Author Topic: WinHttpSendRequest returned error: 12007  (Read 7253 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
WinHttpSendRequest returned error: 12007
« on: January 01, 2015, 01:56:12 AM »
SecureLine log msg
WinHttpSendRequest returned error: 12007
refers to an RPC over HTTP error.

I am guessing that this is an avast error again. Maybe attempt to check license causes false error saying internet connection not available, then an invalid license msg during last day of trial period.

Related (I think):

nshield log:
29.12.2014  13:18:44  Network Shield: blocked access to malicious site https://54.186.138.97 ([54.186.138.97]:443) [ C:\Program Files (x86)\Mozilla Firefox\firefox.exe ( 3740 ) ]

I'm not sure why this error even occurred. Had not had the browser open at all that day after starting the machine. Clicked on a link from within my OTR client, which initiated the browser opening. Link was to:
https://pgp.mit.edu/pks/lookup?search=IBLOCKEDITOUT&op=index

I am uncomfortable sending the exact key code to this very public forum, so changed some of the characters TO "IBLOCKEDITOUT" or "EMAIL...". But ViewSource from Firefox returns:
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd" > <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Search results for '0x52f33570687a2fae'</title> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <style type="text/css"> /*<![CDATA[*/  .uid { color: green; text-decoration: underline; }  .warn { color: red; font-weight: bold; } /*]]>*/ </style></head><body><h1>Search results for '0x52f33570687a2fae'</h1><pre>Type bits/keyID     Date       User ID </pre><hr /><pre> pub  4096R/<a href="/pks/lookup?op=get&amp;search=IBLOCKEDITOUT">IBLOCKEDITOUT</a> 2013-04-02 <a href="/pks/lookup?op=vindex&amp;search=IBLOCKEDITOUT">EMAILADDRESS&gt;</a> </pre></body></html>
Code on that page does not point to any specific server address, and the IP noted in the error report is to an Amazon server in Seattle. My VPN is pointing to California, not Seattle, and was not associated with this IP address or block at all.

So, again, I'm wondering if this is being caused by Avast, because viewing my awsboot log after running a scan today, I see a whole bunch of crap websites being loaded into the dns registry. Note that I block cookies and script in my Firefox browser, though occasionally I do give in to convenience and use Chrome. I do have scripts and cookies blocked there as well, but the plugins leak I think.

Confused. Pls advise if you want a log. Thank-you.

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: WinHttpSendRequest returned error: 12007
« Reply #1 on: January 01, 2015, 03:26:58 AM »
54.186.138.97 is one of the many amazon add servers.
And there can be malicious adds coming from there that causes avast to block the IP.

To me it seems that the problem is on that website and not with avast.
But I can be wrong ofcourse.

REDACTED

  • Guest
Re: WinHttpSendRequest returned error: 12007
« Reply #2 on: January 01, 2015, 03:34:20 AM »
Hi Eddy,

I'm not sure you (or I for that matter) understand the issue. There was no prior browser session open at all, and Firefox is set to wipe history on close. NoScript is also set to remove all temporary permissions upon close. Amazon is not whitelisted in NoScript or my browser. Opening a browser for the first time normally uses the home page, which is set to Mozilla's default page - not an Amazon site. MIT servers do not, as far as I can tell, contain addresses in the IP (or the range assigned with it as viewed at ARIN) noted by the error. And, finally, the page itself does not contain any code that would allow a redirect.

So how did the error even pick up a malicious attack from an IP not connected to the current session? If it's MIM, wouldn't there have to be an established connection first?

Thanks again. I'm just getting ready to reboot the machine to test your other solutions.

D.

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: WinHttpSendRequest returned error: 12007
« Reply #3 on: January 01, 2015, 06:00:02 AM »
Ok, let's see if there is something that shouldn't be on your system.
https://forum.avast.com/index.php?topic=53253.0
Follow the instructions please.
If we find nothing "strange" at least we have ruled out several possible causes ;)
And checking only cost some time and can't hurt.

REDACTED

  • Guest
Re: WinHttpSendRequest returned error: 12007
« Reply #4 on: January 02, 2015, 05:13:58 PM »
Eddy (or whomever may be around right now),

I am stuck after running the quick scan AswMBR tool - the log file shows nothing at all, but the "FixMBR" button is enabled. When I click on it, it asks me if I want to write a new master boot record, overwriting what exists. I am confused about why I am seeing this option enabled, and this message, if there were no issues posted to the log. Please advise. My boot partition was no specifically targeted for a scan - just ran the quick scan. Should I run scan on the boot partition to see errors?

None of the other products run so far from the list have found anything to be concerned about. Thanks again for your help.

D

REDACTED

  • Guest
Re: WinHttpSendRequest returned error: 12007
« Reply #5 on: January 02, 2015, 05:28:08 PM »
Additional note: I've run the Avast boot scan, customizing to include all drives/partitions, and found no errors. That was done before I initiated any of these help requests.

REDACTED

  • Guest
Re: WinHttpSendRequest returned error: 12007
« Reply #6 on: January 03, 2015, 03:24:44 AM »
No viruses, malware or other malicious software was found by any of these tools. The problem has yet to be identified, but I'm closing the topic here. Thanks.