Results 1 to 10 of 10
  1. #1
    Star Lounger Erniek's Avatar
    Join Date
    Dec 2009
    Location
    Scottish Borders
    Posts
    66
    Thanks
    0
    Thanked 11 Times in 6 Posts

    Angry Cannot access either MS or Amazon HTTPS sites

    Please accept my apologies for the length of post but trying to give all relevant info. I am working on the assumption that I have an infection hence posting here if in wrong place please move and let me know.

    Desktop PC - Win 7 Prof SP1 (from clean install about 1 year ago) 64bit – 8GB Ram
    Laptop Win 7 Prof (SP1 using downloaded SP1 file again about 9 -10 months ago) 32bit – 4GB Ram
    Both have static IP addresses.
    Windows FULLY upto date as are the browsers.
    Virtual Ram handled by Windows (see further down post for reason for supplying this info.)

    Security software on both PC’s:
    Comodo firewall (free) – Avast AV (free) – Malwarebytes (paid version) – Win Patrol (paid version) – Spyware Blaster – CCLeaner (run at about 4 or 5 day intervals)

    There is different software on each PC.
    I have been running these programs for a couple of years without problems or conflicts.

    Problem details:
    This issue is the exact same on BOTH PC’s which are on a HOME Network with the usual shared folders\partitions.
    I cannot access the following websites. When this issue started I have no idea because these are not sites I go to on a regular basis. I first discovered it about 1 week ago. There is NO warnings (404 etc other than eventually Time out) Both sites can be accessed on spare (NON-Networked) PC.

    When I try to access my Amazon account (see link below – both typed in and using Favourites link) it does not open. I CAN access Amazons’ home page without problems.
    It is only when I try to log-in that I have problems here. I have tried accessing both Amazon UK & Amazon US.
    I can access
    http://www.amazon.co.uk which then goes to
    https://www.amazon.co.uk/gp/css/home.../ref=topnav_ya

    The same happens when I try to sign-in to my Hotmail account, or virtually any (secure https:// and or normal http://) MS site[s]. In this instance the sign-in page just never gets there. There are not error message in either case. Microsoft.com and Microsoft UK with the same results.
    Hotmail:
    http://sn102w.snt102.mail.live.com/d...?wa=wsignin1.0

    it then goes to https://login.live.com/login.srf?wa=...cxt=mai&snsc=1 and sits there going nowhere. [Blue circle keeps going round and round].

    PING [microsoft.com] times out and fails. [IP addresses 65.55.58.201 & 65.55.57.27:]

    I CAN access other HTTPS:// sites without problems (I am able to log into other [non-MS]) web mail etc. on both problem PC's) I also have no problems accessing any other http:// site[s]

    Steps taken to try and resolve this:
    Tried to access site at different times of the day.
    Disabled ALL security programs [AV – Anti-Malware – Firewall etc.]
    Ran full security scans in Windows and Safe Mode. (Also turned of malicious web site blocking in Malwarebytes to see if this could be at fault)
    Ran BOOT scans with Avast.
    Set Spybot to run as windows was loading.
    Ran Kaspersky emergency boot disk (10)
    Ran on-line security scans (Symantic)
    Installed and ran SybotSD.
    Started and updated Windows Defender and ran full scan.
    Disabled GHOSTERY in all browsers.
    Tried 4 different browsers (by default I have Opera + FF + IE [8]) downloaded and installed Chrome.
    Also tried pinging (the above links) both of which failed.
    Ran all browsers, WITH & WITHOUT add-ons.

    NO toolbars installed and never has been other than the Avast program.
    Re-set DNS cache.
    Reset\repaired WINSOCK
    Re-set MBR from with-in Acronis (but once again I do not know when this started so (if infected) this could also be infected. I also fixed MBR using Emergency Boot CD and entered
    bootrec /fixmbr [enter]
    bootrec /fixboot [enter]

    Nothing found anywhere.
    [I can access the above when I use an old PC (which IS NOT networked) I keep for emergencies and on my phone.]

    I CAN do\get windows updates (using Auto Check or clicking onto link\shortcut in the All Programs List and [repeat] I CAN ACCESS OTHER HTTPS:// SITES WITHOUT PROBLEMS

    Re-inserted an Acronis image (which was 5 weeks old) with same results, but as I said I am not certain when this started so the image might well have been infected [if that is the cause] NO new software has been installed on both PC’s for a few months except for SpybotSD due to this issue.

    I have tried all these "fixes" on both DT & LAptop but have decided to concentrate on getting the DT to work at the moment.

    Turned off System Restore
    Stopped VIRTUAL Memory\Paging File
    to see if something was lodged in there and came up against something I have never seen (or heard of) before. When I rebooted PC I got message saying windows had created a Temp Paging File. See attachment below for exact details. In 18 years of using PC’s I have never had this message when disabling virtual memory. This might be related or it could be a separate issue. When I cancel Paging file Windows SHOULD NOT create a temp one especially when I have 8GB Ram installed.

    Virtual Memory message.jpg

    It has been years since I have had to run Hi Jack This on either my own pc's or on the pc's I mantain for other folks and have forgotten exact procedure so please advise for this so that I can post log up. (also post as an attachment or just copy and paste?)

    If solution\repair cannot be found it will mean re-installing windows and programs (ouch)
    All passwords have been changed and card details removed from Amazon.
    Attached Images Attached Images
    Last edited by Erniek; 2012-08-29 at 05:38.
    ErnieK

  2. #2
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    Have you tried a scan with Malwarebytes?

    What DNS servers are you using?

    Do you have access to a VPN?

  3. #3
    Star Lounger Erniek's Avatar
    Join Date
    Dec 2009
    Location
    Scottish Borders
    Posts
    66
    Thanks
    0
    Thanked 11 Times in 6 Posts
    Hi there Rurib
    Have done fullscan in both windows and safemode with ALL security software listed above.

