# Solved: Cannot connect to Internet, but can connect to my VPN?



## CarrieB36 (Apr 17, 2009)

*Johnwill *
*Help me please.... Carrie *
Hi there! I hope I don't sound too ignorant with my question....
Okay, yesterday got virus, removed it with a spyware program. I was on this site yesterday and followed something that a "tech guy" (IT WAS JOHNWILL) gave to another customerr regarding the cmd, ipconfig and I followed that and reset something in DOS.... don't ask why I did that.... I thought I was resetting my connections to default so my Internet would work....

Here is the weird thing, I *can* connect to my VPN for work no problem, and able to log onto the Internet *after and only when *the VPN is connected. If I unconnect my VPN, I *CANNOT LOG ONTO INTERNET ALONE!!!??? *Please help me !!!!

Can I *UNDO* what I did yesterday? This is what I did below yesterday:
I followed these instructions....
Reset WINSOCK entries to installation defaults: *netsh winsock reset catalog*
Reset TCP/IP stack to installation defaults. *netsh int ip reset reset.log*
and then I rebooted my machine....


----------



## srhoades (May 15, 2003)

You're internet is working otherwise you would not be able to connect to your VPN. I suspect your browser doesn't work because you still have remnants of your infection which is trying to redirect your DNS request to localhost:XXXX

I suspect the internet works when you are connected to your VPN because it is using the VPN gateway as the default when connected.

Download and post a hijackthis log to confirm the local proxy hijack.


----------



## CarrieB36 (Apr 17, 2009)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:33:12 AM, on 4/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\medent\bin\AdminService.exe
C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEService.exe
C:\WINDOWS\system32\svchost.exe
C:\medent\bin\WinVNC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEGui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [SonicWALLNetExtender] C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEGui.exe -hideGUI -clearReboot
O4 - HKLM\..\Run: [WinVNC] "C:\medent\bin\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo2.walgreens.com/WalgreensActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - https://as00.estara.com/UI/proxyhtt....69.12.178_52158&=&req=1226422084749OneCC.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://65.40.167.144/activex/AxisCamControl.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-latest.cab
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Medent Admin Service (MedentAdminService) - Unknown owner - c:\medent\bin\AdminService.exe
O23 - Service: SonicWALL NetExtender Service (SONICWALL_NetExtender) - SonicWALL Inc. - C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEService.exe
O23 - Service: VNC Server (winvnc) - Constantin Kaplinsky - C:\medent\bin\WinVNC.exe
--
End of file - 5055 bytes


----------



## srhoades (May 15, 2003)

I see this computer is on a domain. Is this a work computer?


----------



## CarrieB36 (Apr 17, 2009)

Yes, I use this computer for work, but also for my personal use. 
When I use it for work, I connect to my VPN first to allow me to use their system. However, when I open up the Internet now for my personal use, I cannot get on the Internet. The only way I can get on the Internet is if I am connected through my VPN first ??!! That was never like that before. I have had this on my computer for 5+ years. Now it seems as if I had changed the gateway default or something... does this sound right to you?

Did you see where I posted that I went into cmd, ipconfig and did a reset ? I am wondering if I should not have done that.... Can that be undone?


----------



## CarrieB36 (Apr 17, 2009)

This is what I did a few days ago.... can it be undone?

I went into RUN, cmd....ipconfig and typed in *netsh winsock reset *
*catalog*
*I also did this below....*
Reset TCP/IP stack to installation defaults. *netsh int ip reset reset.log*
and then I rebooted my machine....


----------



## srhoades (May 15, 2003)

Do this, when you are not connected to the VPN go to 

start > run > cmd > ipconfig /all

post the results.

Your computer may have been configure with a static IP, resetting the TCP and Winsock will usually remove a statically assigned IP.


----------



## Cooper11 (Apr 25, 2009)

I am having the very same problem. I can only connect to the internet when my VPN is connected. I attached below what I get when I type ipconfig /all Any help would be appreciated.

Windows IP Configuration



Host Name . . . . . . . . . . . . : Desktop1

Primary Dns Suffix . . . . . . . : 

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : gateway.2wire.net



Ethernet adapter {D5555246-AB3D-4EA9-B2B8-B028FD633EC1}:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Check Point Virtual Network Adapter For SecureClient - SecuRemote Miniport

Physical Address. . . . . . . . . : 54-C9-2E-6D-B4-03



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : gateway.2wire.net

Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-13-D4-0F-21-3D

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.2.10

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.2.1

DHCP Server . . . . . . . . . . . : 192.168.2.1

DNS Servers . . . . . . . . . . . : 209.226.175.223

198.235.216.134

Lease Obtained. . . . . . . . . . : April 25, 2009 2:53:07 PM

Lease Expires . . . . . . . . . . : April 28, 2009 2:53:07 PM


----------



## laPrairie (Apr 29, 2009)

Wow! After browsing thru various threads from early 2007 to date, I know I am not a lone. Good news is I just fixed the problem on my 3 systems (didn't do on the 4th one, but it should work too), and hope this works for you too. But here is a bit background of my problems:
1) newly switched from Cable to DSL service;
2) All my 4 PCs access web thru my wireless router which is attached to the DSL modem (which is also a wireless router but wireless feature turned off, since I don't want to waste time to replace my router).
3) all my computers won't access certain websites;
4) my notework CAN access these sites but ONLY thru my ATT client service (like the VPN), which gets me into the intranet system at work. After I close the ATT client service, it may still work for a little while and then gets slower and slower to final death in ~10min to a few hrs.

After failed and frustrated from trying all I could, I spent two hours today reading thru many threads over two years period with ~100 postings, I saw various techniques and tricks suggested and worked for some but not others. Armed with this vast info, I tried one thing and it worked like a charm. I repeated on 3 systems and was an instant fix and repeated on each system with no problem. Hopefully this is a permanent fix!

I am no computer techie, don't really understand too much, but the problem seems to be related to the DNS server address. I had manually created the IP address and DNS server address. Change both of them to Obtain them automatically, the dead websites came to life instantly! If this isnn't clear to you, try this: Properties (right click) on your Wireless Network Connect then select TCP/IP & Properties and then under the General tab, check Obtain IP and DNS server on auto. After you do this, you may lose wireless connection. Just refresh it and try your blocked websites.
Good luck everybody!


----------



## Cooper11 (Apr 25, 2009)

Thanks, it worked for me too. I am not sure why it stopped working with the ISP DNS addresses, but the automatic feature works. Thanks again.


----------

