Jackatwo
-
Posts
2 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Jackatwo
-
-
Here is a doosy one for you guys:
even to get to this page I had to disable Malwarebytes Anti-Malware malicous website protection. but others with the https: I am able to get into them?
My problem is I can some times get into web pages of Https: but will not get into any Http: web sites
I downloaded Malwarebytes trail and and it has taken out my computer where as I am unable to go to any web site that has http:
web site with the https: some times is a problem.
I have reset my firewall back to default still the same problem.also did a system restore to another time,
this started right after I did a scan and malwarebytes found blockandsurf158, the following is a log copy.
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 12/04/2014
Scan Time: 9:06:40 AM
Logfile:
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.11.14
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: CTechnologies
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 256127
Time Elapsed: 50 min, 41 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 2
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf158.exe, 5996, Delete-on-Reboot, [dd3d52d7bfbc22149e973b2ddb2712ee]
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp\BlockNSurf.exe, 3556, Delete-on-Reboot, [9684d0590e6d082e34662a3730d2946c]
Modules: 1
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf158.dll, Delete-on-Reboot, [9684d0590e6d082e34662a3730d2946c],
Registry Keys: 1
PUP.Optional.BlockAndSurf.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BlockAndSurf, Quarantined, [dd3d52d7bfbc22149e973b2ddb2712ee],
Registry Values: 2
PUM.Bad.Proxy, HKU\S-1-5-21-2488016936-4034278749-1092428362-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:13828, Quarantined, [f9212ffa84f7de587d88c1e5a65d53ad]
PUP.Optional.BlockAndSurf.A, HKU\S-1-5-21-2488016936-4034278749-1092428362-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BlockNSurf, C:\Program Files (x86)\BlockAndSurf Corp\BlockNSurf.exe, Quarantined, [9684d0590e6d082e34662a3730d2946c]
Registry Data: 0
(No malicious items detected)
Folders: 2
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp, Delete-on-Reboot, [9684d0590e6d082e34662a3730d2946c],
PUP.Optional.SimilarSites.A, C:\Users\CTechnologies\AppData\Roaming\SimilarSites, Quarantined, [2febf2372d4e3afcdd2bfe649b6718e8],
Files: 18
PUP.Optional.BundleInstaller.A, C:\Users\CTechnologies\Downloads\Havij_v1.16_Pro.exe, Quarantined, [819941e8bbc0ef47c28b41f25da4fd03],
PUP.Soft32Downloader, C:\Users\CTechnologies\Downloads\unlocker setup.exe, Quarantined, [cc4e9792d7a490a6b670b74c90717d83],
PUP.Adware.MediaGet, C:\Users\CTechnologies\Downloads\MediaGet_id3587633id.exe, Quarantined, [3cde69c0accf6accab217a8d0df3e11f],
PUP.Optional.Spigot.A, C:\Users\CTechnologies\Downloads\YTDSetup.exe, Quarantined, [fe1c0326fb803006a2d8aa7c728ea957],
PUP.Optional.Softonic.A, C:\Users\CTechnologies\Downloads\SoftonicDownloader_for_utorrent-64-bit.exe, Quarantined, [8b8f18119fdc0d296489948544bd49b7],
PUP.Optional.MegaBrowse.A, C:\Users\CTechnologies\AppData\Roaming\Mozilla\Firefox\Profiles\y8z56zjb.default-1388624678212\extensions\{29b136c9-938d-4d3d-8df8-d649d9b74d02}.xpi, Quarantined, [71a9fd2c03785dd9dd3d3b311be7d52b],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf158.exe, Delete-on-Reboot, [dd3d52d7bfbc22149e973b2ddb2712ee],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp\158.crx, Quarantined, [9684d0590e6d082e34662a3730d2946c],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp\158.xpi, Quarantined, [9684d0590e6d082e34662a3730d2946c],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp\a.db, Quarantined, [9684d0590e6d082e34662a3730d2946c],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp\b.db, Quarantined, [9684d0590e6d082e34662a3730d2946c],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf158.bin, Quarantined, [9684d0590e6d082e34662a3730d2946c],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf158.dll, Delete-on-Reboot, [9684d0590e6d082e34662a3730d2946c],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf158.ini, Quarantined, [9684d0590e6d082e34662a3730d2946c],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf_wd.exe, Quarantined, [9684d0590e6d082e34662a3730d2946c],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp\BlockNSurf.exe, Delete-on-Reboot, [9684d0590e6d082e34662a3730d2946c],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp\Sqlite3.dll, Quarantined, [9684d0590e6d082e34662a3730d2946c],
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf Corp\Uninstall.exe, Quarantined, [9684d0590e6d082e34662a3730d2946c],
Physical Sectors: 0
(No malicious items detected)
(end)I allowed the two following back into the computer, just to see if this would work. it didn't.
\
PUP.Optional.Softonic.A, C:\Users\CTechnologies\Downloads\SoftonicDownloader_for_utorrent-64-bit.exe, Quarantined, [8b8f18119fdc0d296489948544bd49b7],
PUP.Optional.MegaBrowse.A, C:\Users\CTechnologies\AppData\Roaming\Mozilla\Firefox\Profiles\y8z56zjb.default-1388624678212\extensions\{29b136c9-938d-4d3d-8df8-d649d9b74d02}.xpi, Quarantined, [71a9fd2c03785dd9dd3d3b311be7d52b],
Https: secure and Http: blocked
in Resolved Malware Removal Logs
Posted
It took me 6 hours, but persistence got it in the end.
Trouble is I got no idea how,
I turned my firewall / Trend Micro and Malwarebytes off
I went into Internet Explorer / tools / internet options / connections / Lan Settings / "checked" Automatically detect settings.
For some reason the use proxy server for your LAN was checked.
When I changed this setting it worked for both IE and Mozilla, changing the mozilla at the same time is a puzzle,
I rebooted the computer with my firewall / Trend Micro and Malwarebytes going
Tried out the HTTP: sites with no problems.
I do not know why Malwarebytes took all this out or even changed the settings on explorer, but i am happy to have solved this problem.