    Using my ISP's default DNS (Eclipse - 212-104-130-9 & 212.104.130.65)

    VPN? No

    Now working on spare PC because since posting the above I no longer get access to the individual threads\posts. I CAN sign-in and CAN get the list of available sections (eg Office application \ Windows ect) but whenb I click to view something the page does not load with the message down bottom right sying "Waiting for platform.twitter.com..." when I hover my mouse over this it jumps from the bottom left corner to the bottom roght corner.

    Hope I explained that clearly

    I NEVER go near (so called) social networking sites of any sort and never have or will
    Last edited by Erniek; 2012-08-29 at 06:20. Reason: insert more info
    ErnieK

  4. #4
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    I would make two suggestions:

    1. To rule out issues at your provider, try using other dns servers, for example, from open dns: https://store.opendns.com/get/premium-dns/

    2
    . I would try a couple more emergency scanners:

    Emsisoft Emergency Kit.
    Vipre Rescue.

  5. #5
    Star Lounger Erniek's Avatar
    Join Date
    Dec 2009
    Location
    Scottish Borders
    Posts
    66
    Thanks
    0
    Thanked 11 Times in 6 Posts
    Thanks Rurib
    I will sign-up for Open DNS and then run the software you reccomend.

    I will get back to you tomorrow with the results because I have to go out in about 15 minutes.
    ErnieK

  6. #6
    Star Lounger Erniek's Avatar
    Join Date
    Dec 2009
    Location
    Scottish Borders
    Posts
    66
    Thanks
    0
    Thanked 11 Times in 6 Posts
    Rurib
    I am like a dog with a bone. Cannot leave until it is finished.

    Tried changing DNS to Googledns (in windows and on my router) and BINGO! I can now connect to both these sites witout problems.
    I will still run both security programs you indicated tomorrow and will let you know the results from them. Hpefully thugh they will come up clean.

    I am now running waaaay! late and will have to plead for mercy from the person I am meeting. Thank goodness for mobile phones that allow me (us) to make excuses from a distance.

    Also the last item in my original post re paging file. Any ideas as to why this occured. As I said I have never come up against this before.
    Once again Thank You for the help and (extremely) quick response.
    ErnieK

  7. #7
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    It did sound more like a DNS problems, thus my suggestion. Would be interesting to know why that happened with the provider. I would contact the ISP's tech support.

    I have no idea why Windows created the temp file. What options did you use regarding the paging file?
    I don't think disabling the page file would help here. I doubt the page file had any responsibility on what was happening, anyway.

  8. #8
    Star Lounger Erniek's Avatar
    Join Date
    Dec 2009
    Location
    Scottish Borders
    Posts
    66
    Thanks
    0
    Thanked 11 Times in 6 Posts
    Rurib
    Sorry for the delay in getting back to you but when I got back home yesterday morning I could once again NOT access the sites, this after being able to do so on Wednesday Afternoon before I went out. At that time I was using googledns (8.8.8.8/8.8.4.4)

    I immediately flushed the DNS (ipconfig /flushdns) once again and reset the DNS for opendns (208.67.222.222/208.67.220.220) and things once again worked as it should. I then spent the rest of the day doing scans with Viprre and Emsisift Emergency Kit.

    Vipre came up with 2 (two) false positives in my download folder on a separate partion (A program that has been lying on my (DT)PC for about 6 -7 years - a program to help disabled PC users [it is more than likely out of date now and probably does not work on Win 7 but handy to have in the arsenal - I will try and remember to test it] that I know to be totaly safe but left it in the quarantine that Vipre did by default.

    Then I ran Emsisoft and this found more fallse positves in the same folder. Once again programs that have been on my PC for 2 -3 years (for example Core Temprature - which is installed on my PC but this was not found or indicated) and it also found the files left over from the program that Vipre qurantined. But most worryingly was the fact that it also found the quranteened files in Vipre. SO a word of warning that the Vipre quarantine IS NOT a safe place to leave possible infected files.

    After running both programs twice I then turned of the PC(s) and left them until this morning. Everything working as it should be.

    With the paging file I decided to turn this of just incase the were remnants (or reference) of any possible infection lying there. By that time I was getting really desparate.

    Another thing is that now I never see advice in shutting down \clearing System Restore when an infection is found or suspected. This used to be one of the first things to do but nowadays no-one seems to bother.

    As for windows making a temp paging file what forum would you suggest to try and get an answer. As I said I have never seen or heard of this behaious before when I have turned of the paging file. In fact I ran a PC a few years ago without a paging file for about 6 months.

    I will wait over the week-end (to make certain the everything continues correctly) and contact my ISP to see if they can enlighten me. Been with them for about 14 - 15 years and in that I could count on one hand (and leave a couple of spare fingers) the number of times I have had problems\issues with them. (eclipse networking - http://www.eclipse.net.uk/) Extremely reliable.
    Last edited by Erniek; 2012-08-31 at 05:11. Reason: to fix mistakes
    ErnieK

  9. #9
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    It's a bit strange that you keep getting dns issues...

    As to the forum, try the Technet ones: http://social.technet.microsoft.com/...tegory/w7itpro

  10. #10
    Star Lounger Erniek's Avatar
    Join Date
    Dec 2009
    Location
    Scottish Borders
    Posts
    66
    Thanks
    0
    Thanked 11 Times in 6 Posts
    Thanks Rurib.
    As you say it is worrying that the DNS has failed twice (ISP default & googledns). Everything still working OK at the moment but I will keep checking every couple of hours to ensure that it continues to work. If anybody else has a possible reason for this I would greatfull to hear it .

    As for the paging file I never gave Technet a thought and will try them later today.
    ErnieK

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •