The Briefing Room

General Category => Science, Technology and Knowledge => Computers => Topic started by: Suppressed on August 09, 2018, 09:49:12 PM

Title: Help?
Post by: Suppressed on August 09, 2018, 09:49:12 PM
I'm seeing some odd behavior when I try to access the Hotmail website from my home desktop (wired connection to the Internet gateway [cable modem/router]), and I'm hoping someone can help.

I'm using Google Chrome.  For the past several days, the hotmail/outlook/live.com website can't be accessed, though sometimes several hours later or the next day, it will work for a period of time before becoming inaccessible.  This is the only website I have trouble with.   

When I try using Internet Explorer to go to "hotmail.com", it gets to the initial page (https://outlook.live.com/owa/), but won't connect to the sign in screen when I click "Sign in".  (So I'm guessing the real problem is with "login.live.com".)

When I use my phone (connected wirelessly to the same gateway [cable modem/router] device) it accesses fine.

When I try to connect from my work office, it connects fine.

I've tried disabling all "Shields" on my Avast! antivirus and connecting, but it doesn't seem to affect anything.  I don't see any relevant entries in HOSTS.   And I'm feeling really old because I can't think of what else to check.  Antivirus scan finds nothing.



Error msg:
Quote
This site can’t be reached
login.live.com took too long to respond.
Try:

Checking the connection
Checking the proxy and the firewall
Running Windows Network Diagnostics
ERR_TIMED_OUT


Thoughts?

And.. Thanks in Advance!!
Title: Re: Help?
Post by: The Ghost on August 09, 2018, 09:57:10 PM
That happens on one computer that I have that is running Vista. 
Title: Re: Help?
Post by: Cyber Liberty on August 09, 2018, 10:17:21 PM
That happens on one computer that I have that is running Vista.

Vista?  Nuke it from orbit, it's the only way to be sure.
Title: Re: Help?
Post by: XenaLee on August 09, 2018, 10:26:14 PM
I'm seeing some odd behavior when I try to access the Hotmail website from my home desktop (wired connection to the Internet gateway [cable modem/router]), and I'm hoping someone can help.

I'm using Google Chrome.  For the past several days, the hotmail/outlook/live.com website can't be accessed, though sometimes several hours later or the next day, it will work for a period of time before becoming inaccessible.  This is the only website I have trouble with.   

When I try using Internet Explorer to go to "hotmail.com", it gets to the initial page (https://outlook.live.com/owa/ (https://outlook.live.com/owa/)), but won't connect to the sign in screen when I click "Sign in".  (So I'm guessing the real problem is with "login.live.com".)

When I use my phone (connected wirelessly to the same gateway [cable modem/router] device) it accesses fine.

When I try to connect from my work office, it connects fine.

I've tried disabling all "Shields" on my Avast! antivirus and connecting, but it doesn't seem to affect anything.  I don't see any relevant entries in HOSTS.   And I'm feeling really old because I can't think of what else to check.  Antivirus scan finds nothing.



Error msg:

Thoughts?

And.. Thanks in Advance!!

Whenever I have an issue on the pc, I plug in my problem and search for answers on various forums.  Usually, somebody has the fix.  You might try this site's suggestions...

https://www.problogbooster.com/2015/03/fix-this-site-cannot-be-reached-err-connection-timed-out-reset-chrome-windows-error-dns-address-not-found-lookup-failure-localhost-refused-to-connect-solved.html (https://www.problogbooster.com/2015/03/fix-this-site-cannot-be-reached-err-connection-timed-out-reset-chrome-windows-error-dns-address-not-found-lookup-failure-localhost-refused-to-connect-solved.html)

and if no joy there, one of these sites' suggestions might help.

https://www.bing.com/search?q=This+site+can%E2%80%99t+be+reached+login.live.com+took+too+long+to+respond.&qs=n&form=CHRDEF&pc=U316&sp=-1&pq=this+site+can%E2%80%99t+be+reached+login.live.com+took+too+long+to+respond.&sc=0-67&sk=&cvid=22E14AAD7B784CCC820745983960C1A6 (https://www.bing.com/search?q=This+site+can%E2%80%99t+be+reached+login.live.com+took+too+long+to+respond.&qs=n&form=CHRDEF&pc=U316&sp=-1&pq=this+site+can%E2%80%99t+be+reached+login.live.com+took+too+long+to+respond.&sc=0-67&sk=&cvid=22E14AAD7B784CCC820745983960C1A6)
Title: Re: Help?
Post by: XenaLee on August 09, 2018, 10:27:04 PM
Vista?  Nuke it from orbit, it's the only way to be sure.

Better yet, upgrade to Windows 7.  Can find it pretty cheap online now.
Title: Re: Help?
Post by: The Ghost on August 09, 2018, 10:28:54 PM
Vista?  Nuke it from orbit, it's the only way to be sure.

I know.  Chrome is not supported. Firefox gave up on it.  IE Explorer opens with a blue screen. Avast laughs at it and wont update!   I only keep it because it has all the MS Office Professional on it
Title: Re: Help?
Post by: Suppressed on August 09, 2018, 10:48:41 PM
Whenever I have an issue on the pc, I plug in my problem and search for answers on various forums.  Usually, somebody has the fix.  You might try this site's suggestions...

Thanks, @XenaLee!  I did do a search and tried what was suggested on a few sites, and it came back...temporarily. With the problem disappearing and reappearing a couple of times, I think it was just a coincidence.

I'm thinking my IP Address might be getting flagged by microsoft, and then unbanned...?  Just one more hypothesis that I don't know how to check.

At least I run Win 7!
Title: Re: Help?
Post by: Frank Cannon on August 09, 2018, 11:58:30 PM
That happens on one computer that I have that is running Vista.

Vista? Do you hop in your DeLorean and hit 88mph to go back and use it?
Title: Re: Help?
Post by: InHeavenThereIsNoBeer on August 10, 2018, 03:14:50 AM
Thanks, @XenaLee!  I did do a search and tried what was suggested on a few sites, and it came back...temporarily. With the problem disappearing and reappearing a couple of times, I think it was just a coincidence.

I'm thinking my IP Address might be getting flagged by microsoft, and then unbanned...?  Just one more hypothesis that I don't know how to check.

At least I run Win 7!

If it works fine from your phone but not your PC, both going through your home router, I doubt it's M$ flagging your IP, since they will see the same IP either way (the IP of your router).

While it's trying, but before it fails, run this in a command prompt:

netstat -an | find "SYN"

And post the results.

I'd also try a different browser and see if it works consistently.

Looking at the hosts file was a good idea.  I'd also check the network settings to see if the DNS server is set to something specific.  And, since both applications and the OS often cache DNS entries, if you're getting bad info from somewhere that may explain why the problem comes and goes.  I don't do chrome, so I can't speak to the correctness of the following (though I know the ipconfig /flushdns is totally safe), but...

https://superuser.com/questions/203674/how-to-clear-flush-the-dns-cache-in-google-chrome
Title: Re: Help?
Post by: The Ghost on August 10, 2018, 09:58:19 AM
Vista? Do you hop in your DeLorean and hit 88mph to go back and use it?

That's heavy.
Title: Re: Help?
Post by: ConstitutionRose on August 10, 2018, 10:04:40 AM
Try uninstalling chrome, reboot and reinstall from the website.  There is no fixing chrome as such.  Altho if it is happening on multiple browsers it's more likely systemic.  Are your NIC drivers up to date.  Try reinstalling them.  I think someone has already suggested resetting the IP stack.  I've been doing desktop and server support since the early 80's and Vista is the worst.  It is most likely operating system corruption.  Were it a different OS, I would suggest a refresh, but it's truly hard to see the return on that kind of time investment for Vista.
Title: Re: Help?
Post by: The Ghost on August 10, 2018, 10:18:21 AM
Try uninstalling chrome, reboot and reinstall from the website.  There is no fixing chrome as such.  Altho if it is happening on multiple browsers it's more likely systemic.  Are your NIC drivers up to date.  Try reinstalling them.  I think someone has already suggested resetting the IP stack.  I've been doing desktop and server support since the early 80's and Vista is the worst.  It is most likely operating system corruption.  Were it a different OS, I would suggest a refresh, but it's truly hard to see the return on that kind of time investment for Vista.

Thanks.  But I don't care about it.  If I need to read an email I just fire up the other desktop in the room. It is a Dell that runs Windows XP Professional.  :cool:
Title: Re: Help?
Post by: Elderberry on August 10, 2018, 10:35:18 AM
I know.  Chrome is not supported. Firefox gave up on it.  IE Explorer opens with a blue screen. Avast laughs at it and wont update!   I only keep it because it has all the MS Office Professional on it

Have you tried Brave?
Title: Re: Help?
Post by: The Ghost on August 10, 2018, 10:41:33 AM
Have you tried Brave?

I'm still  using Vista...I must be brave, right!   :smokin:
Title: Re: Help?
Post by: Elderberry on August 10, 2018, 10:46:20 AM
I'm still  using Vista...I must be brave, right!   :smokin:

Step up and be Xtra Brave. https://brave.com/ (https://brave.com/)
Title: Re: Help?
Post by: The Ghost on August 10, 2018, 10:48:27 AM
Step up and be Xtra Brave. https://brave.com/ (https://brave.com/)

I'll check it out.  thx.
Title: Re: Help?
Post by: Suppressed on August 12, 2018, 01:12:43 PM
netstat -an | find "SYN"

And post the results.

@InHeavenThereIsNoBeer

It gives me nothing.  I mean, it just goes to the next prompt.

I installed Brave, and it behaves the same as IE...it sits and spins when I click the link to the signon page.
Title: Re: Help?
Post by: InHeavenThereIsNoBeer on August 12, 2018, 10:53:46 PM
@InHeavenThereIsNoBeer

It gives me nothing.  I mean, it just goes to the next prompt.

I installed Brave, and it behaves the same as IE...it sits and spins when I click the link to the signon page.

Okay, so much for the easy stuff.  Probably.  I've never been a windows guy, and haven't touched it in a few years, so maybe I got the syntax wrong.  While it's "spinning", try just 'netstat -an' (I know that part is right) and look for anything that says 'SYN' just to be sure.

That would tell us if it was having trouble setting up the initial connection.  Other possibilities are that it can't find the IP for login.live.com in the first place, or it is making the connection and something is goofed up after that.  I'd try a combination of

netstat -an | find "443"

and

netstat -a | find "live"

preferably on both working and non-working machines.  You need to do this pretty quickly after connecting.

