new computer won't connect to internet

G

gib65

Member
Hello,

I'm setting up a new computer and I'm having trouble getting it connected to the internet. It's an Acer (model: Aspire M3910) running Windows 7. I have it plugged into a jack that I know works (other computers can connect on it), but when I type in ipconfig, I get this:

Code: 
C:\Users\amy delvecchio>ipconfig

Windows IP Configuration


Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::883d:7932:a7fb:8029%9
   IPv4 Address. . . . . . . . . . . : 192.168.1.114
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1

Tunnel adapter isatap.{A4759F59-5120-4578-ADFA-93C67480E4F5}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter isatap.{F118797A-7FB8-48E4-B6F4-6C641CC22348}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3c57:336e:3959:d50a
   Link-local IPv6 Address . . . . . : fe80::3c57:336e:3959:d50a%13
   Default Gateway . . . . . . . . . : ::

C:\Users\amy delvecchio>

Releasing and renewing doesn't work.

Any ideas?
 
Do ipconfig /all

make sure there is a space between the g and the /

List info given.
 
I get this:

Code: 
C:\Users\amy delvecchio>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : amydelvecchio
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 802.11n Wireless PCI Express Card LAN Ada
pter
   Physical Address. . . . . . . . . : 70-F1-A1-B5-B8-7E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 44-87-FC-C1-A7-67
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::883d:7932:a7fb:8029%9(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.114(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : November-10-11 3:36:06 PM
   Lease Expires . . . . . . . . . . : November-11-11 3:36:05 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234890513
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-AC-62-AE-44-87-FC-C1-A7-67

   DNS Servers . . . . . . . . . . . : 4.2.2.2
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{A4759F59-5120-4578-ADFA-93C67480E4F5}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F118797A-7FB8-48E4-B6F4-6C641CC22348}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3c57:336e:3959:d50a(Pref
erred)
   Link-local IPv6 Address . . . . . : fe80::3c57:336e:3959:d50a%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

C:\Users\amy delvecchio>

BTW, it seems I can connect to the internet after all, but it's just google that my computer has an issue with. I get a "404 not found... nginx" error.
 
You said this was a new computer. Is this a brand new computer that has never been used before? This sounds like its been infected already.
 
No, it's not actually new. It's new to me. We had it shipped to our Calgary office from our Ft. McMurray office where it was used by someone else for God knows how long.

You say it looks infected? How can you tell? Is it serious? It seems to be running smoothly (connecting to google notwithstanding). Could this have anything to do with my problem connecting to google?
 
Can you run the following scans for me?

Please download Malwarebytes' Anti-Malware from here or here and save it to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.



Download the HijackThis installer from here.
Run the installer and choose Install, indicating that you accept the licence agreement. The installer will place a shortcut on your desktop and launch HijackThis.

Click Do a system scan and save a logfile

Most of what HijackThis lists will be harmless or even essential, don't fix anything yet.

When the hijackthis log appears in a notepad file, click on the edit menu, click select all, then click on the edit menu again and click on copy. Come back to your reply and right click on your mouse and click on paste.

Post the logfile that HijackThis produces along with the Malwarebytes Anti-Malware log
 
Here's the mbam log:

Code: 
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8149

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

12/11/2011 4:40:36 PM
mbam-log-2011-11-12 (16-40-36).txt

Scan type: Quick scan
Objects scanned: 170518
Time elapsed: 4 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

As for HijackThis, I got this message in the middle of its scan:

For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may NOT be able to fix this.

If this happens, you need to edit the file yourself. To do this, click Start, Run and type:

notepad C:\Windows\System32\drivers\etc\hosts

and press Enter. Find the line(s) HijackThis reports and delete them. Save the file as 'hosts.' (with quotes), and reboot.

For Vista: simply, exist HijackThis, right click on the HijackThis icon, choose 'Run as administrator'.
Click to expand...

and then this:

Your hosts file has invalid linebreaks and HijackThis is unable to fix this. 01 items will be displayed.
Click to expand...

It opened up a blank log file in the end.

If I open the hosts file, I see this:

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
66.232.102.249 www.google.com
66.232.102.249 google.com
66.232.102.249 google.com.au
66.232.102.249 www.google.com.au
66.232.102.249 google.be
66.232.102.249 www.google.be
66.232.102.249 google.com.br
66.232.102.249 www.google.com.br
66.232.102.249 google.ca
66.232.102.249 www.google.ca
66.232.102.249 google.ch
66.232.102.249 www.google.ch
66.232.102.249 google.de
66.232.102.249 www.google.de
66.232.102.249 google.dk
66.232.102.249 www.google.dk
66.232.102.249 google.fr
66.232.102.249 www.google.fr
66.232.102.249 google.ie
66.232.102.249 www.google.ie
66.232.102.249 google.it
66.232.102.249 www.google.it
66.232.102.249 google.co.jp
66.232.102.249 www.google.co.jp
66.232.102.249 google.nl
66.232.102.249 www.google.nl
66.232.102.249 google.no
66.232.102.249 www.google.no
66.232.102.249 google.co.nz
66.232.102.249 www.google.co.nz
66.232.102.249 google.pl
66.232.102.249 www.google.pl
66.232.102.249 google.se
66.232.102.249 www.google.se
66.232.102.249 google.co.uk
66.232.102.249 www.google.co.uk
66.232.102.249 google.co.za
66.232.102.249 www.google.co.za
66.232.102.249 www.google-analytics.com
66.232.102.249 www.bing.com
66.232.102.249 search.yahoo.com
66.232.102.249 www.search.yahoo.com
66.232.102.249 uk.search.yahoo.com
66.232.102.249 ca.search.yahoo.com
66.232.102.249 de.search.yahoo.com
66.232.102.249 fr.search.yahoo.com
66.232.102.249 au.search.yahoo.com
Click to expand...
 
