Solved Firefox 95.0 64bit problem.

[subyroo]

I recently updated my Firefox Browser to v95.0, ever since then I have a problem with one particular website, easeus.com. My browser refuses to connect to the site, I keep getting this error:
"An error occurred during a connection to EaseUS(R) | Data Recovery, Backup, Partition Manager & PC Utility Software.

The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer’s network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web."

Can anybody help me with this problem please.

 

[ian50]

If it's not your firewall (if you have one, maybe the MS default), then try:

1) access with another browser (many to choose from). If that works, then:

2) uninstall and re-install Firefox 95. This means you lose your profile settings with the re-installation, so save your current log-ins, bookmarks and tab addresses first so you can easily recover them.

 

[subyroo]

If it's not your firewall (if you have one, maybe the MS default), then try:

1) access with another browser (many to choose from). If that works, then:

2) uninstall and re-install Firefox 95. This means you lose your profile settings with the re-installation, so save your current log-ins, bookmarks and tab addresses first so you can easily recover them.

Hi,
I have uninstalled and reinstalled Firefox 95 and it still does not work.
I have also tried Google Chrome, same problem.
I'll have to go through my ESET NOD32 Antivirus and check the settings.

Update:
I have been through all the settings on my Antivirus and still no joy. At least I can get to the site via my wife's PC if and when I need too.

Thanks for your help Ian50.

 

[erpster4]

um Firefox 95.0.1 just came out
maybe try the easeus site now as it's working for me on my end

 

[subyroo]

um Firefox 95.0.1 just came out
maybe try the easeus site now as it's working for me on my end

No change, unfortunately.

 

[townsbg]

I would try clearing cache and cookies. If that doesn't work you might have a corrupt profile and if that is the case you will have to rebuild it. Start by backing up your profile. https://www.google.com/url?sa=t&rct...fox-profiles&usg=AOvVaw0A3oTIWRebvIsNskfCt2Cs. I would simply rename the appdata\local\firefox\profile and \appdata\mozilla\filrefox\profile folders as well as the profiles.ini file and the installs.ini file (if it exists) so Firefox doesn't know about your old profile. Also make a note of your plugins and their settings. Some might have a settings export. If they do utilize it.

Run firefox once to create a fresh profile. Copy (don't move) these files from the old profile to the new. Which file to backup? | Firefox Support Forum | Mozilla Support. Restore only those files.

Reinstall and reconfigure your plugins/themes. If you are unable to get your profile working again revert to the old profile folders. I have had to rebuild my profile. It is a pain but doable.

 

[file3456]

Can you go to this address?

https://216.92.151.227/

You'll have to accept the bad certificate. Only select temporally though. This is a direct connection to the website bypassing DNS resolution. If this works, go into command prompt as Admin. and enter this to clear out your DNS cache:

ipconfig /flushdns

To get to command prompt, simply enter cmd into the search box under the Window start orb. Now right click CMD and open as Admin.



Launch Google Chrome and create a HAR file. Zip that file and upload it here. Do NOT log into Easeus or browse other sites creating the HAR file. The HAR file needs to be created just for Easeus.

Just so that your aware. Easeus is probably a Chinese company. Their domain register is in China and the footer on the website indicates China.

And it looks like I was right. EaseUS Data Recovery Wizard - Wikipedia

The company AOMEI is CCP as well.

Nothing wrong with China other than their human rights BS, intellectual property theft (DuckDuckGo) (SwissCows), hack crap and the list goes on. And Yes, the plague came from there, not Madagascar or Papua New Guinea or some other country like idiots would try to make you believe because they think you're stupid.

Anyway, what software are you after? I could probably offer waaay better alternatives.

Update:
I have been through all the settings on my Antivirus and still no joy. At least I can get to the site via my wife's PC if and when I need too.

What anti-virus software are you using? They can and will muck things up. Lets rule it out. When the computer boots, keep pressing the F8 key (right after BIOS/UEFI and before OS loading). Chose safe mode WITH networking. Now go to Easeus. Work? Could be the anti-virus software.


