Can't load any login page in any browser, all other pages work, could it be malware?

[SEzzz]

Hi everyone. I'm a total newbie and I gotta say that the amount of useful information on this site is extraordinary. Thank you to all of those who have contributed so far.

In regards to my own problem, a few days ago, my computer lost the ability to load any login pages. To be more exact, I can't process any logins. I can see some login pages (facebook, hulu) but clicking login always times out. For gmail, i can't even load the login page. The weirdest part is that everything else functions normally. Any other webpage works just fine without any problems. Is it possible that I have some type of infestation that is messing with login pages because it is trying to steal my passwords?

So far I've ran ccleaner, malware thingy, running spyware thingy right now, my anti-virus. I will post logs as soon as i get home.

This is really wierd. Any help would be much appreciated!

Thank you in advance!

 

[SEzzz]

completer 8 steps, problem still exists, logs attached

finished the 8 steps earlier and the problem still exists! please help!

everything works fine but login pages. I've checked that cookies are enabled, SSL is enabled, did the DNS hosts file update...not sure what else to do.

if anyone can offer any advice based on these logs it would be very much appreciated!

 

[DelJo63]

don't see much BUT if these findings are true ...

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: FAService - Sensible Vision  - C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_cce24a4c\STacSV64.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

then major portions of Windows/Vista are missing

open My Computer-> dbl click on the c:\ drive
scroll to Windows
scroll to system32

now verify that the file names are or are not present ....

 

[SEzzz]

thanks jobeard! i'll double check the files as soon as i get home. although i would suspect that they will be there since everything works just fine, besides the logins.

one other thing to mention, i took my laptop to a friend's house and connected to his network. using his network, everything worked just fine. logins worked without a problem.

even weirder, i left my gmail open, walked back to my house, connected back to my network, gmail inbox was working just fine. once i logged out thought, i couldn't log back in. this seems like it's an ISP issue. no idea how to fix this since I don't have a router, the ISP provides the wireless service for the entire building.

anyways, thank you very much for looking at the logs. I really appreciate the help and i apologize for taking your time since this seems to be a problem cause by the ISP and not malware.

 

[kritius]

64 bit OS?

Would explain those entries.

 

[SEzzz]

yeah! you are completely right. it has a separate folder for 64 bit stuff and 32 bit stuff and hijackthis is probably scanning the 32bit folder. makes total sense now!

thank you for pointing that out! i would have been puzzled for days

 

[DelJo63]

me too! :wave:

 

[kritius]

As they say where I am, nae bother!