Monthly Archives: September 2006

Slow Booting Problem Due To 85.255.116.67 and 85.255.112.71

Interesting slow booting problem found on a network. This is a good check for whenever you have a slow starting PC.

I noticed on a 10 PC network that one PC was particularly slow to boot. I checked the ethernet wiring from the PC to the switch with a cable tester and it all looked OK.

I then decided to check the ethernet card, thinking it might be damaged. I checked the TCP/IP properties and noticed that it had DNS server values of 85.255.116.67 and 85.255.112.71. Very unusual since this network was supposed to obtain the DNS server addresses automatically.

I did a quick Google search on the servers IPs and it looks like they are related to some Trojan. After removing the hard coded DNS server addresses the system boots up quickly now.

Cybertech Bulletin Links

http://www.us-cert.gov/cas/techalerts/ – This is the US Department of Homeland Security’s cyber defense site. Good to see the latest cyber tech alerts.

http://sunbeltblog.blogspot.com/ – Another good site that posts the latest computer vulnerabilities and exploits.

http://explabs.blogspot.com/ – Exploit Prevention Labs has some good information on the latest exploits and how they are being used.

Inline Autocomplete Page Slow To Load Without HTTP

Here’s an unusual problem that took a while to resolve, mostly because it was hard to find just the right Google search terms to look up the solution.

The problem is that in the IE browser, typing in just www.[somedomain].com would not autofill the http:// prefix.  The browser would just stall and not load the page.

I did a lot of searching for phrases like “http not autofilling” and “page slow to load without http.”  I finally stumbled on the correct nomenclature.  This autofill feature is actually called “inline autocomplete.” 

Most  of the suggestions said to make sure that under Tools > Internet Options > Autocomplete the Use Inline Autocomplete boxed was checked.  That did not solve my problem.

What finally did the trick was an obscure posting that said to do this: 

Verify the following entries are correct in the Registry:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\URL\DefaultPr­efix]
@=”http://”

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\URL\Prefixes]
“ftp”=”ftp://”
“gopher”=”gopher://”
“home”=”http://”
“mosaic”=”http://”
“www”=”http://”

Once I added the @=”http://” entry all is working OK.