Solved Pinging - Wrong IP (tracert shows problem)

xtremeIX

Member
I'm trying to setup remote desktop to my wife's laptop from a desktop PC we have and I'm having some trouble. My desktop PC computer name is xtremeIXPC and my wife's laptop computer name is Brooke-PC I was able to narrow down the problem to the wrong IP address being returned when I ping her laptop with the command "Ping Brooke-PC" (returned IP was 184.106.31.166). Since I was getting the wrong IP address I did the following command "tracert Brooke-PC" and it went outside my network (over 30 hops) and looks like it went to Las Vegas, Denver, and then Chicago eventually finding the IP address...these names were in the hops. So I disconnected the Internet from my router and then everything worked as expected. I was able to Remote Desktop into my wife's laptop and when I pinged her computer the proper IP address came back (returned IP addres was 192.168.2.8). As soon as I connected the Internet everything went back to Vegas, Denver, and Chicago. Any ideas???

I'm running Windows Vista x64 Business on both PC's, I have a Belkin n+ router, and I have Charter as my ISP.
 

My Computer

Hi,

You could disconnect one of them & ping your server (DNS) from each PC & see which one is infected as this all sounds a bit suspect to me.

Download Malware bytes & check both systems: -

Malwarebytes

What antiVirus & firewall software are you using? Once you know what you have there will be more suggestions to come & this will indicate where to go or what to do!
 

My Computer

System One

  • Manufacturer/Model
    HP-Pavilion m9280.uk-a
    CPU
    2.30 gigahertz AMD Phenom 9600 Quad-Core
    Motherboard
    ASUSTek Computer INC. NARRA3 3.02
    Memory
    3582 Megabytes Usable Installed Memory (4 Gig)
    Graphics Card(s)
    ASUS NVIDIA Geforce GTS450
    Sound Card
    Realtek High Definition 7.1 Audio (HP drivers)
    Monitor(s) Displays
    HP w2408 24.0" (Dual monitor)
    Screen Resolution
    1920 * 1200, 1920 * 1200
    Hard Drives
    3*500 Gigabytes Usable Hard Drive Capacity
    Plus 2x USB (160Gig each) external HDD
    BluRay & DVD Weiters
    HL-DT-ST BD-RE GGW-H20L SCSI CdRom (Bluray RW) Device
    AlViDrv BDDVDROM SCSI CdRom (Blueray) Device
    TSSTcorp CDDVDW TS-H653N SCSI CdRom
    Internet Speed
    40 Meg
My current security is Microsoft Security Essentials. On top of that I have Malware Bytes and I also run CCleaner on a weekly basis. I was able to resolve the problem by performing the following:

I went into my router and changed the default DNS servers (Belkin N+ router) to use Google DNS. Once I did this all of the problems disappeared; I was able to ping and receive the appropriate IP address from my wife's laptop and my desktop. I'm wondering if I had some false DNS servers or what? I clicked the checkbox in my router that said use the default DNS servers. Hmmmmm.
 

My Computer

Hi,

Not sure how that could have occurred though without human or malicious activity.

Glad you have managed to find the solution to the problem.

I will mark this thread as solved.
 

My Computer

System One

  • Manufacturer/Model
    HP-Pavilion m9280.uk-a
    CPU
    2.30 gigahertz AMD Phenom 9600 Quad-Core
    Motherboard
    ASUSTek Computer INC. NARRA3 3.02
    Memory
    3582 Megabytes Usable Installed Memory (4 Gig)
    Graphics Card(s)
    ASUS NVIDIA Geforce GTS450
    Sound Card
    Realtek High Definition 7.1 Audio (HP drivers)
    Monitor(s) Displays
    HP w2408 24.0" (Dual monitor)
    Screen Resolution
    1920 * 1200, 1920 * 1200
    Hard Drives
    3*500 Gigabytes Usable Hard Drive Capacity
    Plus 2x USB (160Gig each) external HDD
    BluRay & DVD Weiters
    HL-DT-ST BD-RE GGW-H20L SCSI CdRom (Bluray RW) Device
    AlViDrv BDDVDROM SCSI CdRom (Blueray) Device
    TSSTcorp CDDVDW TS-H653N SCSI CdRom
    Internet Speed
    40 Meg
My current security is Microsoft Security Essentials. On top of that I have Malware Bytes and I also run CCleaner on a weekly basis. I was able to resolve the problem by performing the following:

