TechSpot

Browsing trouble

By vrenzokuken
Mar 22, 2010
  1. Hi there. I found a forum on techspot recently while looking for answers to some serious problems on my computer which seemed to be what I needed but after following the instructions given to someone else, I was still not able to solve the problem. I'm kind of new to the whole forum thing so forgive me if I haven't typed this out properly.

    So here are my specs: Running Windows 7 Ultimate 32 bit. using Firefox. Connected through a d-link router (wired), to a shaw cable modem.

    Here are my problems: At first it was just that every link I clicked from google would get redirected to some stupid site, redirected back to google or to a blank page. The only way to get around this was to keep clicking the link from google many times until it went to the right page. I am using firefox, so I tried using internet explorer. Internet explorer doesn't even function though. I tried using google chrome and that doesn't work either. The problem got worse though. Now, half the time I reboot my computer, I cannot connect to any pages on any browser at all. Sometimes this happens but I can connect to the internet through other programs like my torrent downloader and a chat program, and sometimes there's a note on my connection saying no internet access: and of course then I am simply not connected at all. restarting sometimes fixes this. Something very similar to this happened just under a year ago, when I was using Windows vista Ultimate, and I ran every scan I could think of with no results. A guy I know who fixes peoples computers for a living connected to my computer with some program like remote assistance, went in to the registry and did some stuff I don't understand and it temporarily fixed the problem, but it came back. Later, I upgraded to windows 7 and the problems were gone. Now they are back. On top of that, certain programs on my computer don't run, namely most of my games. I double click borderlands and nothing happens. I go to the task bar and it says the process is running. Other programs act the same and in the taskbar the processes show as running and when I try to end the processes, they wont end. The last main problem is that my girlfriends computer is connected to the internet VIA the D-Link usb adapter I gave her that connects to my router. It drops all the time and the only way to get her back on the net is to restart my router. My router is brand new.

    Here is what I've done: I have done almost every thing I can think of with no results. I had AVG and ran full scans which returned no results. I switched to Shaw Secure (Virus protection program that comes free with my ISP). I turned on web protection, and did complete full scans, as well as their online scan. I did this in safe mode aswell. I called my ISP tech support and they said if it's not finding anything then it's probably not a virus. They suggested going through every single process I've got running, and research them on google to see if there's a conflict. I did that. I adjusted some processes to manual and other to disable. No results.

    Then I went through my program files and uninstalled many programs that looked like they may be a problem. That didn't help. I downloaded many other anti virus software and ran it; malwarebytes, spybot, smitfraud, combofix, and trend micro housecall, hijack this and eusing registry cleaner. Nothing helped. Just a note, spy bot said smitfraud was full of viruses and deleted some of it's executable files in the system32 folder. When I ran combofix it warned of spybot and said it was running but it wasn't. After researching this problem and finding only one forum that seemed relative and possibly helpful (the one on this site), I decided to follow the advice given to someone else. Most of it was about using hijack this. My hijack this didn't show up with any of the files that were reccomended to be deleted that the other person had. Then I used combofix as was instructed to the other guy, and that did nothing. I Found another forum about a similar problem and someone was told to do something with winsock, so I did that. Reset it I guess. That didn't help. I've also tried power cycling my modem and router many times, and no result. Right now I am on the internet because I am connected through the web browser built in to Express Gate, an operating system built in to my ASUS P5QL Pro motherboard which is totally seperate from windows and loads from the BIOS.

    The only other thing to do that I can think of is to resinstall windows, but I see that as not an option as I have spent so much time and effort making windows work the way i want it to and I have almost a terrabyte of stuff on two hard drives that is not backed up on DVD's, and program files I don't have on CD's, and as well, if there is a virus on my computer, reformatting one hard drive and moving the files to the other isn't going to kill it. It would just come back later on.


    I'm sure there are tests you want me to run. Though I know what these programs are, and I have them, I do not know anything about them, but you guys probably do. So whatever you want me to download or run and post a log file of, just let me know.

    One other problem is that my computer is slower, many programs just stop responding, and the computer hangs sometimes for quite a while. This is a fairly new computer and I do well to keep it maintained. I bought it a year ago, and I regularly take the case off and check connections in the hardware and clean the fans and whatnot. I also recently adjusted the fan speed to maximum because I thought that would be good to do if anything was overheating.

    Thanks for reading. Hope you can help.

    -Josh
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Josh, malware help is meant only for the person who begins that help. It is not something that should be applied by another to a different system and possibly different malware.

