Ok, so I have been using my same router combo for awhile now, and now often webpages that used to be accessible are giving a 500 Server error in both IE7 and FF3 along with firefox giving a 502 bad gateway when attempting to search from the address bar. I had fixed some issues where webpages would load forever then give a page load error until i changed the proxy to auto in firefox. Are there any ideas on how to fix this so i can access the webpages i need to use to help my exam prep?
:banghead:

Just wondering again if anyone has any ideas as I have fixed it somewhat, but other issues have either returned or remained. It is not the modem or the router as another computer on this network can access the websites, but in this computer, certain websites will fail to load in both IE and FF, along with websites randomly giving 500 Server errors for no reason, but work hours later, along with returning a bad gateway occassionally instead of an error page.

have you cleared your temp files, cache?
reset your router?

Yes, I do that all of the time on here in both browsers, and have reset the router and modem numerous times figuring that is where the issue was but tried another computer on the home network here and it has no issues, so the issue I suppose has to be with something on this computer.

have you ran virus and spyware checks?
spybot and malwarebytes are the 2 to run, although MB i feel is better

You can also try and flush the dns cache :



In Microsoft Windows, you can use the command ipconfig /flushdns to flush the DNS resolver cache:

C:\>ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.


Also double check your network settings on the pc - if you're running dhcp, have your router reserve the ip address for that computer. On the computer, setup the network as if it was a static address (enter in the ip address/subnet/gateway/dns server).

I have run spybot and windows defender, giving nothing. Running avast scan and malwarebytes scans now. Avast usually catches everything for me when it appears but I will let it run, it just takes awhile because I have too many hard drives.

i would run a trendmicro scan instead of avast

also as above flush the DNS

I had similar problems yesterday. I installed the FF update and afterwards I had issues. It was taking forever for pages to load up. Google and Gmail wouldnt open at all. I also couldn't connect to update my virus software.

For me, I changed my security level in FF from medium down a bit.. After that, for whatever reason, everything started working again.

alright, flushed DNS, nothing, messed up the router settings and lost all connectivity :banghead:, had changed to static ip and put in dns servers, no dice there, avast still going, same with malware. Main websites still not working, piratebay and mininova failing to load, last week it worked by changing FF from no proxy to auto, now nothing.

Remove router, connect direct to modem (DHCP in that case) just to eliminate the router.

have the scans detected anything?

can also try google chrome as well

do you get the same problem w/o a router?

Originally posted by schocker
alright, flushed DNS, nothing, messed up the router settings and lost all connectivity :banghead:, had changed to static ip and put in dns servers, no dice there, avast still going, same with malware. Main websites still not working, piratebay and mininova failing to load, last week it worked by changing FF from no proxy to auto, now nothing.

Revert settings back to what they were - most likely DHCP. Load up command prompt

Try to ping your gateway (whatever the ip on your router is, ie: 192.168.0.1)
Try to ping: 209.85.171.104

try to load this into a browser: http://209.85.171.104/

Direct modem connection has the same issues, will reconnect now. I can ping that ip though and the link does work.

Originally posted by schocker
Direct modem connection has the same issues, will reconnect now. I can ping that ip though and the link does work.

You can ping both ip's? That second ip is the ip address for google ... if you can ping google but you can't load http://209.85.171.104/ into a browser im stumped. You are putting the http:// infront of it when you are entering it into a browser right?

I can ping my router, and i can ping google and the link did work sorry. One item sofar from malwarebytes, it is still scanning my music though, avast has found nothing but it is only 15% done.

can you access secure sites? (https)

Originally posted by schocker
I can ping my router, and i can ping google and the link did work sorry. One item sofar from malwarebytes, it is still scanning my music though, avast has found nothing but it is only 15% done.

Your issue appears to be DNS if you can load that ip address into a browser then. Can you go back into your network config for the computer, enter the ip address for your router into the Primary DNS server (ie: 192.168.0.1). Then go back into your browser and try to load a website... if it doesn't work, revert it back to where it was.

Make sure your DNS Client service is started as well - if you're running Vista up up the start menu, type services. Open up services, go down to DNS Client and if it's not automatic/started, set it to automatic and start it.

