"Waiting for www.google-analytics.com..." pages won't load on my Firefox

Inactive
By chanlao
Sep 12, 2010
Topic Status:
Not open for further replies.
  1. So this only started to happen recently where I would want to go to a site and the page goes blank and says that it is "waiting for www.google-analytics.com". It is then just stuck on that loading screen. I'm not good with computers or any of the technical stuff, but I have been searching for a solution and can't find one. Could someone please help me?
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Do you have the Google Toolbar on Firefox? If you do, click on the wrench on the right end of the Toolbar> Search section > Uncheck 'Send Usage statistics to Google'.
  3. chanlao

    chanlao Newcomer, in training Topic Starter Posts: 21

    No, I have the built-in search bar. There's no wrench. Oh, and when I clicked a link a separate window popped up with "gugle-analytics" I don't know if that changes anything though. Thanks in advance.
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Give this Firefox add-on a try: Ghostery 2.3.1> HERE

    It blocks over 200 web-tracking agencies from gathering information on your internet use. This includes Google Analytics. It updates itself weekly to keep 'one step ahead' of the trackers.
  5. chanlao

    chanlao Newcomer, in training Topic Starter Posts: 21

    Ah, thank you! It works, but I'm wondering if this actually gets to the root of the problem and stops it. Because sometimes I'll get a pop-up with gugle-analytics when visiting a page or link that is not related to my search. Is this not some sort of virus?
  6. chanlao

    chanlao Newcomer, in training Topic Starter Posts: 21

    I'm not sure if this is related, but when I'm using the google search engine and I click one of the results it brings me to a page completely unrelated to what I searched.
  7. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    You are misspelling this- right? gugle-analytics I don't think the analytics is a matter of malware. It appears that it can be used in a business environment to track traffic on a web site.

    On the other hand, if you are using the Google search and are being redirected to a page other than what you requested, that could be caused by malware.

    If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    When you have finished, leave the logs for review in your next reply .

    Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
  8. chanlao

    chanlao Newcomer, in training Topic Starter Posts: 21

    No, its actually spelled "gugle" which is why I'm a little worried. [When I click a link, a separate window opens with "results.gugle.com" in the web address bar] As for the 8-step removal instructions, I have a question about step 4. How do I know if my operating system is Windows 7 64-bit or not?
  9. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Lots of complaints about this>gugle
    Most of the site that come up using the search string "results.gugle.com" were low rated sites. The few others I checked indicated this was mostly in Firefox and many were from the Macs.

    A search for just the word "gugle" found this:
    My thought on this would be why would you need a search widget in a search engine!

    To find out if your computer is running 32-bit or 64-bit Windows, do the following
    1. Open System by clicking the Start button Picture of the Start button, clicking Control Panel, clicking System and Maintenance, and then clicking System.
    2. Under System, you can view the system type.
  10. chanlao

    chanlao Newcomer, in training Topic Starter Posts: 21

    Ok, I think I've completed the 8-steps correctly (hopefully). Thanks again for doing this! :) Attached are the DDS logs.

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 4052

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    9/14/2010 1:26:38 PM
    mbam-log-2010-09-14 (13-26-38).txt

    Scan type: Quick scan
    Objects scanned: 120168
    Time elapsed: 3 minute(s), 46 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    Attached Files:

    • DDS.zip
      File size:
      8.7 KB
      Views:
      1
  11. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    On 9/12/2010, Microsoft Antimalware identified this threat on your system:
    http://go.microsoft.com/fwlink/?linkid=37020&name=Rogue:Win32/FakeXPA&threatid=2147610319

    It has several aliases, a common one being Antivirus 2010. The instructions for the removal are on the site above. Did you get an alert for this? Do anything about it?

    The message was:
    The additional errors in the Event log note that in order to be protected, the program needs to be kept updated. Please do that now. Then scan with the program and follow any screen prompts for removal. Security programs-or any other programs that get security updates such as Java and Adobe cannot protect a system unless updates are current.
    ==========================================
    You have both McAfee and Avast running. Please remove one of them. Multiple AV programs cause cause more multiple vulnerability.
    ============================================
    The following programs are outdated. Update each and then uninstall all earlier versions:
    Java: Check this site .Java Updates Get the most current update. Uninstall any earlier versions in Add/Remove Programs.
    Adobe Reader: Visit this Adobe Reader site and make sure you have the most current update. Uninstall any earlier updates as they are vulnerabilities.
    ====================================
    After you update and scan with Microsoft Antimalware, please Run Eset NOD32 Online AntiVirus scan HERE
    1. Tick the box next to YES, I accept the Terms of Use.
    2. Click Start
    3. When asked, allow the Active X control to install
    4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    5. Click Start
    6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    7. Click Scan
    8. Wait for the scan to finish
    9. Re-enable your Antivirus software.
    10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
  12. chanlao

    chanlao Newcomer, in training Topic Starter Posts: 21

    I didn't realize that microsoft essentials had scanned my computer, but checking back it says that it was removed. Attached is the Eset log. Thanks again.

    Attached Files:

  13. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Eset identified one entry so run this for removal:

    Please download OTMovit by Old Timer and save to your desktop.
    • Double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
    • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
      Code:
      :Processes	
      :Services
      :Files  
      C:\SWSetup\AOLIMS\setup.exe
      :Commands
      [purity]
      [emptytemp]
      [start explorer]
      [Reboot]
    • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.
    • Click the red Moveit! button.
    • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
    • Close OTMoveIt3
    If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
    ====================================
    Please follow with this:
    Please download ComboFix from Here and save to your Desktop.

