Did Installing An Anti-Spyware Program Kill Your IP Networking?

Newsletter #47 Late April 2005

From Mark Minasi's newsletter:

Did Installing An Anti-Spyware Program Kill Your IP Networking?

Sometimes the cure is worse than the disease.

A good friend installed Microsoft's Anti-Spyware beta at my recommendation. (I can't stress how much you need this or some other anti-spyware tool. I've liked ADAware as well.) Anyway, he had a terrible reaction to the anti-spyware tool -- his IP stack no longer worked. I was puzzled until I ran across this feature of XP's SP2 and 2003's SP1. Just type this command:

netsh winsock reset catalog

As it turns out, many things insert themselves between your IP stack and the rest of your system. Most are benign or outright helpful. But because something that sits between the rest of the OS and the IP stack may not be the ONLY thing between the OS and the IP stack, these in-between programs must play well with one another -- these in-between programs all sit in a line and must be aware of who's ahead of them and who's behind them in line. that way, if one in-between program exits, it knows to link the program behind it in line to the one in front of it in line. (This "line" is the "catalog" in the above command.) But some poorly written browser helper objects (one type of these in-between programs often used in spyware) aren't good at cleaning up after themselves and, when those kinds of browser helper objects are removed by anti-spyware tools, then the line of "in-between programs" may get messed up, with the result that you can't do anything on IP.

In any case, the bottom line is that if installing some kind of anti-spyware tool has made it impossible for you to network, open up a command line and try typing "netsh winsock reset catalog."