On a working machine, you should see the same connection listed in each, one with login.live.com and one with the IP it is using.



Title: Re: Help?
Post by: InHeavenThereIsNoBeer on August 12, 2018, 11:29:29 PM
Actually, getting the output of those two commands from the "broken" machine, both when it is working and when it is not, might be even more useful.

Also, while thinking about this I came up with an idea for a virus.  I'm not sure it's even realistic, but I'd change your email password and not login from the broken machine until you get this worked out (okay, maybe once to gather the above info, but then login and change it again from a working machine).
Title: Re: Help?
Post by: Suppressed on August 13, 2018, 09:56:32 PM
Actually, getting the output of those two commands from the "broken" machine, both when it is working and when it is not, might be even more useful.

Also, while thinking about this I came up with an idea for a virus.  I'm not sure it's even realistic, but I'd change your email password and not login from the broken machine until you get this worked out (okay, maybe once to gather the above info, but then login and change it again from a working machine).

@InHeavenThereIsNoBeer

I think that's it.  I recall getting notification a few days before this started that my account has been compromised, and I changed the password.  I'll do it again from work computer tomorrow.
I'm running boot-level Avast! scan all night with heuristics set high. But before that I discovered that it seems like microsoft.com is also blocked. 
I put in Google DNS servers to no avail, and oddly, tracer login.live.com had timeout hops. Not sure what it all means and how to fix it.
Title: Re: Help?
Post by: DB on August 13, 2018, 10:10:35 PM
What are you using for your DNS service in your router?

I recommend using Googles 8.8.8.8 and 8.8.4.4. Its fast and filters out most unsafe addresses. The down side is I'm sure Google tracks you via your DNS accesses. There's also Open DNS that I used for years but it goes down from time to time.
Title: Re: Help?
Post by: DB on August 13, 2018, 10:15:07 PM
@InHeavenThereIsNoBeer

I think that's it.  I recall getting notification a few days before this started that my account has been compromised, and I changed the password.  I'll do it again from work computer tomorrow.
I'm running boot-level Avast! scan all night with heuristics set high. But before that I discovered that it seems like microsoft.com is also blocked. 
I put in Google DNS servers to no avail, and oddly, tracer login.live.com had timeout hops. Not sure what it all means and how to fix it.

If you changed your password via a link from an Email that your account has been compromised - you may have done the compromising yourself... That's how they phish you. Never use a link in an Email to do something like that. Hopefully you didn't.
Title: Re: Help?
Post by: Elderberry on August 13, 2018, 10:24:36 PM
If you changed your password via a link from an Email that your account has been compromised - you may have done the compromising yourself... That's how they phish you. Never use a link in an Email to do something like that. Hopefully you didn't.

Dang it! You beat me to it! Always be leery of pop ups or emails that appear to be too helpful in that they say your machine has a problem and they can fix you up.  And get in the habit of hovering your cursor over links and read the link to discern where you are actually going.
Title: Re: Help?
Post by: InHeavenThereIsNoBeer on August 13, 2018, 11:33:17 PM
@InHeavenThereIsNoBeer

I think that's it.  I recall getting notification a few days before this started that my account has been compromised, and I changed the password.  I'll do it again from work computer tomorrow.
I'm running boot-level Avast! scan all night with heuristics set high. But before that I discovered that it seems like microsoft.com is also blocked. 
I put in Google DNS servers to no avail, and oddly, tracer login.live.com had timeout hops. Not sure what it all means and how to fix it.

There's nothing wrong with traceroute not reporting every hop.  Some network admins disable the response it needs to function.

Google DNS is one of the things I was considering recommended depending on the netstat output (of course, if this is a virus netstat could be corrupt, too).

This is old, but...

https://community.norton.com/en/forums/fake-email-microsoft-account-team-watch-out
Title: Re: Help?
Post by: DB on August 17, 2018, 12:00:43 AM
Did this get resolved?
Title: Re: Help?
Post by: Elderberry on August 18, 2018, 12:27:18 PM
I(https://www.eastendmkt.com/wp-content/uploads/2014/01/cow.jpg)
Title: Re: Help?
Post by: Suppressed on August 19, 2018, 01:21:34 PM
@InHeavenThereIsNoBeer
@DB
@Elderberry


SHOOT!  I'm seeing now that my previous reply, laboriously typed out on my phone, didn't post!  GRRR...I wasn't trying to ignore anybody...


As I recall, my points/questions were:

1) What am I looking for, with the netstat -an | find "443" and netstat -a | find "live"?   I had LONG lists on the first, as I had 350+ tabs open in Google Chrome (yes, I mean it...).   I have been trying to get an old laptop running, to run it on a working computer.  Should I be running those while it "sits and spins" looking for the site?  Should I pipe them to a .txt file and post the results here (uh, it contains my IPv6 address)?

2)  I don't think I infected myself, as I thought I just waited to go to my work computer and then changed it there (without clicking anything).  Then again, I've been working to the point of literal exhaustion lately, and I'm not going to trust anything I did.  So perhaps I did do something stupid.  (We always think we won't be stupid enough to be phished . . .  :shrug:)  Right now, I can't check the alert e-mail I got to even see whether it's a phishing e-mail because I can't get to my e-mail on my desktop!  The funny thing is, viewing the e-mail on my phone doesn't show any link I'd have clicked...but... I'm going to operate on the assumption I was stupid and just mis-remember what I did.  The circumstantial evidence sure seem to point that way! 

3) I've followed the steps here: https://www.reddit.com/r/techsupport/comments/33evdi/suggested_reading_official_malware_removal_guide// (https://www.reddit.com/r/techsupport/comments/33evdi/suggested_reading_official_malware_removal_guide//) after my Avast! didn't find anything.  I still think the most likely scenario is malware, though. 

4) If the malware is gone, there still seems to be somewhere it's intercepting (or trying to) my attempt to get to microsoft.com or login.live.com (and maybe others).  I guess even if I've removed the malware, I need to get that back.

5) If I do a "repair" with my original Windows 7 disk, will that likely patch up any problems the malware caused (opening ports or whatever)?



I'm a terribly disorganized person, and I'd really like to avoid having to reinstall everything.  But is that what I have to do?

Thank you SO much!
Title: Re: Help?
Post by: InHeavenThereIsNoBeer on August 19, 2018, 02:40:18 PM
@Suppressed

I can speak to #1.

Each TCP connection uses a source IP, source port, destination IP, and destination port.  You might think of the IP as a phone number, and the port as an extension (but in TCP we use extensions on both sides).  netstat shows us these connections, along with the state that they are in (generally, ESTABLISHED or CLOSE_WAIT for a good connection, SYN_something for a connection that is hung in the initial setup).

Here's an example of a connection I have open (using different port because it's a different protocol, and not on MS so the syntax is a little different).

hawkeye$ netstat -an | grep :22
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN     
tcp        0      0 172.30.219.103:45151        172.30.219.110:22           ESTABLISHED
tcp        0      0 :::22                       :::*                        LISTEN

hawkeye$ netstat -a | grep wolverine
tcp        0      0 hawkeye:lds-distrib         wolverine:56510             ESTABLISHED
tcp        0      0 hawkeye:nfs                 wolverine:rndc              ESTABLISHED
tcp        0      0 hawkeye:mysql               wolverine:52692             ESTABLISHED
tcp        0      0 hawkeye:lds-distrib         wolverine:56508             ESTABLISHED
tcp        0      0 hawkeye:mysql               wolverine:52690             ESTABLISHED
tcp        0      0 hawkeye:45151               wolverine:ssh               ESTABLISHED

Okay, first thing to note is I added a colon before the 22.  I don't need to see every line with a 22 in it.  I could even use ":22 " to cut it down further if necessary.

netstat with -n shows me only numbers, while w/o it it looks up the hostnames associated with the IP address and port if available.

Looking at the two lines that have the same source port, 45151, I can see that the connection is established.  I can also tell what addresses it is using.  The latter will provide a clue if the address doesn't "look right".  From there, we would use other tools to determine if DNS is providing the correct information, or if something like a virus is bypassing that information to try to trick you into providing your login info on a site that looks a lot like hotmail/microsoft. 

You want to run these while it is spinning.  If the connection is http/https and sucessful, it's going to stay open a very short time after you load a page so you have to be quick.

There shouldn't be anything wrong with posting your IP, because that IP should be one that is only available inside your house/work/etc.  But if you want to dump it to a file and search and replace, go for it.  As long as you're not seeing anything when you look for "SYN", we should never need to care what your local IP is, only what you are trying to connect to.
Title: Re: Help?
Post by: Suppressed on August 19, 2018, 02:57:29 PM
Each TCP connection uses a source IP, source port, destination IP, and destination port.  You might think of the IP as a phone number, and the port as an extension (but in TCP we use extensions on both sides).  netstat shows us these connections, along with the state that they are in (generally, ESTABLISHED or CLOSE_WAIT for a good connection, SYN_something for a connection that is hung in the initial setup).

When I ran   netstat -an | find "live",  nothing was returned.

When I ran   netstat -an | find "443",  I got several.  I'm private messaging that listing to you.

Quote
netstat with -n shows me only numbers, while w/o it it looks up the hostnames associated with the IP address and port if available.

I tried running   netstat - a > netstat.txt and I don't see anything that looks obviously like a microsoft/live.com address.

Quote
Looking at the two lines that have the same source port, 45151, I can see that the connection is established.  I can also tell what addresses it is using.  The latter will provide a clue if the address doesn't "look right".  From there, we would use other tools to determine if DNS is providing the correct information, or if something like a virus is bypassing that information to try to trick you into providing your login info on a site that looks a lot like hotmail/microsoft.

At no time did I see it redirect me to a false login, but this is the one site that my browser was saving the password of (since I clicked that by mistake...it's my policy to never let sites nor browsers save my password).  My antivirus might have been preventing redirects, and my antimalware efforts since this started might have broken some chain. 

I'm still set up with the Google DNS servers (assuming I did it properly), but am I right in guessing that it looks like some intercept that's not even having it go to live.com?
Title: Re: Help?
Post by: Restored on August 19, 2018, 03:24:52 PM
I found that old versions of OS don't handle new versions of media very well. It could be Flash or some other software. I find this is particularly true of old versions of Linux.
You have to clear caches, cookies and such. Perhaps clear the Java cache. If you are running a really old version of Java, you might be SOL.
Title: Re: Help?
Post by: InHeavenThereIsNoBeer on August 19, 2018, 04:25:41 PM
So, netstat -a isn't going to help.  It appears MS doesn't provide "reverse DNS" (IP to hostname) for addresses associated with live.com.

