Router persistently blocks specific downloads but no apparent signs of malware

Hi,

I've been battling a severe issue with my computer for the better part of the past two months. It all started when Windows Update suddenly stopped working (error code 8024402F) and I noticed that specific downloads such as anti virus software installers, Adobe Reader etc. would fail. I then cleaned up my system and tried a bunch of malware removal procedures (http://www.bleepingcomputer.com/foru...urity-updates/) but nothing seemed to work.

I then began to suspect my router had been infected and tried connecting to the Internet via a 3G data stick. This worked fine and I was able to get Windows Updates and security software installers. I then went and formatted my computer, reinstalled Windows 7, and got a brand new router. I set everything up a couple of days ago and suddenly the problem reappeared. Windows Updates and specific downloads don't work via the wired connection but work just fine with the 3G data stick. I am completely baffled by this as I haven't loaded anything on to the computer after formatting it and have no idea how the router became dysfunctional within seconds. I thought this to be a malware related problem and so posted the issue first in the malware removal forum. The person helping me made me run a bunch of tests that came out fine and so he/she suggested that I post here instead. I tried to attach the logs here but apparently one can't attach the same logs twice in two different posts so please have a look at the linked earlier post if you want to see them. I would really appreciate any help as I have no idea what to do. Thanks!

 

Hi plodr,

Thanks for your reply. I am not very proficient with hardware etc. and so am sorry for what might be a stupid question but would a bad NIC/ethernet card prevent specific downloads. Also, I am certain that it is not a hardware fault in the computer as the same specific downloads are blocked even when I try them from a different computer using a WiFi network from the same router.

 

Sure. However, I would really appreciate a step-by-step guide as am a little unfamiliar with these things. Also, I am curious as to how my router got this problem in the first place. As I said before it is brand new and has just come out of the box. Interestingly my old router had the same exact problem, which is why I replaced it. I cannot help but think whether there is something in my computer (malware perhaps) that has survived the reformat and reinstallation of the OS to cause these routers to get corrupted. Could this be the case? It is also very strange the only downloads that are blocked are all security related (Windows Updates, anti-virus/malware remover installers etc.)

 

This is a classic sign of malware infestation. Are you able to visit microsoft.com? Some malware also blocks this site...

Before you do another thing, visit the MG Malware Forum and read and do the steps in:
Sticky: READ & RUN ME FIRST Malware Removal Guide (incl. spyware, virus, trojan, hijacker)

 

Hi cipher. I suspected it to be a malware issue and so reformatted my computer, reinstalled the OS, and bought a new router. When the problem cropped up again I asked for help in the malware removal forum and ran through all the steps. Apparently, nothing was detected. You can have a look at my logs and my original forum post here.

 

Question: Was the computer OK for a period of time, however short, between your format/reinstall and the re-occurrence of the symptoms? If so, you may well be infected again...
Also, it may some sort of boot sector malware, did you erase the partitions, rebuild those from scratch before the format?


Also, have you had a look at your hosts file? Look for it in:

Code:

C:\Windows\System32\drivers\etc\hosts

Maybe post it as attachment here...

 

I don't really know to be honest. There are no symptoms other than Windows Updates and the specific downloads not working and so it is hard to tell.

I erased the partitions and reformatted the hard drive during the Windows 7 reinstallation. I gather that this only does a quick format, which may not be sufficient. Would you recommend I do a reformat+reinstall using Clean All with the Diskpart command as illustrated here?

I have attached my hosts file for you to have a look in the form of a zip file with both a copy of the original and a txt version.

Thank you so much for your help. I really appreciate it, especially as I had almost given up hope.

 

I may have missed the answer to my question about your ability to resolve microsoft.com. Can you see that site?

Your host file looks fine, factory fresh...

Have a read here:

http://support.microsoft.com/kb/967897#method1

And reset IE settings.

Also, have you tried another browser on those sites? If not download another browser, install it and try those sites with it. Firefox, Chrome, one of these would be good...

 

I am able to go to microsoft.com and all other websites that I have tried. It is only specific downloads that stall and eventually fail. I have downloaded Google Chrome and am now using it but the problem with specific downloads remains. I doubt it's an IE problem as the same issue is replicated when I use the router's WiFi network with Safari on my Mac.

 

I would try a different router. If you lease the router from your ISP, I would involve them in this.

Are the downloads that work OK any smaller than these problematic ones?

I'll repeat that the nature of these downloads, i.e. security related, has me thinking of possible malware infection. You may need to visit:

http://forums.majorgeeks.com/forumdisplay.php?f=35
and read and do this:
Sticky: READ & RUN ME FIRST Malware Removal Guide (incl. spyware, virus, trojan, hijacker)

 

Wouldn't a firewall/AV issue just stop it cold? He reports that it starts then stalls and fails...