Tweaking.com Support Forums
Main Forum => Tweaking.com Support & Help => Topic started by: jrjr on June 22, 2015, 06:06:04 am
-
Hi - first post :smiley:
A few days ago a Microsoft tech ran the tweaking.com software on my Win 7 desktop.
With that result I have found that network discovery was turned off. I can only think it was done with this scan. Not a big deal, I turned it back on and that works ok....... but.....
As near as I can tell right after this tweaking.com scan I lost the connection to one and only one website. (weird) At least I have only found one. Initially I wrote it off to a website issue but after time, looked into it in more depth. That's why I am not 100% certain on the timing of the connectivity loss but it seems to have taken place in this time frame. The rest of the internet seems to work just fine. This website has been working and visited frequently for a long time. The site is www.theprofilebrotherhood.com
I cannot access this website from Firefox, Chrome, Opera, Safari or IE running on my desktop. I have checked the host file and it's clean. Checked Internet restricted sites and that has no entries. I have turned off all antivirus programs and turned off Windows firewall. Still no joy. Also have done a ipconfig /flushdns in cmd as admin with reboot.
I ran malwarebytes, Panda, Superantispyware, MS security essentials and cleaned whatever they found. Just standard cookie finds really. Also ran Malwarebytes rootkit program with no results.
I can successfully ping the website in question via IP and domain. If I enter their IP in the browser address bar it will time out the same as trying their domain name.
I can access this website from my laptop on the same network, AND if I run virtual box on my desktop in question using a Win 10 or Linux VM I can access the website without issue.
I have run out of things to check. Any suggestions?
Edit
I searched the registry and only found one instance. See attachment
-
Small update. I found 2 more websites that have the same exact issue. The rest of the internet seems to work ok. Anyone have an idea?
-
Have you opened up internet options and go to connections to see if you have a proxy server set up?
http://windows.microsoft.com/en-US/windows7/Why-cant-I-view-some-websites
-
Yes checked that.... none set up in fact the button is grayed out
-
Another update
Tried a free proxy and I am able to open the websites in question.
Tried using Google DNS and also hard coding DNS with Roadrunner's DNS server address with no change- sites won't work.
So far the only solution is using a different proxy but I don't want to do that.
-
I just spoke with a supervisor at Microsoft support and their only answer is to reinstall the operating system. I really don't want to do that. He said that the tweaking.com software must have deleted part of the registry and the only way to get it back is to reinstall the OS. I did not see the tech back up the registry when he was doing his thing.
-
you can restore the back up from the repair tool.
-
What repair tool?
I made a correction to the last post. The Supervisor said to reinstall the OS
Do you mean Tweaking.com has a repair tool or Windows repair tool?
The MS tech had me uninstall the Tweaking.com software.
I do see a folder in C drive called RegBackup and the date is right.
Was this created by Tweaking.com?
There is also a file in a sub folder called dos_restore.cmd
What will that do?
Please forgive the questions. This is my first experience with this software
Edit
I reinstalled the software. The log files are still there from last week but there are 2 different times a couple hours apart. Far as I know he only ran it once. Looking at the repair tab I see a checkbox to automatically do a registry backup. If I run the repair tool will it overwrite the backup that was previously made or make a new backup with a new date?
-
What repair tool?
I made a correction to the last post. The Supervisor said to reinstall the OS
Do you mean Tweaking.com has a repair tool or Windows repair tool?
The MS tech had me uninstall the Tweaking.com software.
I do see a folder in C drive called RegBackup and the date is right.
Was this created by Tweaking.com?
There is also a file in a sub folder called dos_restore.cmd
What will that do?
Please forgive the questions. This is my first experience with this software
Edit
I reinstalled the software. The log files are still there from last week but there are 2 different times a couple hours apart. Far as I know he only ran it once. Looking at the repair tab I see a checkbox to automatically do a registry backup. If I run the repair tool will it overwrite the backup that was previously made or make a new backup with a new date?
it should make a new backup with a new date
go to the tab step 5: backup and click on restore button then click on restore registry and select restore from the drop down menu :wink:
-
That is really odd. My program is about 95% registry related repairs. Registering files and such.
