Phoenix said:
Hey, Hope someone can help as this has been driving me
nuts for 3 days now. My home PC is on Win XP Pro. My
internet connection is through 'always on' broadband.
Now I can't be absolutely sure but I'm this problem
appears to have occured since I last downloaded and
installed a MS Windows update (via the manager that sits
in the system tray). What happens is my broadband
connection is showing as connected fine but when I launch
IE, I just get 'Page cannot be Displayed' error whatever
site I try and get onto. Now I have experienced spyware
that changes your homepage etc but this isn't happening
this time. I just don't get my pages loading at all.
In addition to the MS Update culprit suspicions, I found
various Mal and Spyware after scanning my computer. I
have managed to clear a considerable amount of this off
my machine (including registry)but still have the
following that I am struggling to shift no matter what
utilities I try: Alexa Related (replace file), Cydoor
(replace file), Lop (file) and WMP - client ID (reg
change). I have done a virus scan on the machine (AVG)
which came up with nothing.
Any help would be hugely appreciated as I am still unable
to get online. I have the ability to download anything
anyone my suggest as I am on my work PC at the moment and
have my emergency laptop at home as backup!
Please please please someone come up with something new
for me to try or tell me you've had the same experience
and know how to come through to the other side!
===============================================
I have been running XP Pro for over a year now and have installed
every critical update, every Windows update, and every driver update
that has been available from the Windows Update site. No problem.
So it is my humble opinion that people who do get into trouble after
doing a Windows Update get into that trouble because they are finally
forced to do a reboot and whatever virus or spyware that has been
lurking around on their system suddenly activates and starts causing
problems and they of course blame the Windows Update. For you to
have actually detected spyware and still think your problem may be due
to the Windows Update makes no sence to me. Of course it is the
spyware that has caused your Internet browsing problem. It is also
possible that your winsock keys in the registry may be damaged.
Consider trying the following suggestions:
Control Panel | Internet Options | General tab
Delete all cookies
Delete all temporary internet files
(include all offline content)
Remove all Downloaded Program Files
To do that, you click on that "settings"
button and then click on the "View Objects"
button and then right click and choose remove
for all of them, if any, one at a time.
Close the Downloaded Program Files window,
Click OK to the Settings window.
Now clear History
Now click on the "Advanced" tab at the top
of Internet Options.
In the Browsing section, uncheck the box for
"Enable third-party browser extensions (requires restart)"
Click "Apply" and then "OK" at the bottom
of Internet Options
Close out of Control Panel
Restart the computer
Download one or both of these Anti Spyware programs
and install them, update them and scan your system
and delete any spywares that may be found. If you have a
working Anti Virus program, then update it and scan with it,
otherwise use one of these free online virus scanners:
Ad-aware 6.0 build 181
http://download.com.com/3000-2144-10214379.html?tag=list
Spybot - Search & Destroy 1.2
http://download.com.com/3000-2144-10194058.html?tag=list
Panda ActiveScan
http://www.pandasoftware.com/activescan/
TrendMicro Houscall Anti Virus Scan
http://housecall.trendmicro.com/
====================================================
Possible damaged winsock key damage:
Please read this whole reply before proceeding with any suggestions.
Issue:
on this XP Home/Pro computer,
when trying to browse the Internet,
you are getting "Page Cannot Be Displayed" and
when you go to the command prompt window
and run ipconfig /all, you get an APIPA in the form of 169.254.x.x.
Then immediately run ipconfig /renew, you get this error message:
"An operation was attempted on something that is not a socket"
If so, you have a damaged winsock2 key in the registry.
You should check System Information (winmsd)
START > RUN - type in winmsd and click OK
Expand Components / Network / click on Protocol -
if the section headings item of "Name" have a value
starting with anything other than MSAFD or RSVP
then that is probably what is causing the problem.
Examples:
MSAFD Tcpip [TCP/IP]
MSAFD Tcpip [UDP/IP]
RSVP UDP Service Provider
RSVP TCP Service Provider
MSAFD NetBIOS [\Device\NetBT_Tcpip...
and so on
It may be a third-party firewall or a Spyware or a Virus.
("New.Net" is a common spyware for example)
Make sure that MSCONFIG is in Normal Startup
and then see if uninstalling the third party firewall
(best done from its own uninstall program if available)
or the Spyware from Add Remove Programs will
resolve the issue. If it's a virus, then only an Anti Virus Program
will be able to deal with that.
You may want to try downloading either Ad-Aware 6 or Spybot
to another computer and then installing one of them on the infected XP
Home/Pro
computer and try to wipe out Spyware and see if that resolves the issue.
Ad-aware 6.0 build 181
http://download.com.com/3000-2144-10214379.html?tag=list
Spybot - Search & Destroy 1.2
http://download.com.com/3000-2144-10194058.html?tag=list
If none of that works or is possible, you could try this method
for replacing the winsock and winsock2 registry keys:
Uninstall any third-party proxy software or firewall programs before
proceeding.
Step 1: Delete registry keys
A)Open Regedit from the Run line
B)Go to both of the following keys, EXPORT each of them, and then delete
them:
(To export a key, you right click on it and choose "export" - you can choose
where to export them to -
DESKTOP is handy -
and you need to type in a file name such as "exported Winsock key" /
"exported WinSock2 key"
and then click on SAVE)
HKLM\SYSTEM\CurrentControlSet\Services\Winsock
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2
C)Restart the computer
NOTE: It is important to restart the computer after deleting the Winsock
keys.
Doing so causes the XP operating system to recreate shell entries for those
two
keys. If this is not done, the next step does not work correctly.
Step 2: Install TCP/IP on top of itself
A)Open the properties window of the network connection (Local Area
Connection)
B)Click Install
C)Click Protocol, then Add
D)Click Have Disk
E)Type the path to the \%systemroot%\inf folder (usually C:\Windows\inf) and
click OK
(if you try to click Browse, then browse to the \inf folder,
it may not show up in the list)
F)You should now see "Internet Protocol (TCP/IP)" in the list of available
protocols. Select it and click OK.
G)Restart the computer
When the computer reboots you will have functional Winsock keys.
If so, then be sure to delete the exported winsock and winsock2 reg files.
(You don't want to accidentally put them back in the registry)
Side effects and possible problems:
This method will restore basic functionality to the Winsock keys, but is not
a
complete rebuild. On a default install of Windows XP the registry key:
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\
Parameters\Protocol_Catalog9\Catalog_Entries will have 11 sub-keys.
When applying this method, the Catalog_Entries will only have 3 sub-keys.
However, it works and there does not appear to be any side effects.
The missing entries relate back to the:
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces key.
Also, third-party proxy software or firewalls may need to be reinstalled.
==========================================================