    I will go back an read your entire [post, but is you want us to check the system for malware, please follow these steps HERE

    When you have finished, please attach the 3 logs to your next reply for our review.

    While you get started on that, I'm going to read through your post. If I need to add anything additional at this time, I will edit this reply.

    You shouldn't be surprised at this. The system is heavily burden with programs and logs that didn't help.

    As for running Combofix without a helper specifically guiding you to do it, another potential for harm was created.

    In the future, please try to condense the problem with a brief description..And don't every try to use someone else's help on your own system!
     
  3. vrenzokuken

    vrenzokuken TS Rookie Topic Starter

    Log files as requested

    I have followed the 8 steps to a T, not skipping anything, and have attached the log files requested. Thanks.

    -Josh
     

    Attached Files:

  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Josh, did you run any compatibility checks before upgrading? Is this the same Windows 7 you upgraded from Vista?It possible the programs won't open because they don't run in Windows 7 mode. For instance, O4 - Global Startup: Matrix Screen Locker.lnk = C:\Program Files\BaroufaSoft\Matrix Screen Locker\matrix.exe has this:
    System Requirements: Windows 98/Me/2000/XP. IT doesn't even list compatible with Vista.

    I need more information on some of the entries I see:
    Please download ComboFix HERE:
    • With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
      Important! Save the renamed download to your desktop.
    • Please disable all security programs, such as antiviruses, antispywares, and firewalls.
    • Double click on the setup file on the desktop to run
    • If prompted to download and install the Recovery Console, please do so.
      (Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.)
    • If prompted to update, please allow.
    • Click on Yes, to continue scanning for malware.
    • When finished, it will produce a log.Please include the C:\ComboFix.txt in your next reply.
    Notes:

    • 1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
      2. ComboFix may reset a number of Internet Explorer's settings.
      3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security.
      4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run.
    .
    Run Eset NOD32 Online AntiVirus Scanner HERE
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the Active X control to install
    • Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    • Click Start
    • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    • Click Scan
    • Wait for the scan to finish
    • Re-enable your Antivirus software.
    • A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

    See if both of the above will run on Windows 7. It looks like you've rigged some programs to force them to open- if there is a compatibility issue here, you'll either have to accept it and remove the programs that aren't compatible or look for later versions.

    Attach Combofix report and Eset log to next reply

    Please don't make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!! Don't make any Registry Changes. And it is recommended that if you are running any Registry editing program, that you either uninstall or disable while we are in the cleaning process

    ========================
    Instructions posted for this user are customized for this user only. The tools used may cause damage if used on a computer with different infections. If you think you have similar problems, please start a new thread and follow the preliminary cleaning steps HERE. Attach the logs.
     
  5. vrenzokuken

    vrenzokuken TS Rookie Topic Starter

    Cleaning Progress

    Ok, I've done what you asked and have attached the corresponding log files, well not the ESET one. It didn't create a log where you said it would. Eset found a trojan though, in a music file called a something like some sort of General WMA trojan. I Uninstalled it.

    To answer your compatibility questions, the program you mentioned (matrix screenloacker) works fine with windows 7. Most of the programs on my computer were obtained after upgrading to windows 7, and the ones I'm having trouble with are windows 7 compatible. I also know that windows 7 is backwards compatible, so it will run most programs that were made before it. Two of these programs are Borderlands, the game for PC, and Steam (program related to pc gaming). Steam hangs, and borderlands simply doesn't open.

    When I tried running Combofix, nothing happened so I switched to my other user account (both accounts have admin privs), and it worked.

    I'm not sure what you mean by "Rigged programs to force start". If I install a program and it asks me for permission as administrator, I always say yes, and if it says it has known compatibility issues, I run it anyways, and have not yet had a problem with one program, except one that was completely not compatible with windows 7, and so I simply couldn't use it and deleted it.

    Could it be that certain installed programs conflictions are causing certain functions in my computer to not work properly? I don't see how that would make sense though, since any of the programs that may be in question are not related to my web browsing and internet.
     
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Last person I had who had 2 Administrative accounts removed one of them and the problem was resolved. Only one Administrator should be on the system- otherwise you're giving it 2 bosses- how does it know which one to listen to?!
     
  7. vrenzokuken

    vrenzokuken TS Rookie Topic Starter

    WMA Virus?

    I will try removing the other user account then, or changing the privillages.

