Can't connect to certain websites

By viper22x · 31 replies
Oct 22, 2008
  1. Ok, well one night i could connect to a site, then the next POOF i cant. I dont know why it wont let me. if anybody has any ideas that would be awsome! i'll post a HJT log just incase...
    the only way im able to connect to the site is though proxy but it takes away alot of the tools. I'm getting so annoyed. I reset the stuff in C:\windows\system32\drivers\ect\host
    that didn't do anything. so please help.

    Attached Files:

  2. rf6647

    rf6647 TS Maniac Posts: 829

    OK, I'll bite. How did this turn out? I know it's been about two weeks, but I put it on my watch list.

    The only program you did not load was MBAM. This one is the key to the scheme of things around here.
  3. viper22x

    viper22x TS Rookie Topic Starter Posts: 46

    It's only been two weeks wow, it feels like months.... ive scanned with mbam before it happened after it happened and numorous times after again. it never finds anything (because i like my computer clean) but i have Avast, i installed Spybot S&D, im not sure if that did anything, also i cleaned out the hosts in my system32 folder. (well reset em)

    How did this turn out?

    What do you mean?
  4. rf6647

    rf6647 TS Maniac Posts: 829

    You posted a problem & asked for help. For the next 2 weeks nothing further happened, and I interpretted you got past needing help. I am a curious type, so I was inquiring what you did to resolved the problem.

    For anyone seeking help with malware removal, the volunteers expect 3 logs: MBAM, SAS, & HJT. Following this procedure "normalizes" your case in that over 1000 malware threats have been addressed by the tools.

    From this point it is easier to address your complaint about URL blocking / URL re-direction. There are specific tools for specific problems. Trained volunteers can get you there faster.

    If you post the 3 logs, one of the volunteers may recognize this signal. Your description that mentions lingering problems should prompt them to suggest further tools to use.

    Perhaps someone can spot if there is a conflict between programs. Your HJT log did not show AVAST.
    SpyBot [SS&D] uses 'host' to blacklist known malware sites. HJT also works with whitelists and blacklists. SS&D use of 'host' is whitelisted by HJT. However, some Internet Security Suites [such as ZoneAlarm] undo the 'host' file & use its own device. I believe that ZA uses the engine from Kaspersky Internet Security.
  5. viper22x

    viper22x TS Rookie Topic Starter Posts: 46

    Well, ive used kaspersky but recently switched to Avast, nobody has helped me so yeah, your the only one who actually replied -.- im still having problems with going to the site. ill run a mbam, SAS and HJT this log. ill post em for you.
  6. momok

    momok TS Rookie Posts: 2,265

    Do run them in this order: MBAM, SAS, HJT thanks.
  7. viper22x

    viper22x TS Rookie Topic Starter Posts: 46

    Well here they are...

    Attached Files:

  8. rf6647

    rf6647 TS Maniac Posts: 829

    Things appear to be clean. However both MBAM & SAS need updating. Many changes during the last 5 days.

    Are the symptoms gone?

    Posts logs & advise us if still experiencing re-direction or other problems.

    Differences noted for HJT
  9. viper22x

    viper22x TS Rookie Topic Starter Posts: 46

    Ok, ill update them and scan again. as for HJT the vent_srv i manualy put that there. im running a ventrilo server on my computer. so i just changed it in the registry. ill run mbam and sas again and post another HJT log asap.

    Still cant connect to the site =/ but ill try after i update and post logs.

    well i tried deleting the 3 010's but it cant do it. i need LSPfix... im going to see if i can find it.

    ok well i got LSPfix and got rid of 2 things that were from prxer. then i did a scan and all the 010's where gone. ^_^ ill post a mbam and sas and HJT tonight.

    Well it appears i cant update mbam... i have no firewall atm. just avast and i cant update it... any ideas?
  10. rf6647

    rf6647 TS Maniac Posts: 829

    Again, my 'express' notation communicates poorly.

    HJT differences were called to your attention. The O23 is legit. It may have brought in O10. I just do not know. I gave attributes for both to help you investigate things you're closer to.

