[emeraldnzl]

At least now I know it isn't malware...

 
Well we haven't found a malware cause. That's not to say there isn't one, just that we haven't seen any.

 

 

it's really strange that I cannot even open the MSN outlook mail page.

 

I wonder whether it's your security programs getting in the way. Have you tried disabling your firewall and anti-virus to see if it works then?

 

Well thanks but I don't think I want to bother with that at this time...

 
Here is an automated way of resetting your browsers. It might be worth a try.
 
Please download zoek.exe and save it to your desktop (Firefox users right click and Save Link As...).

• Close any open browsers.
• Temporarily disable your AntiVirus program. (If necessary)
•     Double click zoek.zip
•     Double click on zoek.exe to run.
•     Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up.
•     Copy the text below and paste it into the large window in the zoek tool:

iedefaults;
FFDefaults;
CHRDefaults;
emptyclsid;
EmptyAllTemp;
AutoClean;

•     Click on Run script button
•     Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
•     Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.

Note: It will also create a log in the C:\ directory named "zoek-results.log"

[Advertisements]

I don't exactly know whether it is the firewall... To be honest I'm not sure how to change that. I go to Internet Options and check through those security settings and see nothing overly restrictive... Here is an example of what happens. I have always had a hotmail account. You can still type in hotmail.com and it will open the MSN Outlook page to sign in. Now when I type hotmail.com it instantly says This Page Cannot Be Displayed. When I try to log in through the MSN.com homepage, it acts as though it is going to open the page, and the address bar address will change and turn green signaling a "secure" website but it never opens. It just stays blank white. I have changed nothing about my computer myself. But I will say this, the problems didn't start until my computer went through it's most recent updating.

[shaunclicked2]

I don't exactly know whether it is the firewall... To be honest I'm not sure how to change that. I go to Internet Options and check through those security settings and see nothing overly restrictive... Here is an example of what happens. I have always had a hotmail account. You can still type in hotmail.com and it will open the MSN Outlook page to sign in. Now when I type hotmail.com it instantly says This Page Cannot Be Displayed. When I try to log in through the MSN.com homepage, it acts as though it is going to open the page, and the address bar address will change and turn green signaling a "secure" website but it never opens. It just stays blank white. I have changed nothing about my computer myself. But I will say this, the problems didn't start until my computer went through it's most recent updating.

[emeraldnzl]

As I mentioned before and from what you say I think this is technical rather than malware caused.
 

Here is an example of what happens. I have always had a hotmail account. You can still type in hotmail.com and it will open the MSN Outlook page to sign in. Now when I type hotmail.com it instantly says This Page Cannot Be Displayed.

That problem appears to be quite common. I am not a techie but I understand it's usually caused by a network issue or when Windows Live servers go down for whatever reason.  Those causes usually fix by themselves after a period of time.

Having said that, I think there could be a raft of other reasons for it happening. Hotmail is a Microsoft Windows Live service and they might have the best answer for you.

It's difficult to get a live person to talk to but there is an online service. Follow the link below to find the Windows Live Help Solutions Center:

http://windows.micro...ws/outlook-help

See how you go there and come back and tell me.

If we can't find a malware solution and you don't find an answer there you might like to try our technical section here to see if anyone there can solve it. Come back and tell me first though because we need to remove the tools we have been using before you go.
 

 

[shaunclicked2]

I am attempting to get help in the Microsoft forums... I am getting nowhere fast at this point. Can we keep this thread open a while longer?

[emeraldnzl]

Yes, we will want to clear away the tools we have been using in any event.

 

Also, just in case there is system file corruption involved you might try this:

 

System File Checker tool (SFC.exe) to check your system and replace files where necessary.

To do this, follow these steps:

• To do this, click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.
• If you are prompted for an administrator password or for a confirmation, type the password, or click Allow.
• Type the following command, and then press ENTER:
  sfc /scannow Please note that there is a single space between sfc and /scannow.

The sfc /scannow command scans all protected system files and replaces incorrect versions with correct Microsoft versions.

 

 

 

[shaunclicked2]

I will try that. And yes, I agree that the problem seems technical. I am now unable to open my homepage at all in IE OR Chrome. My homepage has always been msn.com in IE and aol.com in Chrome. Now I get this on a blank white page when I try to go to that site on BOTH browsers: Ref A: b474db0d25884c65a7873c591e881781 Ref B: 59199E613E4B6CC5659D35609CA4B2FC Ref C: Wed Oct 29 07:36:37 2014 PST

Edited by shaunclicked2, 29 October 2014 - 08:49 AM.

[emeraldnzl]

 

I am now unable to open my homepage at all in IE OR Chrome.

 

I find that suspicious.

 

Hmm... let's try a couple more possibilities.

 

Please download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

• Then click on Change parameters in TDSSKiller.

• Another window will appear.

• Check all boxes then click OK.

• Click the Start Scan button.

• The scan should take no longer than 2 minutes.

• If a suspicious object is detected, the default action will be Skip, click on Continue.

• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.

Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

• A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

[shaunclicked2]

Firstly, the problems with the homepages ceased that same day. I am able to open the homepages without issue.

Secondly, I performed the System File Checker tool and it found corrupt files but was unable to repair.

Thirdly, I did the TDSKiller scan. 