    You know what I just realized though... The last time I had a problem just like this, the time I told you about when I was using vista, it happened right after I downloaded a song, which was in WMA formatt, and windows media player told me it needed to download codecs for it, and in turn ended up causing this problem. I researched it and it was a virus type embedded in WMA that works through windows media player, though I do not use WMP anymore. I use winamp. But the trojan that Eset found was Called WMA something and was in one of the songs I've recently downloaded. The thing is, Eset only gave me the option to "Uninstall Application", and so I did that but I'm not sure if that removed it. You would think it would give you an option to remove it completely, and how is a song an application? Well, I deleted the folder too. I am going to now log in to windows, remove second user account, restart and try using my computer normally. I will update with another reply if this works or if it doesn't.

    -Josh
     
  8. vrenzokuken

    vrenzokuken TS Rookie Topic Starter

    Internet seems to be steady now. Steam still crashes. Still getting redirected from google. Here are two sites I picked up from the redirects.

    uonmydfoire.com

    essearch.net
     
  9. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    When you get down to one administrator, please run Combofix and leave report.
     
  10. vrenzokuken

    vrenzokuken TS Rookie Topic Starter

    Still no progress

    Combofix is now not running on either account. I double click it, the green bar fills up like it's about to start, then nothing. I don't move the mouse and all programs are closed. I had the same problem when I tried to run it before when I had two administrtor accounts, but would run on one of them. Now it does not run on either, even when I switched the admin privs back on temporarily just to test it. I'm thinking this may not be fixable. Maybe the next step is to concede and reinstall windows... I really really don't want to do that :/
     
  11. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Considering the fact that someone gave remote assistance and the fact that you were running two administrative accounts and the added fact that you did an upgrade and have some compatibility issues, I think the best path is for you to start over, but do it right.

    I think you have multiple problems, have made too many changes and basically not set the system up correctly. There are also parts of AVG running in addition to the Shaw F-Secure. Malware is not the issue here, Josh. Sorry I can't help more.
     
  12. vrenzokuken

    vrenzokuken TS Rookie Topic Starter

    Well I have decided to start over. When I have formatted and reinstalled windows, I'm going to set up my anti-virus to full protection and be more careful with the torrents I download. by the way, AVG is not installed on my computer.

    Do you have any advice on backing up my files and do you know if it's possible to retain some of my settings for windows so I don't have to do it all over again. It was a b#$%^ to set everything up, finding the right drivers, software, etc... Will take me weeks to redo all that. Mainly I just wish there was a way to keep my program files.. There are so many of them and I have none of them on installation cd's. All my programs came from the internet.
     
  13. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    P2P or 'file sharingWarning:
    Note: Even if you are using a "safe" P2P program, it is only the program that is safe. I suggest that you uninstall any file sharing program for the following reasons:
    • As long as you are using file sharing networks and programs which are from sources that are not documented, you cannot verity that a download is legitimate.
    • Malware writers use these program to include malicious content.
    • Fie sharing is usually unmonitored and there is a danger that your private files might be accessed.
    • The 'sharing' also includes malware that the shared system has on it.
    • Files that are illegal can be spread through file sharing.

    Please read the information on P2P Warning to help you better understand these dangers.

    Please follow these simple steps to keep your computer clean and secure:
    1.Disable and Enable System Restore: See System Restore Guide This will help you understand what this is, why you need to clean and set restore points and what information is in them.
    2.Stay current on updates:
    • Visit the Microsoft Download Sitefrequently. You should get All updates marked Critical and the current SP updates: Windows XP> SP2, SP3.
    • Visit this Adobe Reader site often and make sure you have the most current update. Uninstall any earlier updates as they are vulnerabilities.
    • Check this site often.Java Updates Stay current as most updates are for security. Uninstall any earlier versions in Add/Remove Programs.
    3.Make Internet Explorer safer. Follow the suggestions HERE This Tutorial will help guide you through Configuring Security Settings, Managing Active X Controls and other safety features.
    4.Remove Temporary Internet Files regularly: Use ATF Cleaner by Atribune or TFC
    5. Use an AntiVirus Software(only one)
    Both of the following programs are free and known to be good:
    Avira Free
    Avast Home
    See Virus, Spyware, and Malware Protection and Removal Resources

    6.Use a good, bi-directional firewall(one software firewall) I recommend either of these software firewalls.- both are free and good:
    Comodo or Zone Alarm
    7.Consider these programs for Extra Security
    • Spywareblaster: SpywareBlaster protects against bad ActiveX. It places kill bits to stop bad Active X controls from being installed. Remember to update it regularly.
    • IE/Spyad This places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
    • MVPS Hosts files This replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
    • Google Toolbar Get the free google toolbar to help stop pop up windows.

    If I can be of further assistance, please let me know. .
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...