That IS weird. A simple DNS problem would not be going on for a week.

First thing is to run AV software and give the system the finetooth comb treatment with Spybot and Ad-aware. Also look for anything weird in your add/remove programs app.

If you want run hijack this and give me the log to make sure. Also check your hosts file XP path (C WINDOWSsystem32driversetc); open it in notepad and see what you have there, make sure 69.63.24*.* isn't blocked and really shouldn't even be in there. Once malware is elminated then you go on the warpath.

I'd call your ISP first and let them point the blame at the site so you have backing. Then call Soltis and give them the lowdown. When they try to point the finger to a DNS problem tell them it's been going on for a week. DNS issues last 36 hours maximum unless they have some rare case, but then they'd admit fault and give you an ETA. Then when they try to point back to the ISP you can say you already talked to them and they said there nothing blocked/wrong on their end.

They shouldn't have anywhere to go and be forced to help you.

~Rico

Spybot... clean
Ad-Aware... clean
Norton AntiVirus... clean
HijackThis!... finished
Suspicious Programs... see below
/hosts file... clean

I found "Comcast High-Speed Internet Install Wizard" in my Programs list, and since I already have Internet access working I tried to delete. The delete script was tagged by my AV scanner as a malicious script trying to delete a "Windows Script Host Shell Object". Whether this has anything to do with the problem or not, I don't know.

HijackThis! Log:

Logfile of HijackThis v1.99.1
Scan saved at 8:57:41 AM, on 5/15/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = 202.110.204.18:80
O1 - Hosts: 66.216.186.45 L2authd.lineage2.com #C3 Server
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:Program FilesViewpointViewpoint ToolbarViewBarBHO.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program FilesNorton SystemWorksNorton AntiVirusNavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton SystemWorksNorton AntiVirusNavShExt.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:Program FilesViewpointViewpoint ToolbarViewBar.dll
O4 - HKLM..Run: [diagent] "C:Program FilesCreativeSBLiveDiagnosticsdiagent.exe" startup
O4 - HKLM..Run: [UpdReg] C:WINDOWSUpdReg.EXE
O4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_06binjusched.exe
O4 - HKLM..Run: [Lexmark X1100 Series] "C:Program FilesLexmark X1100 Serieslxbkbmgr.exe"
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [ccRegVfy] "C:Program FilesCommon FilesSymantec SharedccRegVfy.exe"
O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe
O4 - HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [CloneCDTray] "C:Program FilesSlySoftCloneCDCloneCDTray.exe" /s
O4 - HKLM..Run: [DAEMON Tools] "C:Program FilesDAEMON Toolsdaemon.exe" -lang 1033
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program FilesCommon FilesAheadlibNMBgMonitor.exe"
O4 - Startup: BitTorrent.lnk = C:Program FilesBitTorrentbittorrent.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: ME101 Configuration Utility.lnk = C:Program FilesNETGEARME101 Configuration Utilitywlancfg.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O8 - Extra context menu item: &Viewpoint Search - res://C:Program FilesViewpointViewpoint ToolbarViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:Program FilesAIMaim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://cache.ysbweb.com/ist/softwares/v4.0/ysb_mp3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105973718171
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLMSystemCCSServicesTcpip..{5FB9992C-C0F2-4F5A-BAC2-94E56346B04F}: NameServer = 192.168.1.1
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:Program FilesCommon FilesMicrosoft SharedHelphxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSSystem32CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:Program FilesNorton SystemWorksNorton AntiVirusnavapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:Program FilesNorton SystemWorksNorton UtilitiesNPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:PROGRA~1NORTON~1SPEEDD~1nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe

I dunno, to me it looks like everything's fine. But at least now I have proof.

Another problem is that I can't contact Soltis (if they're even in charge, I really have no idea) since I can't get any contact information on their web site.

Nothing wrong that I can see. However before I was half-dead with bronchitis and now that I'm not dieing in my own mucus I actually LOOKED at those sites. The top one has this message.

Quote:

---

Relocation!
May 11th, 2006

We (Soltis Technologies) are currently moving our website address from soltis.sonic-online.com/ to soltistech.com/. Please bear with us if you find parts of the site occasionally have an error or two. Before long we hope to have this service up and running to its full potential.

Note: We will be emailing all clients with updated contact information which can be used when support, billing information, etc is needed.

Thanks for your patience.

Will
Soltis Technologies NOC

---

11th and you post on the 14th saying it had been going on for a week. Thats probably NOT just coincidence.

And in response to the original question I missed.

Quote:

---

We called the ISP, and some guy said it might have something to do with Comcast's port being blocked on the server, but how does that happen? How could I get in contact with the server and tell them, well, to cut it out?

