Need Windows XP help

[faulknerwn 37]

Trying to resurrect a friends Windows XP computer.

In the CMD nslookup works fine. Using google's DNS servers (I changed to them during debugging). Ping and tracert work fine to IPs.

In Windows no web browser can go to a domain name (yahoo.com) but can go to IP addresses fine.

There was some malware on it but ad-aware says its gone, as well as Microsoft Malicious Software Removal Tool.

System Restores always just say that nothing has changed no matter the restore point (figured out how to fix this for future ones.)

I'm out of ideas (and can't find help on google) on what else to try. Any ideas?

[theonlyski 3]

Quote

Trying to resurrect a friends Windows XP computer.

In the CMD nslookup works fine. Using google's DNS servers (I changed to them during debugging). Ping and tracert work fine to IPs.

In Windows no web browser can go to a domain name (yahoo.com) but can go to IP addresses fine.

There was some malware on it but ad-aware says its gone, as well as Microsoft Malicious Software Removal Tool.

System Restores always just say that nothing has changed no matter the restore point (figured out how to fix this for future ones.)

I'm out of ideas (and can't find help on google) on what else to try. Any ideas?

Hosts file would be my first guess.

Should be something like C:\Windows\System32\drivers\etc\hosts (note, no extention) rename it to hosts.old and see if that works...

Also, if it doesnt work, ping www.google.com and tell me exactly the output

"I may be a dirty pirate hooker...but I'm not about to go stand on the corner." iluvtofly
DPH -7, TDS 578, Muff 5153, SCR 14890
I'm an asshole, and I approve this message

[faulknerwn 37]

Already deleted both the hosts and lmhosts files.

ping request could not find host google.com

[theonlyski 3]

for testing purposes, try this dns server

208.67.222.222

Im assuming you're using this one already:

128.107.241.185

Also, whos the ISP and what was the problem starting off?

"I may be a dirty pirate hooker...but I'm not about to go stand on the corner." iluvtofly
DPH -7, TDS 578, Muff 5153, SCR 14890
I'm an asshole, and I approve this message

[scootermcfly 0]

I've had decent luck getting rid of malware/crapware lately using this

http://www.superantispyware.com/portablescanner.html

Scooter McFly

[faulknerwn 37]

Have been using google's 8.8.8.8 and their other one whatever it was.

It originally used Embarq's DNS servers - worked fine up until 2 days ago when it suddenly stopped.

Ah yeah I just remembered something - he did tell me that right before this happened he hit ok to some Windows Update but it bluescreened instead of rebooted. So maybe something funky happened there..

[faulknerwn 37]

Safe Mode with networking no change. Running the Super Anti-Spyware now..

[theonlyski 3]

have them make a new hosts file and in the file put:

209.85.229.99 www.google.com

the space between the ip address and the FQDN is a single tab.

save it, and see if he can pull google, or if he can ping www.google.com

"I may be a dirty pirate hooker...but I'm not about to go stand on the corner." iluvtofly
DPH -7, TDS 578, Muff 5153, SCR 14890
I'm an asshole, and I approve this message

[faulknerwn 37]

Will do as soon as the spyware thing finishes. Its found a couple of items others have missed. It won't let me do anything while its running. Thanks for all the help guys!

[theonlyski 3]

Quote

Will do as soon as the spyware thing finishes. Its found a couple of items others have missed. It won't let me do anything while its running. Thanks for all the help guys!

Another thing you COULD try, but for someone that isnt a good computer tech, i wouldnt really recommend it... hijackthis.

Ive used it as a last ditch effort and its worked for me a few times!

"I may be a dirty pirate hooker...but I'm not about to go stand on the corner." iluvtofly
DPH -7, TDS 578, Muff 5153, SCR 14890
I'm an asshole, and I approve this message

[ridestrong 1]

Quote

Trying to resurrect a friends Windows XP computer.

In the CMD nslookup works fine. Using google's DNS servers (I changed to them during debugging). Ping and tracert work fine to IPs.

In Windows no web browser can go to a domain name (yahoo.com) but can go to IP addresses fine.

There was some malware on it but ad-aware says its gone, as well as Microsoft Malicious Software Removal Tool.

System Restores always just say that nothing has changed no matter the restore point (figured out how to fix this for future ones.)

I'm out of ideas (and can't find help on google) on what else to try. Any ideas?

Wait.... is this some kind of terrorist code?