- - - UPSTATED UPDATED - - -

I would try clearing cache and cookies. If that doesn't work you might have a corrupt profile and if that is the case you will have to rebuild it. Start by backing up your profile. https://www.google.com/url?sa=t&rct...fox-profiles&usg=AOvVaw0A3oTIWRebvIsNskfCt2Cs. I would simply rename the appdata\local\firefox\profile and \appdata\mozilla\filrefox\profile folders as well as the profiles.ini file and the installs.ini file (if it exists) so Firefox doesn't know about your old profile. Also make a note of your plugins and their settings. Some might have a settings export. If they do utilize it.

Run firefox once to create a fresh profile. Copy (don't move) these files from the old profile to the new. Which file to backup? | Firefox Support Forum | Mozilla Support. Restore only those files.

Reinstall and reconfigure your plugins/themes. If you are unable to get your profile working again revert to the old profile folders. I have had to rebuild my profile. It is a pain but doable.

Issue exists in Chrome as well.

 

[subyroo]

Can you go to this address?

https://216.92.151.227/

You'll have to accept the bad certificate. Only select temporally though. This is a direct connection to the website bypassing DNS resolution. If this works, go into command prompt as Admin. and enter this to clear out your DNS cache:

ipconfig /flushdns

To get to command prompt, simply enter cmd into the search box under the Window start orb. Now right click CMD and open as Admin.



Launch Google Chrome and create a HAR file. Zip that file and upload it here. Do NOT log into Easeus or browse other sites creating the HAR file. The HAR file needs to be created just for Easeus.

Just so that your aware. Easeus is probably a Chinese company. Their domain register is in China and the footer on the website indicates China.

And it looks like I was right. EaseUS Data Recovery Wizard - Wikipedia

The company AOMEI is CCP as well.

Nothing wrong with China other than their human rights BS, intellectual property theft (DuckDuckGo) (SwissCows), hack crap and the list goes on. And Yes, the plague came from there, not Madagascar or Papua New Guinea or some other country like idiots would try to make you believe because they think you're stupid.

Anyway, what software are you after? I could probably offer waaay better alternatives.



What anti-virus software are you using? They can and will muck things up. Lets rule it out. When the computer boots, keep pressing the F8 key (right after BIOS/UEFI and before OS loading). Chose safe mode WITH networking. Now go to Easeus. Work? Could be the anti-virus software.


- - - UPSTATED UPDATED - - -



Issue exists in Chrome as well.

G'day F22 Simpilot, Apologies for the delay, been away for Christmas.

I was able to get to

https://216.92.151.227/

as instructed.

I cleared the DNS cache and here is the HAR file you requested -

https://mega.nz/file/GDJUFJLL#SCKxCr1A4WBbJqZv08LG8j1stTL2jLGHQ5ZXNqvP3BM

I am using NOD32 Antivirus v15.0.21.0 and it is up to date. I have been using this AV since the early 90's.

 

[file3456]

Okay, thanks.

Did clearing the DNS cache work? You didn't indicate if it did or not.


Can you ping easeus.com ? Go back into CMD and enter

ping easeus.com

Just in case you don't know. If it pings and yo see a server IP, (should be the one I gave you from before of: 216.92.151.227, then DNS resolution on your computer looks like it's working. But on its face now, DNS resolution doesn't appear to be working correctly. Right now I'm suspecting your anti-virus. Especially since this issue is broad in scope and affecting multiple browsers, but not other computers. So having said that. Try disabling the web access protection feature in Nod32 and then try going to Easeus again. Web access protection | ESET NOD32 Antivirus | ESET Online Help

You'll note that web access protection stands between you and the Internet. The anti-virus software is literary a man in the middle intercepting your TLS/"SSL" connection. Sounds bad, doesn't? Well, it is. Because now the anti-virus is polling all your telemetry on which websites you visit. This is just one reason why I don't use anti-virus software anymore and chose to use as more unorthodox approach which you can read about here. I'm probably more protected than someone running anti-virus software. I even scan the air gaped (disconnected) clone of my computer on the external hard drive for malware and nothing. And get this. Like you, I run "outdated and malware prone" Windows 7 and only have about four Windows updates for hardware and software needs! LOL!


