Internet strangeness--wasn't sure where to put this

J

jubalskeiki

Limp Gawd
Joined
Jan 27, 2005
Messages
454
I have a problem with my internet. I do web design so I have a few browsers installed on my computer. None of them really work, except deepnet (which I just loaded mostly to see what it looked like, and I am now glad that I did). I was online a week ago, and then I went to bed. When I woke up the next morning and refreshed my web pages to see if I had gotten any e-mails nothing worked. I could get into my schools email, but not my schools web page. I have tried MYIE2, Maxthon, Mozilla, Firefox, IE, and Opera. There is no problem with my internet connection. I can use IM and deepnet works fine, but none of the others will at all. I redownloaded firefox, both the 1.5 and an older version...1.0.7 I believe and it still does the same thing. I am happy that I have a browser that works, but deepnet is based on IE so it still has the holes and stuff...plus I don't have my firefox extensions. Does anyone have any suggestions for fixing this?
 
Turn off your PC, Unplug your router (if you have one). Leave it out for a while, then plug in the router and turn on the PC. Check your internet then. If that does'nt work try logging in as a different user. That will tell us if it is a settings issue.
 
I tried a different user. As for the router bit, I am at school and on a wireless network. I know other people are running off of the same router and they are fine. I could probably unplug it, but how long would I need to leave it unplugged? A couple of minutes should be fine right?
 
it could be a great number of things
Id start with ipconfig

Start > Run > (type) cmd

at prompt type:

ipconfig /flushdns

Id then look carefully at the firewall rules to see if its blocking
monitor for unusual traffic (attach to a router or modem with an LED indicator, block all traffic with the firewall and see if there is any traffic indicated anyway indicative of an infection)

then Id start to ensure its not infected anyway
http://hardforum.com/showthread.php?p=1028996611&highlight=enumerate#post1028996611

its one possibility but not the only one
 
I have run hijack this, it found nothing suspicious. I ran spysweeper, spybot and adaware. They didn't find anything. My software firewall isn't showing any activity. I am not near enough to the router to plug directing into it. My internet adapter card has an LED could I use that?
 
Reminds me of the good ol Windows 98 days when this was a sign that it was time to reinstall TCP/IP
 
I guess the thing that confuses me is why one browser works completely (now two...I had forgotten I had flock installed until I was looking through installed programs and saw it). And the rest just mostly don't work at all. I am also confused because I didn't change anything. I was online and was still online, but went to bed, and woke up and my browsers were broken. Partly I want them to just work again, partly I want to know why because it doesn't make sense.
 
I see a few potential causes

1. some shared component was corrupted

2. something got subverted

3. you actually did something that only manifested itself after a reboot

at this point Im torn between tossing this into networking (hardware issue) and Operating Systems (OS issue)

I don't "think" its hardware given the functionality of other aps, but they are good at connectivity issues

your process for determining your system is "clean" assumes it was clean to begin with or its a minor infection
once your infected these days, the malware is very likely to subvert your installed security to hide, you could very easily have a kernal mode rootkit and be borged and botted

which is why unusual traffic would be indicative, however generally they don't want you to know your subverted
 
I ran the rootkitrevealer you suggested in that thread that you referenced (I do read links) it found some stuff....I am not sure what some of them mean...as far whether they are indicitive of a rootkit problem. 10 percent of them had to do with the browser I was using when I ran the program. I would have posted that at the time of the previous post, but it hadn't finished running. It took forever. I did look at the date and time stamp. None of the files/keys listed were stamped either that sunday or the monday I went to get on and couldn't. I am still not sure why any of the browsers work for like two sites, but not the rest. It seems like either it would work or not.

Also, I am not assuming my system is clean. There is very obviously a problem. Whether it is a malware problem of somekind...or if it is hardware related...or if it is because of something with the OS, there is a problem. I was mostly just saying that, I have already run those so if I have some sort of malware, it is more malicious than something really simple.

I didn't install spy sweeper until after I started having problems. It could have subverted it as I installed it, which I would not be able to say for sure about or not, but it was not a program I had loaded previously. Would uninstalling and reinstalling spybot and AA be something to try?
 
well flock is a bird of a totally different color bearing only a passing resemblence to FF its a very specialized branch the other browser maybe the same

there is a rootkitrevealer forum

http://www.sysinternals.com/Forum/forum_topics.asp?FID=15

and its important to close your browsers and not do anything on the computer while its working

http://www.sysinternals.com/Forum/forum_posts.asp?TID=2351&PN=1

# Don't use your computer while RKR is scanning.

Start RKR, wait about 10 seconds, click Scan, then leave computer untouched until it completes. An idle machine will minimise the possibility of false positive reports caused by changes to the system during the scan. Background processes may still make intermittent changes, but resulting discrepancies tend to be obvious from their registry or filesystem branch; on a re-scan many may not recur.
Click to expand...

then go ahead and search the forum for matching entries
you can employ a portion of a key to search as the whole key would get truncated before it got to the part your really interested in

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System null
down to
HKLM\SOFTWARE\Microsoft\Windows\Curr

whereas what your really looking for could be found with just

CurrentVersion\System null

as a search query
 
You must log in or register to reply here.
Back
Top