Windows Explored

A lot of vague networking issues on user workstations are sometimes troubleshot by running the netsh winsock reset catalog command, often without knowing what it does. When you run this command, you are resetting the layered service providers that come with Windows and removing all others that did not come with Windows. These “others” might be MS firewall clients, security proxies or 3rd party wireless communication apps that come with “Air Cards” used by mobile users.

In the environment that I work in, our workstations have the Microsoft Firewall Client or TMG client installed. You can directly see this as a layered service provider by opening msinfo32 and going to Components > Network > Protocol:

If you run netsh winsock reset you end up removing any LSPs that are not part of the Windows-Out-Of-The-Box installation. If your LSP application is self-aware, like in the case of the MS FWC or TMG client, you might notice a warning of some type:

This is a sign you need to run a repair or reinstall your LSP application (in this case, a repair of the FWC\TMG client is enough to fix and put the LSPs back in place).

The irony is that, if running netsh winsock reset resolved whatever mysterious networking issue you encountered, then you might have isolated the cause of the issue to a problem with the LSP application. I encountered this myself way back in my first blog post of the The Case of the Random Internet Explorer Crashes.