There are a few things I might look at next.

1)  Check to see what DNS returns for login.live.com (though a virus could also screw with the command to hide its presence).  In my case, I see that when I query the IP for login.live.com, it gives me back three IPs I can try.  They tend to use the same few addresses (not always in the same order) for a few minutes, then use a different set for a few minutes.  That's okay, they do that to try to spread the load over multiple IPs.  What I've noticed is that they all start with 131.253.61 and end with an even number. 

hawkeye$ nslookup login.live.com
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
login.live.com  canonical name = login.msa.akadns6.net.
login.msa.akadns6.net   canonical name = vs.login.msa.akadns6.net.
Name:   vs.login.msa.akadns6.net
Address: 131.253.61.102
Name:   vs.login.msa.akadns6.net
Address: 131.253.61.96
Name:   vs.login.msa.akadns6.net
Address: 131.253.61.98

hawkeye$ nslookup login.live.com
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
login.live.com  canonical name = login.msa.akadns6.net.
login.msa.akadns6.net   canonical name = vs.login.msa.akadns6.net.
Name:   vs.login.msa.akadns6.net
Address: 131.253.61.96
Name:   vs.login.msa.akadns6.net
Address: 131.253.61.98
Name:   vs.login.msa.akadns6.net
Address: 131.253.61.102

If I run nslookup and then quickly connect (just connect, not login) to login.live.com in my browser and run netstat:

hawkeye$ netstat -an | grep  131.253.61
tcp        0      0 172.30.219.103:37328        131.253.61.98:443           ESTABLISHED

I've only been looking at this approach for a short time.  For all I know they might use a completely different IP range on Monday.  But if you compare the results of the above between working and non-working machines, or better yet the busted machine when it works and when it doesn't, you might see a pattern emerge.

2)  If that doesn't provide any clues, another thing to look at is what changes in the netstat -an | find ":443 " output when you try to connect to login.live.com.  Run nslookup, netstat saved to file1, connect to login.live.com, netstat saved to file2, then compare file1 and file2.  You should see a new connection in the IP range returned by nslookup.  If you consistently see something different, particularly a new connection to somewhere else, that's a clue (with the caveat that if you have another tab open with a page set to auto-refresh you may see false positives).

3) Do the nslookup.  Pick one of those IPs and connect to it using https.  When I try this in firefox, I get a certificate error (that's good), I click 'advanced', unclick 'permanent', and click 'confirm' and I get the login screen and netstat shows a connection to the IP I put in the browser.





Title: Re: Help?
Post by: roamer_1 on August 19, 2018, 04:28:40 PM
@Suppressed

Update subsystems.
Make sure Flash, java, and especially Silverlight (as this is an MS site problem) are latest version.

You have eliminated browser level issues - Since the problem persists in Chrome, but also exists in IE and newly added Brave (which IIRC is a Moz fork) It is not a browser issue, except for eliminating saved pwds in case the saved pwd is the issue.

DLD and use Piriform's CCLeaner (free) (https://www.ccleaner.com/ccleaner/download)

After install, run the cleaner interface with it's normal settings. This will perform a cache dump for dang near every temp cache on your machine with one push of a button... to include temp files and emptying the trash.

This is to eliminate any outdated forms preferred as cached, and force the machine to dld new forms and etc.

**Note If you intend to keep CCleaner onboard, there are some setup issues to address, having to do with shutting off it's TSR, and whatnot... remind me and I can help with that

You have expressed some discomfort with the idea that Avira is keeping you clean... DLD and install, and maintain EmsiSoft's EEK (https://www.emsisoft.com/en/software/eek/) . It DOES NOT run TSR. IT IS NOT a realtime scanner. It is an on-demand scanner ONLY. But it is a very good cleanup engine that will install to the root of your system drive, can be manually updated, and works very very well as a secondary to assure the efficacy of your primary. Emsisoft is the continuation of the old FourSquare trojan hunter, and is excellent. Perform a full scan, normal settings.

All things tried, and no joy, only three things remain:
1. Hosts file has a redirect which is interfering with proper address. POSSIBLE

2. LSP level malfunction - Unlikely but possible... can be a bugger to fix, fix can cause worse problems, so let's figger 'not' for now.

3*** Server-side malfunction is denying the specific machine as a trusted device. This is LIKELY. Log into your MS account, get into security, and remove all trusted devices. This will require all your devices to be reestablished as 'trusted' but will eliminate any duplicates that might be causing denial.

Title: Re: Help?
Post by: Suppressed on August 19, 2018, 04:57:18 PM
Update subsystems.
Make sure Flash, java, and especially Silverlight (as this is an MS site problem) are latest version.

You have eliminated browser level issues - Since the problem persists in Chrome, but also exists in IE and newly added Brave (which IIRC is a Moz fork) It is not a browser issue, except for eliminating saved pwds in case the saved pwd is the issue.
@roamer_1

Okay.  I didn't have Java installed, so I just installed it.  I'll update Flash and Silverlight. 

Quote
DLD and use Piriform's CCLeaner (free) (https://www.ccleaner.com/ccleaner/download)

Oops...forgot to mention that I'm a paid user of CCleaner Pro, and recently that also stopped working (perhaps knocked out by the malware?).  I reinstalled the latest version.

Quote
After install, run the cleaner interface with it's normal settings. This will perform a cache dump for dang near every temp cache on your machine with one push of a button... to include temp files and emptying the trash.

I've run it without deleting cookies.  I suppose I should go back and delete them?

Quote
**Note If you intend to keep CCleaner onboard, there are some setup issues to address, having to do with shutting off it's TSR, and whatnot... remind me and I can help with that

I'd appreciate that.  It was the TSR that was giving me the warning that it wasn't working anymore, I think, so are you saying I should just somehow set it to scan and then not stay resident? 

Quote
You have expressed some discomfort with the idea that Avira is keeping you clean... DLD and install, and maintain EmsiSoft's EEK (https://www.emsisoft.com/en/software/eek/) . It DOES NOT run TSR. IT IS NOT a realtime scanner. It is an on-demand scanner ONLY. But it is a very good cleanup engine that will install to the root of your system drive, can be manually updated, and works very very well as a secondary to assure the efficacy of your primary. Emsisoft is the continuation of the old FourSquare trojan hunter, and is excellent. Perform a full scan, normal settings.
Actually, I'm using "Avast!" and it was probably doing its job.  Just talked with a friend who mentioned how out of it I was a few weeks ago, so more and more I'm suspecting I was dumb and just don't remember it.  BUT...it sounds like running that might be a good idea.

Quote
All things tried, and no joy, only three things remain:
1. Hosts file has a redirect which is interfering with proper address. POSSIBLE

Checked my Hosts.txt file and it appears to just have a blacklist, with nothing new at the end and a search for "live" doesn't show anything (other than as part of a blacklisted site name).   

Quote
2. LSP level malfunction - Unlikely but possible... can be a bugger to fix, fix can cause worse problems, so let's figger 'not' for now.

Okay.  That's the first part of the thread that I've really not known anything at all about. 

Quote
3*** Server-side malfunction is denying the specific machine as a trusted device. This is LIKELY. Log into your MS account, get into security, and remove all trusted devices. This will require all your devices to be reestablished as 'trusted' but will eliminate any duplicates that might be causing denial.

Okay...I'll try that tomorrow when I'm in my (work) office.

Thanks!
Title: Re: Help?
Post by: roamer_1 on August 19, 2018, 05:00:15 PM
@Suppressed

Addendum:
Reset router to eliminate any chance the router has decided to deny the traffic from that machine to that site.

Does the machine connect by wire or air?
if timeout is an issue, is it latency over air? I know this sounds dumb, but a buddy of mine moved his fridge, and wrecked his connection to a machine in the basement... drove me nuts figuring that out...

Anyway, if you have a usb wireless nic laying around, a temporary alternate net connection might be fun.
Title: Re: Help?
Post by: Suppressed on August 19, 2018, 05:13:56 PM
@Suppressed

Addendum:
Reset router to eliminate any chance the router has decided to deny the traffic from that machine to that site.

Does the machine connect by wire or air?
if timeout is an issue, is it latency over air? I know this sounds dumb, but a buddy of mine moved his fridge, and wrecked his connection to a machine in the basement... drove me nuts figuring that out...

Anyway, if you have a usb wireless nic laying around, a temporary alternate net connection might be fun.

I'm using the Comcast-supplied gateway with a direct wired account. 

I know, I know...a long step down from when I used to use a DD-WRT hacked firmware router to unleash the full commercial capabilities on my consumer-model router (that were nerfed purely by the firmware).  But tech abilities evaporate with time and age, and I now can barely get around.  So rather than fight Comcast on bridge mode and have them say it was my router whenever I have a problem, I've stuck with their equipment.

I had Comcast send a reset signal early on with this issue.

No USB wireless NIC laying around here, unfortunately.  Something like this?  https://www.amazon.com/gp/product/B01CCMUN8C (https://www.amazon.com/gp/product/B01CCMUN8C)  (Should I Amazon Prime it?)
Title: Re: Help?
Post by: Gefn on August 19, 2018, 05:24:09 PM
I hate my iPhone, in two weeks I’ve gone through four of em. Two of em had exploded batteries and two of em just didn’t work.

I’m currently on the 5th. Fingers crossed. Thank heaven for Apple care.

all were on the house.
Title: Re: Help?
Post by: roamer_1 on August 19, 2018, 05:30:37 PM

Okay.  I didn't have Java installed, so I just installed it.  I'll update Flash and Silverlight. 

@Suppressed
OK... I hate java. And I don't like running it anymore. But especially with site specific problems, it is good to have it onboard. All it takes is a server-side issue and some dork programmer is having troubles, and falls back to a java workaround. So yeah. Keep it on till resolved, and remove it at your leisure as desired. Some folks do fine without it... I still need it around where I go...

Quote
Oops...forgot to mention that I'm a paid user of CCleaner Pro, and recently that also stopped working (perhaps knocked out by the malware?).  I reinstalled the latest version.

I've run it without deleting cookies.  I suppose I should go back and delete them?

