Can't load sites through all browsers (but can mostly when adding `https://` manually)

3

So my friend contacted me today and begged me for my help. She works at a designing company and said:

"Since last week, I can't load any site excluding google. When I type the site name in any browser (IE/Edge/Firefox/Chrome) the blank page just keeps loading and nothing appears. I already called my IT guys and they formatted my computer a few days ago, and the problem re-appeared after the format."

She also added that there are a few other employees at her place (which are not connected to the same network but do speak with each other via emails) have the same issue. I tried helping her via Teamviewer. I'll try and post all my findings while trying to help her, and hopefully someone will know what the hell is going on with her computer:

  1. As already mentioned above, the main problem is that all browsers can't load pages (except www.google.com). After waiting a certain amount of time, the browsers show Error: Connection failed or Error: Connection timed out exceptions.
  2. When manually adding https:// to URL, the web pages seem to be loading as usual, with no problem
  3. There is no apparent DNS problem. I've tried pinging to various domains and received IP addresses (haven't checked their authenticity). Also, Just for verification I've manually set the DNS servers to 8.8.8.8 and 8.4.4.8 but the problem didn't disappear.
  4. I've tried looking at some network connections via Wireshark. From what I've seen, every browser tries to first connect to the domain via HTTP. It seems as though the domains don't forward the browsers to HTTPS addresses (no forward request was sent from any domain, and no connection to port 443 has been made).
  5. The computer is connected to the internet through a WiFi connection. I've tried connecting to various different networks and even asked her to turn on her 4G Tethering and connect through it. The problem hasn't disappeared.
  6. I've connected to another laptop of hers, which is connected to the same WiFi network as the problematic computer. The laptop works fine and has no apparent problems while working on all web browsers
  7. I looked at her Internet Connection Settings. She isn't connected to any proxy, nor a VPN of some sort.
  8. I've downloaded the Sysinternals suit from Microsoft's website. I executed the Process Monitor and the Process Explorer with a slight hope of catching some fishy process. From my brief experience with malwares, they tend to enter sleep mode or even kill themselves when either processes appear. That didn't help.
  9. I've looked at all of her recently installed software. There was one software from a developer in the name of "InfoSoftware". After googling that name, I suspect that might be some kind of a malware. I've removed the software but that didn't help. There was also another program called "NetSurveillance". I removed it too just to be sure, but that also didn't help.
  10. I installed ad-blocker plugins on Firefox and Chrome, with no luck.

Because the nature of the problem is so isolated to a single computer, with only web browsers being affected (from what I saw), that leads me to think that she might have go infected with some kind of a malware. Maybe her co-workers too. I would really love if you guys had some expert suggestion or leads at might be going on here. Thanks in advance!

UPDATES:

  1. I deactivated all of her anti-viruses programs and her firewall protection for a brief moment. I wanted to make sure no outbound/inbound rule was the root of this issue. Didn't help.

0rka

Posted 2018-03-02T11:34:27.820

Reputation: 131

2"HTTPS works but HTTP doesn't" sounds fairly typical of a misconfigured firewall/filtering appliance some companies like to use. Idea being to block some websites for users. – Bob – 2018-03-02T11:39:48.970

Have you tried to Reset advanced settings from the Internet Options > Advanced? Have also a look on the Security tab and Reset all zones to default level. – Leun4m – 2018-03-02T11:43:26.500

@Leun4m Yes, I've pressed practically every reset button available – 0rka – 2018-03-02T11:50:45.657

Why are you helping with a problem that exists on a corporate network. Your friend is unlikely to have the permissions required to fix this problem. I suspect the entire problem is a network configuration problem. Being unable to make a secure HTTP connection is a classic signed of a network configuration problem and/or machine configuration. In both cases a non-Administrator cannot solve the problem. – Ramhound – 2018-03-02T12:37:47.380

1@Ramhound The problem isn't a corporate one (I suppose). The issues still exist on other networks such as her home network and a 4G Tethering network. I agree with the possibility of a configuration being sent to her computer from the domain administrator that might have caused the issue in the first place, but the system administrator himself said that no configurations had been deployed in recent times. She has contacted me because no other personal from her company could resolve this. – 0rka – 2018-03-02T12:40:00.023

I assume local accounts are not being used. The fact multiple people have the problem indicate it's a configuration problem caused by the Administrators at the company. The use of a proxy can cause SSL issues. – Ramhound – 2018-03-02T12:41:47.160

they formatted my computer a few days ago, and the problem re-appeared...how long did the computer go without the problem occurring? What was changed on the computer in that time frame? The answer to this question will point to your solution. It's obvious the problem is with the computer's configuration itself. Therefore what changed in the time when it went from working to not working should be the culprit. – I say Reinstate Monica – 2018-03-02T17:19:50.010

No answers

Asked: 2018-03-02T11:34:27.820

Viewed: 63 times

Active: 2018-03-02T12:28:01.177