Cannot Browse Internet from Desktop Computers Using Verizon DSL

Helping a non-profit client who has been having connectivity issues during the past week or so.

They have Verizon DSL high speed access w/ a statically assigned IP address. They have a Netgear Wireless N ADSL2+ Modem Router DGN2000.

Odd thing is that the wireless access is just fine. However, all three desktops that connect via ethernet cable are having intermittent problems.

The desktop I'm sitting in front of (running Windows XP Pro SP3) is plugged in via Ethernet but cannot access the internet. The system tray shows that it has a 100Mbps connection, but no access to the internet

When I type in a URL in Internet Explorer, the lower left status bar says "Website found. Waiting for reply" but then just sits there forever and never connects, but also never gives an error message.

Firefox says "Waiting for google.com" for about 15 seconds before getting an "Address Not Found" message.

Pinging out to yahoo.com from the command prompt sometimes and other times just gives "Request Timed Out" message. It's inconsistent.

The Netgear Wireless router is not using the default UID & PW  and I don't have that info so I cannot log into it view settings. Yes, I could do a hard reset to factory settings but that may break the wifi connectivity, which I don't want to do.

I have attached ipconfig /all results below.

I desperately need some guidance as to how I can resolve this. Thanks in advance.




Windows IP Configuration

        Host Name . . . . . . . . . . . . : mcc-office-new
        Primary Dns Suffix  . . . . . . . : 
        Node Type . . . . . . . . . . . . : Mixed
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : 
        Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
        Physical Address. . . . . . . . . : 00-0D-56-81-8C-98
        Dhcp Enabled. . . . . . . . . . . : No

        IP Address. . . . . . . . . . . . : 192.168.1.117
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.1.1
        DNS Servers . . . . . . . . . . . : 68.237.161.12
                                            71.250.0.12

Open in new window

anuneznycAsked:
Who is Participating?
 
uroboros1200Commented:
I think your router might be shot, the DGN2000 seem to have the ethernet ports die. Check  this post from netgears forum

http://forum1.netgear.com/showthread.php?t=33053&highlight=DGN2000+ethernet+ports
0
 
C_ParlatoCommented:
Could you post the Ipconfig /all for the wireless machines as well.
0
 
acl-puzzCommented:
paste result of

ping 192.168.1.1

tracert  68.237.161.12

tracert yahoo.com

i think its resolving websites but not getting reply isnt? somewhere its getting blocked

have disabled firewalls?


0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
anuneznycAuthor Commented:
Here is the ipconfig output from one of the laptops:
Windows IP Configuration

   Host Name . . . . . . . . . . . . : SK_Laptop
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
   Physical Address. . . . . . . . . : 00-22-5F-B2-8D-A9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4d53:429b:45cb:a55d%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.109(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, April 06, 2010 1:32:05 PM
   Lease Expires . . . . . . . . . . : Wednesday, April 07, 2010 1:32:03 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 68.237.161.12
                                       71.250.0.12
   NetBIOS over Tcpip. . . . . . . . : Enabled

Open in new window

0
 
johnb6767Commented:
Are the machines by any odd chance set to use a Proxy (alot of recent rogue malwares do this)....

IE>Tools>Options>Connections>LAN Settings.
0
 
anuneznycAuthor Commented:
No, no proxy set.
0
 
johnb6767Commented:
Try flipping a desktop to DHCP as well, and renew an address....
0
 
johnb6767Commented:
requested info from acl-puzz would be helpful
0
 
anuneznycAuthor Commented:
Thanks Guys. Gotta run. Just outputted results of the tracerts to usb stick. Will post them in the next hour.

0
 
C_ParlatoCommented:
Where are the Desktops connected to?  Wireless Router or another Router on the Network?
0
 
acl-puzzCommented:
ok and also check if any bad program running kill their process  download process explorer

http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

 and remove an weird entry there you see in autoruns download from here

http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx

 Download Comboxfix and malwarebytes to scan system drive some malicious programs can do this also

http://www.combofix.org/download.php

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

do report back!



