• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 595
  • Last Modified:

Cannot get onto the Internet - sometimes

One PC running XP Pro SP3 on a network of seven XP Pro/Vista Biz PCs keeps having a problem with the Internet.

The web page appears to connect then the app closes - any ideas.

I have set the IP to fixed settings and the DNS points to the router, but I have also tried setting it to 4.2.2.2 - any ideas?
0
mikeabc27
Asked:
mikeabc27
  • 9
  • 8
  • 6
  • +1
1 Solution
 
younghvCommented:
mikeabc27,
Any error messages in your Event Viewer?

I have a generic Article on basic trouble-shooting that will get you started.
Read through it and run CCleaner & Malwarebytes and let us know the results.

http://www.experts-exchange.com/A_1940.html (Basic Malware Troubleshooting)
0
 
houssam_balloutCommented:
0
 
younghvCommented:
mikeabc27,
Please DO NOT install and run ComboFix -

That may be an option if other (lesser intrusive) tools do not help, but it is definitely NOT indicated at this point.
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
mikeabc27Author Commented:
Thanks - I'll try:

1. ccleaner - and check
2. mbam - and check
3. combofix - and check.

In that order, but I am a fan of combofix.
0
 
younghvCommented:
mikeabc27,
I am a big fan of CF and donate money to sUBS every year as my way of thanking him for the work he does.

My concern is that we have a number of "Experts" around here who post 'Run ComboFix' as a first response to every sign of malware. Not one of them is a "Trusted Helper" (certified), but they sure grab a lot of points with their suggestions.

CF should never be used lightly - as noted in any legitimate forum discussing its use - due to the slight potential for damage to System files.

I always treat it as the sledge-hammer to be used when my regular hammers don't work.

Thanks.
0
 
younghvCommented:
Before finally turning to CF, please consider both of the following:

TDSSKILLER found here:
http://support.kaspersky.com/downloads/utils/tdsskiller.zip

* Download the file TDSSKiller.zip and extract it into a folder on the infected (or potentially infected) PC.
* Execute the file TDSSKiller.exe.
* Wait for the scan and disinfection process to be over. You do not have to reboot the PC after the disinfection is over.

If the tool finds a hidden service it will prompt you to type "delete",  you can also just hit "Enter" without typing in and the scan will continue...
The user can then post the log to be analyzed.
***********************
and

http://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/A_4922.html (Rogue-Killer-What-a-great-name)
Let us know the results and we can take the next steps.
0
 
mikeabc27Author Commented:
OK younghv, I'll move CF to no. 4. The reason I jump into CF is the timeline/cure ratio is so much higher than mbam which is currently running.
0
 
younghvCommented:
Understood - and clearly you are comfortable with using CF.

I get a little irritated with these "me too" posts, since I clearly identify using ComboFix in my Article:
**********************

"In all cases, I start by cleaning out all of the "Junk/Temp" files (many forms of malware sit in these folders). My program of choice for this is CCleaner (www.ccleaner.com), but there are a wide variety of alternatives.

For broad spectrum identification and cleaning, my favorites are:

"Malwarebytes' Anti-Malware" (http://www.malwarebytes.org/mbam.php) and "ComboFix" (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)...."
0
 
mikeabc27Author Commented:
I left mban running for nearly two during which time it found nothing - I then had to pass full control back to the user. Out of around 30 scans during two years it has only detected/fixed two problems so not a big fan. Had combofix have been able to resolve the issue, it would have completed in 30 minutes. Thanks for your ideas which I totally appreciate.

CCleaner I agree is an excellent tool.

I have since found the Internet problem can be resolved with a reboot, so maybe a conflict of files?

Nothing in Event Viewer to give any obvious clue.

0
 
younghvCommented:
Kind of scary.
I don't think I've ever seen an MBAM scan take that long to run.

The TDSSKiller mentioned above can be excellent for stopping some of the rogue processes and I just found this last week (looks promising).

http://www.experts-exchange.com/A_4922.html (Rogue-Killer-What-a-great-name)
0
 
mikeabc27Author Commented:
Thanks - I won't be in the office until Monday now ans will try it then,
0
 
JT92677Commented:
Mike,

Why do you turn off DHCP?:  It sets up a non-conflicting IP address, fills in the gateway IP address, and the DNS server address.

Suggestion: Turn on DHCP again, it works, and gives you a working set of IP addresses that are needed.

Jeff
0
 
younghvCommented:
There are a lot of reasons for assigning static IP's - especially with only 7 systems to keep track of.

It is much more 'non-conflicting' than allowing DHCP - and will absolutely prevent some rogue user from plugging in their home computer and running on your wire.

From a security standpoint, it is a much better decision...but simply not feasible on large networks.
0
 
JT92677Commented:
He's trying to solve a connection issue, not a security problem.
0
 
younghvCommented:
JT92677,
It is very rude to post a "bold" response.

I understand clearly this situation and changing from static to DHCP will have exactly zero affect.
0
 
JT92677Commented:
DHCP will avoid leaving out some parameters that might affect his success in accessing the net.

Sorry, I don't have as much time to post here as some others, and didn't realize that using a bold attribute would offend someone.
0
 
mikeabc27Author Commented:
Thanks Younghv and Jeff - it seems to have been ok since the reboot, so it's the worst type of problem because it will happen again, so much much easier when something just doesn't work. Well if a reboot resolves it, sobeit.

Jeff, it wasn't originally set to dynamic, I did this to point to an alternative DNS server, s'pose I could have just switched the DNS to dynamic - habit!
0
 
mikeabc27Author Commented:
PS - I would like to keep this open until it happens again and we crack it. If that's ok?
0
 
JT92677Commented:
Mike,

I used to hard code IP information until the ability to "reserve" an IP assignment started appearing in these SOHO routers.  I run some services on my LAN that require a fixed IP so I can do the port forwarding, and the "reserved" approach works well for portable/laptop computers so no longer need hard coded IP, and I can move the laptop to another WiFi network and not have to edit the TCP/IP properties.

Jeff
0
 
JT92677Commented:
Mike, I forgot to mention, you can use DHCP (Dynamic) IP assignment and still hard-code your favorite DNS server IP    Kind of a nice approach if you have a DNS server you like better than your ISP DNS server.

Jeff
0
 
mikeabc27Author Commented:
Jeff and Younghv - the D-link needed to be set in Bridge mode and the Netgear supply the credentials. I had always used the D-link for credentials and Netgear for port forwarding.

Thank you for your help.
0
 
younghvCommented:
I don't understand how that configuration could affect only one computer out of seven, but I won't 'Object' to the way you are trying to close this.

/unsubscribe
0
 
mikeabc27Author Commented:
Found solution myself
0
 
JT92677Commented:
D-Link and Netgear -- two routers?  The first time this was mentioned was in the "solution"

Hard to help solve a problem that is so poorly desribed.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 9
  • 8
  • 6
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now