I downloaded the latest security updates. Now, and I had this before,
after some period of time of inactivity, Sygate Personal Firewall Locks,
and there is no internet access. The OS locks it, and won't allow it to
shut down. A power down is necessary. On an XP Pro OS computer. This is
ridiculous.

After reading the MVP responses to the last query, I reinstalled IP. Nope.
I reinstalled my 3Com network card. Nope. Reinstall Sygate. Nope.

Microsoft, you broke something here. If anyone who works for MS
understands how these latest security updates work, and if any are willing
to admit it, please let me know how I can fix this problem, other than a
RESTORE, bah.

Here is what directly caused this problem:
kb893803 (media update)
kb890859
kb890923
kb893066
kb892944
kb893086

Thank you,

John

JohnB wrote:
> I downloaded the latest security updates. Now, and I had this before,
> after some period of time of inactivity, Sygate Personal Firewall
> Locks, and there is no internet access. The OS locks it, and won't
> allow it to shut down. A power down is necessary. On an XP Pro OS
> computer. This is ridiculous.
>
> After reading the MVP responses to the last query, I reinstalled IP.
> Nope. I reinstalled my 3Com network card. Nope. Reinstall Sygate.
> Nope.
>
> Microsoft, you broke something here. If anyone who works for MS
> understands how these latest security updates work, and if any are
> willing to admit it, please let me know how I can fix this problem,
> other than a RESTORE, bah.
>
> Here is what directly caused this problem:
> kb893803 (media update)
> kb890859
> kb890923
> kb893066
> kb892944
> kb893086
>
> Thank you,
>
> John

Have you tried uninstalling them?

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"

We thought you'd replaced Sygate Firewall a month ago?
http://snipurl.com/eaiz

Assuming you're running SP2, see the section on this page for rebuilding
Winsock LSP chain: http://support.microsoft.com/kb/892350

If it fixes the problem, now find the hijackware infecting your system:

Check for hijackware:

Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/data/tshoot.htm
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine.blogspot.com/

--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE) & Security


JohnB wrote:
> I downloaded the latest security updates. Now, and I had this before,
> after some period of time of inactivity, Sygate Personal Firewall Locks,
> and there is no internet access. The OS locks it, and won't allow it to
> shut down. A power down is necessary. On an XP Pro OS computer. This is
> ridiculous.
>
> After reading the MVP responses to the last query, I reinstalled IP.
> Nope. I reinstalled my 3Com network card. Nope. Reinstall Sygate. Nope.
>
> Microsoft, you broke something here. If anyone who works for MS
> understands how these latest security updates work, and if any are willing
> to admit it, please let me know how I can fix this problem, other than a
> RESTORE, bah.
>
> Here is what directly caused this problem:
> kb893803 (media update)
> kb890859
> kb890923
> kb893066
> kb892944
> kb893086
>
> Thank you,
>
> John

On Wed, 27 Apr 2005 18:58:17 -0400, in microsoft.public.windowsxp.general
you wrote:

> We thought you'd replaced Sygate Firewall a month ago?
> http://snipurl.com/eaiz
>

Bah! I couldn't stand that other brand. Sygate's interface allows one to
easily see what is going on among all the programs accessing the internet.
Zonealarm stinks. Just my opinion on the free versions.


> Assuming you're running SP2, see the section on this page for rebuilding
> Winsock LSP chain: http://support.microsoft.com/kb/892350

Thanks, got SP1.

I could append the last instance with this: For some reason, XP was
creating it's own IP address, despite DNS being active. I disabled DNS at
the time, using a static IP, and had no more problem.

Now, it the situation appears to be different. I have DNS active, and it
is working.

I had begun to suspect that XP is accessing the internet through kernel
access, and is bypassing the firewall. The firewall gets completely locked
as a result.

Now, I again reinstalled Sygate, and am not having the problem.

Is XP somewhat controlling what a firewall sees, or am I paranoid?

thanks all,

John

JohnB wrote:

> On Wed, 27 Apr 2005 18:58:17 -0400, in
> microsoft.public.windowsxp.general you wrote:
>
>> We thought you'd replaced Sygate Firewall a month ago?
>> http://snipurl.com/eaiz
>>
>
> Bah! I couldn't stand that other brand. Sygate's interface allows
> one to easily see what is going on among all the programs accessing
> the internet.
> Zonealarm stinks. Just my opinion on the free versions.
>
>
>> Assuming you're running SP2, see the section on this page for
>> rebuilding Winsock LSP chain: http://support.microsoft.com/kb/892350
>
> Thanks, got SP1.
>
> I could append the last instance with this: For some reason, XP was
> creating it's own IP address, despite DNS being active. I disabled
> DNS at the time, using a static IP, and had no more problem.
>
> Now, it the situation appears to be different. I have DNS active, and
> it is working.
>
> I had begun to suspect that XP is accessing the internet through
> kernel
> access, and is bypassing the firewall. The firewall gets completely
> locked as a result.
>
> Now, I again reinstalled Sygate, and am not having the problem.
>
> Is XP somewhat controlling what a firewall sees, or am I paranoid?
>

