Web page blocker

Discussion in 'Malware Help (A Specialist Will Reply)' started by juku, Apr 21, 2007.

  1. juku

    juku Private E-2

    Hello!
    I am in need of some help, I've been struggling with this nasty thingy all day.
    Symptoms:
    Solid ping, msn connected, able to play online 3D game, and yet I am almost unable to access any webpage, on any browser(I've tried firefox, explorer and less known swiftbrowser just to be sure) I say almost, because I've found that if I refresh through a page long enaugh(5-10 times) I can connect.
    I found two nasties with spybot(btw, updateing went the same way just retrying alot until I got it to work) Zeno and Avenue, which I've removed with no effect.
    My hosts file is empty, I can do nslookup.
    My virus program AVG free can find nothing.
    I've tried cleaning all my temp files(cache) with multiple programs.
    I've tried looking through services.msc and stoping a few that seemed wierd to me accomplished nothing.

    I hope someone knows the answer to my problem from just this info....

    Thank you!

    Edit: Oh yeah, and I am running Windows which I can not reninstall and going back to restore point did not help.
     
    Last edited: Apr 21, 2007
    juku, Apr 21, 2007
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    The only way we can really determine if your problems are being cause by malware is for you to please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, renaming, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.
    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
      • CounterSpy - only for Windows XP, 2K, & NT users
      • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy. - only for Windows XP, 2K, & NT users
      • Bitdefender - from step 6
      • Panda Scan - from step 6
      • runkeys.txt - the log from GetRunKey.bat
      • newfiles.txt - the log from ShowNew.bat
      • HijackThis
    NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
     
    chaslang, Apr 21, 2007
    #2
  3. juku

    juku Private E-2

    :eek: :eek: Soory, for not reading all this, but every webpage I open needs an effort, I hope you can forgive me..
    Now, I had multiple problems running all the scans stated, mostly due to my os I assume(vista).
    As I stated before I had gone my copm through with CCleaner and I always keep my hidden files unhidden and extensions as well, scanned with spybot once more.
    I was unable to run counterspy(os not supported) or AVG spyware(gave me some wierd error whenever I tryied to run it, besides if I remember correctly my trial should be over).
    I did the bitdefender scan, took me a frustrating 4H, and closed the whole browser window with now notice, when reaching the end, I had no problems found to that point, but I don't have the log to prove it, and yes I was in safe mode when I did that, I always scan in safe mode.
    The Panda scan would not start, os not supported.
    Runkeys wouldn't start, os not supported.
    So I only have two logs for you HJT and shownew, I hope they are enaugh.


    Again, sorry for not reading carefully, I hope you will still look into my problem.
     

    Attached Files:

    juku, Apr 22, 2007
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please download and run the current version of GetRunKey just updated today. Attach a log from it (assuming it works).

    However at this point I have a feeling that you are not having malware problems and that it could be something due to the setting and software you have installed in Windows. Perhaps you are having a problem with the Parental controls that are setup and being used.

    Also you should disable Spybot's Teatimer as requested in the READ ME.

    Also you should uninstall Viewpoint Media Player as requested in step 0 of the READ ME and you should uninstall your old Sun Java version ( J2SE Runtime Environment 5.0 Update 9 ) and update to the current version per the instructions in step 6 of the READ ME.

    Also I wonder why the below is loading twice:
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
     
    chaslang, Apr 22, 2007
    #4
  5. juku

    juku Private E-2

    Erm....I have no parental control set up in my computer.
    Teatimer is usually not working, but due to the normal boot mode it is up and running, sorry about that...forgot...
    I have not installed anything for days before the problem started, and it is not the problem of windows update(I tried the restore point win update always creates).
    Maybe I should have started from it, where I think the cause was, I was looking for information for my sciense paper, and came across this web page that said "Are you sure you want to leave this page" "ok" "cancel" Well, I am usually not that stupid, but I clicjed ok multiple times before I could move on, I kknow from experience that a notice like that can hide anything.
    Well, I got the getrunkey working.
    Oh and daemon tools is the same thing usually my msconfig has it blocked, as in twice clueless...
     

    Attached Files:

    juku, Apr 23, 2007
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Yes you do! See the below!

    You mean you had it disabled with MSconfig??? You should not use MSconfig to do this and you should not have Teatimer running anyway since you have Windows Defender install. Plus I'm not sure how compatible Teatimer even is with Vista.

    Again, MSconfig should not be used for this purpose. It is only meant for temporary debugging and not for permanent use like this. If you don't need Daemon Tools, uninstall it!
     
    chaslang, Apr 23, 2007
    #6
  7. juku

    juku Private E-2

    Hmm...this was helpful......not
    The parental control part, that is just interesting, but I assure you nothing I have changed nothing in the settings recently, and noone else has used my comp for quite some time now.
    You missed the consept, I need daemon tools sometimes, but I usually do not have it running from startup, why shouldnt I block startup programs with msconfig, seems to make perfect sense to me...
    And teatimer, it is moved for good now...with no result I might add.
     
    juku, Apr 23, 2007
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    That may well be but it does not change the fact that you have them set and they could be impacting what sites you can access. You don't show any signs of malware thus you need to look at what you have installed and set on your PC.

    No I did not miss the concept. You did! MSconfig was not meant to be used as a permanent startup manager. It was only meant to be used as a temporary debugging tool. Use a real Startup Manager not MSconfig. Using MSconfig that way can lead to other problems.

    Yes there was a result. Less system resources being wasted and no conflicts will occur with Windows Defender. That was the reason for not having it running.
     
    chaslang, Apr 23, 2007
    #8
  9. juku

    juku Private E-2

    OKey, thank you for inversting time in my problem, I am still pretty sure that some spyware is causeing it, but if even you could not find it, then I am willing to bet noone can.
    I will just have to take the hard way of formating everything re updateing bios and reinstalling my OS.

    Again thank you for your time.
     
    juku, Apr 24, 2007
    #9
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome.

    Well that is not necessarily true. Vista is still basically a new OS and we don't know that much about it an malware yet. Perhaps someone who has more experience with Vista would have ideas. I don't even have Vista yet. My statements are only based on the limited info given in the logs you supplied. There were no problems seen in them.

    Try disabling the parental controls and see what happens.
     
    chaslang, Apr 24, 2007
    #10

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds