Jon Tydda
jon at tydda.plus.com
Thu May 5 15:17:40 CDT 2005
That's pretty cool Marty, do you know if it works for 2000 as well? Jon -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of MartyConnelly Sent: 05 May 2005 21:13 To: Discussion of Hardware and Software issues Subject: Re: [dba-Tech] Compromised Internet Explorer? I found a reference to winsockfix in this forum site I often visit for XP problems http://www.windowsbbs.com http://www.windowsbbs.com/showthread.php?t=44261&highlight=winsockfix I usually read through posts here for caveats on windows utilities before I try or download and sure enuff I found one with a pointer here http://www.tek-tips.com/faqs.cfm?fid=4625 Special Note For Win XP Service Pack 2 Users: Service Pack 2 adds a new command to repair the Winsock corruption problem that can be caused by adware, spyware, or some other causes. You should use this instead of the utility WinsockFix: netsh winsock reset catalog Using this command should normally not do any harm, so if you have unsolvable connection problems or spurious disconnections, try it. It does remove all nonstandard LSP (Layered Service Provider) entries from the Winsock catalog, which are usually adware or spyware entries, but if you happened to have a legitimate one installed, it would also be removed and would have to be reinstalled. If you're really curious, you can use the command: netsh winsock show catalog before and after resetting the catalog to find out whether any entries were in fact removed and which ones these were. Another way to get at the same information is to run winmsd and select Components, Network, Protocol. The Layered Service Providers in the list should be of the MSAFD or RSVP ... Service Provider type. All others are likely malevolent and should disappear after the reset command shown above. WinSockFix http://www.softpedia.com/public/cat/12/4/12-4-47.shtml WinSockFix offers a last resort if your Internet connectivity has been corrupted due to invalid or removed registry entries. It can often cure the problem of lost connections after the removal of Adware components or improper uninstall of firewall applications or other tools that modify the XP network and Winsock settings. If you encounter connection problems after removing network related software, Adware or after registry clean-up; and all other ways fail, then give WinSock XP Fix a try. It can create a registry backup of your current settings, so it is fairly safe to use. John Bartow wrote: >That rings a bell. I think someone recently posted something to that effect >on this list. > > >John B. > > >-----Original Message----- >From: dba-tech-bounces at databaseadvisors.com >[mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Perry Harold >Sent: Thursday, May 05, 2005 1:40 PM >To: 'Discussion of Hardware and Software issues' >Subject: RE: [dba-Tech] Compromised Internet Explorer? > >Steve > >I had a problem somewhat similar when one of the spyware protectors deleted >some spyware that was on the machine and in the process the winsock was >hosed. Couldn't get to Windows Update and most of the time could not get >IE6 to work at all. Tried Firefox and it wouldn't work either. > >I don't recall the site but I searched with Google and found a program to >reset the winsock - something like winsockfix.exe or similar. Sorry - can't >locate whether I saved it or not. > >Perry Harold > >-----Original Message----- >From: dba-tech-bounces at databaseadvisors.com >[mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Steve Erbach >Sent: Thursday, May 05, 2005 9:55 AM >To: Discussion of Hardware and Software issues >Subject: [dba-Tech] Compromised Internet Explorer? > > >Dear Group, > >I'm working on a PC that belongs to my wife's best friend. I've gone through >all the standard routines: Trend Micro Housecall on-line virus check, >Windows System File Checker, update to Windows XP SP2, download and install >Windows Anti-Spyware Beta, Gibson Research SpinRite 6, update Ad-Aware SE >and run it, and even repair the Windows XP installation. My only concerns >with this system are: 1) that Norton Anti-Virus 2005 doesn't start properly >and I don't have the lady's installation CD; 2) that the ZoneAlarm Pro >subscription expired almost two years ago; and 3) that the Windows Update >site doesn't work. > >Regarding #3, When I get to the page that says that it checks for the latest >version of the Windows Update software, there is a flurry of "activity" in >that the progress bar in IE 6 goes all the way to 100%...but the "checking >for latest version" screen doesn't go away. My suspicion is that IE itself >is compromised. > >I used an XP SP2 upgrade CD that I have, hoping that it would take care of >the problem. But after I ran Belarc Advisor and saw that a good dozen of the >Windows security updates had NOT been installed, I went to the individual >Microsoft KB articles on the upgrades and clicked on the links to get the >security update...and each time I was directed to the Windows Update page >where it doesn't go past the "Checking for the latest version of the Windows >Update software..." stage. > >For what it's worth, this copy of IE is "branded" with the original ISP that >the lady signed up with, ComCast. I see that logo in the upper right-hand >corner of the IE window instead of the Windows logo. > >Something is stopping this PC from being updated in the normal way. I have >also set the automatic updates option, but when I open the Security Center, >it shows that the automatic updates option has not been configured. If I >click on 'Turn on automatic updates,' I see >this: > >"We're sorry. The Security Center could not change your Automatic Updates >settings. To try changing these settings yourself, go to System in Control >Panel. On the Automatic Updates tab, select Automatic (recommended), and >then click OK." > >Needless, to say, that's how I tried to change the setting. If I go to >System and look at the Automatic Updates tab, first of all it takes FOREVER >for the Automatic Updates tab to actually show its information. Last night I >waited it out. Several minutes went by and then I saw the Update >information. It was set to Automatic Updates, but I wanted to change the >time that it would check for updates. So I changed it to 11:00pm and clicked >Apply. I had to wait another interminable time before I could click OK. >We're talking 20 minutes or so in total for those two simple acts: click the >Automatic Updates tab and Apply the new setting. > >Clearly something is compromised. If it's Internet Explorer then, what? Do I >have to re-install Windows from scratch? I would recommend doing that to >this lady since the drive is formatted as FAT32, not NTFS....but, like, I've >spent way too much time on this already. > >Anybody ever see anything like I've described? >-- >Regards, > >Steve Erbach >Scientific Marketing >Neenah, WI >www.swerbach.com >Security Page: www.swerbach.com/security >_______________________________________________ >dba-Tech mailing list >dba-Tech at databaseadvisors.com >http://databaseadvisors.com/mailman/listinfo/dba-tech >Website: http://www.databaseadvisors.com > > >_______________________________________________ >dba-Tech mailing list >dba-Tech at databaseadvisors.com >http://databaseadvisors.com/mailman/listinfo/dba-tech >Website: http://www.databaseadvisors.com > >_______________________________________________ >dba-Tech mailing list >dba-Tech at databaseadvisors.com >http://databaseadvisors.com/mailman/listinfo/dba-tech >Website: http://www.databaseadvisors.com > > > > -- Marty Connelly Victoria, B.C. Canada _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com -- This email has been verified as Virus free Virus Protection and more available at http://www.plus.net