    HJT Tutorial with link to LSPfix

    It was my intention to use updated MBAM / SAS to confirm clean appearances,

    HOWEVER, inability to reach sites with needed updates for tools is a bad sign.

    Yes, O10 can be an infection. I tend not to suspect these because there was a name associated with it, and you made another change showing up as O23 entry.

    Therefore, I will assume the rou ter has been hacked. Take time to understand what special changes made to rou ter setting, if any, were made by you.. Also, if using a ADSL modem, be prepared to redo the configurations with your ISP provider.

    Disconnect from rou ter or disable wireless.
    Shut down computer..
    Hard Reset rou ter.
    Hard reset ISP modem

    "Hard reset" means following procedures to force factory defaults.

    Power Computer.
    Run present version of MBAM & SAS

    Re-connect to rou ter / ISP

    Change password for the router.

    Update tools

    Post back success / failures.
  11. viper22x

    viper22x TS Rookie Topic Starter Posts: 46

    I garentee you the 23 didnt bring in the 10. Ventrilo is a trusted program. Search if you like. i actually manualy installed the 10 -.-

    restarting now, will update and see what happens.

    Edit: well then LSP fix did nothing except kill my internet XD i had to system restore... im going to try and uninstall proxifier. that should just fix it and i still cant update mbam following your instructions.

    Edit: Well after about an hour of trying to get this to work i finally uninstalled proxifier and got rid of all traces... then i was able to update MBAM and SAS. Will give a fresh scan of all asap ^_^
  12. rf6647

    rf6647 TS Maniac Posts: 829

    I put in a call for more help from mflynn.

    Hold this post in reserve for future use . The upper right corner links to the full thread. Sometimes the problem is a corrupted registry.

    It would be great to see 3 logs from current tools.
  13. viper22x

    viper22x TS Rookie Topic Starter Posts: 46

    Ok thanks, the stupid proxifier was causing alot of problems. Scanning with mbam and SAS as we speak :p
  14. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    rf6647, how about we put this on a sticky, all by itself, in bold print! There are some helpers who don't appear to understand the value of the logs! I'd like to 'borrow' the two sentences for use at appropriate times if you don't mind.
  15. viper22x

    viper22x TS Rookie Topic Starter Posts: 46

    Sorry for the delay, been busy with school. but here they are...
  16. viper22x

    viper22x TS Rookie Topic Starter Posts: 46

    Bump.... Also, i just found out something... The site wont let me connect through my IP... i try proxies and it works fine... any ideas?
  17. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    My goodness, you fell through the cracks! I didn't get the notice of your reply. Maybe others didn't either. Mbam is clean and all SAS shows is Tracking Cookies- we'll reset the Cookies for that.

    Please advise: Did you set a homepage to be blank? If so, okay. If not, you have about:blank malware:
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

    There is nothing in the HijackThis logs to account for the problem, re malware. But I would like you to try two things, one at a time, check system in between and see if any different:

    1. Temporarily disable the Firefox add-on Sothink SWF Catcher
    Check system
    2. Temporarily disable the O23 - Service: Ventrilo: Start> services.msc> right click on the Service> Properties> change Startup to Disable.

    For each of the above, you need to UNCHECK on Startup:
    Start> Run> msconfig> enter> Selective Startup> Startup tab> UNCHECK each> Apply> OK> Reboot.
    You can ignore the nag message after checking 'don't show this message again.' Stay in Selective Startup.

    If neither of the above produces results, we will need to check the Services. Easiest way is to look for Error in the Event Viewer that corresponds to the failed access of the web page. You do not give us any error message:
    Start> Run> cmd> type in eventvwr
    Ignore Warnings. Please do not copy the entire log. You can omit the lines of code-if any-in the box below the Description.

    Reset Cookies:
    Update Java:
    Check this description of the Google Gears out. I'm wondering if there can be any conflict between it and the SQL you are using:

    I also don't see any PDF Reader. Do you not need one or is there one included in something you have that I don't know about?
    In case you need it:
    Adobe Reader: . Click here to download the latest version v9:
    Install the FoxIt Reader: this does the same thing as Adobe, but doesn’t have the bloat:
  18. viper22x

    viper22x TS Rookie Topic Starter Posts: 46

    Well, nobody replied for over like... a month?