I never had any trouble accessing any sites after the repairs, the program doesn't target any sites and such.
Are you able to try a different internet connection as a test? What antivirus do you have installed and firewall software? I have a feeling something else is at play, as my repair program doesnt do anything to accessing sites such as dns other than simply doing a flush dns command.
Using a proxy makes the connection go though another server instead of your ISP, this is how some people can get around blocks their ISp setup, it also could be something as simple as the modem/router needing rebooted so that it can clear itself out. Pull the power cord from both your modem and router (If you have both) wait a full 60 sec and then plug them back in and see how it does. :wink:
The reason for this, is there have been a lot of problems I have seen where a node on the net was having trouble, so the router your connection takes goes through multiple nodes, if one is down or having trouble the connection doesnt complete. Using a proxy and such means you are taking a different route. So sometimes the problem isnt you or your ISP, but instead one of the nodes. They call it the information super highway, and guess what it has road construction as well lol
Shane
-
That is really odd. My program is about 95% registry related repairs. Registering files and such.
I never had any trouble accessing any sites after the repairs, the program doesn't target any sites and such.
Are you able to try a different internet connection as a test? What antivirus do you have installed and firewall software? I have a feeling something else is at play, as my repair program doesnt do anything to accessing sites such as dns other than simply doing a flush dns command.
Using a proxy makes the connection go though another server instead of your ISP, this is how some people can get around blocks their ISp setup, it also could be something as simple as the modem/router needing rebooted so that it can clear itself out. Pull the power cord from both your modem and router (If you have both) wait a full 60 sec and then plug them back in and see how it does. :wink:
The reason for this, is there have been a lot of problems I have seen where a node on the net was having trouble, so the router your connection takes goes through multiple nodes, if one is down or having trouble the connection doesnt complete. Using a proxy and such means you are taking a different route. So sometimes the problem isnt you or your ISP, but instead one of the nodes. They call it the information super highway, and guess what it has road construction as well lol
Shane
Thank you both for your time.
I agree it's very odd. I have rebooted the modem and router before, but just did it again for grins after waiting several minutes. No change. I don't have another internet connection available without lugging the desktop to someone's home. I took notes as I went along on things that I tried. Whats really odd is I can ping by IP or domain name successfully and all other computers on the same network are fine with these websites. Even the same desktop works using a VM with the same network interface. Not sure if all my efforts are listed above or not but here they are as complete so far -
I cannot access three (maybe more I haven’t run into yet) websites from Firefox, Chrome, Opera, Safari or IE running on my desktop. I have checked the host file and it's clean. Checked Internet restricted sites and that has no entries. I have turned off all antivirus programs and turned off Windows firewall. Still no joy. Also have done - ipconfig /flushdns in cmd as admin and reset winsock.
I ran malwarebytes, Panda, Superantispyware, MS security essentials and cleaned whatever they found. Just standard tracking cookie finds. Also ran Malwarebytes rootkit program with no results.
Created a new Windows user profile. Same results in that profile.
Ran msconfig – disable all in startup – reboot with same results
Have powered off the PC, unplugged and held power button to discharge with no results.
Rebooted router and modem
I can successfully ping the website in question via IP and domain. If I enter their IP in the browser address bar it will time out the same as trying their domain name.
tracert finds the unavailable domains without issue
traceroute works fine on the sites too
Tried Google DNS and also hard coding Road Runner DNS servers. Same issues.
I can access these websites from my laptop on the same network, AND if I run virtual box on my desktop in question using a Win 10 or Linux VM I can access the websites without issue.
If I configure a proxy server I can access the sites.
-
Lets see what happens if you do a trace route to it and we can see the nodes it is taking. here is the results of my trace route to the site.
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Shane>tracert http://www.theprofilebrotherhood.com
Unable to resolve target system name http://www.theprofilebrotherhood.com.
