• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Cannot load google

#1
The other day, something messed up my network drivers. I was getting 20kBps on kazaa but couldn't load any websites. I uninstalled the drivers and reinstalled them. Now the net works, but I can't load some sites, google for one. IE just says page cannot be displayed, but Firebird says "connection refused". Any ideas?
 

X-Istence

*
Political User
#2
Also check the DNS server you are using, and make sure its your ISP's, because otherwise your PC might have been DNS hijacked.
 
#3
Okay, turns out I can't access a lot of search pages, ask.com alltheweb.com google.com .fr .uk and I can get to yahoo, but I get page cannot be displayed when trying to load the search results. I can ping every single one of the sites, though the ping times are up to 90-120 from a usual 70-80. The only entry in the hosts file is localhost from apache. No results from ad-aware or Norton Antivirus or Norton WinDoctor.

I'm on a campus network, so the DNS and IP are assigned automatically. My roommate can get to all of these sites. How would I check for that malicious code?
 
#4
Go to a Dos window and type ipconfig. It will show your ip
address and subnet mask. Make sure the subnet mask is:

255.255.255.0

The 255 numbers mean let these addresses through. If they are changed (happened to my router and drove me nuts for days) some addresses will get blocked. The 255 is actually an 8 bit mask set to all 1's to indicate allow it through.

As for scanning for malisiouc code. Get the latest signature update file for the program you use (Norton, Macafee, PCillin) and run a scan of all HDs on your system for all fiel types. Also run adaware using the latest signature files.
 
#6
Ahh. That sounds about right. No patch for it though, and it sounds like I'm stuck until they fix the DNS server. Would that affect Firebird too though?
 

j79zlr

Glaanies script monkey
Political User
#8
The problem is the hosts file. TweakXP got hit like it was a DDOS attack because it was redirecting there. My guess is that the site doing the redirect has been taken down so you are getting a page can't be found error.Try http://216.239.37.99 if that opens google, you've been hijacked. Find your hosts file, or use this app I wrote to find it, http://home.covad.net/~zeiler07/Misc/hosts.zip if that shows something other than x:\Windows\System32\drivers\etc\hosts then you need to do some reg editing. If it has changed, go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters then change the value of DataBasePath to equal %SystemRoot%\System32\drivers\etc

By default your hosts file should only contain the loopback interface 127.0.0.1

Now change your hosts file to READ-ONLY or follow a very simple security practice and do not use the administrator account or a user with administrative priveledges for dayy to day activities. Only the administrator group has permissions to modify the hosts file.
 
M

Merc2k

Guest
#9
I have made the adjustments to the registry, but it still doesn't let me connect. Am I supposed to change something in the hosts file? I am not sure what is meant by : "By default your hosts file should only contain the loopback interface 127.0.0.1"
What should the default one look like exactly?
 
M

Merc2k

Guest
#11
Back?!?

Damn, I got up this morning to find I was right back where I started (no longer able to surf the net due to a DNS error). I've already got the patch from MS, used the Qhost cleaner and repaired the registry and hosts file. What exactly has happened now? Could WindowsXP be restoring a backup when the virus was still present or something?
 

j79zlr

Glaanies script monkey
Political User
#12
Actually it can :) Check the value of DataBasePath in these registry paths as well

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters

and so forth, these are previous hardware profiles, XP shouldn't change these on you, but you never know.
 

muzikool

Act your wage.
Political User
#14
The thread that Enyo linked to is comprehensive in covering this issue, and should answer any questions. I'd check there if you are still having problems. :)
 

Members online

No members online now.

Latest posts

Latest profile posts

Electronic Punk wrote on Perris Calderon's profile.
All good still mate?
Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,961
Messages
673,239
Members
89,014
Latest member
sanoravies