Network administrator here. This site has saved my bacon more times than I can count but this time im stumped. Ive ran Malwarebytes,Super antispyware,hyjack this,combo fix, cw shredder, checked host files, looked in system 32 for rouge files and been all through the regestry and cant find what is blocking these sites. Malwarebytes removes some rouge fake alert programs but it did not identify exactly what it was. Just a generic hit basically. Usually if it is identifyable I can search for manual removal instructions but no luck this time. Im thinking this is something new. Any help would be apreciated.
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
if that's true andyou have successfully run all those anti-spyware programs I suggest a clean install.
but first have you tried a system restore to when it was working then re-run those programs.
start-all prgrams-accessories-system tools-system restore and follow the wizard and choose a date that it really last work. restore it and then re-install malware bytes and run (in safe mode)
levinlawfirm
ASKER
3 computers, no domain, ive tried firefox and IE and both are being blocked from going to Windows update/spyware removal sites. all other webpages load no problem. this is my bosses home computers and he went weeks being infected. looks like geek squad gave it a shot with no luck. all in all they are in pretty decent shape except the websites being blocked somehow.
Dan Cooper
One other thing to try - if you have gotten this far (and you are not using Internet Explorer). You can uninstall completely the browser, and re-install, just check to see if you have a lot of bookmarks to backup.
I did this in a similar scenario as you have described, and uninstalled Firefox and Chrome. It fixed the issue in Firefox (I was being redirected to strange sites when searching on google, sometimes just dead pages), and left me with a problem opening attachments. I had to delete a registry entry that the Google Chrome Uninstall didn't hand back to I.E. and all worked perfectly.
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
levinlawfirm
ASKER
System restore is hosed. It fails on any date i try. This is a easy setting somewhere I just know it but ive not got lucky yet. Ill wipe and reload if i must but id hate to for some obscure regestry entry or something. desktop is not hijacked or anything, no admin rites have been changed so I think its been disabled with this one issue being ellusive.
levinlawfirm
ASKER
ill add my hijack this log. maybe someone can see something I cant.
levinlawfirm
ASKER
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 5:31:12 PM, on 2/18/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Unlimited question asking, solutions, articles and more.
levinlawfirm
ASKER
BTW thanks for the prompt help...
technomic
There is alway something new coming out like Kneber botnet is out and the news are all over the rss feeds today. I had a few systems with similar issues, I ended up reimaging them as it was just taking to long to address it and issues just kept coming back...
Have you tried MS Malicious Software removal tool ? You listed a few awesome spyware removal tools but did you run something like Symantec Antivirus ? Mcaffe has a tool called Stinger that might be helpful.
Are you running XP or Vista ? Vista will do the closest to true restore.
technomic
Never mind my comment on restore, didn't refresh my browser while others were posting...
Have you tried emptying out the temp files with utilities like ATF-Cleaner or CleanCache. Restore IE setting to default and reset the browser if you are using IE.
Also, take a look at the startup services to see if there is anything questionable Start > Run> msconfig
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
levinlawfirm
ASKER
Running Vista, I think thats what im going to do. just bite the bullet and do a wipe and reload. What do you mean by Vista doing the closest restore? I was going to manually back all personal files to an external and just wipe and reload and replace. Is the an easer way with Vista? We are a total XP pro network at work so ive not had to dig into Vista too much yet other than disabling the securrity controll crap etc. for friends and employees.
technomic
XP does a restore but Vista actually rewrites evereything including data. Have you tried booting of the Vista disc to try and restore ?
levinlawfirm
ASKER
yeah, did all of that.
Well guys i really apreciate the help but i think ill just do the wipe instead of wasting anymore time. I sure would like to know how to fix this one though cause i know its going to come up again on the network.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
but first have you tried a system restore to when it was working then re-run those programs.
start-all prgrams-accessories-system