Anyway, lets see if it's your anti-virus. It may, it may not, but it looks like a DNS resolution issue right now. You might want to investigate your hosts file as well. To do so, go to this path:

C:\Windows\System32\drivers\etc

Now temporally rename the hosts file hosts.txt so that you can read it. I just right click and open it with Notepad++. That's just a program for us nerds. LOL But it's a great text editor and text manipulator in so many ways, let me tell you.

Now that the hosts file is open, do you see just this and nothing else added at the bottom?

## Copyright (c) 1993-2009 Microsoft Corp.
##
## This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
##
## This file contains the mappings of IP addresses to host names. Each
## entry should be kept on an individual line. The IP address should
## be placed in the first column followed by the corresponding host name.
## The IP address and the host name should be separated by at least one
## space.
##
## Additionally, comments (such as these) may be inserted on individual
## lines or following the machine name denoted by a '#' symbol.
##
## For example:
##
##      102.54.94.97     rhino.acme.com          # source server
##       38.25.63.10     x.acme.com              # x client host
## localhost name resolution is handled within DNS itself.
##    127.0.0.1       localhost
##    ::1             localhost

If you see entries there that point to 127.00.1 after the very last # (technically anywhere) then it's blocking that domain. So as an example it may look like this:

## Copyright (c) 1993-2009 Microsoft Corp.
##
## This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
##
## This file contains the mappings of IP addresses to host names. Each
## entry should be kept on an individual line. The IP address should
## be placed in the first column followed by the corresponding host name.
## The IP address and the host name should be separated by at least one
## space.
##
## Additionally, comments (such as these) may be inserted on individual
## lines or following the machine name denoted by a '#' symbol.
##
## For example:
##
##      102.54.94.97     rhino.acme.com          # source server
##       38.25.63.10     x.acme.com              # x client host
## localhost name resolution is handled within DNS itself.
##    127.0.0.1       localhost
##    ::1             localhost

127.0.0.1 easeus.com
127.0.0.1 some_web_site_I_want_to_block

127.0.0.1 sends to null (home) so it stops the domain to IP resolution in its tracts and you can't go there. The # before all that text just comments out the text so that it's not parsed (interpreted) by the hosts file. Kinda like the rem (remark) statement in a batch file.

 @[URL="https://www.sevenforums.com/members/echo.html"]echo[/URL] off
ping sevenforums.com
rem my comment here so I know what this does.
exit

Malware can and will modify the hosts file. So once you rename the hosts file from a .txt back to to just hosts again, right click the hosts file, chose properties and mark it as read only. This will help mitigate the hosts file from being modified by malware.


If after all this, and you still can't get to easeus.com, go into safe mode with networking and try that way. Can you get to easeus.com? Report if you can or not. If you still can't get to easeus.com, this means you have something else deeper going on inside. Could be an LSP, the network stack, a DLL, all kinds of things.

- - - Updated - - -

Try completely uninstalling NOD32 as well if the above steps don't work. See what happens.

 

[subyroo]

Holy hell, we are getting above my pay scale now. :roflmao:

Anyway onwards and upwards...

1. Clearing the DNS cache didn't work.
2. I could ping the Easeus server.
3. Deactivating NOD32 Web Access Protection made no difference.
4. Now, opening hosts file with Notepad++ was very revealing indeed:
   

   # Copyright (c) 1993-2009 Microsoft Corp.
   #
   # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
   #
   # This file contains the mappings of IP addresses to host names. Each
   # entry should be kept on an individual line. The IP address should
   # be placed in the first column followed by the corresponding host name.
   # The IP address and the host name should be separated by at least one
   # space.
   #
   # Additionally, comments (such as these) may be inserted on individual
   # lines or following the machine name denoted by a '#' symbol.
   #
   # For example:
   #
   #      102.54.94.97     rhino.acme.com          # source server
   #       38.25.63.10     x.acme.com              # x client host
   
