TechSpot

Lost internet (via IE) / localhost access / ftp ability

By john97
Dec 8, 2009
Topic Status:
Not open for further replies.
  1. I recently lost complete access to the internet, localhost via my browsers and the ability to connect out via ftp. I've been able to "fix" the internet access with firefox, but not IE. I can ping 127.0.0.1, but not local host. In firefox and IE, when I attempt to access localhost page (I'm using IIS) I receive:
    HTTP Error 503. The service is unavailable.
    When I attempt to use ftp, I receive:
    Status: Connection attempt failed with "EAI_FAIL - Nonrecoverable failure in name resolution".
    Error: Could not connect to server
    I've used netsh, but seems to no avail as I can not even locate the log file any place on my pc.
    I've updated IE (7 to 8), my ftp client, but still no fix.
    I'm not very familiar with this, your help would really be appreciated.
    ............................
    I just spent several days working on this with Kimsland in the malware section (topic139072), recommended I move here now.
  2. yangly18

    yangly18 TS Rookie Posts: 242

    edited....
  3. jobeard

    jobeard TS Ambassador Posts: 13,410   +314

    is this IIS/7 ? I don't need a complete list of the hardware/software, but what environment
    are you attempting to run?
    { IIS + FTP service on a server machine?} if so, which version of IIS and the Server?

    Most importantly, has this setup run correctly in the past, or is the a newly configured system?

    There seems to be a rash of HTTP 503 errors.
    Googling "http error 503. the service is unavailable. iis 7.0" shows many hits.

    This one looks promising http://www.west-wind.com/WebLog/posts/9436.aspx on application pools

    Here's one on ISAPI Filters

    the name localhost occurs in the hosts file located \windows\system32\drivers\etc.
    it should be the first line without a #comment as 127.0.0.1 localhost (open with notepad)
    If it's not there, add it at the top of any other addresses and then use an admin cmd prompt to issue these as written:
    ipconfig /flushdns
    net stop "dns client"
    net start "dns client"
    ping localhost should now be working
    hmm from where to whom?
    * on the server as a client to the server's ftp service
    * ftp out to some public ftp service
    what's the infrastructure like; is there a staff controlling the network and the gatway router and or the firewall(s)?
  4. john97

    john97 TS Rookie Topic Starter Posts: 34

    Hi jobeard,
    IIS 7.0.6000.16386

    operating on vista business sp2
    ftp is the fillezilla client 3.3.0.1

    this setup run "perfectly", until mid afternoon approx 8 days ago

    I've just visited the link on application pools ... when I checked my IIS Manager, the DefaultAppPool was indeed off, I restarted and set to start automatically, and rebooted, checked the DefaultAppPool and it was on, opened IE - no access localhost or internet, opened FF - access internet, but not localhost ... looked at IIS Manager again and the DefaultAppPool was off ...grrr

    the host file is as you suggested, indeed we loaded a new host file during the malware process with Kimsland on this forum to be sure it was clean

    followed your ipconfig, net stop and net start

    the ping of localhost failed with a message of "ping could not find host localhost". (I just noticed that I can not ping any site by name, but can by ip address)

    I'm using ftp client to place files in a web hosting server - external to me ... this has worked for a long time, but like the IE, local host, etc. ... all began failing last week

    there is no staff controlling any part, other than the local ISP ... I've moved to use four different connections - 2 public and 2 private, the private routers / modems have been reset ...
  5. jobeard

    jobeard TS Ambassador Posts: 13,410   +314

    Good :)
    OK; needs a solution
    MAJOR Connectivity issue (for all external access :( ) This is a DNS issue
    We need to solve the connectivity for your Browser and Email before we can expect very much from IIS or any other application

    A) what is the make/model of your router please
    B) log into your router conf page; I need the gateway address, mask, and DNS addresses provided by your ISP.
    C) then get the configuration seen by windows using ipconfig /all >mytcp.txt
    and attach mytcp.txt to your followup; it will be located at %userprofile%\mytcp.txt
  6. john97

    john97 TS Rookie Topic Starter Posts: 34

    how can I log into my router conf page?
  7. jobeard

    jobeard TS Ambassador Posts: 13,410   +314

    give me (A)+(C) and I can tell you how to get (B)
  8. john97

    john97 TS Rookie Topic Starter Posts: 34

    modem/router

    a) modem from my ISP is a speadstream 4200, I also have a d-link dir655 router
    (another pc also running vista is working fine on this config)
  9. john97

    john97 TS Rookie Topic Starter Posts: 34

    b) router = Subnet Mask : 255.255.255.0, Default Gateway : 192.168.2.1, Primary DNS Server : 192.168.2.1, Secondary DNS Server : 192.168.2.1
  10. jobeard

    jobeard TS Ambassador Posts: 13,410   +314

    no, those are the Windows Settings, not the Router settings.
    Notice Gateway = Primary = Secondary =all= 192.168.2.1, the address of the router as seen from your Lan systems.

