Jump to content

Cannot access Malwarebytes web site


Recommended Posts

For the last two days attempting to access www.malwarebytes.org yields a totally blank page in IE and Firefox. Happens on three different computers - two on an ADSL connection, one on 3G wireless connection.

Malwarebytes Pro is running and updating normally.

No other web issues.

Interestingly, I can successfully access the following:

http://www.malwarebytes.org/mbam-clean.exe

http://www.malwarebytes.org/products

http://www.malwarebytes.org/products/malwarebytes_pro

Etc.

But clicking Home at the top of the page on the last two links above also yields the same blank page.

How wierd is that?

Link to post
Share on other sites

That is odd. Run this report tool on each of your systems. You can save to a flash-USB drive & run the exe from it.

Download >> Farbar's Service Scanner utility << and Save to your Desktop.

If using Windows 7 or Vista, Right-Click on fss.exe and select Run As Admisnitrator.

If using XP, double-click to start.

Answer Yes to ok when prompted.

If your firewall then puts out a prompt, again, allow it to run.

Once FSS is on-screen, be sure the following items are checkmarked:

  • Internet Services
  • Windows firewall
  • System Restore
  • Security Center
  • Windows Update

Click on "Scan".

It will create a log (FSS.txt) in the same directory the tool is run.

Copy & Paste contents of FSS.txt into your reply.

Then, on each system, update MBAM & do a Quick scan.

Save and close any work documents, close any apps that you started.

Start your MBAM MalwareBytes' Anti-Malware.

Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.

Do a Quick Scan.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Let us know if any of the MBAM logs detects/flags something.

Link to post
Share on other sites

Logs follow. Updated & scanned Malwarebytes as requested - Malwarebytes didn't detect anything on any of the computers.

Main computer (WIndows 7, ADSL connection)

Farbar Service Scanner Version: 01-03-2012

Ran by John Marg (administrator) on 06-04-2012 at 15:22:14

Running from "C:\Users\John Marg\Desktop\FSS"

Microsoft Windows 7 Home Premium Service Pack 1 (X86)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Yahoo IP is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

File Check:

========

C:\Windows\system32\nsisvc.dll => MD5 is legit

C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit

C:\Windows\system32\dhcpcore.dll => MD5 is legit

C:\Windows\system32\Drivers\afd.sys => MD5 is legit

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit

C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\system32\dnsrslvr.dll => MD5 is legit

C:\Windows\system32\mpssvc.dll => MD5 is legit

C:\Windows\system32\bfe.dll => MD5 is legit

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit

C:\Windows\system32\SDRSVC.dll => MD5 is legit

C:\Windows\system32\vssvc.exe => MD5 is legit

C:\Windows\system32\wscsvc.dll => MD5 is legit

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\system32\wuaueng.dll => MD5 is legit

C:\Windows\system32\qmgr.dll => MD5 is legit

C:\Windows\system32\es.dll => MD5 is legit

C:\Windows\system32\cryptsvc.dll => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

**** End of log ****

Netbook 1 (ADSL connection)

Farbar Service Scanner Version: 01-03-2012

Ran by John (administrator) on 06-04-2012 at 15:23:55

Running from "C:\Users\John\Desktop\fss"

Microsoft Windows 8 Consumer Preview (X86)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Yahoo IP is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

wuauserv Service is not running. Checking service configuration:

The start type of wuauserv service is set to Demand. The default start type is Auto.

The ImagePath of wuauserv service is OK.

The ServiceDll of wuauserv service is OK.

File Check:

========

C:\WINDOWS\system32\nsisvc.dll

[2012-02-18 17:00] - [2012-02-18 17:00] - 0018944 ____A (Microsoft Corporation) 9616CA95D093CF30ADEA25C1BBF8E1D6

C:\WINDOWS\system32\Drivers\nsiproxy.sys

[2012-02-18 17:00] - [2012-02-18 17:00] - 0023552 ____A (Microsoft Corporation) F7973A4F192831A5E97ED12900C5089C

C:\WINDOWS\system32\dhcpcore.dll

[2012-02-18 13:28] - [2012-02-18 16:06] - 0270848 ____A (Microsoft Corporation)

C:\WINDOWS\system32\Drivers\afd.sys

[2012-02-18 17:00] - [2012-02-18 17:00] - 0436224 ____A (Microsoft Corporation)

C:\WINDOWS\system32\Drivers\tdx.sys

[2012-02-18 17:00] - [2012-02-18 17:00] - 0094720 ____A (Microsoft Corporation) 90B6FD4D1434513D030254B0D16FEB20

C:\WINDOWS\system32\Drivers\tcpip.sys

[2012-02-18 17:00] - [2012-02-18 17:00] - 1730360 ____A (Microsoft Corporation)

