Wilders Security Forums  

Go Back   Wilders Security Forums > Archived Forums > Closed Sub-Forums > Archive of Ghost Security Forums > Ghost Security Suite (GSS)
Reload this Page winsock and DNS issues
User Name
Password
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
 
Thread Tools Search this Thread
  #1  
Old April 4th, 2005, 11:33 AM
cyberjoes cyberjoes is offline
Infrequent Poster
  
Join Date: Apr 2005
Posts: 1
Default winsock and DNS issues
Our ISP is having customers with winsock issues -- or apparently so
winsockfixxp.exe tends to allow the users to browse but they soon are unable to browse again - especially after the 1st session online and then rebooting --

The problem does not esist for 90% of customers is intermittent for most of the others and is consistent for the few remaining -- until we bring them in the shop -- Is RegDefend an answer? -- will it help identify already embedded spyware?

Thanks in advance

cyberjoes
  #2  
Old April 4th, 2005, 02:25 PM
nick s nick s is offline
Very Frequent Poster
  
Join Date: Nov 2002
Posts: 1,407
Default Re: winsock and DNS issues
Quote:
Originally Posted by cyberjoes
Our ISP is having customers with winsock issues -- or apparently so
winsockfixxp.exe tends to allow the users to browse but they soon are unable to browse again - especially after the 1st session online and then rebooting --

The problem does not esist for 90% of customers is intermittent for most of the others and is consistent for the few remaining -- until we bring them in the shop -- Is RegDefend an answer? -- will it help identify already embedded spyware?
Hi cyberjoes,

RegDefend would be able to identify and block processes attempting to access and modify Winsock-related registry keys and subkeys:

HKLM\SYSTEM\CurrentControlSet\Services\WinSock
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2

Determining whether those processes are malware or not is left up to you.

You could also use Autoruns (with "Show Winsock Providers" enabled) to compare a functioning system to a broken system and see if and how they differ.

Nick
Last edited by nick s : April 4th, 2005 at 05:17 PM.
  #3  
Old April 4th, 2005, 09:45 PM
Bowserman's Avatar
Bowserman Bowserman is offline
Forum Moderator
  
Join Date: Apr 2003
Location: South Australia
Posts: 510
Default Re: winsock and DNS issues
Further to Nick's reply, I can suggest that to help in identifying if the processes trying to access/modify the winsock registry keys are valid ones or not to do a search for them here and here.

I would also suggest getting those that are having problems to follow the steps here to make sure their system is clean.


Regards,
Jade.
  #4  
Old April 5th, 2005, 12:06 AM
Jason_R0's Avatar
Jason_R0 Jason_R0 is offline
Developer
  
Join Date: Feb 2005
Location: Australia
Posts: 1,038
Default Re: winsock and DNS issues
For the majority of people you don't need any LSP providers except the ones provided by a default install. So even if you removed everything but the default you would fix the issue(s), only some people who use tools like Port Explorer, etc, would have to reinstall to regain the functionality. Though I would suggest that the sort of people with these infections wouldn't be running tools like Port Explorer in the first place.

And yes, if you used RegDefend to protect the LSP area in the registry, you would stop these infections in the future too.
 

Wilders Security Forums > Archived Forums > Closed Sub-Forums > Archive of Ghost Security Forums > Ghost Security Suite (GSS) « Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -5. The time now is 02:56 PM.

Contact Us - Wilders Security - Archive - TOS/Privacy - Top

Powered by vBulletin® Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2009, Wilders Security Forums