Posted 18 December 2008 - 11:14 AM
I am trying to figure out what is going on, and quite stumped; seems as if the OS is blocking outbound port 80 requests and sending back tcp resets.
Firefox says the connection was reset for every site anything; going to port 80 (http) making an https connection works just as it should. DNS works (nslooiup) as does ping and tracert to various sites both local and offsite.
I wouldn't care so much about this, but this is the third computer that this has happened to and the woman that is the IT person at the office can only reinstall XP as her only recourse.. so I am trying to help.
At first I thought it was a virus or some malware, but everything works fine in safe mode; sdfix doesn't find anything and neither does prevx (prevx.com).
I had to setup putty to tunnel (socks5) to another host to get Internet access.
If I were to setup an http server on the local machine, and try and connect via loopback; still says connection reset, so it's a very interesting problem (if one thinks network problems with XP are interesting).. but again all these problems so away in safe mode.. so it still sounds like a virus or some malware.
The only main thing I can see is that they are NOT running IE7, IE6, running ghost and AVG. Other than that they are all 'bare metal up' XP installs from Dell. The boxes are varying years old, but all had been reformatted when they came from Dell and had XP Pro reinstalled without extra things from Dell.
If anyone could help and offer some advice it would be greatly appreciated.