YES. Can't trust that anything is valid, and it may be nothing more than a malformed cookie causing your whole problem...

Quote
I'd appreciate that.  It was the TSR that was giving me the warning that it wasn't working anymore, I think, so are you saying I should just somehow set it to scan and then not stay resident?

Sidebar=>Option: Inner Sidebar=>Monitoring: Shut it all off.
It will no longer be resident, and you will have to have the fortitude to fire it up and manually run it now and then...  I have a once a week thing I do... a nice cup of tea, and manual machine maintenance... It's a groovy time. There is a peace in it  :shrug:

Sidebar=>Option: Inner Sidebar=>Cookies: Nothing in 'Cookies to Keep'
I prefer to nuke and pave cookies every time. It confounds tracking, and prevents malformed cookie problems which can cause problems like you are having now. :)


 
Quote
Okay.  That's the first part of the thread that I've really not known anything at all about.

LSP is a network layer... Normally, if it is messed up, it borks everything. But it also can just do weird stuff on occasion. That only ONE site is continually pissed off is pretty unlikely... Which is why I am not very confident in that being your problem. But it may be more than one site, and you are simply not noticing the others, so it cannot be precisely eliminated. But pretty unlikely.

Quote
Thanks!
:beer:
Title: Re: Help?
Post by: roamer_1 on August 19, 2018, 06:19:05 PM
No USB wireless NIC laying around here, unfortunately.  Something like this?  https://www.amazon.com/gp/product/B01CCMUN8C (https://www.amazon.com/gp/product/B01CCMUN8C)  (Should I Amazon Prime it?)

@Suppressed
You never answered wire vs. air... If it is wired, hardware is less likely...

Worth considering, but you would be having an overall speed and latency problem, with this particular site being longer returning than most (not unheard of, being MS...) thus presenting as a symptom of a larger issue...

But if you are not having problems any other-where,  Hard to believe. So no, not worth all the trouble without proving an overall timeout/latency issue exists.

If the box can be easily removed to another location (offsite) and the problem persists, that immediately eliminates everything in your home environment as being causal.

Title: Re: Help?
Post by: Suppressed on August 19, 2018, 06:35:15 PM
@Suppressed
You never answered wire vs. air... If it is wired, hardware is less likely...

Oops... by "I'm using the Comcast-supplied gateway with a direct wired account." I meant that the gateway was wired to my desktop, not that the account was wired.  :laugh:

Quote
Worth considering, but you would be having an overall speed and latency problem, with this particular site being longer returning than most (not unheard of, being MS...) thus presenting as a symptom of a larger issue...

But if you are not having problems any other-where,  Hard to believe. So no, not worth all the trouble without proving an overall timeout/latency issue exists.

Well, there are occasional oddball behaviors at other accounts, but I'm not sure that they're related.  For example, I've not been able to login to my CDbaby.com account, though I might be getting password wrong, so I tried to request a password reset link multiple times and it hasn't arrived (to a yahoo account, not my hotmail one).  As a login issue, maybe that's related...or maybe it's just problems on their end. 

Quote
If the box can be easily removed to another location (offsite) and the problem persists, that immediately eliminates everything in your home environment as being causal.

It's going to be difficult to remove offsite, as it's a full (server) form desktop, but I could ask my buddy if I could make a visit sometime this week with it.  I also just placed the order for USB wireless adapter to see if I can leech someone else's signal with my gateway unplugged.  happy77
Title: Re: Help?
Post by: Suppressed on August 19, 2018, 06:35:41 PM
I hate my iPhone, in two weeks I’ve gone through four of em. Two of em had exploded batteries and two of em just didn’t work.

I’m currently on the 5th. Fingers crossed. Thank heaven for Apple care.

all were on the house.

Wow...what model is that?!
Title: Re: Help?
Post by: roamer_1 on August 19, 2018, 07:17:08 PM
Oops... by "I'm using the Comcast-supplied gateway with a direct wired account." I meant that the gateway was wired to my desktop, not that the account was wired.  :laugh:


@Suppressed
Not much to go wrong there.... Modem, patch cable, NIC.

Quote
Well, there are occasional oddball behaviors at other accounts, but I'm not sure that they're related.  For example, I've not been able to login to my CDbaby.com account, though I might be getting password wrong, so I tried to request a password reset link multiple times and it hasn't arrived (to a yahoo account, not my hotmail one).  As a login issue, maybe that's related...or maybe it's just problems on their end. 

Sounds pretty incidental. If you are getting decent returns from your favorite speedtest site, and not experiencing ALOT of packet drops on pings, I doubt it is going to be that.

I am betting on server-side, and eliminating your trusted devices as being the culprit... Or something messed up with another MS service like OneDrive or something along those lines.

Quote
It's going to be difficult to remove offsite, as it's a full (server) form desktop, but I could ask my buddy if I could make a visit sometime this week with it. 

Worth doing if else fails - This is a process of elimination, so anything that can be eliminated is worthwhile...

Quote
I also just placed the order for USB wireless adapter to see if I can leech someone else's signal with my gateway unplugged.  happy77

I dunno what you're talking about  :whistle:
But a USB nic is a handy thing to have around   :beer:

I use em here all the time... I have a hacked down miniWin I boot into guest machines to get them into my network for file transfers... I had to specifically hack in the drivers for my USB nics because who knows which drivers are in any box? So I have USB2Wireless and USB2Wire adapters to make the miniwin functional for that purpose...

Which brings another thought... Howabout booting a Linux Live disk into the machine ... Or a WinPE with net support, which I doubt you'd have, but you surprise me all the time :D... That eliminates the host OS if the problem persists...

Barring environmental and hardware issues (which seems unlikely) that would almost certainly point to Server-side, as only the IP and mac-addy would remain from the original host transmission...
Title: Re: Help?
Post by: Suppressed on August 19, 2018, 07:42:00 PM
Sounds pretty incidental. If you are getting decent returns from your favorite speedtest site, and not experiencing ALOT of packet drops on pings, I doubt it is going to be that.

Forgot to stop streaming a YouTube video and speedtest.net gave me
 PING 14 ms   DOWNLOAD 297.31 Mbps   UPLOAD 12.06 Mbps 
Best I've ever gotten.  :laugh:


Quote
I am betting on server-side, and eliminating your trusted devices as being the culprit... Or something messed up with another MS service like OneDrive or something along those lines.

Just realized, I'm not sure how to eliminate trusted devices once I get into my work machine.   


Quote
But a USB nic is a handy thing to have around   :beer:

Cheers!   :beer:

Quote
I use em here all the time... I have a hacked down miniWin I boot into guest machines to get them into my network for file transfers... I had to specifically hack in the drivers for my USB nics because who knows which drivers are in any box? So I have USB2Wireless and USB2Wire adapters to make the miniwin functional for that purpose...
 

I'll have to remember to keep track of the drivers.

Quote
Which brings another thought... Howabout booting a Linux Live disk into the machine ... Or a WinPE with net support, which I doubt you'd have, but you surprise me all the time :D... That eliminates the host OS if the problem persists...

HA!

I actually have a Linux SystemRescueCD but not a WinPE one.  I've never actually booted it. and I can download and burn and .iso for an updated one.  Unless the WinPE with net support would be better/easier to figure out how to get and burn...?

Gonna try booting from that SystemRestoreCD to see whether it gives me some sort of browser option.  Or perhaps find another installation that would.

as always...Thanks!
Title: Re: Help?
Post by: Gefn on August 19, 2018, 07:42:49 PM
Wow...what model is that?!

iPhone 6 s plus. Pink
Title: Re: Help?
Post by: roamer_1 on August 19, 2018, 08:05:06 PM
Forgot to stop streaming a YouTube video and speedtest.net gave me
 PING 14 ms   DOWNLOAD 297.31 Mbps   UPLOAD 12.06 Mbps 
Best I've ever gotten.  :laugh:


@Suppressed
You're hardware/connection is fine.

Quote
Just realized, I'm not sure how to eliminate trusted devices once I get into my work machine.   

Log into your account, get into settings, find security, and it's right in there.

Quote
HA!

I actually have a Linux SystemRescueCD but not a WinPE one.  I've never actually booted it. and I can download and burn and .iso for an updated one.  Unless the WinPE with net support would be better/easier to figure out how to get and burn...?

Gonna try booting from that SystemRestoreCD to see whether it gives me some sort of browser option.  Or perhaps find another installation that would.

as always...Thanks!

I just use a Mint Live Installation disk... or Ubuntu... because I have them around... They boot live from CD or thumb and have full access to the OS... Just like if it were installed. Just don't poke the 'install' button.

I can recommend Knoppix too - I used that for years - It is geared more for rescue than installation, but you will have great NIC detection, and full desktop/browser.

WinPE is great if you can find one. But it is complicated building one from scratch. And they suck for getting network. Certainly not worth doing just for this project...

But if you are looking for something to do, and need a whole bunch of coasters, I can recommend WinBuilder as a decent method for building a custom bootable miniwin. Seriously though... It is a major project.

Title: Re: Help?
Post by: Suppressed on August 19, 2018, 08:07:21 PM
Log into your account, get into settings, find security, and it's right in there.

Thanks!  I'll let you know how it goes.

Quote
But if you are looking for something to do, and need a whole bunch of coasters, I can recommend WinBuilder as a decent method for building a custom bootable miniwin. Seriously though... It is a major project.

 :silly:  No thanks!
Title: Re: Help?
Post by: Suppressed on August 20, 2018, 10:32:06 PM
Update on my activities:

I figured out where they moved the "eliminate trusted devices" setting (it's under Enable Two-step Authentication" or whatever, and did it from work...but still no luck.


I'm gonna try to figure out which Linux iso I need to burn a Live version.  Ubuntu was taking too long, so I downloaded the "Cinnamon" iso from here: https://www.linuxmint.com/download.php (https://www.linuxmint.com/download.php)  (Is that what I need?)  I burned it to a DVD, and will try it out after hitting Post on this message.

(https://cdn.dribbble.com/users/218750/screenshots/3535238/sh240_gif09_diving_board-2.gif)


Title: Re: Help?
Post by: roamer_1 on August 20, 2018, 10:43:45 PM
Update on my activities:

I figured out where they moved the "eliminate trusted devices" setting (it's under Enable Two-step Authentication" or whatever, and did it from work...but still no luck.