*I am not afraid of dying... I am afraid of missing life.*
----Disclaimer: I don't know shit about skydiving.----

[faulknerwn 37]

Surprisingly enough it doesn't work. I still can't go to it except by ip
is there an equivalent of the unix nsswitch.conf in windows?

[theonlyski 3]

Hrm, tough cookie...

Does it have zone alarm or symantec/norton of any sort installed?

"I may be a dirty pirate hooker...but I'm not about to go stand on the corner." iluvtofly
DPH -7, TDS 578, Muff 5153, SCR 14890
I'm an asshole, and I approve this message

[faulknerwn 37]

It does have symantic but shutting off it and firewalls doesn't change anything. Will try hijack this in the morning. My suspician is definitely that some file somewhere got corrupted when he blue screened

he only has sp2 on this machine - I wonder whether the update he said to install that bluescreened was sp3? Will ask him in the morning

nsswitch.conf in unix tells the box what order to look up names (dns nis hosts )just wonder whether there is a similar file inbwindows that got corrupted or something

[theonlyski 3]

its probably from sp3 installing, although that should have been pushed out ALONG time ago... but who knows.

Try running this in a command window:

netsh int ip reset reset.log
netsh winsock reset

Then try it out...

If that doesnt work, I would try to re-install SP3, it can be downloaded from another computer and put on a thumb drive, just find the one for network install.

As far as that file, the dns servers in the ip settings write that stuff to the registry, but thats working, because you can do an nslookup... try the netsh and see if that does it.

"I may be a dirty pirate hooker...but I'm not about to go stand on the corner." iluvtofly
DPH -7, TDS 578, Muff 5153, SCR 14890
I'm an asshole, and I approve this message

[Beachbum 0]

Found this ... worth a try:

1. Obviously, make sure that the IP addresses that you're getting for your DNS servers are correct. To verify that, open a DOS window, type the following command at the DOS prompt, and then hit Enter:

ipconfig /all


2. Download and run the (free) WinsockXPFix program.

As long as you are happy with yourself ... who cares what the rest of the world thinks?

[4000m 0]

Hi,
try to run

sfc /scannow

via START --> RUN.
It checks the integrity of all system files and copies the original file from the Win CD if required.

If this brings no errors, reset the TCP stack:

netsh int ip reset c:\resetlog.txt

then flush the DNS cache

ipconfig /flushdns

Hope it helps.

Youtube: http://www.youtube.com/user/4000meter
Youtube Favorites: http://www.youtube.com/playlist?list=PLjnVsp4Epra-PRDETgrF3M04B3X86X1eh

[JohanW 0]

If it's that broken, reinstall. Try an in place reinstall first, that might just work.

You don't sound like a user. There's little more you can do.

Johan.
I am. I think.

[bwilling 0]

Quote

If it's that broken, reinstall.

Sad but true, that's often the path of least resistance when a Windows system goes bad!

You can make that a much more attractive option with prior planning though... get your fresh, newly installed OS set up just the way you like it, then image that thing off to a USB or eSATA removable drive using something like Acronis, and it will make restoring your box a lot less painful!

To the OP and the original problem, my vote goes to a missed piece of malware still sitting between the OS and browser or a damaged Winsock 2 stack... maybe check out LSP Fix...

"If all you ever do is all you ever did, then all you'll ever get is all you ever got."

[faulknerwn 37]

Yeah I was a Unix Admin for 15 years and exclusively use Macs myself :-) That's how I solve having Windows problems. Unfortunately others seem to bring these problems to me! Got a good night's sleep and will try some of these suggestions this morning!

[faulknerwn 37]

The netsh stuff didn't change anything, nor did a winsock fix program. I'm downloading SP3 now (on my Mac) and will try to install that next. Since that's what he did right before the issues started maybe it will help..

[faulknerwn 37]

Woohoo! Sp3 did the trick. It must have mucked something up the first time it tried to install. Thanks everyone for the help!

[Harmless 0]

I'm still curious as to what was messed up that caused this problem...

"Damn you Gravity, you win again"

[faulknerwn 37]

Actually I should say it's almost fixed :). I can browse webpages but I decided to run windows update since if he didn't have sp3 who knows what else he didn't have. It just spins forever and never stops

[theonlyski 3]

Turn on automatic updates, see if it starts downloading them.

It could be a plug in loaded by IE is bad, maybe try upgrading to IE8 and seeing if that helps any.

"I may be a dirty pirate hooker...but I'm not about to go stand on the corner." iluvtofly
DPH -7, TDS 578, Muff 5153, SCR 14890
I'm an asshole, and I approve this message