A question for next time this happens

  • Thread starter Thread starter JohnTheGeek
  • Start date Start date
J

JohnTheGeek

Last weekend, one of the PC's in my network (it is an HP Pavilion
running Vista Home Premium) developed a very odd problem.
My solution was to reload from the recovery partition and that
has fixed the problem (obviously).

The issue was that dispite having a stable connection to the network
via wireless (i.e MSN Messenger and Weather Eye were both working),
no web sites would load. I tried both IE and Firefox but to no
avail. Turning off AV and Firewall (not the Windows firewall)
did not help.

Reloading should be (IMHO) a last resort, but this made no sense.
My connection was stable, and the "Diagnose connection problems"
via IE did not show me any problems.

So my question to the Vista gurus is: Where and what can I look
for if I see this again? Spyware/Malware is always a possibility,
but would they cause NO web pages to load?
 
JohnTheGeek said:
Last weekend, one of the PC's in my network (it is an HP Pavilion
running Vista Home Premium) developed a very odd problem.
My solution was to reload from the recovery partition and that
has fixed the problem (obviously).

The issue was that dispite having a stable connection to the network
via wireless (i.e MSN Messenger and Weather Eye were both working),
no web sites would load. I tried both IE and Firefox but to no
avail. Turning off AV and Firewall (not the Windows firewall)
did not help.

Reloading should be (IMHO) a last resort, but this made no sense.
My connection was stable, and the "Diagnose connection problems"
via IE did not show me any problems.

So my question to the Vista gurus is: Where and what can I look
for if I see this again? Spyware/Malware is always a possibility,
but would they cause NO web pages to load?
Click to expand...

One of the prime reasons for loss of Internet connectivity in Windows
machines is malware.

Malke
 
One thing you do notice about Malware, spyware, etc, is that although it
slows down your computer, a lot of it still tries to get you on to the Net to
buy something to supposedly eradicate it!

Just to add to your Security, have a look at the programs below.

http://www.spybot.info/en/index.html

Spybot Search & Destroy 1.6 is a very good, FREE Anti-Spyware Program.
Download, install, update, and immunize your System with it.
Then SCAN with it.
Update it, and scan your System once a fortnight.

http://www.javacoolsoftware.com/spywareblaster.html

SpywareBlaster 4.1 is a non-intrusive, FREE Anti-Spyware Program (no
scanning by you!).
SpywareBlaster prevents the installation of many so-called spyware, adware
and malware programs by disabling the CLSIDs of popular spyware ActiveX
controls, and also prevents the installation of any of them via a webpage
Update it once a fortnight.

http://www.malwarebytes.org/mbam.php

Malwarebytes is as the name says, a Malware Remover!
For the Free version scroll down their page to either download from
Download.com, or Major Geeks.com

Download, install, and update.
 
The next time this happens post a question here with the details. Someone
here can help you troubleshoot to find the cause. There are many reasons why
this could happen. Without performing some basic troubleshooting all anyone
can do is guess. My guess would be malware.
 
Possible problem with your Host file?
Dave
Click to expand...

I never thought to check that. I changed the host file on that laptop
a few days ago, but it was still working then. What is in the wild
that could modify the hosts file when it needs to be edited as
admin? I know there's stuff out there that can modify the host
file but doesn't it have to either disable UAC or become admin?
 
The next time this happens post a question here with the details. Someone
here can help you troubleshoot to find the cause. There are many reasons why
this could happen. Without performing some basic troubleshooting all anyone
can do is guess. My guess would be malware.
Click to expand...

Point taken. I did do a fair amount of stuff before I did the reset but
next time, I will post here and see if anyone can recommend less drastic
steps.
 
Did you check event viewer to see if anything was happenning to shut down
your http protocol?
Did you try to ping a website using cmd?
Click to expand...
Never thought to look at the event viewer (I'm a Unix guy, not Windows
enough to know all the steps). I did try a ping and it was fine.
 
For the Free version scroll down their page to either download from
Download.com, or Major Geeks.com

Download, install, and update.
Click to expand...
Hi Mick,

This laptop belongs to my significnt other and I have asked her to
promise to run adaware at least once a week. I had installed SB S&D but
if it's not being used/run regularly, there's no point in even having it
installed.
 
One of the prime reasons for loss of Internet connectivity in Windows
machines is malware.

Malke
Click to expand...

But not complete loss. As I said in my original post, a connection via
MSN was working as well as a connection to the local weathereye service
If malware was killing the connection, I would suspect to have no
connectivity, not even to the network, but her PC does/did show up as a
connected device.
 
Strange. I would say its the browser, but you tried two. Are there any
strange errors in the Event Viewer?
Click to expand...

As I said, I never thought to check the Event Viewer, and I should have
flushed the dns as well. Oh well, lessons learned.
 
I have seen that many times in XP.
Removing malware sometimes makes the LSP (layered security protocol)
invalid.
IM would work, but not internet in any browser.
Different fixes were available starting with downloading a utility called
lspfix.exe.
Running from the command line, netsh winsock reset then rebooting sometimes
fixed it.
Removing all network adapters then rebooting/reinstalling and redetecting
the network usually worked as well.
The common element was the Winsock & LSP files were rebuilt.
 
Just my two cents...

I support a number of machines, and every so often (more often than I'd
like) someone installs Firefox or another alternate browser. And sometimes,
somewhere in the settings, IE and the other browser argue over who's in
charge. The only solution is to remove the alternate browser, let IE do a
"Reset Settings" and all is normal again. I don't reinstall the alternate
browser since we don't support them.

Disclaimer: I have nothing against Firefox, Safari, etc. Most of the time
they coexist with IE with no problems. However, our internal intranet
applications run on IE, that's the way they're written. Under other
browsers they range from flaky to non-functional. I don't write them, some
are in house, some are from vendors. But I'm the one that gets called in
the middle of the night when one of the MDs can't check someone's lab
results because Firefox is the default browser and can't load the site.

Ferd
 
Back
Top