This is the reason why you can only go to google, you have a bad hosts file.

Please follow the instructions here to replace your existing hosts file with the default one.

http://support.microsoft.com/kb/972034/en-us

In order to run Hiackthis in vista and windows 7 you need to right click on the hijackthis icon and click on run as. If the run as option doesn't appear then press and hold the shift key while right clicking on the icon.

Let me know if you are having problems getting the default hosts file back.
 
I'm afraid I can't follow the instructions in that guide.

For one thing, the path it tells me to go to for a 64-bit OS doesn't exist (granted, I'm not sure it is a 64-bit OS but it is a 64-bit machine). I had to create the etc folder. But then (the second thing) it told me I couldn't save in this folder because I wasn't an administrator.

Just in case I am running a 32-bit OS, I went to the system32/drivers/etc folder and didn't find a hosts file (the closest thing was a Imhosts.sam). When I tried to save a notepad file as "hosts" it told me there was already a file by that name there. Is it hidden? How can I make things visible in Windows 7? I also tried typing "rename hosts hosts.old" in a command prompt in the appropriate folder but it told me it couldn't find a file named "hosts".

On top of that, I came to work this morning to find that FileCure had just scanned my computer and found 21 problems. I have no doubt that this is a virus, but I'm surprise neither MBAM nor McAfee detected it.

As for hijackthis, I shift-right-clicked on the shortcut icon and found run as administrator. When I click on that, all that happens is a folder opens up at the path c:\windows\system32\
 
If you have infected by virus, then you are unable to remove it from windows. Try to use a genuine disk of antivrus as boot from cd-rom. Many antivirus support linux based antivirus with support of update...

Just run your computer boot from cd of your antivirus.
To see if a virus exist.
Most of cases is the combine of a spyware and one keylloger.
This combine make most of antivirus uselless Vs virus.
Because most of cases spyware or keylloger installed with your choice. (hidden inside as "feature" in one another "normal" program).
If that steps fail, then your only choice is :
http://support.microsoft.com/kb/972034/en-us as global moderator johnb35 say before.
 
gib65 said:
I'm afraid I can't follow the instructions in that guide.

For one thing, the path it tells me to go to for a 64-bit OS doesn't exist (granted, I'm not sure it is a 64-bit OS but it is a 64-bit machine). I had to create the etc folder. But then (the second thing) it told me I couldn't save in this folder because I wasn't an administrator.

Just in case I am running a 32-bit OS, I went to the system32/drivers/etc folder and didn't find a hosts file (the closest thing was a Imhosts.sam). When I tried to save a notepad file as "hosts" it told me there was already a file by that name there. Is it hidden? How can I make things visible in Windows 7? I also tried typing "rename hosts hosts.old" in a command prompt in the appropriate folder but it told me it couldn't find a file named "hosts".

On top of that, I came to work this morning to find that FileCure had just scanned my computer and found 21 problems. I have no doubt that this is a virus, but I'm surprise neither MBAM nor McAfee detected it.

As for hijackthis, I shift-right-clicked on the shortcut icon and found run as administrator. When I click on that, all that happens is a folder opens up at the path c:\windows\system32\
Click to expand...

Sorry about the late reply, somehow I missed your post.

Filecure isn't malware per say, you need to uninstall it by downloading and running revouninstaller.

http://www.revouninstaller.com/

Then please do the following.

Download the following bat file to your desktop.

http://download.bleepingcomputer.com/bats/hosts-perm.bat

When the file has finished downloading, double-click on the hosts-perm.bat file that is now on your desktop. If Windows asks if you if you are sure you want to run it, please allow it to run. Once it starts you will see a small black window that opens and then quickly goes away. This is normal and is nothing to be worried about. You should now be able to access your HOSTS file.


We now need to delete the C:\Windows\System32\Drivers\etc\HOSTS file. Once it is deleted, download the following HOSTS file that corresponds to your version of Windows and save it in the C:\Windows\System32\Drivers\etc folder. If the contents of the HOSTS file opens in your browser when you click on a link below then right-click on the appropriate link and select Save Target As..., if in Internet Explorer, or Save Link As.., if in Firefox, to download the file.

You are running Vista so here is the correct hosts file for your system.

http://download.bleepingcomputer.com/misc/host-files/windows-vista/hosts

Your Windows HOSTS file should now be back to the default one from when Windows was first installed.

Now reboot your computer.
 
Thanks John, but I managed to solve the problem in the interim.

I figured out how to make the hosts file visible: In any folder, go to organize > folder and search options > view tab > unselect "hide protected operating system files".

Then it was a simple matter of opening the properties of the hosts file, changing the permission and ownership settings, and copying over the good version of the file. I tried going to google and was successful.

But I will still follow your instructions (when I'm not busy) to remove FileCure.

Also, I'm assuming that this fix to the hosts file can be assumed to have no inadvertent side effects (i.e. is there anything else that should be adjusted in the system now that I've copied over the bad version of the file with a good one?).
 
You must log in or register to reply here.
Back
Top