C:\WINDOWS\system32\dnsrslvr.dll

[2012-02-18 13:30] - [2012-02-18 16:06] - 0160256 ____A (Microsoft Corporation)

C:\WINDOWS\system32\mpssvc.dll

[2012-02-18 12:46] - [2012-02-18 16:07] - 0702464 ____A (Microsoft Corporation)

C:\WINDOWS\system32\bfe.dll

[2012-02-18 13:08] - [2012-02-18 16:06] - 0469504 ____A (Microsoft Corporation)

C:\WINDOWS\system32\Drivers\mpsdrv.sys

[2012-02-18 15:17] - [2012-02-18 15:17] - 0057344 ____A (Microsoft Corporation) A78707D5680635C521640C0BACC15094

C:\WINDOWS\system32\SDRSVC.dll

[2012-02-18 14:03] - [2012-02-18 16:07] - 0122368 ____A (Microsoft Corporation) F84317891239D4D02F3E635736AD3337

C:\WINDOWS\system32\vssvc.exe

[2012-02-18 12:43] - [2012-02-18 16:09] - 1151488 ____A (Microsoft Corporation)

C:\WINDOWS\system32\wscsvc.dll

[2012-02-18 12:39] - [2012-02-18 16:08] - 0071680 ____A (Microsoft Corporation) 37B8093D4CD5D5443AB88B9832D59480

C:\WINDOWS\system32\wbem\WMIsvc.dll

[2012-02-18 13:00] - [2012-02-18 16:08] - 0166912 ____A (Microsoft Corporation)

C:\WINDOWS\system32\wuaueng.dll

[2012-02-18 12:34] - [2012-02-18 16:09] - 2518016 ____A (Microsoft Corporation)

C:\WINDOWS\system32\qmgr.dll

[2012-03-18 11:00] - [2012-03-18 11:00] - 0622592 ____A (Microsoft Corporation)

C:\WINDOWS\system32\es.dll

[2012-02-18 12:55] - [2012-02-18 16:06] - 0385024 ____A (Microsoft Corporation) 8DAF92B99EC3370FA9B47AD23A5418FC

C:\WINDOWS\system32\cryptsvc.dll

[2012-02-18 13:17] - [2012-02-18 16:06] - 0056320 ____A (Microsoft Corporation) EFB96A02B5ED867E0A8E4EE8B8BB8E07

C:\WINDOWS\system32\svchost.exe

[2012-02-18 13:10] - [2012-02-18 16:09] - 0024064 ____A (Microsoft Corporation) E4BC66E3B5638103A02A2837F922C6F4

C:\WINDOWS\system32\rpcss.dll

[2012-02-18 12:59] - [2012-02-18 16:07] - 0642048 ____A (Microsoft Corporation)

**** End of log ****

Netbook 2 (Wireless 3G connection)

Farbar Service Scanner Version: 01-03-2012

Ran by JMTravel (administrator) on 06-04-2012 at 15:25:20

Running from "C:\Users\JMTravel\Desktop\FSS"

Microsoft Windows 7 Home Premium Service Pack 1 (X86)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Yahoo IP is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

File Check:

========

C:\Windows\system32\nsisvc.dll => MD5 is legit

C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit

C:\Windows\system32\dhcpcore.dll => MD5 is legit

C:\Windows\system32\Drivers\afd.sys => MD5 is legit

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit

C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\system32\dnsrslvr.dll => MD5 is legit

C:\Windows\system32\mpssvc.dll => MD5 is legit

C:\Windows\system32\bfe.dll => MD5 is legit

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit

C:\Windows\system32\SDRSVC.dll => MD5 is legit

C:\Windows\system32\vssvc.exe => MD5 is legit

C:\Windows\system32\wscsvc.dll => MD5 is legit

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\system32\wuaueng.dll => MD5 is legit

C:\Windows\system32\qmgr.dll => MD5 is legit

C:\Windows\system32\es.dll => MD5 is legit

C:\Windows\system32\cryptsvc.dll => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

**** End of log ****

Link to post
Share on other sites

More information, more weird. What is going on here!

After going to www.malwarebytes.org and displaying the blank page, If I click on View / Source, the blank page displays the following HTML

"<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<HTML><HEAD>

<META content="text/html; charset=windows-1252" http-equiv=Content-Type></HEAD>

<BODY></BODY></HTML>"

Link to post
Share on other sites

  • Root Admin

Please use TFC to clear temporary files and see if that corrects the issue for you:

Run TFC by OldTimer to clear temporary files:

  • Please download TFC from here save it to your desktop.
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

Link to post
Share on other sites

As I mentioned in the first post, only two of these computers are connected to an ADSL router, the third connects via a completely separate 3G wireless broadband. The problem occurs using both connectoin types, so it can't be my internet connection. Also, one of the computers is a clean install of Windows 8 CP with only a couple of basic applications installed, so I cannot think of any common software or setting. I am not having any issues with other web sites.