I don't think you mean "DNS" which is the Domain Name System and is used
for resolving domain names to IP addresses. I think you mean "DHCP"
which is the Dynamic Host Configuration Protocol used for assigning IP
addresses dynamically in a network. But in neither case would XP be
"creating its own". You had something set up wrong. XP doesn't do what
you think it does. You probably had (or still have) some malware on the
system. As Robear said, now you need to find out what and clean it up.
Follow the good links he gave you.

Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User

>
> I don't think you mean "DNS" which is the Domain Name System and is used
> for resolving domain names to IP addresses. I think you mean "DHCP"
> which is the Dynamic Host Configuration Protocol used for assigning IP
> addresses dynamically in a network. But in neither case would XP be
> "creating its own". You had something set up wrong. XP doesn't do what
> you think it does. You probably had (or still have) some malware on the
> system. As Robear said, now you need to find out what and clean it up.
> Follow the good links he gave you.
>
> Malke

Thank you,

Sorry about the mis-type.

According to my service provider: obtain IP auto, obtain DNS servers auto
netbios and lmhost lookup are disabled.

This is XP related. This problem never existed with win98se. This drive
was upgraded from that operating system, and no major changes were made.

If there is malware on my system, it is not identified by any of the
currently available technology-spyware detectors, antivirus, firewall.
I do not use explorer, and since I had switched browsers, I have never had
a destructive cookie nor exploitation, although I perpetually check my
system for these things.

Power saving options in XP Pro are all turned off.

John

*Analytically thinking responses are heavily solicited!*

JohnB wrote:

>>
>> I don't think you mean "DNS" which is the Domain Name System and is
>> used for resolving domain names to IP addresses. I think you mean
>> "DHCP" which is the Dynamic Host Configuration Protocol used for
>> assigning IP addresses dynamically in a network. But in neither case
>> would XP be "creating its own". You had something set up wrong. XP
>> doesn't do what you think it does. You probably had (or still have)
>> some malware on the system. As Robear said, now you need to find out
>> what and clean it up. Follow the good links he gave you.
>>
>> Malke
>
> Thank you,
>
> Sorry about the mis-type.
>
> According to my service provider: obtain IP auto, obtain DNS servers
> auto netbios and lmhost lookup are disabled.
>
> This is XP related. This problem never existed with win98se. This
> drive was upgraded from that operating system, and no major changes
> were made.
>
> If there is malware on my system, it is not identified by any of the
> currently available technology-spyware detectors, antivirus, firewall.
> I do not use explorer, and since I had switched browsers, I have never
> had a destructive cookie nor exploitation, although I perpetually
> check my system for these things.
>
> Power saving options in XP Pro are all turned off.
>
There is no way to accurately diagnose your system without seeing it.
There are too many unknown factors. The best solution for you would be
to have a local professional look at the machine. Someone on-site will
be able to assess the situation far better than people trying to help
via the written word.

Good luck,

Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User

JohnB wrote:

<snipped at both ends>

> This is XP related. This problem never existed with win98se. This
> drive was upgraded from that operating system, and no major changes
> were made.
>

And yet you made it sound like it was working before you installed
certain updates. Again I'll ask, did you try to uninstall those
updates?

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com/mscommunity
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei"

On Tue, 3 May 2005 09:39:04 -0400, kurttrail wrote:

> JohnB wrote:
>
> <snipped at both ends>
>
>> This is XP related. This problem never existed with win98se. This
>> drive was upgraded from that operating system, and no major changes
>> were made.
>>
>
> And yet you made it sound like it was working before you installed
> certain updates. Again I'll ask, did you try to uninstall those
> updates?

Thank you.

I believe in TESTING, TESTING, TESTING. I removed the updates yesterday,
except for the Windows Installer update. Today, I have left the system for
3 hours without activity, and it did not hang. That is typically longer
than it takes before the problem kicks in, so I think removal of the udates
resolved the issue. I will monitor it for another day before I am
confident.

Thanks,

John