Can ping but not browse

M

MichaelsComputerServices

Member
Reaction score
7
I have a Windows 7 laptop that I can't seem to figure out what is wrong. It came in with symptoms of not being able to load websites. My first step was to ping google's IP, which succeeded. Next I pinged the domain which came back as "Could not Find Host". Usually when this happens I can do a winsock reset and that resolves it, it did not. I've reset TCP/IP stacks, uninstalled and re-installed network drivers, scanned for viruses, safe mode with networking, different profiles, Norton Removal Tool, Tweaking.com's Repair Utility, Complete Internet Repair Tool, SFC, and set a static IP. It acts like it is a DNS issue, but can't figure out where the issue is. I've tried in safe mode with networking and I get the same results. Also tried a live boot disc and the network cards work fine there. This applies to both wired and wireless.
 
I had something similar just a few days ago, none of my regular scans found anything so I ran Autoruns, enabled Virus total, and hey presto! it found a proxy.
It took 30 seconds to remove it and all was good.
 
Sounds like the proxy in the registry I mentioned last week. Our techs found Rougekiller will typically find some variations of that hack. As wavey mentioned autoruns with VT enabled will probably find it quick as well. Good luck.
 
wavey said:
Roguekiller & Hitman pro usually do the job, but not this time.
Click to expand...


Yeah you found the variation I got called in on last week. Our techs were all dumbfounded and asked for my help after they couldn't find it running all those tools.

Did you notice the IP? Curious if it was from the same 100. A Block range that I found? I believe this infection is rather new as no tool I know of will find it.
 
inbargains said:
Sounds like the proxy in the registry I mentioned last week. Our techs found Rougekiller will typically find some variations of that hack. As wavey mentioned autoruns with VT enabled will probably find it quick as well. Good luck.
Click to expand...
Odd. If DNS is borked by a proxy then how can virustotal be consulted?
 
I just tried autoruns with VT and it wasn't able to connect. Roguekiller didn't pick up anything and TCPView doesn't show strange IPs.
 

Attachments

  • TCPViewScreenShot.png
    TCPViewScreenShot.png
    29.6 KB · Views: 6
Look at network adapter and see if any packets are moving. According to TCPview there is little activity. The infection I found showed a lot of packets moving from the network adapter but the computer didn't know it was connected to the Internet.
 
Stupid question and I'm sure you did this already, but did you try changing the DNS settings to Google's DNS? You mentioned you set a static IP, just checking to see if you set static DNS.

Also, if the computer is at the customer's place it could be the router is the one with a DNS hijack.
 
You must log in or register to reply here.

Similar threads

Larry Sabo
ASUS Vivobook keyboard not functional in Windows, but does in WinPE
2
Replies
23
Views
1K
Porthos
Porthos
Appletax
AVG hosed the OS - BSODs, bootrec/fixboot "Access is Denied"
2
Replies
25
Views
2K
britechguy
britechguy
Larry Sabo
PIN (apparently) not input, but it is!
Replies
11
Views
1K
Markverhyden
Markverhyden
britechguy
Today's BSOD, Code BAD_SYSTEM_CONFIG_INFO - What's actually going on here?
Replies
13
Views
1K
fincoder
fincoder
HCHTech
New+old Unifi setup struggles
Replies
8
Views
1K
HCHTech
HCHTech
Back
Top