Some further information - I just entered www.malwarebytes.org/index in my browser, and that works! - I get the Malwarebytes home page! Then if I click on "Home" at the top of the home page I get the blank page again.

I cannot imagine that there is anything at my end causing this.

Link to post
Share on other sites

Hi Maurice

I didn't say there was a Home button, I said that I clicked on "Home". At the very top each of the Malwarebytes pages are the following links "Home", "Reseller Login", and "Languages"

However the same problem occurs if I click on the icon you mentioned

Link to post
Share on other sites

Well the plot thickens!

Since I could not isolate the problem at my place, I suspected that it might be a problem at ISP level. Bigpond is my ISP for both ADSL and Wireless broadband. Bigpond is the biggest ISP in Australia.

My neighbour also uses Bigpond ADSL. I went to his place just now and typed in www.malwarebytes.org. The result was, you guessed it, a blank screen. (He uses Windows XP, if that is relevant))

This proves to me that the problem is quite widespread, at least with some/all Bigpond servers. I will see if I can find someone with another ISP to check.

Could some Bigpond hack cause this, or what?

What is the next step?

Link to post
Share on other sites

Further Information

I ran HTTPWatch, as suggested by Advanced Setup, on my Windows 8 computer and tracked accessing:

www.malwarebytes.org

www.malwarebytes.org/index

"Home"

Here are the CSV format results, I don't have a clue what they mean.

>>>Start CSV

Started,Page Title,Warnings,Comment Flag,Time,Sent,Received,Method,Result,Type,URL

,http://www.malwarebytes.org/,(N/A),,0.617,251,432,,,,

2012-04-07 09:28:46.322000,,!,,0.617,251,432,GET,200,html,http://www.malwarebytes.org/

,"Malwarebytes : Free anti-malware, anti-virus and spyware removal download",(N/A),,3.348,8853,346785,,,,

2012-04-07 09:29:00.246000,,,,0.550,256,3444,GET,200,html,http://www.malwarebytes.org/index

2012-04-07 09:29:00.829000,,!,,0.427,310,12869,GET,200,css,http://css.cdn.static.malwarebytes.org/site_resources/111108/css/all.css

2012-04-07 09:29:00.832000,,!,,1.051,300,685,GET,200,css,"http://fonts.googleapis.com/css?family=Droid+Sans:regular,bold"

2012-04-07 09:29:00.838000,,,,0.841,345,27602,GET,200,javascript,http://js.cdn.static.malwarebytes.org/site_resources/111108/js/jquery-1.4.4.min.js

2012-04-07 09:29:00.840000,,!,,0.591,340,2245,GET,200,javascript,http://js.cdn.static.malwarebytes.org/site_resources/111108/js/jquery.main.js

2012-04-07 09:29:00.844000,,,,1.511,359,199077,GET,200,jpeg,http://images.cdn.static.malwarebytes.org/site_resources/111108/images/img3.jpg

2012-04-07 09:29:00.846000,,,,0.748,361,14279,GET,200,png,http://images.cdn.static.malwarebytes.org/site_resources/111108/images/rabbit.png

2012-04-07 09:29:00.850000,,,,0.778,359,5485,GET,200,gif,http://images.cdn.static.malwarebytes.org/site_resources/111108/images/img2.gif

2012-04-07 09:29:02.027000,,!,,0.670,300,14138,GET,200,javascript,http://www.google-analytics.com/ga.js

2012-04-07 09:29:02.046000,,,,0.316,359,2422,GET,200,png,http://css.cdn.static.malwarebytes.org/site_resources/111108/images/bg-drop.png

2012-04-07 09:29:02.048000,,,,0.408,361,778,GET,200,gif,http://css.cdn.static.malwarebytes.org/site_resources/111108/images/separator.gif

2012-04-07 09:29:02.050000,,,,0.463,361,743,GET,200,gif,http://css.cdn.static.malwarebytes.org/site_resources/111108/images/bg-header.gif

2012-04-07 09:29:02.066000,,!,,0.821,379,24315,GET,200,eot,http://themes.googleusercontent.com/static/fonts/droidsans/v3/EFpQQyG9GqCrobXxL-KRMWzklk6MJbhg7BmBP42CjCQ.eot

2012-04-07 09:29:02.068000,,!,,0.863,379,23354,GET,200,eot,http://themes.googleusercontent.com/static/fonts/droidsans/v3/s-BiyweUPV0v-yRb-cjciFQlYEbsez9cZjKsNMjLOwM.eot