    • [1]. Do NOT rename Combofix unless instructed.
      [2].Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      [3].Close any open browsers.
      [4]. Double click combofix.exe & follow the prompts to run.
    • NOTE: Combofix will disconnect your machine from the Internet as soon as it starts. The connection is automatically restored before CF completes its run. If it does not, restart your computer to restore your connection.
      [5]. If Combofix asks you to install Recovery Console, please allow it.
      [6]. If Combofix asks you to update the program, always allow.
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      [7]. A report will be generated after the scan. Please paste the C:\ComboFix.txt[/b] in next reply.
    You can use more than one post for log if needed.
    Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.
    Note: Make sure you re-enable your security programs, when you're done with Combofix..
     
  14. chanlao

    chanlao Newcomer, in training Topic Starter Posts: 21

    When running ComboFix an error pops up: ErrorWin32 and won't run.
  15. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Sorry- didn't realize you have a 64bti OS. Run this instead:
    • Download OTL from either of the links below and save it to your desktop.
      Link 1
      Link 2
    • Double click the OTL icon to run it.[​IMG]
    • The opened console will resemble this: [​IMG]
    • Set Output at the top to Minimal Output.
    • Check the boxes beside LOP Check and Purity Check.
    • Copy the entries in the Codebox below> Paste in the Custom Scan box.
      Code:
      netsvcs
      %SYSTEMDRIVE%\*.exe
      /md5start
      eventlog.dll
      scecli.dll
      netlogon.dll
      cngaudit.dll
      sceclt.dll
      ntelogon.dll
      logevent.dll
      iaStor.sys
      nvstor.sys
      atapi.sys
      IdeChnDr.sys
      viasraid.sys
      AGP440.sys
      vaxscsi.sys
      nvatabus.sys
      viamraid.sys
      nvata.sys
      nvgts.sys
      iastorv.sys
      ViPrt.sys
      eNetHook.dll
      ahcix86.sys
      KR10N.sys
      nvstor32.sys
      ahcix86s.sys
      nvrd32.sys
      symmpi.sys
      adp3132.sys
      mv61xx.sys
      /md5stop
      %systemroot%\*. /mp /s
      %systemroot%\system32\*.dll /lockedfiles
      %systemroot%\Tasks\*.job /lockedfiles
      %systemroot%\system32\drivers\*.sys /lockedfiles
      %systemroot%\System32\config\*.sav
      CREATERESTOREPOINT
      
    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      Make sure all other windows are closed and to let it run uninterrupted.
    • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.
  16. chanlao

    chanlao Newcomer, in training Topic Starter Posts: 21

    Oh, ok. I'm not sure if you'll still need this, but here's the OTMovit log from step on the previous post.

    Attached Files:

  17. chanlao

    chanlao Newcomer, in training Topic Starter Posts: 21

    Both logs were way too long to fit into posts, I hope its okay that that I just attached them to the post instead.

    Attached Files:

  18. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    It just takes me longer. Will be back after I've finished going over the logs.
  19. chanlao

    chanlao Newcomer, in training Topic Starter Posts: 21

    I know you probably have tons of other peoples' threads to look over, but just wanted to check in to make sure this thread was still open. [ I'm just paranoid that it might get lost in all the other threads xD;; ]
  20. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    I lost the thread! Please accept my apology. I must have accidentally deleted notice of your reply. It the problem still "waiting for www.google-analytics.com"? Has there been any change?
  21. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    I lost the thread! Please accept my apology. I must have accidentally deleted notice of your reply. It the problem still "waiting for www.google-analytics.com"? Has there been any change?

    Further investigating gives this information:
    1. This is most likely cause by a Firefox extension. To prevent such entries:
    Add the Firefox extension AdBlockPlus: https://addons.mozilla.org/en-US/firefox/addon/1865/
    Then, to that, add the Easy List which is a filter for it: http://easylist.adblockplus.org/
    Reboot the computer after putting both of these on.

    Please run these OTL Custom Scan Fixes
    • Run OTL
    • Copy the contents of the Code box and paste in the Custom Scans/Fixes box at the bottom:
      Code:
      :OT
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
      O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
      O4 - HKLM..\Run: []  File not found
      O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe File not found
      O13 - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O18:[b]64bit:[/b] - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
      O18:[b]64bit:[/b] - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
      O18:[b]64bit:[/b] - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
      O18:[b]64bit:[/b] - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
      O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
      O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
      O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
      O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
      O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
      O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
      O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
      O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
      O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
      :Services
      :Reg
      :Files
      :Commands
      [msconfig /all]
      [purity]
      [emptytemp]
      [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run uninterrupted, reboot the PC when it is done
    • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
    =================================

    Run Eset NOD32 Online AntiVirus scan HERE
    1. Tick the box next to YES, I accept the Terms of Use.
    2. Click Start
    3. When asked, allow the Active X control to install
    4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    5. Click Start
    6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    7. Click Scan
    8. Wait for the scan to finish
    9. Re-enable your Antivirus software.
    10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

    I may have to add script again but go ahead with this.
  22. chanlao

    chanlao Newcomer, in training Topic Starter Posts: 21

    No problem, I understand that you have a lot of other people to help as well as me and that maybe some threads would get lost among so many. I haven't experienced any new problems, but I want to make sure that there isn't anything that my scanners haven't found or that I've overlooked. Attached are the logs from after running a fix on OTL, running a quick scan on OTL and the ESET log.

    Attached Files:

Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.