Edit: sorry, it could also be a virus/malware messing with your DNS.

What OS are you running on the machine?

Sait secure site works, tried say hotmail, connection failed invalid security certificate. Router ip is showing as dns for the computer, also changed it for the static dns 1 on the router, still nothing, the shaw ones are also showing up on the computer properties. none for ipv6.

dns service is running and automatic start up.
os is vista home premium sp1

btw are you running shaw secure on your comp?
if so uninstall it

Nope, I would never install that.
Ok, so Kernel32 had Win32:Lighty-H, moved and renamed.
Said some files were decompression bombs :dunno:

are the scans complete? any change?

malwarebytes found a few small files, all deleted, no changes:dunno:

I'll pm you my EE account and you can ask the question there if you want

do websites load fine in safe mode w/ networking?

What is this EE adam.
I did not try safe mode because it is only a few websites, and the errors are random as say my downloading is not affected and the majority of websites work properly.

www.experts-exchange.com

Check your host and lmhost file making sure there's nothing naughty in it?

Talked to Alterac, he thinks (and I agree) you probably have some kind of malware - a dns hijacker of sorts.

The malware/spyware removers you've been running, were you able to get proper updates for them?

he ran spybot and malwarebytes already

Yes, all were updated this morning to the latest definitions.
Malware bytes, spybot, windows defender and avast to check for viruses.

Run HiJackThis - post results - maybe something else running that we can't see.

Yah I just ran it, I cant see anything, I wouldnt really know what to look for though.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:28:07 PM, on 12/18/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Avast4\ashDisp.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Malwarebytes\mbam.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tvlistings.zap2it.com/tvlistings/ZCGrid.do?method=decideFwdForLineup&zipcode=T3B4H3&setMyPreference=false&lineupId=0008100:-
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com.libresources.sait.ab.ca/lib/sait/support/plugins/ebraryRdr.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10177 bytes

anyways, did you want to use my account?

Possibly, if you think it might help and you wouldnt mind.

ygpm

sorry dude, i don't see anything odd in there - see if anyone on EE can help using adam c's login

I have posted the question and will wait and see. I have never run across this issue before and nothing appears to be wrong, very weird. Thanks for the help sofar though guys, especially since I should be studying for my finals tomorrow.

Originally posted by schocker
I have posted the question and will wait and see. I have never run across this issue before and nothing appears to be wrong, very weird. Thanks for the help sofar though guys, especially since I should be studying for my finals tomorrow.

any update? I'm curious as to what the problem was

Originally posted by Xtrema
Check your host and lmhost file making sure there's nothing naughty in it?

Well I have found my host and lmhost file, I believe I might have found the error as it says:

#FuckYou
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost
127.0.0.1 www.mininova.org
127.0.0.1 www.mininova.com
127.0.0.1 www.thepiratebay.org
127.0.0.1 www.suprbay.org
127.0.0.1 mininova.org
127.0.0.1 mininova.com
127.0.0.1 thepiratebay.org
127.0.0.1 suprbay.org

i am so dumb, good work xtrema, was probably the riaa.
Thanks for the help everyone.

#FuckYou

:rofl:

LOL

As soon as I saw that I figured I had found it. :rofl:
Now I wonder what changed it and if it still remains somewhere on my system:dunno:

Originally posted by schocker
probably the riaa

or someone who shares your internet connection (either in the house, or wifi) and is tired of you sucking up all the bandwidth and making their porn really really slow. Nobody likes slow porn.

Edit: interesting that you're getting 500 Server error and 502 bad gateway error messages from 127.0.0.1, are you running a webserver on this machine? Maybe the router is redirecting something... either way, it is odd... should just say "server not responding".

haha, no, the other computer on the network is never really on since the monitor was broken. No webserver, this computer is devoted soley to beyond, games and school work. Bad gateway wasnt even a normal error in firefox, just a white screen saying bad gateway with an error, this was when using the search bar to go to pages say typing in futureshop and it would take me there, but instead would go http://futureshop/ and return a bad gateway.