C:\Users\Shane>tracert www.theprofilebrotherhood.com
Tracing route to theprofilebrotherhood.com [174.36.75.246]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms 192.168.1.1
2 * * * Request timed out.
3 16 ms 8 ms 9 ms dtr04mdfdor-tge-0-5-0-2.mdfd.or.charter.com [96.
34.105.245]
4 19 ms 15 ms 23 ms bbr01mdfdor-bue-2.mdfd.or.charter.com [96.34.105
.82]
5 29 ms 31 ms 23 ms bbr02sttlwa-bue-4.sttl.wa.charter.com [96.34.0.5
6]
6 30 ms 26 ms 32 ms prr01sttlwa-bue-2.sttl.wa.charter.com [96.34.3.3
9]
7 25 ms 18 ms 18 ms te1-5.bbr01.wb01.sea01.networklayer.com [206.81.
80.140]
8 62 ms 71 ms 68 ms ae0.bbr01.cs01.den01.networklayer.com [173.192.1
8.145]
9 63 ms 63 ms 66 ms ae12.bbr02.eq01.dal03.networklayer.com [173.192.
18.138]
10 64 ms 63 ms 63 ms ae1.dar01.sr01.dal01.networklayer.com [173.192.1
8.255]
11 70 ms 70 ms 63 ms po1.fcr02.sr04.dal01.networklayer.com [66.228.11
8.178]
12 68 ms 72 ms 67 ms www.theprofilebrotherhood.com [174.36.75.246]
Trace complete.
C:\Users\Shane>
Shane
-
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Windows\system32>traceroute www.theprofilebrotherhood.com
'traceroute' is not recognized as an internal or external command,
operable program or batch file.
C:\Windows\system32>tracert www.theprofilebrotherhood.com
Tracing route to theprofilebrotherhood.com [174.36.75.246]
over a maximum of 30 hops:
1 4 ms <1 ms <1 ms 192.168.1.1
2 37 ms 44 ms 29 ms cpe-66-67-0-1.rochester.res.rr.com [66.67.0.1]
3 33 ms 28 ms 21 ms tge0-0-1.sodsny0302h.northeast.rr.com [24.93.8.1
10]
4 13 ms 12 ms 12 ms agg36.hnrtnyaf02r.northeast.rr.com [24.58.45.88]
5 21 ms 23 ms 19 ms be28.albynyyf01r.northeast.rr.com [24.58.32.70]
6 30 ms 32 ms 31 ms bu-ether16.nycmny837aw-bcr00.tbone.rr.com [66.10
9.6.74]
7 53 ms 29 ms 75 ms 0.ae1.pr1.nyc20.tbone.rr.com [107.14.17.218]
8 29 ms 28 ms 28 ms 66.109.11.126
9 39 ms 38 ms 38 ms ae1.bbr01.eq01.chi01.networklayer.com [173.192.1
8.132]
10 60 ms 59 ms 60 ms ae20.bbr01.eq01.dal03.networklayer.com [173.192.
18.136]
11 59 ms 57 ms 60 ms ae0.dar01.sr01.dal01.networklayer.com [173.192.1
8.211]
12 59 ms 57 ms 60 ms po1.fcr02.sr04.dal01.networklayer.com [66.228.11
8.178]
13 58 ms 60 ms 60 ms www.theprofilebrotherhood.com [174.36.75.246]
Trace complete.
C:\Windows\system32>
-
Ok so ping and tracert can hit the site just fine, which also shows it is getting the right IP from the dns servers. Yet your browsers are not able to hit it, can you a screen shot of the actual message of when it fails?
Ping and tracert hit a different port than the normal port 80 when accessing a site or port 443 for https, so thats something to consider as well, have you tried disabling all AV and firewall software?
Reason why I ask is the fact that ping and tracert can hit it means that it is up, isnt being blocked and the connection to it is fine, dns is working, so it seems like the browsers are being blocked.