0
 
uroboros1200Commented:
According to your ipconfig output the desktop systems are set to static IP assignment. The DHCP server might be assigning those same IPs the the wireless clients. Without being able to log into the router its hard to tell the ip range. Do the desktops require a static ip?
0
 
anuneznycAuthor Commented:
CP. The desktop I was working on was connected via ethernet cable into the back of the Netgear wireless router.

The other 2 desktops are on a different floor via a cable that connects down to another non-wifi router.
0
 
anuneznycAuthor Commented:
Result of tracert  68.237.161.12 from desktop:

Tracing route to nsnyny01.verizon.net [68.237.161.12]

over a maximum of 30 hops:

  1     1 ms    <1 ms    <1 ms  192.168.1.1

  2     *        *       27 ms  217.NY325-DSL-RTR14.verizon-gni.net [70.107.244.1]

  3     *        *      132 ms  at-3-2-1-1736.NY325-CORE-RTR1.verizon-gni.net [130.81.9.177]

  4    27 ms     *        *     nsnyny01.verizon.net [68.237.161.12]

  5     *       33 ms    32 ms  nsnyny01.verizon.net [68.237.161.12]

Trace complete.
0
 
anuneznycAuthor Commented:
Tracing route to yahoo.com [69.147.125.65]

over a maximum of 30 hops:

  1     1 ms     *        *     192.168.1.1

  2     *       47 ms    48 ms  217.NY325-DSL-RTR14.verizon-gni.net [70.107.244.1]

  3    69 ms     *      104 ms  at-3-2-1-1736.NY325-CORE-RTR1.verizon-gni.net [130.81.9.177]

  4    93 ms    80 ms     *     so-4-0-0-0.NY325-BB-RTR1.verizon-gni.net [130.81.20.24]

  5   112 ms     *        *     so-10-0-0-0.LCC1-RES-BB-RTR1-RE1.verizon-gni.net [130.81.19.111]

  6     *        *       45 ms  so-6-0-0-0.ASH-PEER-RTR2-re1.verizon-gni.net [130.81.17.177]

  7     *       35 ms    34 ms  130.81.14.98

  8    35 ms     *        *     ae-6.pat2.dce.yahoo.com [216.115.102.176]

  9     *       40 ms     *     ae1-p141.msr1.re1.yahoo.com [216.115.108.19]

 10     *       46 ms     *     te-8-1.bas-a1.re1.yahoo.com [66.196.112.205]

 11    75 ms     *        *     ir1.fp.vip.re1.yahoo.com [69.147.125.65]

 12     *        *        *     Request timed out.

 13    35 ms     *        *     ir1.fp.vip.re1.yahoo.com [69.147.125.65]

 14     *       36 ms     *     ir1.fp.vip.re1.yahoo.com [69.147.125.65]

 15     *        *       36 ms  ir1.fp.vip.re1.yahoo.com [69.147.125.65]

Trace complete.
0
 
anuneznycAuthor Commented:
Pinging 192.168.1.1 with 32 bytes of data:


Reply from 192.168.1.1: bytes=32 time=2ms TTL=64

Reply from 192.168.1.1: bytes=32 time<1ms TTL=64

Reply from 192.168.1.1: bytes=32 time<1ms TTL=64

Reply from 192.168.1.1: bytes=32 time<1ms TTL=64

Ping statistics for 192.168.1.1:

    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 2ms, Average = 0ms
0
 
flubbsterCommented:
Try this on one of the systems:

open device manager
double-click on the network card
click on advanced
select link speed and duplex

Chances are that it is set for Auto

Try changing it to 100Mbs/Full and test
If no good, the try another like the 10Mbs
0
 
johnb6767Commented:
Set the DNS server on one of those to 4.2.2.2 for testing....

Or 151.161.1.7 or 151.164.1.8
0
 
acl-puzzCommented:
when you can do Tracing route to yahoo.com [69.147.125.65] properly then think its not issue of dns or route or any NIC related issue but it can be issue of browser  as packets are traversing between source and destination

did you try scanning system drive?with tools suggested?

also try using new browser like Google chrome if you have typical IE installed there

also try boot in "Safe mode with networking" option by pressing F8 after BIOS splash screen

reset TCP/IP by using this command

netsh int ip reset resetlog.txt                     after this reboot yours pc

0
 
anuneznycAuthor Commented:
Thank you very much to everyone who has made suggestions so far! I will be at the client site at 11am EST to implement your suggestions. I will post a follow-up as soon as I am able.
0
 
anuneznycAuthor Commented:
Ran Malware Bytes and removed some spyware infections on the desktop PC. Was still unable to go online.

I ran "netsh int ip reset resetlog.txt" and then rebooted. Now the system tray shows the status of the local area connection as "limited or no connectivity." Click on "Repair Local Area Connection" option but got following error message:
"Windows could not finish repairing the problem b/c the following action cannot be completed: Renewing your IP address."

Going to try running ComboFix next.
0
 
optomaCommented:
While you at it run a scan with Hitmanpro
http://www.surfright.nl/en/hitmanpro

Can you post Mbam's and Combofix's logfiles
0
 
acl-puzzCommented:
"Now the system tray shows the status of the local area connection as "limited or no connectivity."

simply open lan properties and uncheck the box says "Notify me when this computer have limited connectivity"

""Windows could not finish repairing the problem b/c the following action cannot be completed: Renewing your IP address."


that means it did not get ip from DHCP server issue these command

ipconfig /release

ipconfig /renew

if you got infection then i hope after removing those you shold get internet working

do report back!

0
 
anuneznycAuthor Commented:
Running ipconfig /renew at command prompt resulted in following message:
"An error occurred while renewing interface local area connection : unable to contact your DHCP server. Request has timed out."
0
 
anuneznycAuthor Commented:
Here is the ComboFix log:
ComboFix 10-04-06.05 - admin 04/07/2010  11:58:21.1.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.510.133 [GMT -4:00]
Running from: c:\documents and settings\admin\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\admin\My Documents\ZbThumbnail.info
c:\windows\desktop
c:\windows\desktop\ServantPC Website.url
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\wiaserviv.log

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MYWEBSEARCHSERVICE


(((((((((((((((((((((((((   Files Created from 2010-03-07 to 2010-04-07  )))))))))))))))))))))))))))))))
.

2010-04-07 15:12 . 2010-04-07 15:12	--------	d-----w-	c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-04-06 16:37 . 2010-04-06 16:37	--------	d-----w-	c:\documents and settings\admin\Application Data\Malwarebytes
2010-04-06 16:37 . 2010-03-30 04:46	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-06 16:37 . 2010-04-06 16:37	--------	d-----w-	c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-06 16:37 . 2010-04-07 15:10	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-04-06 16:37 . 2010-03-30 04:45	20824	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-04-05 19:12 . 2010-04-05 19:12	--------	d-----w-	c:\documents and settings\David\Application Data\Yahoo!
2010-04-05 19:12 . 2010-04-05 19:12	--------	d-----w-	c:\documents and settings\David\Local Settings\Application Data\Google
2010-04-05 19:11 . 2010-04-05 19:11	--------	d-----w-	c:\documents and settings\David\Local Settings\Application Data\LogMeIn
2010-04-05 19:11 . 2010-04-05 19:11	--------	d-----w-	c:\documents and settings\David\Local Settings\Application Data\Symantec
2010-04-05 19:10 . 2010-04-05 19:10	60720	----a-w-	c:\documents and settings\David\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-05 19:08 . 2010-04-05 19:08	--------	d-----w-	c:\documents and settings\LocalService\Local Settings\Application Data\LogMeIn
2010-03-26 20:34 . 2010-03-26 20:34	--------	d-----w-	c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2010-03-23 16:21 . 2010-03-23 16:33	--------	d-----w-	c:\documents and settings\admin\Application Data\Apple Computer
2010-03-23 16:20 . 2009-05-18 18:17	26600	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2010-03-23 16:20 . 2008-04-17 17:12	107368	----a-w-	c:\windows\system32\GEARAspi.dll
2010-03-23 16:18 . 2010-03-23 16:18	--------	d-----w-	c:\program files\iPod
2010-03-23 16:17 . 2010-03-23 16:20	--------	d-----w-	c:\program files\iTunes
2010-03-23 16:17 . 2010-03-23 16:20	--------	d-----w-	c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-03-23 16:16 . 2010-03-23 16:16	--------	d-----w-	c:\program files\Bonjour
2010-03-23 16:11 . 2010-03-23 16:17	--------	d-----w-	c:\documents and settings\All Users\Application Data\Apple Computer
2010-03-23 16:07 . 2010-03-23 16:07	--------	d-----w-	c:\documents and settings\admin\Local Settings\Application Data\Apple
2010-03-23 16:06 . 2010-03-23 16:06	--------	d-----w-	c:\program files\Apple Software Update
2010-03-23 16:06 . 2010-03-23 16:20	--------	dc----w-	c:\windows\system32\DRVSTORE
2010-03-23 16:04 . 2010-03-23 16:17	--------	d-----w-	c:\program files\Common Files\Apple
2010-03-23 16:04 . 2010-03-23 16:04	--------	d-----w-	c:\documents and settings\All Users\Application Data\Apple
2010-03-23 16:03 . 2010-03-23 22:32	--------	d-----w-	c:\documents and settings\admin\Local Settings\Application Data\Apple Computer
2010-03-18 03:31 . 2010-03-18 03:31	--------	d-----w-	c:\documents and settings\NetworkService\Local Settings\Application Data\Temp
2010-03-10 19:56 . 2009-10-23 15:28	3558912	------w-	c:\windows\system32\dllcache\moviemk.exe

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-07 16:11 . 2004-07-28 16:14	--------	d-----w-	c:\program files\Symantec AntiVirus
2010-04-07 13:59 . 2009-02-12 18:59	--------	d-----w-	c:\program files\LogMeIn
2010-03-31 17:27 . 2009-07-23 22:15	2865	----a-w-	c:\documents and settings\All Users\Application Data\Intuit\QuickBooks 2008\qbbackup.sys
2010-03-24 18:59 . 2009-02-19 23:51	--------	d-----w-	c:\program files\skcms50
2010-03-23 16:24 . 2009-03-30 21:32	--------	d-----w-	c:\program files\QuickTime
2010-02-15 22:41 . 2010-02-15 22:41	72488	----a-w-	c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-13 68856]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-03-18 4363504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2004-02-10 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2004-02-10 118784]
"DVDSentry"="c:\windows\System32\DSentry.exe" [2002-08-15 28672]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2004-02-29 66680]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2004-03-12 124128]
"NGClient"="c:\program files\Symantec\Ghost\ngctw32.exe" [2003-10-03 431272]
"PrintServer Diagnostic"="c:\program files\Print Server\PTP\PSDiagnostic.exe" [2005-06-03 266240]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-19 149280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2009-4-24 972064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-10-01 14:53	87352	----a-w-	c:\windows\SYSTEM32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\SYSTEM32\\SPOOL\\DRIVERS\\W32X86\\3\\UM_ENDMC.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2008\\QBDBMgrN.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 GhMon;GhostMountMonitor - Boot Phase Driver;c:\windows\SYSTEM32\DRIVERS\GhMon.sys [10/3/2003 11:33 AM 6784]
R0 GhPostConfig;GhostPostConfig - Boot Phase Driver;c:\windows\SYSTEM32\DRIVERS\ghpcw2k.sys [10/3/2003 11:33 AM 199328]
R1 hwinterface;hwinterface;c:\windows\SYSTEM32\DRIVERS\hwinterface.sys [3/26/2009 3:49 PM 3026]
R2 ASFAgent;ASF Agent;c:\program files\Intel\ASF Agent\ASFAgent.exe [2/10/2003 6:52 AM 114688]
R2 AsfAlrt;AsfAlrt;c:\windows\SYSTEM32\DRIVERS\Asfalrt.sys [12/18/2002 6:31 AM 36064]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [7/24/2008 7:46 PM 12856]
R2 NGClient;Symantec Ghost Client Agent;c:\program files\Symantec\Ghost\ngctw32.exe [10/3/2003 12:11 PM 431272]
S2 GhPostConfig_Auto;GhostPostConfig - Auto Phase Driver;c:\windows\SYSTEM32\DRIVERS\ghpcw2k.sys [10/3/2003 11:33 AM 199328]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/3/2010 4:19 PM 135664]
S3 brfilt;Brother MFC Filter Driver;c:\windows\SYSTEM32\DRIVERS\BrFilt.sys [10/21/2008 1:42 PM 2944]
S3 BrSerWDM;Brother WDM Serial driver;c:\windows\SYSTEM32\DRIVERS\BrSerWdm.sys [10/21/2008 1:42 PM 60416]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\SYSTEM32\DRIVERS\BrUsbMdm.sys [10/21/2008 1:42 PM 11008]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [3/12/2004 4:18 PM 169192]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
getPlusHelper	REG_MULTI_SZ   	getPlusHelper
.
Contents of the 'Scheduled Tasks' folder