    I havent tried what you posted yet, have to get to school. just going to post a new hijackthis log. When i get back ill read this more throughly and see if any of that helps. thanks.
  19. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    And that rarely happens. But everyone here has a problem and they are more problems than 'fixers'. So occasionally, a post will go unanswered and also, occasionally, the part of the site that send us notice that someone has replied doesn't work. We;come to cyberspace where nothing is perfect-much like the other part of the world we live in!

    This won't help, because what I posted was based on the previous logs.

    This however, is new and it needs to be stopped while cleaning- it is considered Real Time monitoring:
    In the Hijck log on Post #7, you had this:
    Member rf6647 brought your attention to it, now that is gone. Only to be replaced by Stopzilla.

    The Hijack log in Post #15 shows no LSP entry but currently you have Stopzilla.

    You will need to go back, run all three of the cleaning program again and attach new logs. Please do NOT add or remove anything unless you are instructed to do so. You can follow my directions in Post #17, the do the rescans.

    You should not be adding and changing programs and processes when the cleaning is going on. I would also like to know what the current problems with the system are, as clearly as you can describe them. Has anything changed from the original problems? What?
  20. viper22x

    viper22x TS Rookie Topic Starter Posts: 46

    Oh lol, proxifier thing was bad. StopZilla is a Anti-Everything program. I trust it, and its very effective. Id say even more then MBAM... Im not going to remove it just because i know what it is.

    Also, stopzilla is a very picky program, you can only run it after reboot when it auto starts. Other then that it will sit at "Loading..." so im not going to remove it. other then that... i really don't know why it wont let me connect... ive done EVERYTHING!

    I'll try and posts MBAM and SAS asap. Don't really need hijackthis because nothing has changed.

    There are no systems, system works just fine. But it just stoped letting me connect to the site over night. No one used my computer, its my personal computer..
  21. SpiritWind

    SpiritWind TS Rookie Posts: 164

    Hosts File problem !?

    Hi :

    I have wondered from the start IF you MAY have a Hosts File "problem" !? To
    discover IF this is possibility, you would Post the Log from HijackThis's "Hosts
    File Manager" . This is done by clicking the "Config" button, then the "Misc Tools"
    button, then the "Hosts File Manager" button . IF there is any Info other than 1 line
    below the "Explanation", that Log should be posted in One of your future Replies .
  22. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    A comment for you> it is almost two months since you began with this problem. It would appear that you want help in resolving it or you wouldn't have posted.

    The reason for you problem is not apparent at this point, so we instruct you to do different thing to see if it will resolve. A firewall is a good thing too. Yet, if not configured correctly, it can prevent certain functions.

    Perhaps someone else will be willing to work with you.

    I realize you know what Stopzilla is and have it intentionally. But I want you to stop it and see if it could possible be causing the problem.

    If you don't care to follow the suggestions- that's okay. But you will just have to continue to go "poof."
  23. viper22x

    viper22x TS Rookie Topic Starter Posts: 46

    Well, this has started before ive even had stopzilla, ive only had it for about a week or so.
    and to spirit

    This is whats in my hosts, ive already cleared this out before though...

    # Copyright © 1993-1999 Microsoft Corp.
    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
    # This file contains the mappings of IP addresses to host names. Each
    # entry should be kept on an individual line. The IP address should
    # be placed in the first column followed by the corresponding host name.
    # The IP address and the host name should be separated by at least one
    # space.
    # Additionally, comments (such as these) may be inserted on individual
    # lines or following the machine name denoted by a "#" symbol.
    # For example:
    # # source server
    # # x client host
    # localhost
  24. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    You started this thread almost a month ago. You had a problem you wanted help resolving.

    Adding something else to the mix shouldn't have been done.

    Spirit Wind can work with you on the Host files.
  25. viper22x

    viper22x TS Rookie Topic Starter Posts: 46

    Oh wow, i really forgot about this sorry... christmas and stuff had me distracted then school. So, spirit what do you need me to do?

    I really think Spybot: Search and Destroy did this... atleast im almost sure it did...
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...