All I use is firefox and I do know it keeps its own dns cache, wonder if we just need to make sure the dns cache is clear for the browsers.
Shane
-
Yea sure. It takes several minutes to time out. 2 of the sites are server connection reset or something similar. 3rd is a financial site and says something like - secure connection failed. Will get them for you.
-
It is 4 am for me and I am almost done catching up on all 60 threads I needed to answer, so I may have to reply tomorrow.
Connection reset means the connection was killed for an unknown reason, the server didnt do it and the browser didnt, something in the middle did, some times this is a faulty node, sometimes it is an antivirus or firewall program.
The fact that you can access from your laptop means it isnt your isp, modem or router, and if the tracert on the laptop is the exact same as the on on your troubled system then we know it isnt a bad node, that only leaves something running on the system that has the ability to kill a connection.
Shane
-
It's a little after 7am here in NY.... Here's the financial site
Unrelated-
As a work around for now I installed an add on called toggle proxy in FF and the sites in question work with the click of a button to switch proxy from none to whatever they supply. When using that proxy to visit this site (your site) It tells me that I am a robot trying to spam the internet! lol
-
For that one it looks like it is a https cert problem
https://support.mozilla.org/en-US/questions/1058856
and
https://support.mozilla.org/en-US/questions/1012765
See if the first one does the trick
Shane
-
I will check it out. Brief review makes me think that would be a fix for FF only? None of my browsers work
That would be better than I have now though. Other 2 sites are still trying to connect!
-
I still think something is on the system messing with the connection, if you havent done a proper power drain to the system yet I would do that as well, just to cover all the bases.
Shutdown system, pull power cord and battery if it has it, then hit power button a few times to drain all the power out, then plug power back in and boot up.
Only 6 more threads to answer then i am off to bed :-)
Shane
-
Yea I did that already
I am going to try uninstalling all anti virus software and see what that does.
-
Good idea, basically it is a process of elimination.
Thanks to having another system to try with we have been able to remove a lot of things off that list, isp, modem, router, nodes and such.
So av and firewall software would be next, and disabling them doesnt do it, I have found over and over again, when you disable them they are never, ever truly disabled. uninstalling them is the only way to be sure. Even then I have had left over firewall drivers from av programs still block things even with the program uninstalled, avast has done this to me before lol
Shane
-
Here's what the other 2 sites look like - they finally timed out!
-
Quick question. Not sure what 'Enable protected mode' does but it's checked
-
So https site fails with a authenticity error (Something messing with the secure data and so it fails) and the on the normal http site they take forever to timeout, which means that the browser is getting a small amount of data as every time it gets some data it resets it timeout count down.
Something is missing with the connection, I am starting to feel very firm on that. And 4:30 am is it for me, I still have a busy day tomorrow lol
but thankfully I got back to getting all these caught up.
Shane
-
http://windows.microsoft.com/en-us/windows-vista/what-does-internet-explorer-protected-mode-do
and
https://msdn.microsoft.com/en-us/library/bb250462%28v=vs.85%29.aspx
Shane
-
Unchecked and browser restarted. No change
-
Removed Panda AV reboot no change
As a point of interest. I was having an issue with windows update. Thats the reason I contacted Microsoft in the first place. One update had been failing for months. The update was to remove a prior update but I couldnt find the prior update to remove it myself. The level 2 tech did find it and remove it. Then there were 50 or 60 updates following that to get my system up to date.
Your software was run by the level one tech before the level 2 came on the scene. The level 1 did not run it in safe mode as I found out later was recommended.
-
For that one it looks like it is a https cert problem
https://support.mozilla.org/en-US/questions/1058856
and
https://support.mozilla.org/en-US/questions/1012765
See if the first one does the trick
Shane
Did this with no change. Problem remains
-
It is an odd one, there is a trick that I need to tell people in the program besides just running it in safe mode, run the repairs a 2nd time!