2010-03-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 20:18]

2010-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 20:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\admin\Application Data\Mozilla\Firefox\Profiles\20sj0gz4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.365gay.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - plugin: c:\documents and settings\admin\Application Data\Move Networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\admin\Application Data\Mozilla\Firefox\Profiles\20sj0gz4.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nprmsl.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-07 12:17
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(460)
c:\windows\system32\LMIinit.dll

- - - - - - - > 'explorer.exe'(2916)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\Symantec AntiVirus\DefWatch.exe
c:\program files\Dell\OpenManage\Client\Iap.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\System32\spool\DRIVERS\W32X86\3\UM_ENDMC.EXE
c:\program files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files\Symantec AntiVirus\Rtvscan.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Yahoo!\Messenger\ymsgr_tray.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2010-04-07  12:24:40 - machine was rebooted
ComboFix-quarantined-files.txt  2010-04-07 16:24

Pre-Run: 81,586,003,968 bytes free
Post-Run: 82,583,818,240 bytes free

- - End Of File - - D2C1472E575BB2BBBB1F529B757C2501

Open in new window

0
 
acl-puzzCommented:
that means dhcp client service on this pc did not get any offer of ip from DHCP server are sure all cable are plugged in properly and also yours router which is providing ip us running properly and at least these both guys yours pc+router/DHCP server have at least proper physical connectivity?
0
 
optomaCommented:
Not much from Combofix. I presume still no luck so Hitmanpro is a no go at the mo!

Good point above>is the corresponding Led lighting up on router and on nic card?

If so router may need a firmware upgrade>before doing so back up its config settings and write down on paper the settings in case the config backup dosn't import correctly
0
 
anuneznycAuthor Commented:
Yes, lights on the router and the back of the NIC are light up and blinking.

Found the Admin PW for the router.
0
 
acl-puzzCommented:
are others machines on network getting ip?

is dhcp client service on this pc is enabled? if not goto run type services.msc and select  this service and start it if it is disabled

also restart Network Connections service there
0
 
flubbsterCommented:
Did you try changing the Link Speed and Duplex from Auto to a fixed value yet?
0
 
anuneznycAuthor Commented:
Yes, DHCP client is enabled on this desktop.

Yes, I tried changing Link Speed and Duplex from Auto to a fixed value and didn't help. :-(
0
 
anuneznycAuthor Commented:
Other odd thing is that this desktop PC doesn't seem to see the router b/c I cannot log on to the Admin Panel on the router from this PC.

From my MacBook connecting wirelessly, I simply type in 192.168.1.1 and I get prompted to log in and can access the router info.