I went into my router and changed the default DNS servers (Belkin N+ router) to use Google DNS. Once I did this all of the problems disappeared; I was able to ping and receive the appropriate IP address from my wife's laptop and my desktop. I'm wondering if I had some false DNS servers or what? I clicked the checkbox in my router that said use the default DNS servers. Hmmmmm.

Is this a wireless setup? If so, is the router secured to prevent anyone close enough (like in a car on the street in front of your house or sometimes even a neighbor if the signal is powerful enough) from accessing it and making unauthorized changes? The system should tell you if the connection is secure or unsecure. Be sure to secure it if it isn't already.

Is Windows Firewall up and running on all PCs? Have you examined the exceptions being permitted to remove any you don't use or really need - thus closing down potential entry points into your systems? Please take a look and pare it down to only the essentials you require.

If the problem occurs again, then I'd have to say you may be infected (or hacked) despite nothing detected by MSE or MBAM and would then try a few other free programs to check if anything is discovered - uninstalling the current program to use the new one each time since you don't want more than one AV program (this does not apply to AM or AS program) running on your system at the same time or it can cause comflicts or freezes or other problems. Use removal tools when appropriate http://www.raymond.cc/blog/archives/2009/05/05/comprehensive-list-of-uninstallers-or-removal-tools-for-antivirus-software/. You may also want to try the free Avira at: http://www.free-av.com/ and Avast at: http://www.avast.com/index. Reboot after completing all the scans. You may also want to try the free OneCare at http://onecare.live.com/site/en-us/center/whatsnew.htm and let it run all the options (except the registry cleaner) because that’s good maintenance (it will take some time to complete but can be done in the background).

If nothing is still detected, I would post the situation in our Security Forum and let our security expert, Jacee, take a look using programs too sophisticated for most others (myself included) to confirm that you really are clean as changes like this that "magically" happen for no apparent reason are very often caused by some type of malware. While that's no guarantee (it could be something else though I honestly can't think of anything other than the security issue raised above), at least it rules it out as a cause and then we have the challenge of finding out what else might be causing this.

I hope this helps.

Good luck!
 

My Computer

System One

  • Manufacturer/Model
    Dell Inc. MP061 Inspiron E1705
    CPU
    2.00 gigahertz Intel Core 2 Duo 64 kilobyte primary memory
    Motherboard
    Board: Dell Inc. 0YD479 Bus Clock: 166 megahertz
    Memory
    2046 Megabytes Usable Installed Memory
    Graphics Card(s)
    ATI Mobility Radeon X1400 (Microsoft Corporation - WDDM) [Di
    Sound Card
    SigmaTel High Definition Audio CODEC
    Monitor(s) Displays
    Generic PnP Monitor (17.2"vis)
    Screen Resolution
    1920 x 1200 pixels
    Hard Drives
    Hitachi HTS541616J9SA00 [Hard drive] (160.04 GB) -- drive 0, s/n SB2411SJGLLRMB, rev SB4OC74P, SMART Status: Healthy
    Case
    Chassis Serial Number: 5YK95C1
    Keyboard
    Standard PS/2 Keyboard
    Mouse
    Logitech HID-compliant Cordless Mouse
    Internet Speed
    1958 Kbps download ; 754.8 Kbps upload
    Other Info
    Optiarc DVD+-RW AD-5540A ATA Device [CD-ROM drive]

    Dell AIO Printer A940

    Conexant HDA D110 MDC V.92 Modem

    6TO4 Adapter
    Broadcom 440x 10/100 Integrated Controller
    Broadcom 802.11n Network Adapter
    Microsoft ISATAP Adapter
    Teredo Tunneling Pseudo-Interface

    Router Linksys / WRT54G -01
Back
Top