@Suppressed
 8888crybaby

Quote
I'm gonna try to figure out which Linux iso I need to burn a Live version.  Ubuntu was taking too long, so I downloaded the "Cinnamon" iso from here: https://www.linuxmint.com/download.php (https://www.linuxmint.com/download.php)  (Is that what I need?)  I burned it to a DVD, and will try it out after hitting Post on this message.

Yep. that'll do... Change the boot sequence to see the thumb or DVD before the hdd, stuff it in and reboot...

Firefox is onboard... if it sees your nic, you'll be golden...
DO NOT mash on the install button.
Title: Re: Help?
Post by: Suppressed on August 20, 2018, 11:56:34 PM
Firefox is onboard... if it sees your nic, you'll be golden...
DO NOT mash on the install button.

Firefox via Mint got me right through the login at login.live.com. 

Should I put my Windows install disk in and see if it will do a repair, or what?
Title: Re: Help?
Post by: roamer_1 on August 21, 2018, 12:07:41 AM
Firefox via Mint got me right through the login at login.live.com. 

Should I put my Windows install disk in and see if it will do a repair, or what?

@Suppressed
Then it is definitely within the OS, all else is eliminated.
It is not in the networking, as there is nowhere to blacklist sites other than the firewall and the HOSTS - Both already confirmed to be ok

Brings me back around to AV, script blockers, adblockers, or some sort of hijacker. Whatever that could be must be over all browsers, or was imported into each.

Here is another thing to try - make another (temporary) user, and try to log in through that... If you can log in though that, then all you have to do is back your data, kill off your real user (deleting files), reboot, and rebuild the user... Probably quicker and better than an overlay install...

If you cannot login through that, then it would seem to me you have a critter, or it has to be AV, or some other overreaching thing.
Title: Re: Help?
Post by: DB on August 21, 2018, 12:12:35 AM
Firefox via Mint got me right through the login at login.live.com. 

Should I put my Windows install disk in and see if it will do a repair, or what?

I've not been following this so forgive me if I ask/say something redundant... Did you backup your computer at all? Do you have any backups you can restore from prior to it going bad? Unless you can identify what caused your problem so you can remove it you won't know for certain if you got rid of it and your computer is really secure. You can copy all your pictures, documents, music, etc off your computer and then scan it all with something reliable to make sure it is clean. Drives are cheap, you can buy a new one and start over while keeping your original drive intact (but not connected to the computer). Yes it really sucks... But if your computer is compromised and you don't know by what your options are pretty limited if you want any certainty it is secure again.
Title: Re: Help?
Post by: Suppressed on August 21, 2018, 12:25:48 AM
@Suppressed
Then it is definitely within the OS, all else is eliminated.
It is not in the networking, as there is nowhere to blacklist sites other than the firewall and the HOSTS - Both already confirmed to be ok

Something just hit me... I'm a bit confused about my HOSTS file.  I'm wondering whether I was looking at the right thing. 

It used to be HOSTS.txt was on a main path, but I think my antivirus has it in some protected space, as I'm trying to find where it is, and when I search for Hosts, it shows Hosts.txt and when I right-click/Properties, it says the target is "C:\Users\<userid>\AppData\Local\AVAST Software\Browser\User Data\Default\Extensions\kmediagceboldddnnajkcochbkfkedel\1.14.20.170_0\assets\thirdparties\www.malwaredomainlist.com\hostslist\hosts.txt"

I'm not seeing any other HOSTS file.  Could there be one hidden or something?  I'm trying to remember where to find a "PATH=" to see where it's looking.

Quote
Brings me back around to AV, script blockers, adblockers, or some sort of hijacker. Whatever that could be must be over all browsers, or was imported into each.


Yeah.

Quote
Here is another thing to try - make another (temporary) user, and try to log in through that... If you can log in though that, then all you have to do is back your data, kill off your real user (deleting files), reboot, and rebuild the user... Probably quicker and better than an overlay install...

I just created another user and it couldn't log in.

Quote
If you cannot login through that, then it would seem to me you have a critter, or it has to be AV, or some other overreaching thing.

So...since I've done all kinds of antivirus steps, is the best step now to try to back up or get a new SSD and try to reinstall? 
Title: Re: Help?
Post by: Suppressed on August 21, 2018, 12:29:14 AM
@DB

I've not been following this so forgive me if I ask/say something redundant... Did you backup your computer at all? Do you have any backups you can restore from prior to it going bad? Unless you can identify what caused your problem so you can remove it you won't know for certain if you got rid of it and your computer is really secure. You can copy all your pictures, documents, music, etc off your computer and then scan it all with something reliable to make sure it is clean. Drives are cheap, you can buy a new one and start over while keeping your original drive intact (but not connected to the computer). Yes it really sucks... But if your computer is compromised and you don't know by what your options are pretty limited if you want any certainty it is secure again.

If I'd thought of it, I could probably have done a System Restore, but all the restore points are too young.

I have Carbonite backing up individual files, but nothing for the system...I've been unable to get a good backup system working for me.

You make a good point about drives being cheap.  I'm thinking I might just need to swap out the SSD, and hope the HDD is not relevant.  My big problem is that I'm so disorganized, it's finding all the install stuff.   But you're right, that's probably what I'll have to do...
Title: Re: Help?
Post by: DB on August 21, 2018, 02:27:01 AM
@DB

If I'd thought of it, I could probably have done a System Restore, but all the restore points are too young.

I have Carbonite backing up individual files, but nothing for the system...I've been unable to get a good backup system working for me.

You make a good point about drives being cheap.  I'm thinking I might just need to swap out the SSD, and hope the HDD is not relevant.  My big problem is that I'm so disorganized, it's finding all the install stuff.   But you're right, that's probably what I'll have to do...

If you are certain everything of importance is copied off the drive you can wipe it and start over without buying a new drive. Generally I buy a new drive just be sure that if something was skipped I can still recover it. Or if it all goes wrong I can go back to it. The drive may have another partition setup with a recovery installation. If that's the case it already has all the drivers backed up making re-installation much easier. It still remains possible that the backup installation as been corrupted but that isn't real likely.

You can also buy genuine Win7 installation discs off of Amazon and eBay. I bought 3 copies of Win7 Professional earlier this year...
Title: Re: Help?
Post by: roamer_1 on August 21, 2018, 03:25:23 AM
Something just hit me... I'm a bit confused about my HOSTS file.  I'm wondering whether I was looking at the right thing. 

@Suppressed
Sorry so late replying... got on the phne with my kid, and then went to finally make some dinner....

HOSTS is in %windir%\sytem32\drivers\etc\  And it is named HOSTS with no .ext. It is hidden/protected/system, so you have to turn off hidden/protected files  to even see it.

see here:
https://www.petri.com/edit-hosts-file-windows-7 (https://www.petri.com/edit-hosts-file-windows-7)
And your AV may be protecting it too - you may need to go into it's options and turn off hosts file protection.

Or use this dohickey:
http://www.abelhadigital.com/hostsman/ (http://www.abelhadigital.com/hostsman/)

Get the portable one (no installer) Unpack to a temp directory on your desktop (or whatever) and run it... no install, delete when you want.
RTFM

Quote
I just created another user and it couldn't log in.

So...since I've done all kinds of antivirus steps, is the best step now to try to back up or get a new SSD and try to reinstall?

You might try disabling AV, disabling firewall and see...
You might go back and run EEK as I first recommended.
and if there is in fact a redirect in hosts...

But I can understand that this is becoming laborious. May be time to nuke and pave. That would be your decision.

If you are there, I would recommend the new SSD system drive  - They are quite cheap anymore, and if you are like most of us, a 256g will suit you fine for a system drive...

If your machine is new enough to matter, the performance difference makes it a no-brainer.

And that way, when you are comfortable with the idea that all your data is moved over alright, rub the old drive off and use it for backup and storage.

ALL my system drives are SSD, and the only other thing I would recommend in that case is to redirect your pics and movies into something like /Media/pictures and /Media/Movies on the rearward drive to keep all that fat stuff off your system drive... Likewise your torrent base directory and etc... you know the drill.


Title: Re: Help?
Post by: roamer_1 on August 21, 2018, 03:28:48 AM
@Suppressed
Make SURE you have your keys (Windows/Office/etc) before you scrub it.
If you can't find your keys, let me know and I will provide a sniffer to get them out of your system...
Title: Re: Help?
Post by: roamer_1 on August 21, 2018, 03:37:15 AM

I have Carbonite backing up individual files, but nothing for the system...I've been unable to get a good backup system working for me.


WAT?

Cobian (http://www.cobiansoft.com/cobianbackup.htm)

But if you're scripty,
FreeFileSync (https://freefilesync.org/)
FreeFileSync is incredible awesomeness. Scriptable batchiness. Beauty day. But not for the faint of heart.

Cobian runs all my big backup stuff, and freesync is for USB backup on my laptop and goofy stuff like special handling for music and picture backups...
Title: Re: Help?
Post by: Suppressed on August 21, 2018, 04:28:26 PM
@Suppressed
Make SURE you have your keys (Windows/Office/etc) before you scrub it.
If you can't find your keys, let me know and I will provide a sniffer to get them out of your system...

Thanks!

I found a text file where I had precisely two keys saved, sniffed from my old installation.  Definitely not what I need!
I've ordered the SSD, and probably won't have time to work on this until Sunday, but will take the scraps of time over the next few days to gather such things.
Title: Re: Help?
Post by: Suppressed on August 21, 2018, 04:30:05 PM
WAT?

Cobian (http://www.cobiansoft.com/cobianbackup.htm)

But if you're scripty,
FreeFileSync (https://freefilesync.org/)
FreeFileSync is incredible awesomeness. Scriptable batchiness. Beauty day. But not for the faint of heart.

Cobian runs all my big backup stuff, and freesync is for USB backup on my laptop and goofy stuff like special handling for music and picture backups...

I had tried Macrium, but not Cobian.  I'll look into it.
Title: Re: Help?
Post by: Suppressed on August 21, 2018, 04:32:10 PM
@Suppressed
Sorry so late replying... got on the phne with my kid, and then went to finally make some dinner....

No problem!  I appreciate all the time you've given me! 

Quote
HOSTS is in %windir%\sytem32\drivers\etc\  And it is named HOSTS with no .ext. It is hidden/protected/system, so you have to turn off hidden/protected files  to even see it.

That was what I recalled, and I hate to admit it, but I usually keep all files unhidden (and extensions visible), but I'll have to confirm tonight.