2012-04-07 09:29:02.162000,,,,0.280,382,927,GET,200,png,http://css.cdn.static.malwarebytes.org/site_resources/111108/images/languages/languages-world-icon.png

2012-04-07 09:29:02.165000,,,,0.317,356,2857,GET,200,gif,http://css.cdn.static.malwarebytes.org/site_resources/111108/images/logo.gif

2012-04-07 09:29:02.166000,,,,0.329,358,630,GET,200,gif,http://css.cdn.static.malwarebytes.org/site_resources/111108/images/bullet.gif

2012-04-07 09:29:02.177000,,,,0.324,359,751,GET,200,gif,http://css.cdn.static.malwarebytes.org/site_resources/111108/images/bullet3.gif

2012-04-07 09:29:02.179000,,,,0.738,370,4202,GET,200,png,http://css.cdn.static.malwarebytes.org/site_resources/111108/images/products/btn-green.png

2012-04-07 09:29:02.183000,,,,0.737,369,1599,GET,200,png,http://css.cdn.static.malwarebytes.org/site_resources/111108/images/products/btn-gray.png

2012-04-07 09:29:02.194000,,,,0.175,365,764,GET,200,png,http://images.cdn.static.malwarebytes.org/site_resources/111108/images/button-tag.png

2012-04-07 09:29:02.198000,,,,0.410,359,577,GET,200,gif,http://css.cdn.static.malwarebytes.org/site_resources/111108/images/bullet2.gif

2012-04-07 09:29:02.202000,,,,0.719,357,2668,GET,200,gif,http://css.cdn.static.malwarebytes.org/site_resources/111108/images/logo2.gif

2012-04-07 09:29:03.473000,,!,,0.121,809,374,GET,200,gif,http://www.google-analytics.com/__utm.gif?utmwv=5.2.6&utms=1&utmn=412356634&utmhn=www.malwarebytes.org&utmcs=utf-8&utmsr=1366x768&utmvp=1138x338&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=11.2%20r202&utmdt=Malwarebytes%20%3A%20Free%20anti-malware%2C%20anti-virus%20and%20spyware%20removal%20download&utmhid=662727352&utmr=-&utmp=%2Findex&utmac=UA-3347303-10&utmcc=__utma%3D64482928.1721296776.1333754943.1333754943.1333754943.1%3B%2B__utmz%3D64482928.1333754943.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmu=qB~

,http://www.malwarebytes.org/,(N/A),,0.049,0,0,,,,

2012-04-07 09:29:08.263000,,,,0.049,0,0,GET,(Cache),html,http://www.malwarebytes.org/

>>>END CSV

Link to post
Share on other sites

  • Root Admin

No that other post the user is infected and acess to many security sites are blocked.

Please try setting your DNS to the Google public DNS

https://developers.google.com/speed/public-dns/docs/using

8.8.8.8

8.8.4.4

You can also try using a Level 3 DNS server

4.2.2.3

Then from an elevated commmand prompt type the following

IPCONFIG /FLUSHDNS

Or Restart the computer and retest please.

Link to post
Share on other sites

I tried changing the DNS in IPv4 and IPv6 as requested on my Windows 8 CP computer, which I am happy to fiddle with. I don't know whether I use IPv4 or IPv6 - both were ticked, so I changed both.

Rebooted and still a blank page results for www.malwarebytes.org.

However, that computer is connected to a router. I am unsure whether I also need to change the DNS in the router - the Google doco seemd to indicate that changing it in Windows on one computer on a router would work for that computer . I don't really want to fiddle with the router which may interrupt my two production computers.

Link to post
Share on other sites

Yes, was hoping that maybe if you could either try a different DNS or possibly a public proxy to bypass your ISP and see if it works.

Depending on how responsive your ISP is you may be able to open a ticket with them and complain?

I connected my old ADSL modem. Changing DNS to the ones you suggested didn't resolve the issue. I will go to MacDonalds later today and see if I still get the problem on a public network.

Raising a ticket with Bigpond is a bit daunting, but I just discovered that they now only have telephone support - maybe I could try that on Tuesday. But in any case, Kapiti in NZ would be a different ISP.

Link to post
Share on other sites

Same issue here but only with FF11 and HTTPS Everywhere.

That add-on has been giving issues with visiting the home page, --https://malwarebytes.org--, since over a month.

No issues what so ever with vanilla IE9 though.

Vista Ult. x86SP2, (Amsterdam, Netherlands)

Sorry for the double post, can't edit the previous one.

To be more clear;

HTTPS Everywhere has been giving issues with visiting the SSL/TLS variant home page, --https://malwarebytes.org--, since over a month.

Only after dissabling the specific rule for the MBAM site, I can visit --http://malwarebytes.org--

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.