TDSKiller Log:

 

10:38:56.0056 0x09b0  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34

10:38:56.0789 0x09b0  ============================================================

10:38:56.0789 0x09b0  Current date / time: 2014/10/30 10:38:56.0789

10:38:56.0789 0x09b0  SystemInfo:

10:38:56.0789 0x09b0  

10:38:56.0789 0x09b0  OS Version: 6.1.7601 ServicePack: 1.0

10:38:56.0789 0x09b0  Product type: Workstation

10:38:56.0789 0x09b0  ComputerName: CHRISTOPHERPC

10:38:56.0789 0x09b0  UserName: Christopher

10:38:56.0789 0x09b0  Windows directory: C:\Windows

10:38:56.0789 0x09b0  System windows directory: C:\Windows

10:38:56.0789 0x09b0  Running under WOW64

10:38:56.0789 0x09b0  Processor architecture: Intel x64

10:38:56.0789 0x09b0  Number of processors: 2

10:38:56.0789 0x09b0  Page size: 0x1000

10:38:56.0789 0x09b0  Boot type: Normal boot

10:38:56.0789 0x09b0  ============================================================

10:38:56.0789 0x09b0  BG loaded

10:38:57.0475 0x09b0  System UUID: {8F01E2A0-5923-EBC3-8B48-DF858B44D5E4}

10:38:59.0160 0x09b0  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

10:38:59.0176 0x09b0  ============================================================

10:38:59.0176 0x09b0  \Device\Harddisk0\DR0:

10:38:59.0191 0x09b0  MBR partitions:

10:38:59.0191 0x09b0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000

10:38:59.0191 0x09b0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170

10:38:59.0191 0x09b0  ============================================================

10:38:59.0394 0x09b0  C: <-> \Device\Harddisk0\DR0\Partition2

10:38:59.0394 0x09b0  ============================================================

10:38:59.0394 0x09b0  Initialize success

10:38:59.0394 0x09b0  ============================================================

[emeraldnzl]

 

Firstly, the problems with the homepages ceased that same day. I am able to open the homepages without issue.

 

Oh, maybe not as bad as I thought.

 

I did the TDSKiller scan.

 

 

 

Yes, that is not the whole log. Can you tell me, did it find anything?

 

Also

 

Just to make sure please do this:

 

Please download ComboFix from this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

• Double click on ComboFix.exe & follow the prompts.
  
• If you have an older Operating System you may be asked whether you want to install the Recovery Console. Click yes and follow any prompts.
  
• Your desktop may go blank. This is normal.
  
• ComboFix may appear to be doing nothing for quite long periods, this is normal, just leave it to do it's job.
  
• ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you.  Please include the C:\ComboFix.txt in your next reply.

[shaunclicked2]

Oh dear, I'm sorry about the TDSSKiller log. I followed the directions correctly, I believe. Should I try it again? That's the only text document that appears in my C file for TDSSKiller. I had difficulty understanding that... When I click your link a little "bar" appears at the bottom of the screen with a button that says TDSSkiller.exe is downloading and it opens up into a popup asking if I want to allow this program to make changes to this computer. I'm having difficulty understanding just how to save it to the desktop when that option doesn't appear. The program is in my C folder though. Should I skip it and go ahead with the ComboFix? 

Edited by shaunclicked2, 01 November 2014 - 10:20 AM.

[emeraldnzl]

 

TDSSkiller.exe is downloading and it opens up into a popup asking if I want to allow this program to make changes to this computer. I'm having difficulty understanding just how to save it to the desktop when that option doesn't appear.

 

Don't worry about saving it to your desktop. As long as you can download and run it that is fine. It will probably be downloaded to your Downloads folder. At the popup click yes to allow it to continue.

 

If you still have a problem with it just go on to the ComboFix one.

[shaunclicked2]

 I am unable to download ComboFix because it tells me it is blocking a trojan called Artemis. 

Edited by shaunclicked2, 01 November 2014 - 02:52 PM.

[emeraldnzl]

Artemis is an active protection module of McAfee. Try disabling it and running ComboFix again.

 

If that doesn't work you may need to uninstall McAfee (you can reinstall it again after we have finished) and then run ComboFix. In fact McAfee may be your problem but let's run ComboFix to check for other possible causes.

 

If we don't find anything we will investigate the McAfee possibility further.

[shaunclicked2]

McAfee kept blocking it and disabling the firewall did not help so I uninstalled it. Still cannot get anything with the ComboFix link. Nothing is doing what you say it will do. When I click your link, it opens a warning bar at the bottom of screen asking if I want to run, save, or cancel. I click save and it appears to download. However, there is no option to save to desktop or anywhere else, it just goes ahead and seemingly downloads. After all this, I get a small pop-up error message saying I "cannot rename ComboFix (1) please pick another preferrably alphanumeric number. There is no ComboFix icon on my desktop. I've dealt with ComboFix before on this computer with no issues, so I am completely lost. I don't understand any of this as it is getting over my head with computer knowledge. I am by no means a computer expert. I don't know which way to turn now. I am sorry.

Edited by shaunclicked2, 02 November 2014 - 10:07 AM.

[emeraldnzl]

Malware attempting to stop things I think.

 

Please download Rkill by Grinler and save it to your desktop.

• Link 1
• Link 2
  
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  
  

• When the scan is done Notepad will open with rKill log. Please copy and past that in your reply.
• Do not reboot the computer, you will need to run the application again.