Title: Re: Help?
Post by: DB on August 21, 2018, 04:35:41 PM
No problem!  I appreciate all the time you've given me! 

That was what I recalled, and I hate to admit it, but I usually keep all files unhidden (and extensions visible), but I'll have to confirm tonight.

There are two levels of "hidden" I believe. There are hidden files and hidden system files.
Title: Re: Help?
Post by: roamer_1 on August 21, 2018, 05:18:34 PM
Thanks!

I found a text file where I had precisely two keys saved, sniffed from my old installation.  Definitely not what I need!
I've ordered the SSD, and probably won't have time to work on this until Sunday, but will take the scraps of time over the next few days to gather such things.

@Suppressed
Try Enchanted Keyfinder (https://sourceforge.net/projects/ekeyfinder/)
Portable. Unpack to a temp folder and run it.
If you need it to, it can be directed to an offline system for extraction too, but if you are running within the OS you are sniffing, it is pretty direct. Just run it. Delete (or file away) when done.

For sure does Windows and Office, and some others. It is an Open Source fork off of the ol Magic Jellybean
Title: Re: Help?
Post by: roamer_1 on August 21, 2018, 05:27:06 PM
No problem!  I appreciate all the time you've given me! 

That was what I recalled, and I hate to admit it, but I usually keep all files unhidden (and extensions visible), but I'll have to confirm tonight.

LOL! I always have extensions visible... That's how I identify files... I still couldn't tell you what the little icons are... Every client machine goes out of here with extensions visible.

But I don't mess with hidden and system files... I keep a separate file manager set to see all files, and leave the Windows file manager with all that hidden...
Title: Re: Help?
Post by: Suppressed on August 21, 2018, 05:28:35 PM
There are two levels of "hidden" I believe. There are hidden files and hidden system files.

Thanks!


In any case, yeah, I had checked the right HOSTS, and it has nothing added.
Title: Re: Help?
Post by: Suppressed on August 21, 2018, 05:29:17 PM
@Suppressed
Try Enchanted Keyfinder (https://sourceforge.net/projects/ekeyfinder/)
Portable. Unpack to a temp folder and run it.
If you need it to, it can be directed to an offline system for extraction too, but if you are running within the OS you are sniffing, it is pretty direct. Just run it. Delete (or file away) when done.

For sure does Windows and Office, and some others. It is an Open Source fork off of the ol Magic Jellybean

Thanks, @roamer_1  Will do!
Title: Re: Help?
Post by: roamer_1 on August 21, 2018, 06:19:56 PM
Thanks, @roamer_1  Will do!

btw @Suppressed , realize that all keyfinders are gonna show up in AV as a bug... They don't want you sniffing your keys... So disable AV or exclude a folder in your AV and run it from there.

FYI
Title: Re: Help?
Post by: Suppressed on August 27, 2018, 10:32:59 AM
Update:
The wireless connection did nothing for me.  I spent time over the weekend trying to get stuff backed up.  I found that several keys weren't ripped by Enchanted, so I was going around trying to be sure I could find them or the license files.

Bottom line, I still haven't done my reinstall.

The curious side of me wonders whether I could install an e-mail client and access my mail that way.  You know, like the old Outlook, Pegasus, or whatever.  Anyone got any recommendations for one of those?
Title: Re: Help?
Post by: dfwgator on August 27, 2018, 10:35:41 AM
(https://www.cipher-it.co.uk/wp-content/uploads/2017/11/ITCrow.jpg)
Title: Re: Help?
Post by: roamer_1 on August 27, 2018, 10:40:21 AM
Update:
The wireless connection did nothing for me.  I spent time over the weekend trying to get stuff backed up.  I found that several keys weren't ripped by Enchanted, so I was going around trying to be sure I could find them or the license files.

Bottom line, I still haven't done my reinstall.

The curious side of me wonders whether I could install an e-mail client and access my mail that way.  You know, like the old Outlook, Pegasus, or whatever.  Anyone got any recommendations for one of those?

Yes. I use thunderbird.
Mozilla mo'bedda.

https://www.thunderbird.net/en-US/ (https://www.thunderbird.net/en-US/)

Should hook right up to MS
Needs an addon to get to Google.

Get the lightning addon if it doesn't come preinstalled - That gives you PIM capabilities, though accessing calendars for google and MS require more addons.
Title: Re: Help?
Post by: Suppressed on August 27, 2018, 10:45:20 AM
Yes. I use thunderbird.
Mozilla mo'bedda.

https://www.thunderbird.net/en-US/ (https://www.thunderbird.net/en-US/)

Should hook right up to MS
Needs an addon to get to Google.

Get the lightning addon if it doesn't come preinstalled - That gives you PIM capabilities, though accessing calendars for google and MS require more addons.

@roamer_1

Wow...what service!   :beer: 
Can't tell you how much I appreciate your help, and that of everyone here!
Title: Re: Help?
Post by: roamer_1 on August 27, 2018, 10:47:52 AM
@roamer_1

Wow...what service!   :beer: 
Can't tell you how much I appreciate your help, and that of everyone here!

@Suppressed
No problemo. Holler if you need a hand setting it up... But it should go pretty automagically.
Title: Re: Help?
Post by: Cyber Liberty on August 27, 2018, 10:53:02 AM
Yes. I use thunderbird.
Mozilla mo'bedda.

https://www.thunderbird.net/en-US/ (https://www.thunderbird.net/en-US/)

Should hook right up to MS
Needs an addon to get to Google.

Get the lightning addon if it doesn't come preinstalled - That gives you PIM capabilities, though accessing calendars for google and MS require more addons.

I like T'bird.  I just installed that app, none of the other stuff like Lightning.  Works great!
Title: Re: Help?
Post by: roamer_1 on August 27, 2018, 11:04:33 AM
I like T'bird.  I just installed that app, none of the other stuff like Lightning.  Works great!

Here's a tip:
If you are stuck w/ POP3 service for your mail, move the TBird data from where it is kept to somewhere in your backup chain. Both Firefox and Thunderbird's data reside in subfolders of %user%\Archives\ on my machines, and that is always backed up with my user profile. And it makes t far easier to sync between machines.

If you hook up MAPI (which most are anymore) then it is not necessary, as MAPI data is physically kept on the server... Even so, moving the data file where you can get at it is a good idea... Same can be done for outlook, too.

The really beauty part of that, and why I like Mozilla so much, is fresh installs. Push your crap onboard, fire up Moz products in profilemanager mode, point em at their data, and DONE. All your settings are in, all your history, preferences, addons... all of it is right the way you left it.
Title: Re: Help?
Post by: Suppressed on August 27, 2018, 11:14:40 AM
Sounds good!

Title: Re: Help?
Post by: Elderberry on August 27, 2018, 11:55:51 AM
@roamer_1 has it right! I stepped up to Thunderbird from Pegasus so long ago I can't even remember. And I don't keep messages on the server.
Title: Re: Help?
Post by: Cyber Liberty on August 27, 2018, 11:58:51 AM
Here's a tip:
If you are stuck w/ POP3 service for your mail, move the TBird data from where it is kept to somewhere in your backup chain. Both Firefox and Thunderbird's data reside in subfolders of %user%\Archives\ on my machines, and that is always backed up with my user profile. And it makes t far easier to sync between machines.

If you hook up MAPI (which most are anymore) then it is not necessary, as MAPI data is physically kept on the server... Even so, moving the data file where you can get at it is a good idea... Same can be done for outlook, too.

The really beauty part of that, and why I like Mozilla so much, is fresh installs. Push your crap onboard, fire up Moz products in profilemanager mode, point em at their data, and DONE. All your settings are in, all your history, preferences, addons... all of it is right the way you left it.

I'll have to look at my Thunderbird setup when I get home.  I know my provider has help pages that will tell me what I have...

Is it worth it for me to get Lightning working?  When I first got the T-bird, I didn't find the help pages about setting it up very helpful.
Title: Re: Help?
Post by: roamer_1 on August 27, 2018, 12:05:19 PM
I'll have to look at my Thunderbird setup when I get home.  I know my provider has help pages that will tell me what I have...

Is it worth it for me to get Lightning working?  When I first got the T-bird, I didn't find the help pages about setting it up very helpful.

Yeah... Lightning is alright... I run my cal out of google these days, and the google addon handles that great... But I am a ToDo guy - useless w/o lists, and a lot of the tasking gets broke going to google tasks. Currently working all that through my phone anymore, using reminders and lists... which sucks, pretty much. I need a better way. 
Title: Re: Help?
Post by: Suppressed on August 27, 2018, 06:47:07 PM
So much for my bright idea.  Whatever is blocking browsers from contacting the login server is evidently blocking Thunderbird, too.  It's just sitting and spinning as it's "Checking password" when I try to set up the (IMAP) account.

Grrrr...  Guess I have to swap out the SDD.

So... can these SATA drives be daisy-chained or something, or am I limited to just 4 drives?  (Sorry for such a basic question...)   
Title: Re: Help?
Post by: roamer_1 on August 27, 2018, 06:52:50 PM
So much for my bright idea.  Whatever is blocking browsers from contacting the login server is evidently blocking Thunderbird, too.  It's just sitting and spinning as it's "Checking password" when I try to set up the (IMAP) account.

Grrrr...  Guess I have to swap out the SDD.

So... can these SATA drives be daisy-chained or something, or am I limited to just 4 drives?  (Sorry for such a basic question...)

@Suppressed
SATA is one per cable. No daisy-chaining.
But you could go get a controller card... My server here has 6 on the board and four more on a promise card.

Did you ever try killing the firewall and AV to see if there's joy?
What about recently added security programs that may be blocking the access?

And I will mention EEK again...  :shrug:
Title: Re: Help?
Post by: Suppressed on August 27, 2018, 07:17:43 PM
@Suppressed
SATA is one per cable. No daisy-chaining.
But you could go get a controller card... My server here has 6 on the board and four more on a promise card.
Cool.  I'm thinking that I might want to set up a card, then, with a large internal drive for automated backups.  When I get there . . .  happy77

Quote
Did you ever try killing the firewall and AV to see if there's joy?

I had tried killing Avast's shields and no luck.  But I just realized I hadn't checked Windows Firewall. 

I went into the Control Panel to that listing, and it's not letting me select "Turn the Firewall on or off".  Gonna reboot to see.