The reason why is I have found that some of the commands would fail because a lot of windows doesnt take effect until a reboot, so part of a repair may work but some commands might fail till the reboot for the changes to take hold, then when you run it that 2nd time the commands work properly. I have had a lot of people tell me running it a 2nd time was the trick for them and that is the reason.
As an example one of the commands is to call a service to do a job, if the service isnt work the repair fails but the program put the info back for the service, so after the reboot the service works and so then does the command.
So it is worth a try, go into safe mode and run all the repairs a 2nd time.
Also go to your network connection properties and post a screen shot of what protocols are installed, I want to make sure there isnt anything in there as well.
Shane
-
Ok I will run the second time tomorrow am in safe mode. It's 9pm here now.
Is it normal for the software to turn off network discovery?
I think this is the shot you are looking for. If not let me know.
-
It is an odd one, there is a trick that I need to tell people in the program besides just running it in safe mode, run the repairs a 2nd time!
The reason why is I have found that some of the commands would fail because a lot of windows doesnt take effect until a reboot, so part of a repair may work but some commands might fail till the reboot for the changes to take hold, then when you run it that 2nd time the commands work properly. I have had a lot of people tell me running it a 2nd time was the trick for them and that is the reason.
As an example one of the commands is to call a service to do a job, if the service isnt work the repair fails but the program put the info back for the service, so after the reboot the service works and so then does the command.
So it is worth a try, go into safe mode and run all the repairs a 2nd time.
Also go to your network connection properties and post a screen shot of what protocols are installed, I want to make sure there isnt anything in there as well.
Shane
Add that into the next update Shane
-
Just completed running the software again in safe mode after a power down and rebooting when requested. I went through each optional step as well- chkdsk, etc..... I did not reset file permissions as that was done the first time so this run went pretty fast.
Sad news is the websites still will not connect.
-
disregard
-
Ok from what I have seen something is messing with the network, and I noticed you have two protocols called pure network, I dont know what those are, but any protocol installed there will have the ability to mess with the network, I have attached a picture of my network settings window as an example.
So I am wondering if that might be where the problem point is. You do have more things attached to the network than normal, so that would explain the errors the browsers are reporting.
Shane
-
The pure network entries are to do with Linksys routers which I use. Looking into it in more depth now. The service was disabled so I set to auto and rebooted. Linksys advisor works now which it didn't when I first tried it a short time ago. Will keep you posted.
-
I unchecked the pure network entries and the link-layer entries. I believe this disables them. I then rebooted but no change.
-
this is a long shot but can you export this registry key into a .regfile and copy it on this post i want to see if you have anyting blocked via registry setting like this.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains
-
Here ya go
-
okay if you trust those sites you should be able to delete those websites from that registry key.
other than that i don't see it at the moment. next question what firewall do you use and do you use peerblock?
-
okay if you trust those sites you should be able to delete those websites from that registry key.
other than that i don't see it at the moment. next question what firewall do you use and do you use peerblock?
Oddly enough the mass mutual entry is one of the 3 that don't work. NetFlix does work and they are both in that key.
What is that key for? Asking before I change anything.
I only use Windows Firewall and my router has one as well.
I have tried turning Windows firewall off with no luck.
Router should be ok since other machines go through it just fine.
Never heard of peerblock before now so no I don't use it.
-
okay if you trust those sites you should be able to delete those websites from that registry key.
other than that i don't see it at the moment. next question what firewall do you use and do you use peerblock?
Oddly enough the mass mutual entry is one of the 3 that don't work. NetFlix does work and they are both in that key.
What is that key for? Asking before I change anything.
I only use Windows Firewall and my router has one as well.
I have tried turning Windows firewall off with no luck.
Router should be ok since other machines go through it just fine.
Never heard of peerblock before now so no I don't use it.
that key is to put website in a restricted zone
if you open up internet options and go to the security tab and click on restricted sites you will see the site's in there as well.
