Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

outbound port 80 tcp rst (third different xp pro computer)


  • Please log in to reply
No replies to this topic

#1 mystiquefbsd

mystiquefbsd

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:04 AM

Posted 18 December 2008 - 11:14 AM

Hello all,

I am trying to figure out what is going on, and quite stumped; seems as if the OS is blocking outbound port 80 requests and sending back tcp resets.

Firefox says the connection was reset for every site anything; going to port 80 (http) making an https connection works just as it should. DNS works (nslooiup) as does ping and tracert to various sites both local and offsite.

I wouldn't care so much about this, but this is the third computer that this has happened to and the woman that is the IT person at the office can only reinstall XP as her only recourse.. so I am trying to help.

At first I thought it was a virus or some malware, but everything works fine in safe mode; sdfix doesn't find anything and neither does prevx (prevx.com).

I had to setup putty to tunnel (socks5) to another host to get Internet access.

If I were to setup an http server on the local machine, and try and connect via loopback; still says connection reset, so it's a very interesting problem (if one thinks network problems with XP are interesting).. but again all these problems so away in safe mode.. so it still sounds like a virus or some malware.

The only main thing I can see is that they are NOT running IE7, IE6, running ghost and AVG. Other than that they are all 'bare metal up' XP installs from Dell. The boxes are varying years old, but all had been reformatted when they came from Dell and had XP Pro reinstalled without extra things from Dell.

If anyone could help and offer some advice it would be greatly appreciated.

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users