Solved

Windows 7 Can not connect to Microsoft Website

Posted on 2013-01-05
12
420 Views
Last Modified: 2013-01-07
I have a windows 7 workstation on our domain, that had to have  windows 7 pro reinstalled.  Can connect to the domain and to several sites on the internet, but can not connect to microsoft to do windows updates.  I notice that the machine connects to the website with internet explorer 8, but can not receive a reply from the websites.  

Can access google and some of the links.  

Tried disabling windows firewall, but still unable to connect to many websites.  No antivirus programs installed yet either.  Drive was reformatted and windows 7 was installed clean.

Not sure what might be causing this.  DNS and DHCP looks fine.  All other stations on network connect fine and this machine connects to the network and shares fine.
0
Comment
Question by:Tomxls
  • 4
  • 2
  • 2
  • +4
12 Comments
 
LVL 47

Expert Comment

by:dlethe
ID: 38748520
"can not connect" is pretty vague.  Please elaborate.  The windows event log will probably reveal exactly what is going on.

what does IPCONFIG /ALL report?  [Run this from the MSDOS command box] - maybe routing not set up properly?
0
 
LVL 30

Expert Comment

by:IanTh
ID: 38748536
you should check if you have a fake update.windows.com in your local resolver cache

you shouldn't be using ie8 anymore you should have a browser choice installed as M$ have introduced silent automatic updates to the latest version I recently installed a windows 8 machine for a customer and got a support question ie has disappeared but it hadn't instead the user didn't notice on the right (off the screen) she had a browser choice tile instead of an ie tile as where the ie tile had been it was now blank

also how are you running windows update its now in Control Panel\All Control Panel Items\System
down on the left
0
 
LVL 43

Accepted Solution

by:
Davis McCarn earned 500 total points
ID: 38748576
I smell an MBR Trojan or something which reurned the instant you rejoined the domain.  Boot record and MBR Trojans will often survive formatting.
Try running Roguekiller to see if it finds anything: http://www.majorgeeks.com/RogueKiller_d6983.html
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 38748723
Tomxls--
" I notice that the machine connects to the website with internet explorer 8, but can not receive a reply from the websites. "
Could you please explain this?

Any reason not to use IE9?
http://windows.microsoft.com/en-US/internet-explorer/downloads/ie-9/worldwide-languages

Is your Flash Player up to date?
http://www.adobe.com/support/flashplayer/downloads.html
0
 

Author Comment

by:Tomxls
ID: 38748772
Thanks Davis..
I ran a couple of scans and the first one found before reformatting an reinstalling, a file win32/trojandownlader that it cleaned and deleted.  Sorry I can not remember the exact name, I don't have it with me.

I will try the rogue killer and see if that finds it.  Malwarebytes did not find it after the reinstall.  I was previously running Eset for virus protection.

One on the comments said I need to install flash player, but I should be able to connect to microsoft.com without that I would think?  

I will run another scan and see if that picks up anything.  I will also reboot our gateway incase there is a bad route saved in the cache.
0
 
LVL 24

Expert Comment

by:DMTechGrooup
ID: 38748943
run a tracert as well..


tracert update.microsoft.com

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\system32>tracert update.microsoft.com

Tracing route to update.microsoft.com.nsatc.net [157.56.96.60]
over a maximum of 30 hops:


  5     *       43 ms    42 ms  205.170.22.46
  6     *       68 ms     *     207.46.33.165
  7    71 ms    70 ms    68 ms  ge-1-0-0-0.cpk-64c-1a.ntwk.msn.net [207.46.43.21
8]
  8    95 ms    94 ms    94 ms  xe-4-1-2-0.bay-16c-1a.ntwk.msn.net [207.46.45.90
]

It wasnt replying after # 8 but it shows me that it got to Microsoft..


Also try running this : http://www.gmer.net/
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:Tomxls
ID: 38748962
tracert does not work through our asa.  icmp I believe is disabled in the router.
0
 
LVL 43

Expert Comment

by:Davis McCarn
ID: 38749024
With several Trojans, unless you delete all of the partitions, cycle power, and then do a fresh install. the MBR or boot code instantly gets reinfected from the ram resident portion.  Most of the time RogueKiller detects them.
No, you shouldn't need Flash to access MS.
0
 

Author Comment

by:Tomxls
ID: 38749169
Thanks Davis..I will give that a try and let you know what happens
0
 
LVL 23

Expert Comment

by:Eirman
ID: 38749208
Check you hosts file for any rogue entries that would block access to MS sites
It's a hidden read-only text file

c:\windows\system32\drivers\etc\hosts
0
 
LVL 30

Expert Comment

by:IanTh
ID: 38750112
you should check start run cmd and type ipconfig /displaydns I suspect fake entries
0
 

Author Comment

by:Tomxls
ID: 38750916
Thanks Davis.....

Rouge Killer found 3 registry entries and that seemed to fix the problem...

The trojan I believe was trojandownloader.vespula.AY.  Not sure how it got on the machine, but Eset and Malwarebytes did not clean it.

Really appreciate your help!!!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Iphone getting millions of invitations 9 78
Mac Mail and Office 365. Mac Version 10.9.1 2 92
prepare AD for 2012 R2 6 99
windows server backup failing 3 29
Introduction: I have always been a big fan of Windows but my liking towards it is slowly being eroded by the variety of other Applications that I encounter, when I browse the Web. Most of the software available is free and maybe Open Source too. …
This article describes how to set permissions to allow a limited-permissions user to start and stop a particular System Service.   It is always best to give users only the permissions that they need to perform their job, so tweaking particular permi…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now