I just know where a lot of things are via the registry
if you only use windows fire wall I may have you upload a .reg so i can pick it apart to see where a setting may be wrong at lol...
this would be the key for most of fire wall settings
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy
windows firewall can be one of the best firewall's out there if you know how to configure it correctly
for safety reasons hold off on uploading that reg key. :wink:
Peerblock is an amazing tool for blocking ip address but sometimes it blocks some legitimate sites like battle.net and stuff lol...
-
if you open up internet options and go to the security tab and click on restricted sites you will see the site's in there as well.
In my Internet options/Security those sites are listed under 'Trusted sites' not restricted sites.
I don't have any entries in the restricted sites area
I added the mass mutual entry trying to get access to it. Not sure how netflix got in there
BTW.... sent you a pm but for some reason it doesn't show up in my sent folder.....
Ok figured that out, there's a box to check.
-
if you open up internet options and go to the security tab and click on restricted sites you will see the site's in there as well.
In my Internet options/Security those sites are listed under 'Trusted sites' not restricted sites.
I don't have any entries in the restricted sites area
I added the mass mutual entry trying to get access to it. Not sure how netflix got in there
BTW.... sent you a pm but for some reason it doesn't show up in my sent folder.....
Ok figured that out, there's a box to check.
Oops you're right my bad I glanced at the reg file when you have dword as 2 its trusted and dword at 4 is restricted.
Http means http protocol only and * is all protocals
-
Try typing this in command prompt this will reset all the Ports
netsh advfirewall reset
-
Try typing this in command prompt this will reset all the Ports
netsh advfirewall reset
Did it as admin, rebooted too. No change.
-
Alright time to bring out the nuke lol....
ipconfig /flushdns
nbtstat -R
nbtstat -RR
netsh int ipv4 reset
netsh int ipv6 reset
netsh winsock reset all
open cmd:
run one at a time in order reboot and let me know hopefully this works....
-
Although I had done most of those already I did them again in the order you listed.
They all seemed to work except one
netsh int ipv6 reset
Theres no user specified settings to reset
No change on the websites though :omg:
-
Although I had done most of those already I did them again in the order you listed.
They all seemed to work except one
netsh int ipv6 reset
Theres no user specified settings to reset
No change on the websites though :omg:
what driver version you have for your nic?
-
what driver version you have for your nic?
-
thats a old driver lol who is your mother board manufacture ? can you give me a make and model of your mobo?
-
MB is an MSI 790FX - built this rig in 2010 (AMD Phenom X4 Processor)
http://www.newegg.com/Product/Product.aspx?Item=N82E16813130223
Realtec doesn't seem to list drivers for this onboard nic.... close though. Mine states it's a rtl8167
http://www.newegg.com/Product/Product.aspx?Item=N82E16813130223
-
http://us.msi.com/support/mb/790FXGD70.html/#down-driver
there does that get you to the driver page?
-
Yup was just looking at that :wink:
Lets revisit the bios
First run of the tweaking.com software made a registry backup. It's still there even though I uninstalled and reinstalled the software. Do you think it would be worth a shot to restore it? I haven't done that yet. Remember though..... 2 days after the first run the level 2 tech got Windows updates working and I had an enormous amount of updates. 50-60 or so, might have a negative impact.
For some reason my system restore was turned off so I can't use that to go back. It's on with a restore point set now though.
-
I updated the nic driver and the websites work now! Who'd a thunk?
Success!
So if we analyze this..... what do you think caused the trouble?
What messed up the nic driver?
-
Good call on the nic driver. My motherboard also has realtek and I always use the newest drivers from realteks site since the motherboard site is always outdated lol
Makes sense that it was the driver them, after all it handles everything with the network and there could have been a bug or something in that old driver that didnt like how something was being done from those 2 sites. Hard to tell exactly what but at least you got it working :-)
Shane
-
I updated the nic driver and the websites work now! Who'd a thunk?
Success!
So if we analyze this..... what do you think caused the trouble?
What messed up the nic driver?
woot! I'm glad its working after the driver update!
-
Made my day too! Many thanks to you guys..... stop by - I'll buy lunch :wink: