirus\DefWatch.exe
c:\program files\Dell\OpenManage\Client\Iap.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\System32\spool\DRIVERS\W32X86\3\UM_ENDMC.EXE
c:\program files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files\Symantec AntiVirus\Rtvscan.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Yahoo!\Messenger\ymsgr_tray.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2010-04-07 12:24:40 - machine was rebooted
ComboFix-quarantined-files.txt 2010-04-07 16:24
Pre-Run: 81,586,003,968 bytes free
Post-Run: 82,583,818,240 bytes free
- - End Of File - - D2C1472E575BB2BBBB1F529B757C2501
that means dhcp client service on this pc did not get any offer of ip from DHCP server are sure all cable are plugged in properly and also yours router which is providing ip us running properly and at least these both guys yours pc+router/DHCP server have at least proper physical connectivity?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yes, lights on the router and the back of the NIC are light up and blinking.
Found the Admin PW for the router.
Found the Admin PW for the router.
are others machines on network getting ip?
is dhcp client service on this pc is enabled? if not goto run type services.msc and select this service and start it if it is disabled
also restart Network Connections service there
is dhcp client service on this pc is enabled? if not goto run type services.msc and select this service and start it if it is disabled
also restart Network Connections service there
Did you try changing the Link Speed and Duplex from Auto to a fixed value yet?
ASKER
Yes, DHCP client is enabled on this desktop.
Yes, I tried changing Link Speed and Duplex from Auto to a fixed value and didn't help. :-(
Yes, I tried changing Link Speed and Duplex from Auto to a fixed value and didn't help. :-(
ASKER
Other odd thing is that this desktop PC doesn't seem to see the router b/c I cannot log on to the Admin Panel on the router from this PC.
From my MacBook connecting wirelessly, I simply type in 192.168.1.1 and I get prompted to log in and can access the router info.
When I type in 192.168.1.1 into Firefox on the desktop PC, I get a "Failed to Connect" message.
Just spoke to Verizon tech support but they weren't much help. Said it must be an issue w/ Netgear router (which is not their standard config) so they want me to call Netgear support.
From my MacBook connecting wirelessly, I simply type in 192.168.1.1 and I get prompted to log in and can access the router info.
When I type in 192.168.1.1 into Firefox on the desktop PC, I get a "Failed to Connect" message.
Just spoke to Verizon tech support but they weren't much help. Said it must be an issue w/ Netgear router (which is not their standard config) so they want me to call Netgear support.
others machines on network getting ip? can you check that? is this an single machine here?
"When I type in 192.168.1.1 into Firefox on the desktop PC, I get a "Failed to Connect" message."
becoz you havent get ip from DHCP server yet as told by you previously
try using static ip like this 192.168.1.250 and all settings manually
becoz you havent get ip from DHCP server yet as told by you previously
try using static ip like this 192.168.1.250 and all settings manually
ASKER
Every machine using Wifi (3 PC laptops and 2 MacBooks) are absolutely fine.
This XP Desktop that I'm sitting at on the 3rd Fl (connected via Ethernet cable) and 2 other PC desktops on 1st Fl (also connected via Ethernet cable) are not connecting.
I will need to run some tests from the desktops on the 1st Fl.
This XP Desktop that I'm sitting at on the 3rd Fl (connected via Ethernet cable) and 2 other PC desktops on 1st Fl (also connected via Ethernet cable) are not connecting.
I will need to run some tests from the desktops on the 1st Fl.
try using static ip like this 192.168.1.250 and all settings manually like dns, gateway
ASKER
I put in a static IP assignment on this 3rd Fl PC and now I'm at least able to ping out yahoo.com as well as 192.168.1.1, but still getting about 25% loss on the packets.
I don't understand this!! How can Wifi connections be 100% OK and the wired connections be such a disaster? Everything is working off the same router.
I don't understand this!! How can Wifi connections be 100% OK and the wired connections be such a disaster? Everything is working off the same router.
are you able to get internet back on this pc where u have problem? are able to browse websites?
ASKER
No, not at all. No internet access whatsoever on this desktop PC.
ok use alternate web browsers i mean you may use Chrome Mozilla Opera see if internet works with them or not
but i believe if port 80 is blocked on gateway which is yours router you can not browse internet check in router is port 80 is blocked for this pc using its hostname
to check yours name issue this command in cmd
hostname
now you need to check if port 80 is blocked on router for this
but i believe if port 80 is blocked on gateway which is yours router you can not browse internet check in router is port 80 is blocked for this pc using its hostname
to check yours name issue this command in cmd
hostname
now you need to check if port 80 is blocked on router for this
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Sorry wrong link in previous post
http://forum1.netgear.com/showthread.php?t=41884&highlight=DGN2000+ethernet+ports
http://forum1.netgear.com/showthread.php?t=41884&highlight=DGN2000+ethernet+ports
ASKER
uroboros1200, I'm afraid you may be correct. I just called Netgear support and they acknowledge that this is a know problem with DGN2000 units manufactured in the early part of 2009.
They are offering to send me a replacement unit for $29.
I just find it bizarre that it would work OK for many months and now it stops working, but only on the wired connections??
They are offering to send me a replacement unit for $29.
I just find it bizarre that it would work OK for many months and now it stops working, but only on the wired connections??
may i know you if u tried what i suggested in comment id 30050401 ?
ASKER
hostname on desktop PC resulted in:
mcc-office-new
Will check router to see if this hostname ID is blocked.
mcc-office-new
Will check router to see if this hostname ID is blocked.
Some other posts seemed to point to heat related problems. I read that the replacement units shipped with stands to keep them vertical for proper ventilation. Unfortunately i also read many of the replacement units also failed. Are they replacing it with another DGN2000?
$29 is a good price but not if you have to service it again in a few months.
$29 is a good price but not if you have to service it again in a few months.
and if u still have same ip what it was previously also check by ip
ASKER
Yeah, I assume they will replace w/ the same model.
ASKER
I'm not sure where hostnames would be blocked in the Netgear settings. Below is screenshot of the Firewall settings.
Netgear-Firewall-Screenshot.png
Netgear-Firewall-Screenshot.png
As a temporary fix you can try switching the cables to different ports as one or two may still work.
ASKER
I tried different ports and no good. Think they're all toast.
I downloaded & installed Opera browser, but still can't connect to internet.
I downloaded & installed Opera browser, but still can't connect to internet.
Sorry... Good luck with the replacement.
ASKER
We received the replacement unit (same exact model) and now everything is working just fine.
Sincere thanks to everyone who contributed to this posting!!
Sincere thanks to everyone who contributed to this posting!!
ASKER
Thank you! It was a damaged device after all and had to be replaced.
You're welcome :)