   # localhost name resolution is handled within DNS itself.
   #    127.0.0.1       localhost
   #    ::1             localhost
   127.0.0.1    www.easeus.com
   127.0.0.1    activation.easeus.com
   127.0.0.1    track.easeus.com
   127.0.0.1    66.39.112.91
   127.0.0.1    216.92.151.227
   127.0.0.1    216.92.61.7
   127.0.0.1    update.easeus.com
   127.0.0.1  activation.easeus.com

   I edited the hosts file by removing everything after -

# ::1 localhost. I was then able to access the Easeus website.
The host file is now marked as "read only".

F22 Simpilot, you have solved the mystery (to me anyway).
Thank You very much for your help and your patience.

 

[file3456]

No problem.

Just so you know, these entries won't do anything.

127.0.0.1    66.39.112.91
127.0.0.1    216.92.151.227
127.0.0.1    216.92.61.7

The hosts file works via domain to IP resolution. You'd have to run something like Peerblock or use a good, reputable firewall. I can highly recommend Pfsense. But it requires reading. You can take it for a spin via a virtual machine like VMware Workstation Player. Others use Oracle's Virtual Box. I don't use that version because I've had NOTHING but issues with it, and VMware offers better USB emulation anyway.


Pertaining to your hosts file entries... LOL You might want to heed my advice on the better alternatives, eh?

If you're REALLY interested in hosts file entire, add these:

# nVidia Telemetry
127.0.0.1 gfwsl.geforce.com
127.0.0.1 gfe.geforce.com
127.0.0.1 telemetry.nvidia.com
127.0.0.1 gfe.nvidia.com
127.0.0.1 telemetry.gfe.nvidia.com
127.0.0.1 events.gfe.nvidia.com
127.0.0.1 activation-dc1.gfe.nvidia.com
127.0.0.1 activation.gfe.nvidia.com
127.0.0.1 services.gfe.nvidia.com
::1 activation.gfe.nvidia.com
::1 activation-dc1.gfe.nvidia.com
::1 gfwsl.geforce.com
::1 gfe.geforce.com
::1 telemetry.nvidia.com
::1 gfe.nvidia.com
::1 telemetry.gfe.nvidia.com
::1 events.gfe.nvidia.com

Telemetry is everywhere now-a-days. Damn near every single cotton pick' piece of software you install and run will make contact to their mother ship. Usually via Cloudflare and Google's cloud servers. Those are the two most common cloud providers (ASNs) I've seen on my computer. Also, if you scan a file at VirusTotal and if the "Relations" are provided, you can see where that file (that specific file matching SHA256 actually) makes contact on the Internet. You'll need a free VirusTotal account to see the IPs and domains though.

- - - Updated - - -

Note: Don't add an abhorrent amount of entries in the hosts file. This will probably slow things down. Which means you'd have to turn of the Windows DNS Client service to mitigate the possible slow down. Some people like to use the hosts file for Ad/malware blocking and what not. This is NOT what the hosts file was built for. For Ad blocking just use uBlock Origin in the browser, NextDNS or Pi Hole in a Raspberry Pi. I don't like the broadsword approach though. If you discover a website acting up due to a filter, then you have to monkey with that in the Pi or what ever. I just go client side blocking via uBlock Origin. On the other hand, whole network wide malware domain blocking, and what have you would be a lot more beneficial. Especially for a mobile device on the network.

 

[subyroo]

Thanks for your insight and advice.

 

[townsbg]

So your hosts file was diverting easus.com traffic to 127.0.0.1, which is useless unless you are running a webserver. No wonder you couldn't get to it. You didn't install pirating software did you? If so scan for malware now.

 

[subyroo]

So your hosts file was diverting easus.com traffic to 127.0.0.1, which is useless unless you are running a webserver. No wonder you couldn't get to it. You didn't install pirating software did you? If so scan for malware now.

I had already done a scan using Malwarebytes before posting about the problem.
Thanks for the reminder anyway.