Secure Website Login Problem A customer of mine whose livelihood is dependent on whether he can log in to a certain secure website SUDDENLY CAN'T. It may be my fault, I'm not sure. I'm desperate for help on this one. Here's the story (sorry for the length, but I thought I should be as comprehensive as possible): Chapter One: Initially, the customer called me to get a 256MB RAM upgrade for his eMachine T1110 (currently has 256MB RAM.) He has WinXP installed and a cable modem. He's an online day-trader and uses several programs that are graphics-intensive. I ordered a 256MB RAM stick for him, but couldn't install it due to the fact, I later discovered, that the BIOS needed to be updated. I couldn't find a BIOS update for that machine (it's over 6 yrs old), so we agreed that I would take the machine home and run a system tune-up and optimization... Chapter Two: At home, I installed a bunch of security programs, including ZoneAlarm firewall, AVG anti-virus, Ad-aware & SpyBot. I also installed and ran a series of programs that "optimized" his WinXP. (I did this only because I couldn't install the new RAM and because he said his computer was sluggish.) This included running the following: --Trend Micro sysclean that involved running a sysclean.com file in conjunction with a zipped lptxxx file, where xxx represents the latest verson (files were downloaded from trendmicro website). Note: On another machine that I later ran this on, it appeared to cause it to completely crash. On that machine, I had to do a system restore to get it back to an old configuration. --CCleaner (sans the registry clean), CWShredder, and all ant-spyware/anti-adware scans. Found 0 viruses, @10 incidents of spyware/adware. --Gibson Research programs, including Shoot-the-Messenger, UnplugNPray, XPdite, DCombobulator, SocketLock. --Chkdsk, Defrag, Pagefile.sys defrag -- all run several times. --Cacheman, which optimizes memory and disk cache. --XP-Antispy, which disabled a bunch of miscellaneous XP settings and services, BUT WHICH I RE-ENABLED LATER WHEN THE CONNECTION PROBLEM TO THE SECURE SITE STARTED TO OCCUR. --Via Services.msc, I disabled the following: 1. Alerter, 2. Distributed Link Tracking Client, 3. Indexing Service, 4. IPSEC Services, 5. Portable Media Serial Number, 6.Wireless Zero Configuration. --Control Panel>System>Performance, I unchecked all settings except for basic features that maintain the "look" of XP (e.g. "Use visual styles on windows andbuttons"). --Virtual Memory (pagefile.sys) -- changed the maximum to match the minimum (384MB for him -- i.e. 1.5x the amount of RAM). --Disabled indexing service. --Reduced Recycling Bin & System Restore Drive Usage. --Optimized the Boot Speed by running Bootvis.exe (retrieved from Internet). --Finally, ran a TCP/IP Optimizer utility and set it to "optimal settings." Note: I couldn't get onto the internet with his machine AT MY HOME, even via the modem (it wouldn't work, despite my many attempts). So I could not test any of his normal procedures for logging onto a secure website. Chapter Three: I returned the machine to the user's location, plugged everything back in, booted up machine, restored internet connection (via Cable Modem), and it all seemed to be working fine (in fact, better than fine). I did notice, however, that his Ad-aware and Spybot wouldn't connect to the Lavasoft and Spybot servers for Updates (despite the fact that there was an internet connection). But when my customer tried to log in to a secure website--WHICH HIS LIVELIHOOD DEPENDS ON AND WHICH IS THE PRIMARY REASON FOR USING THE COMPUTER ALTOGETHER -- it would not let him in. This and the fact that Ad-aware and Spybot wouldn't update were THE ONLY PROBLEMS. I called the Tech guys at the brokerage firm my customer uses and after they tried resetting his login, we went through a whole rigmarole of possibile fixes. Note: One tech guy sent me a VPN file to install, but it wouldn't allow him on to the customer's machine remotely. With the aid of two tech guys (called on sep. occasions) we did the following, then tried to login. None of the possible fixes worked. Here's what we tried. Note: I'm recalling this from memory, so I'm not completely confident that this is ALL we did. We tried several things over the course of a few hours. 1. Disabled (then uninstalled) all firewalls. 2. Uninstalled AVG. 3. Deleted Cookies and Temp Internet Files. 4. Re-enabled all services (via XP-Antispy & services.msc). 5. In Privacy Settings for Internet Options, checked "Override automatic cookie handling" and "Always allow session cookies." 6. In Security for IE options, enabled "Don't prompt for client certificate selection when no certificates or only one certificate exists." 7. One tech guy ran a traceroute (which he sent to me and which I sent to the local cable company) and it showed that packets had dropped 88% half way through at att.net (that's AT&T). The cable co. guy thought I needed to call AT&T, but both I and the tech guys at the brokerage house thought that was pointless (how could it involve AT&T? They're not the service provider in this case, nor are they the starting or end point. We concluded that it had to be something local.) 8. Tech guy sent me a standalone program to install. When I tried to install it, it told me I needed to get a javaruntime program first from Java. But then when I retrieved the javaruntime program, IT wouldn't install because it said it my "proxy" settings were off and therefore couldn't connect to install the program?!! His connection doesn't use proxy, but I went to IE options and set it to "automatically detect" proxy settings. This, naturally, didn't fix any problem. Needless to say, this was/is a complete nightmare. What started out as a simple RAM upgrade service has now turned into a MAJOR PROBLEM that includes the loss of his business. Logging into the secure brokerage site is his main reason for using the computer and is the source of his livelihood. Because he was at least working before I took his machine for a "repair," I gave him his money back. I don't care about the money or time I lost. I just want to get HIM back up and running. He's now considering buying a new computer altogether, but that seems unnecessary since it's a CONNECTION problem and nothing else. I'd like to fix this problem for him WITHOUT—naturally--him having to buy a new machine (mostly because, despite him being a day trader, he appears to have very little money.). To anyone who can help, I’m eternally grateful. Thanks.