Quote
What about recently added security programs that may be blocking the access?
 

I think I killed all and tried.  No luck.

Quote
And I will mention EEK again...  :shrug:

No joy with EEK.  It found nothing.
Title: Re: Help?
Post by: Suppressed on August 27, 2018, 07:17:57 PM
iPhone 6 s plus. Pink

Did you get it all worked out so you don't have an exploding phone, @Freya?
Title: Re: Help?
Post by: Suppressed on August 27, 2018, 07:24:44 PM
I had tried killing Avast's shields and no luck.  But I just realized I hadn't checked Windows Firewall. 

I went into the Control Panel to that listing, and it's not letting me select "Turn the Firewall on or off".  Gonna reboot to see.

Okay, now the firewall is off and it says it's being managed by Avast.  When I turned off Avast, it stayed down, but still no luck.
Title: Re: Help?
Post by: Cyber Liberty on August 27, 2018, 07:28:39 PM
Okay, now the firewall is off and it says it's being managed by Avast.  When I turned off Avast, it stayed down, but still no luck.

Avast may have buried itself in your boot sector.  I'm not sure, but rebuilding from a recovery drive might get rid of that.  I have shit like that buried in mine, but I'm afraid to try it.
Title: Re: Help?
Post by: Snarknado on August 27, 2018, 07:41:12 PM
I switched to TBird when WLM bit the dust, and I'm reasonably happy with it. It manages 8 accounts, all Live or Outlook, so not sure how good it is with non-MS accounts. The filter rules could be improved, like optionally applying on a delayed basis instead of immediately on receipt...
Title: Re: Help?
Post by: Suppressed on August 27, 2018, 07:59:42 PM
Avast may have buried itself in your boot sector.  I'm not sure, but rebuilding from a recovery drive might get rid of that.  I have shit like that buried in mine, but I'm afraid to try it.

Looks like I'd better just follow @DB 's suggestion and do a fresh install.

Wow, I've put a lot of things on this machine.  I'm realizing now how many stupid disks (Bluetooth adapter, etc.) I hope I have!  :laugh:
Title: Re: Help?
Post by: roamer_1 on August 27, 2018, 08:01:44 PM
Okay, now the firewall is off and it says it's being managed by Avast.  When I turned off Avast, it stayed down, but still no luck.

I am running out of bullets @Suppressed . Try uninstalling Avast for the moment, and let the thing come back up with only Windows Firewall, and if still no joy, try disabling Windows firewall.. If that ain't it, I am hanging up my guns.  :shrug:
Title: Re: Help?
Post by: DB on August 27, 2018, 10:25:42 PM
Looks like I'd better just follow @DB 's suggestion and do a fresh install.

Wow, I've put a lot of things on this machine.  I'm realizing now how many stupid disks (Bluetooth adapter, etc.) I hope I have!  :laugh:

The real problem is, you can't trust that your machine is secure if you can't definitively find and resolve the problem. You probably shouldn't go get new drivers with the same compromised machine. If you have another computer that is clean, use it to go online to download drivers for the compromised machine. Anything executable is suspect coming from the old machine.

Good luck!
Title: Re: Help?
Post by: InHeavenThereIsNoBeer on August 27, 2018, 10:36:02 PM
The real problem is, you can't trust that your machine is secure if you can't definitively find and resolve the problem. You probably shouldn't go get new drivers with the same compromised machine. If you have another computer that is clean, use it to go online to download drivers for the compromised machine. Anything executable is suspect coming from the old machine.

Good luck!

And if you can't trust the (potentially) compromised machine, you can't trust it to properly install drivers downloaded from another machine.  Nuke from orbit.
Title: Re: Help?
Post by: LegalAmerican on August 27, 2018, 10:36:29 PM
Google is the culprit.  Support TRUMP, and he will fix this next.  BIG CORPS. BEING BIG BROTHER.  OR  you could keep shooting yourselves in the foot.  Ego is tough to over come, for good of the country.
Title: Re: Help?
Post by: DB on August 27, 2018, 11:09:23 PM
And if you can't trust the (potentially) compromised machine, you can't trust it to properly install drivers downloaded from another machine.  Nuke from orbit.

He's starting over with a clean drive. The point was to not use drivers download on the same machine prior to doing the new, clean installation.
Title: Re: Help?
Post by: InHeavenThereIsNoBeer on August 27, 2018, 11:32:02 PM
He's starting over with a clean drive. The point was to not use drivers download on the same machine prior to doing the new, clean installation.

Okay, great point.
Title: Re: Help?
Post by: Suppressed on August 28, 2018, 04:40:53 PM
Spent last night starting a fresh install with brand new SSD (thank goodness prices have come way down).
 
I almost choked when it had trouble connecting to hotmail even on the fresh install, but it seems that was just a momentary glitch.   happy77

With zillions of reboots necessary, gotta love SSD!

But it's not acting very smooth... hanging on log off, etc.  So I think I might just start it from scratch again. 

I haven't used any drivers from compromised machine...just license key information.  It's a fresh Windows 7 Professional install.

When I was going through the Windows Updates, I didn't do any of the optional Windows ones -- no, I DON'T want Windows 10!


Thank you all for being there while I go through this.  I used to do installs in my sleep, but this brain is old and leaky!
Title: Re: Help?
Post by: roamer_1 on August 28, 2018, 11:13:12 PM
Spent last night starting a fresh install with brand new SSD (thank goodness prices have come way down).
 
I almost choked when it had trouble connecting to hotmail even on the fresh install, but it seems that was just a momentary glitch.   happy77

But it's not acting very smooth... hanging on log off, etc.  So I think I might just start it from scratch again. 


@Suppressed
To be expected... Especially if you are installing from a Win7 Pro gold iso instead of a Win7 SP1...

Don't judge it until the updates are done.

If you do rub it off and start over, try this:
https://softlay.net/operating-system/windows-7-all-in-one-iso-free-download-32-64-bit.html

Not a hack. You will have an extra little bit to go through... Be sure to select for both type (home, pro, etc) AND 32/64bit, as it will do any of them. This IS for sure, an SP1 disk, and may contain quite a few of the updates since.

If you know how to put it on a bootable thumb, it stores much better, and goes much faster.

after install, have chipset, vid, and nic drivers ready, and put them in first. MS Essentials as AV till you are all the way in... It suffices, and you won't be dealing with any errant takeovers of firewall and such

Then let it update fully... you can install other drivers along the way, but most will probably come in on the update stream. Then deal with whatever other drivers are left.

It WILL be hinky until all the way updated.
And optional updates are fine - necessary if drivers. I would encourage driver installation that way, because the driver is pinned to certain updates being present before the driver update is presented to you.

Addendum: Upgrades are vastly decreased AFTER SP1 if you have the distributable Internet Explorer 11 (I think 11 was the last one that works on 7) and latest WiMP (Windows Media Player) distributable on hand.
Title: Re: Help?
Post by: Suppressed on August 29, 2018, 12:10:12 PM
@Suppressed
To be expected... Especially if you are installing from a Win7 Pro gold iso instead of a Win7 SP1...

Don't judge it until the updates are done.

If you do rub it off and start over, try this:
https://softlay.net/operating-system/windows-7-all-in-one-iso-free-download-32-64-bit.html

Not a hack. You will have an extra little bit to go through... Be sure to select for both type (home, pro, etc) AND 32/64bit, as it will do any of them. This IS for sure, an SP1 disk, and may contain quite a few of the updates since.

If you know how to put it on a bootable thumb, it stores much better, and goes much faster.

after install, have chipset, vid, and nic drivers ready, and put them in first. MS Essentials as AV till you are all the way in... It suffices, and you won't be dealing with any errant takeovers of firewall and such

Then let it update fully... you can install other drivers along the way, but most will probably come in on the update stream. Then deal with whatever other drivers are left.

It WILL be hinky until all the way updated.
And optional updates are fine - necessary if drivers. I would encourage driver installation that way, because the driver is pinned to certain updates being present before the driver update is presented to you.

Addendum: Upgrades are vastly decreased AFTER SP1 if you have the distributable Internet Explorer 11 (I think 11 was the last one that works on 7) and latest WiMP (Windows Media Player) distributable on hand.

I'm using a GEN-U-INE Micro$oft Win 7 Pro 64-bit with SP1 (for OEM) DVD.  I didn't even let it install IE11 yet...I'm still waiting for it to finish the Important Upgrades.  It evidently hung trying to install the upgrades, as I let it continue overnight and it still hadn't finished.   

(https://i.imgur.com/qi2oyuS.png)

I'm thinking that I should gather up all those drivers like you suggest and redo the install if it keeps up, but I'll see if it calms down before giving up and doing that yet.  I goofed and did AV first, so maybe that was one of my problems.

But that's interesting what you said about some drivers being pinned to the updates.  The optionals I did do were Intel ones, monitor...anything but MS.

Okay, you've calmed me down.
Title: Re: Help?
Post by: roamer_1 on August 29, 2018, 01:00:54 PM
I'm using a GEN-U-INE Micro$oft Win 7 Pro 64-bit with SP1 (for OEM) DVD.  I didn't even let it install IE11 yet...I'm still waiting for it to finish the Important Upgrades.  It evidently hung trying to install the upgrades, as I let it continue overnight and it still hadn't finished. 

@Suppressed
Likely update busted itself. That is a frequent or at least common occurrence. Win7 is getting pretty long in the tooth, and MS is not dedicating very much resource into maintaining its gigantic database. I think that is purposeful - By now, they easily could have released an SP-2 with all of these updates already knitted in, but I think they purposefully make it a PIA.

A LOT of the important updates are contained in the IE and Media Player subsystems, so even if you have to go get the full feature distributables, Getting them shoehorned in there solves a bunch of problems. One thing that comes with them is DotNet, which is a butt-ton of the update train. Since DotNet is specific to IE versions, shoving in the newest avoids not only all the IE upgrades, but all the multiple DotNet upgrades per version that inherently go with it.

You may find it easier to just upgrade to Win10... I bailed on Seven a long time ago, just because the install is so unmanageable (see associated PM).

Quote
I'm thinking that I should gather up all those drivers like you suggest and redo the install if it keeps up, but I'll see if it calms down before giving up and doing that yet.  I goofed and did AV first, so maybe that was one of my problems.

But that's interesting what you said about some drivers being pinned to the updates.  The optionals I did do were Intel ones, monitor...anything but MS.

Okay, you've calmed me down.

