Solved

Can only remote connect in safe mode

Posted on 2011-03-07
27
423 Views
Last Modified: 2013-12-08
Have spent 10 hours with Lenovo guys on the phone - no solution. Let's see if I have more luck here.
A while back my connection to my automatic web backup stopped working (Carbonite). They have not been able to figure out why. Now I got a virus and discovered that noone can remote access my computer (security settings do not seem to be part of it, have tried with all of it off). Computer is set to allow remote access as well as the programs being allowed past firewall. I attemted to switch servers from Explorer to Firefox and guess what, it can also not connect.
The messages I get make it seem that I am not connected to the interned, which I am. I am running on Vista. Any ideas?
0
Comment
Question by:AnKing
  • 11
  • 5
  • 4
  • +2
27 Comments
 
LVL 8

Expert Comment

by:andoss
ID: 35065800
Do you still have the virus on your compuiter?

I would suggest downloading the free version of malwarebytes.
http://www.malwarebytes.org/
Install and do a full scan under safe mode, is anything detected?
0
 
LVL 8

Expert Comment

by:Nivlesh
ID: 35065853
Are you good with command line? Start up a command line (Start\Run\cmd.exe) and then do the following

ipconfig/all

Check to ensure there are DNS servers listed in the output.
Then do
ping 8.8.8.8
ping 4.4.4.4
(these are google public dns and you should be able to get responses if you have internet connection)

then do
ping www.google.com 
if the first ping works but www.google.com doesnt, then most probably you have a dns issue
check your c:\windows\system32\drivers\etc\hosts file to ensure there is nothing there out of ordinary. normally viruses put entries right at the bottom of this file and so you cant necessarily see these

for me, www.google.com resolves to 66.102.11.104
put that in your browser and see if you can get to the website.

Please post back results.

0
 

Author Comment

by:AnKing
ID: 35065856
Done 5 times. But it keeps coming back. It comes up with a systemtools screen and a blue background.with warning all over it. If they could only remote access my machine in normal mode it would be so much eaier to deal with.
0
 

Author Comment

by:AnKing
ID: 35065867
Nivesh - I enter ipconfig/all in Run, but get:
Windows canot find 'ipconfig/all'. Make sure you typed the name correctly, and then try again.
0
 

Author Comment

by:AnKing
ID: 35065868
Sorry about the name misspell
0
 
LVL 8

Expert Comment

by:Nivlesh
ID: 35065872
0
 
LVL 8

Expert Comment

by:andoss
ID: 35065882
You need to type 'cmd' into the run window to do what Nivlesh is suggesting.
You then get a black command prompt where you type 'ipconfig /all' (there is a space which Nivlesh missed).

Does malware bytes atleast detect what sort of virus it is? If it gave you a name we should be able to find instructions to clean it properly and permanently.
0
 

Author Comment

by:AnKing
ID: 35065899
Nivlesh, got it this time.
Ping 8.8.8.8 worked, but 4.4.4.4 timed out and was not successful.
Google worked (72.14.204.99)



0
 
LVL 8

Expert Comment

by:Nivlesh
ID: 35065907
did you try the recommendations from the article i posted the link to?
0
 

Author Comment

by:AnKing
ID: 35065909
Nivlesh, yeah, that's my bad visitor there. I'll go through the steps suggested to get rid of the virus and meanwhile try to figure out why the connection is not working.
0
 
LVL 8

Expert Comment

by:Nivlesh
ID: 35065970
If you are able to get the virus out from the recommendations then download Malwarebytes (as stated by AnKing) and run it to find out any traces of the virus still left.

From your posting, it seems that people can access your computer remotely when it is in safe mode. I suggest downloading malware bytes then. since you cannot install anything in safe mode (safe mode with networking or the normal safe mode), log back into the normal mode, install malwarebytes. log back into safe mode (with networking) and then update and run malwarebytes.
0
 

Author Comment

by:AnKing
ID: 35065997
I'm not able to follow the instructions in the article. I get Access is Denied for AppData.
I do see a file that has random letter/numbers under All Users and it is dated today. Should I just delete it? I did just run Malware and it picked up two issues and I deleted them through the program.

The main issue I am trying to figure out though is why I can't get remote access to work in normal mode.
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 8

Expert Comment

by:andoss
ID: 35066021
Malwarebytes install fine in safemode and i would suggest doing it from there to make sure it installs properly. Also boot safemode with networking so you can also update malwarebytes if possible.
0
 

Author Comment

by:AnKing
ID: 35066030
Checking back in the morning
0
 

Author Comment

by:AnKing
ID: 35066049
andoss - malware is installed and I have run it several times, it deletes the virus temporarily, but it comes back afer a couple of hours.
0
 
LVL 23

Expert Comment

by:edbedb
ID: 35067259
Try running a scan with tdsskiller. You can get it here.
http://support.kaspersky.com/faq/?qid=208283363
0
 

Author Comment

by:AnKing
ID: 35068504
I am still not getting any sort of answer or even suggestions as to why noone can remote connect to my computer in normal mode. Can anyone make a suggestion?
0
 
LVL 23

Expert Comment

by:edbedb
ID: 35068803
The reason no one can connect might well be because your computer has some kind of virus or malware on it.

It could also be caused by your security software. Try removing it to test.
0
 

Author Comment

by:AnKing
ID: 35070338
No, the connecting issue started way before the virus appeared. It was just then it got really annoying. As mentioned in the initial question I have tried with all security turned off, but same issue.
Any ideas as to how I can find out where the block is or how to fix it?
0
 
LVL 23

Accepted Solution

by:
edbedb earned 250 total points
ID: 35071305
"I have tried with all security turned off,"

That's not the same as removing it. There is a good enough chance that is what is interfering with the remote desktop that I would certainly try it.
0
 
LVL 8

Expert Comment

by:Nivlesh
ID: 35077035
Apologies in case I have not read it properly, but what remote access program are the people using to connect to your computer?
0
 

Author Comment

by:AnKing
ID: 35078509
Indeed, it was Norton. It had even blocked itself from being able to update/connect. Got it deleted and reinstalled and now I'm good to go.
Thanks!
0
 
LVL 23

Expert Comment

by:edbedb
ID: 35357973
According to the last post from the author, I clearly answered the question with posts http:#a35068803 and http:#a35071305

0
 

Expert Comment

by:_alias99
ID: 35390632
Restarting the auto-closure per CV's revised recommendation.

_alias99
Community Support Moderator
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
cloning computer 13 61
How can i modify my File download link ? 6 45
Cannot convert Web page to Adobe PDF with Adobe Chrome extension 3 61
Flashplayer.hta Download 1 27
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
A Bare Metal Image backup allows for the restore of an entire system to a similar or dissimilar hardware. They are highly useful for migrations and disaster recovery. Bare Metal Image backups support Full and Incremental backups. Differential backup…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now