Something keeps corrupting the WINSOCK on my XP-Pro Computers ...
Hi,
We are several sites throughout the city (WAN) and we are experiencing a very weird problem during the past 3 weeks.
1. We have several sites throughout the city, they all are part of our Enterprise Network, connected via the Internet and Broadband connection.
2. Each site have their own IP Subnet.
3. 3 weeks ago, 3 computers, each from different locations had problems connecting to the Internet, connecting to other local computers in the same subnet, and could not talk to any other external computer. So, after troubleshooting the problem we found out that by fixing the Winsock using the command NETSH WINSOCK RESET, will fix the problem.
4. A day or two later, other 5 computers, each from different locations starting doing the same thing, could not connect to anything, nor we could connect to these computers either remotely, like it was not plugged into the network.
5. Last week and today we have experienced the same with a couple of computers.
We want to know what may corrupt the winsock on a XP computer, randomly. We use panda for Antivirus, Firewall, Malware, etc protection, also we have scanned one of this computers with the problem using MalwareBytes and have found nothing. But the resolution is pretty consistant .... we solve it with NETSH WINSOCK RESET.
Any ideas?
Thanks!
We are several sites throughout the city (WAN) and we are experiencing a very weird problem during the past 3 weeks.
1. We have several sites throughout the city, they all are part of our Enterprise Network, connected via the Internet and Broadband connection.
2. Each site have their own IP Subnet.
3. 3 weeks ago, 3 computers, each from different locations had problems connecting to the Internet, connecting to other local computers in the same subnet, and could not talk to any other external computer. So, after troubleshooting the problem we found out that by fixing the Winsock using the command NETSH WINSOCK RESET, will fix the problem.
4. A day or two later, other 5 computers, each from different locations starting doing the same thing, could not connect to anything, nor we could connect to these computers either remotely, like it was not plugged into the network.
5. Last week and today we have experienced the same with a couple of computers.
We want to know what may corrupt the winsock on a XP computer, randomly. We use panda for Antivirus, Firewall, Malware, etc protection, also we have scanned one of this computers with the problem using MalwareBytes and have found nothing. But the resolution is pretty consistant .... we solve it with NETSH WINSOCK RESET.
Any ideas?
Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Danlein --- I will try your advise also. But, I really would like to know the Reason, I wonder what is causing so I can take further preventions, we know how to solve the problem with the NETSH WINSOCK RESET command.
Thank you again, I am following all advises in here ... Will return.
Vic
Thank you again, I am following all advises in here ... Will return.
Vic
Basically, when you remove adware, sometimes it "fixes" the winsock, causing errors... The tool I posted repairs it to its working state, and you should be good.
ASKER
I did run the ComboFix yesterday and it went well. Attached is the ComboFixlog.txt created. Please remember that I am looking for the WHY and the reason that my winsock on My XP-Pro SP3 keeps corrupting. Also I noticed that the Netlogon service gets disabled. This is pretty consistent.
Thanks.
combofixlog.txt
Thanks.
combofixlog.txt
ASKER
One more thing. Pretty much our workstations are identical in the setup, they all run Panda AV/Firewall. and we don't use Adware, or any other programs. And users have limited privileges to the workstations. Is there a way to lock down the Winsock so nothing will damage it or change it, or is there a way to track it to see if something changes it. Samething for the Netlogon service, is there a way to track this service? for some reason it is not even registering in the Event Viewer when it goes down. --Thanks
ASKER
All the solutions given here work great on fixing it. My main question now is how to lock down my "winsock" so nothing can corrupt it. I still cannot fifure the cause of it, there are no traces anywhere in Panda log, or eventviewer. Thanks again.
ASKER
We have no way about finding out what really corrupted the winsock. Anyway, at least we were able to figure a fast solution if it happen again. From this site (experts-exchange) we have found a batch file that basically does the ipconfig and winsock cleanup. What we are trying to do right now is to push this batch file to all the workstation via the netlogon.bat feature in the Active Directory. We will push this to be copied to a specific folder on all the workstations, then when something like the winsock is corrupted we will instruct the user to run this batch file. Anyway, thanks to all of you!!!!
ASKER
Great support
ASKER
Thanks,