Yeah... AV products are super integrated anymore - especially AV suites that invade firewall and browser, and every other little thing. MSEssentials, while not as effective, plays nice with MS stuff and so, stays out of the way.

As far as optionals are concerned, I do em all - There are some that are specific to particular hardware, and without some serious study, you may be foregoing a fix that your specific machine needs to install and function properly.  :shrug:
Title: Re: Help?
Post by: DB on August 29, 2018, 01:58:06 PM
I'm using a GEN-U-INE Micro$oft Win 7 Pro 64-bit with SP1 (for OEM) DVD.  I didn't even let it install IE11 yet...I'm still waiting for it to finish the Important Upgrades.  It evidently hung trying to install the upgrades, as I let it continue overnight and it still hadn't finished.   

(https://i.imgur.com/qi2oyuS.png)

I'm thinking that I should gather up all those drivers like you suggest and redo the install if it keeps up, but I'll see if it calms down before giving up and doing that yet.  I goofed and did AV first, so maybe that was one of my problems.

But that's interesting what you said about some drivers being pinned to the updates.  The optionals I did do were Intel ones, monitor...anything but MS.

Okay, you've calmed me down.

There's a bug in the original Win7 with updates. I think the patch was included with SP1 but you have to have it on disc with the installation before doing online updates. When the backlog of updates exceeds some threshold it breaks the update process and it will never complete them. There's a couple of MS patches to fix it. I'm trying to find my notes...
Title: Re: Help?
Post by: Suppressed on September 05, 2018, 05:14:31 PM
Well, I've got Win 10 running.  Thanks to everyone, and some additional applause to @roamer_1  for helping me via PM, too.

Still am puzzled why I can't just hook up my old SSD and get it to boot anymore, but I'm looking forward and didn't lose too much.  My next step is to figure out how to set up a nice backup system!
Title: Re: Help?
Post by: roamer_1 on September 05, 2018, 05:21:09 PM
Well, I've got Win 10 running.  Thanks to everyone, and some additional applause to @roamer_1  for helping me via PM, too.

Still am puzzled why I can't just hook up my old SSD and get it to boot anymore, but I'm looking forward and didn't lose too much.  My next step is to figure out how to set up a nice backup system!

Happy to help - Glad you are sorted out.
Title: Re: Help?
Post by: The Ghost on September 05, 2018, 05:33:16 PM
FWIW.  My problem with Vista running Chrome has been corrected.  I started using the Avast Browser.
Title: Re: Help?
Post by: Elderberry on September 05, 2018, 05:39:37 PM
I'm glad to hear you're machine is back up and running. I know how extremely frustrating computer problems can be.

For backups I've been using Macrium Reflect, though it can be confusing to set up and use.

https://www.business.com/reviews/macrium-reflect/ (https://www.business.com/reviews/macrium-reflect/)

Macrium Reflect received a C for ease of use during the backup process. It’s easy to see from the interface's design that the app isn’t made for someone who has never backed up a computer before. The homepage displays the various disks, volumes and partitions under the Create a Backup tab, rather than focusing on backing up specific folders and files. This poses a significant learning curve for novices, as they’re unlikely to know what these terms mean, much less want to back up entire disks, volumes or partitions. That said, creating a backup set is relatively easy, though it takes about 11 steps. Users with advanced technical knowledge will likely prefer this design.

In contrast, the restore process received a B+ for ease of use. While the backup process has many steps, the restore process has just four. There are some minor learning curves – additional options in the steps and an interface designed for an advanced user – but a novice can restore their files without much trouble.

Macrium Reflect’s best feature is its backup and restore performance. Both phases received an A- for speed. While the software wasn't the fastest at processing data, it was close. In addition, it didn't hog resources, receiving an above-average grade for CPU usage in both phases.
Title: Re: Help?
Post by: roamer_1 on September 05, 2018, 06:05:14 PM
If we are going to get into Backup, I think it deserves its own thread....

But I will say this...
Storage is cheap.

Never rely on a single set - multiple means, multiple chains, especially when dealing with automated systems.

Image-style backups are less robust than raw copied files. an Imaged set is very convenient, restoring with ease... But it is in the end, a single file - and if a single file becomes corrupted, for all intents and purposes, all my be lost. Raw copied files must be restored more laboriously, but if a file becomes corrupt, that file is lost, and the rest are still there.

Not that an imaged set is not to be used - It can be one means, one chain... But it is not as reliable as raw copy.

Off Machine, Off Network and Off Site should all be goals, in that order of importance.

Title: Re: Help?
Post by: InHeavenThereIsNoBeer on September 05, 2018, 09:46:43 PM
Well, I've got Win 10 running.  Thanks to everyone, and some additional applause to @roamer_1  for helping me via PM, too.

Still am puzzled why I can't just hook up my old SSD and get it to boot anymore, but I'm looking forward and didn't lose too much.  My next step is to figure out how to set up a nice backup system!

Not sure what you're trying to do with the old SSD.  Of the possibilities I can think of, I'd remind you that the BIOS has a boot order, so if you're saying you can't boot off of the new SSD when the old one is installed, you may need to look to the BIOS.  Or put the old one in a cheap external, hot plugable (probably USB) exclosure, boot off the new one, plug in the old one and copy what you need over.  [Personally, I'd use VM software to make a VM image from the old SSD so I could safely boot into it to retrieve application settings, saved logins, etc, but that's a bit of work if you're not already familiar with the process].

If by some chance you're saying that you want to boot off the old SSD with the new one also installed, please don't.
Title: Re: Help?
Post by: Bigun on September 05, 2018, 10:34:05 PM
FWIW.  My problem with Vista running Chrome has been corrected.  I started using the Avast Browser.

 :chairbang:
Title: Re: Help?
Post by: corbe on September 05, 2018, 10:50:02 PM
   I've come back here and reread because I'm fixing to do a New Build and TRYING desperately to keep my Win 7 until they pry my cold dead hands off of it in early 2020. 
   I'm a PC nerd and I learned a hell of a lot on this Thread.
   Thanks All.
Title: Re: Help?
Post by: Elderberry on September 05, 2018, 10:59:44 PM
   I've come back here and reread because I'm fixing to do a New Build and TRYING desperately to keep my Win 7 until they pry my cold dead hands off of it in early 2020. 
   I'm a PC nerd and I learned a hell of a lot on this Thread.
   Thanks All.

The Dell that my daughter gave me from a work cast-off was getting flaky so I did a new build. I'm running Win 10, but I also have Win 7 I run in an Oracle VirtualBox. I was also running XP, but now none of my XP keys are any good anymore.
Title: Re: Help?
Post by: roamer_1 on September 06, 2018, 12:04:29 AM
   I've come back here and reread because I'm fixing to do a New Build and TRYING desperately to keep my Win 7 until they pry my cold dead hands off of it in early 2020. 
   I'm a PC nerd and I learned a hell of a lot on this Thread.
   Thanks All.

@corbe
It really ain't worth it... Win7 Updater is busted, and more than half the time, is not fixable. I keep threatening to slipstream all the updates into a set of installation cabs, but with some 200+ since SP-1, that would be a monumental undertaking.

Just go to ten and get it over with. Let me know before you do, as there are some pretty simple steps to shut off the lion's share of the telemetry and glorified spyware, and some unpublished ways to do it for nothing, even yet.
Title: Re: Help?
Post by: corbe on September 06, 2018, 12:19:59 AM
@roamer_1   

 I load Win7 on at least 2 PC's a month (Real Estate and Dr.'s offices) and in the first or second reboot of updates M$ gives you some $hit about Win10 is better, click the other box and if the Customer originally had Win 10, I do that. 

   My question to you, my friend, if Win10 has never been on the box does M$ even ask the question or want money an hour after install.
    I have valid Win 7 keys and retired when 10 came out, that's how much I dislike it.
Title: Re: Help?
Post by: roamer_1 on September 06, 2018, 12:46:04 AM
@roamer_1   

 I load Win7 on at least 2 PC's a month (Real Estate and Dr.'s offices) and in the first or second reboot of updates M$ gives you some $hit about Win10 is better, click the other box and if the Customer originally had Win 10, I do that. 

   My question to you, my friend, if Win10 has never been on the box does M$ even ask the question or want money an hour after install.
    I have valid Win 7 keys and retired when 10 came out, that's how much I dislike it.


@corbe
I hear ya... If it weren't for keeping on top of it, this whole network here would be running Linux boxes. You might try Mint out.

But, at some point, if you stay on Win, upgrade is inevitable. If it were me, I would rather do that in a controlled descent rather than a free-fall... But, being in the business, I was an early adopter... All my Joe-Homeowner customers would be getting it, and I would need to know how to make it go.

I don't have anything running seven anymore. And I don't understand your angst.
One thing I can tell you - Since 10 came out, I get very little coming over my bench anymore.... Viruses are almost never found. Most of what I do nowadays is hard drives and teaching.
Title: Re: Help?
Post by: roamer_1 on September 06, 2018, 12:53:29 AM
   My question to you, my friend, if Win10 has never been on the box does M$ even ask the question or want money an hour after install.
    I have valid Win 7 keys and retired when 10 came out, that's how much I dislike it.

@corbe
I have never paid a dime for Win10, and I have it on somewhere around 9 or 10 boxes.
And no, outside of services (that I don't use), It never asks me for money.
They've basically turned it into big-data spyware. I think they make their money selling your data, so I don't really think they care as much that you buy it, but rather that you use it.

So long as you shut off all the telemetry, it ain't spying anymore... And I can prove it. Sniff it with any decent network sniffer and look at all the communication... then shut of the telemetry and sniff it again - Not a peep.
 
Title: Re: Help?
Post by: corbe on September 06, 2018, 11:11:05 AM
   Thanks for the info @roamer_1
Title: Re: Help?
Post by: roamer_1 on September 06, 2018, 11:05:17 PM
   Thanks for the info @roamer_1

BTW @corbe ... If you are dead-set on Win7 and you are reasonably competent, look into WSUS Offline (http://www.wsusoffline.net/)

RTFM!!!
But the idea is, you can DL ALL the KB's locally and put them onto a thumb, DVD, or net share, and after your install, run their installer instead of WIN's, and it will install all the updates from the local file, bypassing the Windows updater... Win Update may wind up broken anyway, but you can continue to use the WSUS tool instead, having to update its file store form time to time, and rerunning the installer...

very, very good tool