    You also have IPv6 running
    Link-local IPv6 Address . . . . . : fe80::c1d9:d571:3d15:3223%14(Preferred) ​
    which I would disable --
    ipv6 uninstall
    -- but let's continue

    The true DNS is therefore only seen in the Router Config

    Ok, lets address the speadstream 4200 first.
    Connect your system directly to the speadstream 4200 and use your browser ...
    I believe the speadstream 4200 config is found by
    http://192.168.254.254/
    The default username is admin and default password is admin​
    If you can login, be sure to change that password! or someone on the Internet will take over :(

    now find the WAN side information and report
    The gateway, mask, primary and secondary DNS addresses
  11. john97

    john97 TS Rookie Topic Starter Posts: 34

    Please excuse.

    when I use ipv6 uninstall as an administrator at the command prompt, I receive " 'ipv6' is not recognized as an internal or external command, operable program or batch file. "

    I'm now wire connected directly to the speedstream ... http://192.168.254.254 gives me: "The connection to the server was reset while the page was loading."
     
  12. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    The ipv6 is in your network connections (right click on the connection > properties) That's where you uninstall that

    Try: http://192.168.2.1 to connect to the speedstream
  13. john97

    john97 TS Rookie Topic Starter Posts: 34

    thanks Kimsland,
    192.168.2.1 works fine
    the addresses are:
    Subnet Mask: 255.255.255.255
    DNS Server Address #1: 207.164.234.129
    DNS Server Address #2: 207.164.234.193
    Modem IP Address: 192.168.2.1
    I don't see any reference to the gateway though in any of the options
  14. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    I must rush off, but please call your ISP (Internet Service Provider) and confirm those DNS entries are correct to your connection with them
  15. john97

    john97 TS Rookie Topic Starter Posts: 34

    another ipconfig file when attached directly to the speedstream
  16. john97

    john97 TS Rookie Topic Starter Posts: 34

    just spoke with my ISP ... they cfm'd the addresses
  17. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Well the DNS entries are not matching up with your network properties (right click on you network connection> properties > tcp/ip settings

    Have you got another computer on the Network working, just to check these settings are exactly the same? (except IP address of course)
    I just use Automatic settings as a standalone computer
  18. john97

    john97 TS Rookie Topic Starter Posts: 34

    I removed this pc and plugged another pc running vista into the speedstream ... the ipconfig file list the ipv4 address as 192.168.2.10, subnetmask as 255.255.255.0, default gateway as 192.168.2.1 ... ff, ie and ftp are all working on that pc
  19. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    And these are the same as well:
    Also do this:
    Manual steps to repair or to reset Winsock for Windows Vista users
    1. Click [​IMG], type cmd in the Start Search box, right-click cmd.exe, click "Run as administrator", and then press Continue.
    2. Type netsh winsock reset at the command prompt, and then press ENTER.
    3. Type netsh int ip reset at the command prompt, and then press ENTER.
    4. Type netsh interface ip delete arpcache at the command prompt, and then press ENTER.
    5. Type Exit, and then press ENTER.
    Restart
  20. john97

    john97 TS Rookie Topic Starter Posts: 34

    Kimsland
    You are the god! Once I used all your netsh commands and opened IIS Manager to start the DefaultAppPool - everything is now working again. I am truely amazed. Your patience with me during the past several days with malware and now with this thread has been awsome. I wanted to just throw this pc - but your persisted. I'll never be able to do enough to thank you - but please accept my humble "thanks". I'll never stop talking about this one!
    John
  21. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Wow, Thanks john97 :grinthumb

    Actually due to jobeard's advice above, I just got to thinking about it more
    So many minds together does actually work :)
    And I had a little luck that you had another (working) available computer handy too ;)

    Thanks for the update.
  22. jobeard

    jobeard TS Ambassador Posts: 13,410   +314

    wonderful :wave: Yea the Ipv6 uninstall was for Win/xp and I forgot you're on Win/7

    $ nslookup 207.164.234.129
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Name: mtrlpq02dnsvp1.srvr.bell.ca
    Address: 207.164.234.129

    so if your ISP is bell.ca then this is correct

    I would still like to see the WAN side conf for the speedstream.
    The gateway *must* be an address related to bell.ca and the mask must allow
    access to the dns addresses


    Personally, I have force my router to use
    DNS Servers . . . . . . . . . . . : 208.67.222.222
    ......................... 208.67.222.220
    which belong to the OpenDSN project.

    This should provide immunity from DSN Hijacking
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.