Failed to Connect, help

[Exotickiss87]

I posted a couple days ago with some problems...we think we got all the viruses and malware removed but we are still having problems.

We got AVG free edition by downloading it on a different computer and sending it over the network but this computer can't connect to the update server. It won't let us even go to the AVG website. I've tried every anti-virus website I can think of. It says failed to connect on every single one. I've tried AVG, Avast, Norton, McAfee, Ad-Aware, SuperAntiSpyware....this computer can't connect to any of their websites. I've checked security settings on Firefox and IE and every thing is the same as it was before this problem.

I'm completely lost at what to do.

Any suggestions???

 

[raybay]

AVG is not going to work, as installed. AVG is no longer free on new installs. They are dropping free service on old installs May 31.
But your problem appears to be an infestation or a Windows Setting that is still meddling with your system.
Maybe a clean install is the only way to get it fixed?

 

[Blind Dragon]

sounds like your hosts file is corrupt

Attach here

C:\windows\system32\drivers\etc\hosts

 

[Exotickiss87]

Um...There is no hosts file.

 

[Exotickiss87]

Ok maybe this will help a little bit

I went to www.ineedsurf.info and typed in www.grisoft.com and I can access it from that site with no problem..even with all the check marks unmarked but, I go to a different tab and go to grisoft and it's still saying Failed to Connect.


I also can't access the HiJackThis website...anything that has to do with removed viruses, spyware or malware I cannot access


I'm lost lol

 

[raybay]

What firewalls and other security are installed? Something is blocking, for sure.

 

[Exotickiss87]

We have the firewall turned off right now but it's just the basic windows firewall. And the only security things on it are AVG, which is turned off right now. Super Antivirus, which is also turned off. Spybot, which is turned off and CCleaner.

There is pretty much nothing running except what is required to be running.

 

[Blind Dragon]

Let me guess you use Internet Explorer


Show hidden files through windows explorer

• Access Windows Explorer by clicking Start, point to All Programs, Accesories, and then click Windows Explorer. Or hold the windows key and press E
• On the Tools menu in Windows Explorer, click Folder Options
• Click the View tab.
• Under Hidden files and folders, click Show hidden files and folders
• Remove the checkmark from the checkbox labeled Hide protected operating system files
• Remove the checkmark from the checkbox labeled Hide file extensions for known file types
• Put a checkmark in the checkbox labeled Display the contents of system folders.

Now try to attach your hosts file

 

[DelJo63]

There was a rash of new MS Security updates to solve such issues!

MS-020,021,022,023,024,025 just came out.

The KB numbers are

1. kb945553
2. kb948590
3. kb944338
4. kb948881
5. kb941693

download all kb's and run each (from and admin account) using /noreboot until the last one.

Highly suggest running this in the order listed; the last one updates the kernel.

 

[Exotickiss87]

No we don't use IE, we use Firefox and I'm telling you...theres no such file as the hosts file...I'm perfectly capable of getting into the system32 folder.

 

[DelJo63]

the precise location is

\Windows\System32\Drivers\etc\hosts​

if not present, add it and set it R/O

 

[Blind Dragon]

Or better yet

[*]MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to known bad sites by redirecting them to 127.0.0.1 which is your local computer

------------------------------------

Are you connecting through proxy server?

 

[Exotickiss87]

I don't know. I've tried everything and nothing is working. Apparently the Hosts file is fine. I replaced it and it still fails to connect to any site that has to do with antivirus software, mailware removal or spyware removal. It makes no sense to me. We are not connecting through a proxy server. We installed all windows updates as well and still nothing. My b/f is about ready to wipe the hard drive clean and reinstall windows.

 

[Blind Dragon]

what about online scanners such as trend micros housecall or kaspersky online

 

[DelJo63]

let's try a few things first;
Prove tcp access to the internet; get a command prompt then

ping www.google.com -- should get timing info
nslookup www.avg.com -- should get the ip address
ping www.avg.com -- again, more timing info​

If these work, then TCP and your DNS settings are ok

Next, let's prove the site is accessible without a browser!
enter this exactly (<enter> is just that key )

telnet www.google.com 80
Trying 74.125.19.99...
Connected to www.l.google.com.
Escape character is '^]'.
GET / HTTP/1.0<enter>
<enter>
HTTP/1.0 200 OK
Cache-Control: private
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: PREF=ID=d9bc24e0f689c6c9:TM=1210964049:LM=1210964049:S=MWCgUsbqEMDzr
x1S; expires=Sun, 16-May-2010 18:54:09 GMT; path=/; domain=.google.com
Date: Fri, 16 May 2008 18:54:09 GMT
Server: gws
Connection: Close

<html><head><meta ...​

If you get the HTTP/1.0 200 OK reply, then you've just used telnet to access
the same page the browser would for the url http://www.google.com/

Now start over with ping some-av-site-domain-name and follow that with
telnet some-av-site-domain-name 80
GET / HTTP/1.0
<enter>

If this fails, then you've got some hijacker riding on the browser the is controlling the browser accesses.

 

[Exotickiss87]

I've already tried pinging websites...they are all coming up successful...we just can't get to the actual website. I did some optional Windows Updates earlier and after that we couldn't access windows update anymore and now we can't download anything from microsoft. My boyfriend was on the phone with Microsoft for 2 hours and he had a 4 way with 4 different techs and they are all clueless. The computer has been scanned with atleast 8 different scanners and nothing is coming up...The hijackthis log is coming up pretty much empty, it has maybe 6 lines of information. There is nothing running except what is required to be.

And it won't let us acces the trend micros housecall or kaspersky online websites. It says failed to connect.

 

[DelJo63]

you need to follow the instructions if you want to diagnose even WHERE to look for the cause.

PING is no where near the same as the web browser access. I'm not going to lecture
on all the details, but to say your browser uses ipaddress:80 to access a page;
the 80 is the port number -- look at the telnet examples again -- the third parm is also 80.

What's the diff? The fact that your browser can be directly hijacked while telnet can not!

TELNET SOME-IPADDRESS (or domain-name) 80 followed by
GET / HTTP/1.0
<enter>​

is the technology (err: protocol) used for all web browser access.

I was attempting to help you avoid a reformat and reinstall as some others have
suggested -- maybe you would rather take that approach

Best wishes