Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Windows 7 Can not connect to Microsoft Website

Posted on 2013-01-05
12
422 Views
Last Modified: 2013-01-07
I have a windows 7 workstation on our domain, that had to have  windows 7 pro reinstalled.  Can connect to the domain and to several sites on the internet, but can not connect to microsoft to do windows updates.  I notice that the machine connects to the website with internet explorer 8, but can not receive a reply from the websites.  

Can access google and some of the links.  

Tried disabling windows firewall, but still unable to connect to many websites.  No antivirus programs installed yet either.  Drive was reformatted and windows 7 was installed clean.

Not sure what might be causing this.  DNS and DHCP looks fine.  All other stations on network connect fine and this machine connects to the network and shares fine.
0
Comment
Question by:Tomxls
  • 4
  • 2
  • 2
  • +4
12 Comments
 
LVL 47

Expert Comment

by:dlethe
ID: 38748520
"can not connect" is pretty vague.  Please elaborate.  The windows event log will probably reveal exactly what is going on.

what does IPCONFIG /ALL report?  [Run this from the MSDOS command box] - maybe routing not set up properly?
0
 
LVL 30

Expert Comment

by:IanTh
ID: 38748536
you should check if you have a fake update.windows.com in your local resolver cache

you shouldn't be using ie8 anymore you should have a browser choice installed as M$ have introduced silent automatic updates to the latest version I recently installed a windows 8 machine for a customer and got a support question ie has disappeared but it hadn't instead the user didn't notice on the right (off the screen) she had a browser choice tile instead of an ie tile as where the ie tile had been it was now blank

also how are you running windows update its now in Control Panel\All Control Panel Items\System
down on the left
0
 
LVL 43

Accepted Solution

by:
Davis McCarn earned 500 total points
ID: 38748576
I smell an MBR Trojan or something which reurned the instant you rejoined the domain.  Boot record and MBR Trojans will often survive formatting.
Try running Roguekiller to see if it finds anything: http://www.majorgeeks.com/RogueKiller_d6983.html
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 50

Expert Comment

by:jcimarron
ID: 38748723
Tomxls--
" I notice that the machine connects to the website with internet explorer 8, but can not receive a reply from the websites. "
Could you please explain this?

Any reason not to use IE9?
http://windows.microsoft.com/en-US/internet-explorer/downloads/ie-9/worldwide-languages

Is your Flash Player up to date?
http://www.adobe.com/support/flashplayer/downloads.html
0
 

Author Comment

by:Tomxls
ID: 38748772
Thanks Davis..
I ran a couple of scans and the first one found before reformatting an reinstalling, a file win32/trojandownlader that it cleaned and deleted.  Sorry I can not remember the exact name, I don't have it with me.

I will try the rogue killer and see if that finds it.  Malwarebytes did not find it after the reinstall.  I was previously running Eset for virus protection.

One on the comments said I need to install flash player, but I should be able to connect to microsoft.com without that I would think?  

I will run another scan and see if that picks up anything.  I will also reboot our gateway incase there is a bad route saved in the cache.
0
 
LVL 24

Expert Comment

by:DMTechGrooup
ID: 38748943
run a tracert as well..


tracert update.microsoft.com

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\system32>tracert update.microsoft.com

Tracing route to update.microsoft.com.nsatc.net [157.56.96.60]
over a maximum of 30 hops:


  5     *       43 ms    42 ms  205.170.22.46
  6     *       68 ms     *     207.46.33.165
  7    71 ms    70 ms    68 ms  ge-1-0-0-0.cpk-64c-1a.ntwk.msn.net [207.46.43.21
8]
  8    95 ms    94 ms    94 ms  xe-4-1-2-0.bay-16c-1a.ntwk.msn.net [207.46.45.90
]

It wasnt replying after # 8 but it shows me that it got to Microsoft..


Also try running this : http://www.gmer.net/
0
 

Author Comment

by:Tomxls
ID: 38748962
tracert does not work through our asa.  icmp I believe is disabled in the router.
0
 
LVL 43

Expert Comment

by:Davis McCarn
ID: 38749024
With several Trojans, unless you delete all of the partitions, cycle power, and then do a fresh install. the MBR or boot code instantly gets reinfected from the ram resident portion.  Most of the time RogueKiller detects them.
No, you shouldn't need Flash to access MS.
0
 

Author Comment

by:Tomxls
ID: 38749169
Thanks Davis..I will give that a try and let you know what happens
0
 
LVL 23

Expert Comment

by:Eirman
ID: 38749208
Check you hosts file for any rogue entries that would block access to MS sites
It's a hidden read-only text file

c:\windows\system32\drivers\etc\hosts
0
 
LVL 30

Expert Comment

by:IanTh
ID: 38750112
you should check start run cmd and type ipconfig /displaydns I suspect fake entries
0
 

Author Comment

by:Tomxls
ID: 38750916
Thanks Davis.....

Rouge Killer found 3 registry entries and that seemed to fix the problem...

The trojan I believe was trojandownloader.vespula.AY.  Not sure how it got on the machine, but Eset and Malwarebytes did not clean it.

Really appreciate your help!!!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hallo! I guess almost every Windows Administrator must have got stumped with this question "Where does WINDOWS store a users cached credentials? Every user who had once logged onto a Server/Desktop while it was connected to the domain could sti…
Introduction: I have always been a big fan of Windows but my liking towards it is slowly being eroded by the variety of other Applications that I encounter, when I browse the Web. Most of the software available is free and maybe Open Source too. …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question