---

They were either BSing you or didn't know what they were talking about. There is no "Comcast port" to block. You have an assigned IP address that changes... with cable probably once a month or so. From there you use ports like 80 for httptraffic, 25 for SMTP, 23 for telnet, and 21 for FTP to access parts of sites.

What they COULD mean is that Soltis has blocked your IP from those sites or your ISP from those sites.

What I would do:

Contact another of the staff. I've seen tons of stuff stored on those servers even from our board members so if you don't know anyone that got the contact/support info soltis's website refers to then, off the top of my head, ask Ron or Craig. Once you have that contact info and are sure noone on the staff screwed with the servers last week go after the hosting service.

If nothing else the listed contacts for soltistech.com are

Administrative Contact:
Bontetti, Louise dreams(NOSPAM)oceans78.fsnet.co.uk
P.O Box 5642
Contact Through E-mail
Contact Through E-mail, Contact Through E-mail IV2 6WH
UK
+44.000000

Technical Contact:
Technical, PIPEX services(NOSPAM)123-reg.co.uk
Portland Street
Beeston
Nottingham, Nottinghamshire NG9 2LP
UK
+44.1159170000 Fax: +44.1158770213

(NOSPAM)=@

Make sure and tell them you are in contact with both you ISP and the website staff and there are no problems with EITHER of them. Also tell them you help operate the site and do have a lot of traffic with it. Ask them to check and make sure they haven't limited access to the site from your IP address, address block, or ISP.

~Rico

OT, but Rico, who drew that new avatar, and is there a full version of it?

Thanks, Rico. I'll start getting on some arses about this.

In regards to the OT, it looks like Nori's work, or at least the colouring style. Hard to tell with just a bust shot.

SH, down boy.

~Rico

Sonic Kingdom dies painful deaths on an almost-monthly basis. As a consequence, all sites on the network die too. Meh. XD

well its not dead here so its a different problem.

~Rico

A possible update:

EMAIL: No one replied after 48 hours, so I sent it again to both account listed above.

Also, I was working out the problem with a friend, and he had me do a tracert, which I strangely haven't done before. After it hits the Backbone, this is what I get:

 tracert sonicverseteam.com  7    36 ms    38 ms    50 ms  tbr2-p013801.attga.ip.att.net [12.123.20.174]  8    35 ms    34 ms    33 ms  tbr1-cl13.dlstx.ip.att.net [12.122.2.89]  9    35 ms    36 ms    44 ms  ar8-p3120.dlstx.ip.att.net [12.123.16.161] 10    36 ms    35 ms    35 ms  12.119.136.14 11    58 ms    33 ms    32 ms  vl31.dsr01.dllstx3.theplanet.com [70.85.127.29] 12    47 ms    40 ms    35 ms  vl21.dsr01.dllstx2.theplanet.com [70.85.127.67] 13    32 ms    50 ms    37 ms  vl1.car06.dllstx2.theplanet.com [12.96.160.20] 14    47 ms    35 ms    63 ms  46.e8.2945.static.theplanet.com [69.41.232.70] 15     *        *        *     Request timed out. 16     *        *        *     Request timed out.et al ad nauseum

The problem has persisted for over two weeks now - and my emails haven't been responded to in over one, despite being resent three times.

Technical issues, aside... I'm really at my wit's end. I have no idea what to do now, except from sending them emails every day.

The next hop is the last one on the tracert.

thames.sonickindom.net [69.93247.37]

It's looking more and more like its soltis. Tell Ron to contact them, or just move the dang server. Or I'll spank him. No... He'd like that.

~Rico

Sigh, actually that would be the server that comes from Soltis, but actually belongs to Shayne Thames, webmistress of Sonic Kingdom, from whom SVT, Sonic Stadium, and the rest get their webspace. She was the first one I talked to, but had absolutely no idea what was going on, either. But, her name is on the thing, so there's something going on there, too.

Seriously, how hard is it to just know what's going on with your own server?

Tiima bussa cap.

I yrowled at that lazy white furred dork. If this is kinda service you guys are getting for that price you may wanna mosey on over to Lighthead's space. Before godaddy.com pisses me off again and I take up all the room, and note I'm only paying half of what you guys are.

~Rico

Is that why Shayne didn't want to talk to me yesterday? XD

Doubt it. Unless Ron was crying about me beating him to her.

~Rico

Well, uh... s'All fixed now. Ron told them to reset their firewall, and I woke up this morning to find my access privileges restores.

Why they didn't want to talk to me, I don't know. But everything's fine now.

If they think they're going to lose business, they usually get off their asses.

Glad to see it got fixed.

~Rico