When I type in 192.168.1.1 into Firefox on the desktop PC, I get a "Failed to Connect" message.

Just spoke to Verizon tech support but they weren't much help. Said it must be an issue w/ Netgear router (which is not their standard config) so they want me to call Netgear support.
0
 
acl-puzzCommented:
others machines on network getting ip? can you check that? is this an single machine here?
0
 
acl-puzzCommented:
"When I type in 192.168.1.1 into Firefox on the desktop PC, I get a "Failed to Connect" message."

becoz you havent get ip  from DHCP server yet as told by you previously

try using static ip like this 192.168.1.250 and all settings manually

0
 
anuneznycAuthor Commented:
Every machine using Wifi (3 PC laptops and 2 MacBooks) are absolutely fine.

This XP Desktop that I'm sitting at on the 3rd Fl (connected via Ethernet cable) and 2 other PC desktops on 1st Fl (also connected via Ethernet cable) are not connecting.

I will need to run some tests from the desktops on the 1st Fl.
0
 
acl-puzzCommented:
try using static ip like this 192.168.1.250 and all settings manually like dns, gateway
0
 
anuneznycAuthor Commented:
I put in a static IP assignment on this 3rd Fl PC and now I'm at least able to ping out yahoo.com as well as 192.168.1.1, but still getting about 25% loss on the packets.

I don't understand this!! How can Wifi connections be 100% OK and the wired connections be such a disaster? Everything is working off the same router.
0
 
acl-puzzCommented:
are you able to get internet back on this pc where u have problem? are able to browse websites?
0
 
anuneznycAuthor Commented:
No, not at all. No internet access whatsoever on this desktop PC.
0
 
acl-puzzCommented:
ok use alternate web browsers  i mean you may use Chrome Mozilla Opera see if internet works with them or not

but i believe if port 80 is blocked on gateway which is yours router you can not browse internet check in router is port 80 is blocked for this pc using its hostname

to check yours name issue this command in cmd

hostname

now you need to check if port 80 is blocked on router for this
0
 
uroboros1200Commented:
0
 
anuneznycAuthor Commented:
uroboros1200, I'm afraid you may be correct. I just called Netgear support and they acknowledge that this is a know problem with DGN2000 units manufactured in the early part of 2009.

They are offering to send me a replacement unit for $29.

I just find it bizarre that it would work OK for many months and now it stops working, but only on the wired connections??
0
 
acl-puzzCommented:
may i know you if u tried what i suggested in comment id 30050401 ?
0
 
anuneznycAuthor Commented:
hostname on desktop PC resulted in:
mcc-office-new

Will check router to see if this hostname ID is blocked.
0
 
uroboros1200Commented:
Some other posts seemed to point to heat related problems. I read that the replacement units shipped with stands to keep them vertical for proper ventilation. Unfortunately i also read many of the replacement units also failed. Are they replacing it with another DGN2000?

$29 is a good price but not if you have to service it again in a few months.
0
 
acl-puzzCommented:
and if u still have same ip what it was previously also check by ip
0
 
anuneznycAuthor Commented:
Yeah, I assume they will replace w/ the same model.
0
 
anuneznycAuthor Commented:
I'm not sure where hostnames would be blocked in the Netgear settings. Below is screenshot of the Firewall settings.
Netgear-Firewall-Screenshot.png
0
 
uroboros1200Commented:
As a temporary fix you can try switching the cables to different ports as one or two may still work.
0
 
anuneznycAuthor Commented:
I tried different ports and no good. Think they're all toast.

I downloaded & installed Opera browser, but still can't connect to internet.
0
 
uroboros1200Commented:
Sorry... Good luck with the replacement.
0
 
anuneznycAuthor Commented:
We received the replacement unit (same exact model) and now everything is working just fine.

Sincere thanks to everyone who contributed to this posting!!
0
 
anuneznycAuthor Commented:
Thank you! It was a damaged device after all and had to be replaced.
0
 
optomaCommented:
You're welcome :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.