Sorry to be so blunt but this needs to be said. You have ran/installed WAY too may things at once most of which were most likely not needed. Without going into details of what you botched it suffices to say that you most likely should not be servicing other people's computers. You have made such a mess now that you should wipe it all out and start fresh. If he has no XP CD then I would go get him a retail one, at your expense, as this is entirely your doing. Make sure you do a clean install and not a repair install. You could easily spend many more hours on top of the time you have already spent and will likely still never get it corrected. Jimi_l

One program I see you installed was "Bootvis". That program BROKE my connections (didn't find out till later that MS no longer endorse it), even removing it and re-setting (don't use system restore) the registry couldn't fix the problems it caused. Had to do a full format and reload.

As stated, too much at one time. However, a guess here is a Winsock problem. XP Winsock fix sLLs

Thanks for your responses (and bluntness), guys. To Jimi, the only thing I can say is: it's true I'm not an engineer and don't know what every program or file does. I stay away from registry-editing tools and try to do only minimal reconfiguration on people's machines. In this case, I stayed away from doing any BIOS updates or Windows reinstalls to get the guy's RAM upgrade to work, because the potential for damage seemed high. What I did subsequently all appeared safe (coming from reliable sources) and only seemed to screw up one connection (port) setting. But you're right. I shouldn't have run all that I did. When I've run these programs on MY machines, I had no problem. So it was hard for me to anticipate the very SPECIFIC connection problem that occurred at this customer's site. I do NOW know, as "Justme" had discovered, that Bootvis may have screwed up some settings. But it didn't APPEAR to screw up anything until we tried to logon to a specific site. If Bootvis indeed was the problem, NOW I KNOW that. But my question is: How could I have known in advance, especially when it worked fine on my machine? That's what scientists do, right? They experiment, see what results are achieved, and go forward with the results. (In this case, the results were positive. But, you're right, I should have done more testing). Anyway, my point is that it's very difficult to gauge what certain programs/utilities do. I didn't think I was messing with any kind of SECURE login issues since I didn't mess with his connection settings (at least, not directly). I was simply trying to optimize the machine to run as quickly as possible. And this was done only because the machine is old and I wasn't able to install the RAM. He wanted help; I tried to help. Either way, thanks for your advice. I'm going to continue to try to help people (I've helped every single customer except one now) and continue to try to learn as much as possible. What else does one do in life? Lesson learned in this case at least. Thanks again. Any other constructive advice you can give, I appreciate. Sincerely, Rober

Dont take this the wrong way but what exactly are your qualifications? You made a scientist reference about experimenting. You DONT experiment on other peoples PC especialy when it is so imperative that it work for them, you experiment on YOUR equiptment. You don't just start making wholesale changes without knowing what they do and you certainly dont make the changes you made. Things like this give legit consultants a bad name as word of mouth in the area will spread more than you know. You have to make this right and HOPE you dont get sued. You do need to back it up, do a clean install, and don't try to 'tweak' it. Just get it running right, apologize, and leave it alone. I realy dont mean to sound so harsh but, I have been doing consulting/IT Admin for a long time and have had to clean up alot of 'techs' messes before and in every instance, it could have been avoided (including this one).

I experimented on MY machines first and everything worked fine. I already said that. Just looking for some help regarding a connection problem to a secure site, that's all. Sorry I posted it. Thanks.