Solved What would cause...

[Stacman]

Me to suddenly be unable to navigate to a public site like emsisoft.com. On a clean install there's no problem, but recently I've been denied with a popup suggesting that if I'm behind a firewall, "make sure Firefox or IE is allowed to access the internet". I've changed no settings, I've thoroughly scanned for malware and viruses, and removed everything, but the problem persists.

 

[Capt.Jack Sparrow]

Hi there!

What Firewall software are you using? Have you tried to add Firefox to exception list? Does it happen with IE or other browser?

 

[Stacman]

Just the firewall native with Windows 7. It happens with both browsers. I haven't added Firefox to any exceptions list because it works fine for everything else.

 

[Jacee]

I've thoroughly scanned for malware and viruses, and removed everything, but the problem persists

What did you use to scan with and what was removed?

 

[Capt.Jack Sparrow]

Can you check the LAN Settings and make sure it's set to ""Automatically detect settings"

Tools > Internet Options > Connections > LAN Settings

 

[Stacman]

Can you check the LAN Settings and make sure it's set to ""Automatically detect settings"

Tools > Internet Options > Connections > LAN Settings

I have, and it is.

What did you use to scan with and what was removed?

I use Emsisoft Emergency ToolKit for malware, along with Endpoint and AVG for virus.

 

[Capt.Jack Sparrow]

Can you check the LAN Settings and make sure it's set to ""Automatically detect settings"

Tools > Internet Options > Connections > LAN Settings

I have, and it is.

What did you use to scan with and what was removed?

I use Emsisoft Emergency ToolKit for malware, along with Endpoint and AVG for virus.

Check the Host file. Go to C:\Windows\System32\Drivers\etc and see if there is any unwanted entries.

 

[Capt.Jack Sparrow]

Also run this tool http://www.sevenforums.com/tutorials/98056-sf-ie-restorator-troubleshooting-general-issues-ie.html

 

[Stacman]

The Host file appeared normal. I'll have to wait until I get to my home machines to try your tool. I'm forced to use XP at the office.

It's kinda strange that I can run Firefox or Explorer in SandBoxie and there's no problem going anywhere.

 

[Slartybart]

try this: Check your proxy settings, No Proxy, restart browser
edit: or for IE, tools ==> internet options ==> advanced tab - Reset

 

[Stacman]

try this: Check your proxy settings, No Proxy, restart browser
edit: or for IE, tools ==> internet options ==> advanced tab - Reset

Tried both, but nothing.

The "no load" page indicates "If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web."

 

[Slartybart]

Ok, perhaps this found here: in an elevated Command Prompt, netsh winsock reset
I was curious, don't want to waste your time, but these seem relatively unintrusive and easy to test.

A client of mine had a virus which was removed and then I thoroughly investigated the browser and TCP configs until the change the bugger made was located. It was obvious once I checked the settings. Wish I could remember what it was, but it might not apply to your situation.

 

[Slartybart]

One last suggestion to try, then I'll leave it to the experts. Launch your browers with no add-ons, if that works, then you know where to look.

Ok - so long and good luck.

 

[Stacman]

Ok, perhaps this found here: in an elevated Command Prompt, netsh winsock reset
I was curious, don't want to waste your time, but these seem relatively unintrusive and easy to test.

A client of mine had a virus which was removed and then I thoroughly investigated the browser and TCP configs until the change the bugger made was located. It was obvious once I checked the settings. Wish I could remember what it was, but it might not apply to your situation.

Thanks for your help, I appreciate it.

I'll give this a look, but the remaining difference between no access and my problem is that it only effects one site, and not all sites.

Thanks again!

 

[Slartybart]

I see, "my problem is that it only effects one site, and not all sites."

I misunderstood "unable to navigate to a public site like emsisoft.com" - does that mean emsisoft.com is the one site you cannot connect? Or was that just an example?

 

[Stacman]

I see, "my problem is that it only effects one site, and not all sites."

I misunderstood "unable to navigate to a public site like emsisoft.com" - does that mean emsisoft.com is the one site you cannot connect? Or was that just an example?

That seems to be the one site so far...

 

[Slartybart]

Thanks,

In your original post you said: "I've thoroughly scanned for malware and viruses, and removed everything,"

Jacee asked: "What did you use to scan with and what was removed?"

You posted a reply on what you used, but not what was found and removed. If you have a log of the scan, can you post what was removed? It would be a big help to know what the scanner found and cleaned.

Have you tried another scanner? - Malwarebytes.org and Microsoft Security Essentials are both free.
Sometimes malware targets the AV on a system so as to deny definition updates. You could also try one of the other AV vendor sites - some have online scanners that might elude a bug. Symantec Security Check - Use IE, select virus detection (it's big - downloads their virus defs and ActiveX engine)

Why run another scanner? To detect malware that might have masked itself to emsisoft and AVG. I'm not suggesting running all of the above, start with MalwareBytes, then MSE (pausing AVG / emsisoft if you decide to run another scanner - though most do not interfere with MalwareBytes)

Now the tricky part. What if all report a clean system, you're still where you are when you started.

I don't know of a utility to fix this type of problem, although if you can identify what was removed, you might find a specific malware repair tool on Symantec. I'm not advocating Symantec over any other vendor, you can check other vendors for their tool offerings.

If the malware changed a system file, you could run SFC /scannow in an administrator Command Prompt. I think that a system file attack would manifest itself as a loss of opening all websites.

That's about all I can think of to try. Other members might have more and different suggestions. Please provide as much information about the problem as you can - that always helps.

Good luck.

 

[Stacman]

Thanks again Slartybart.

I always install my OS in a separate partition away from all other data to guard against this very scenario, because there comes a time when you just have to say "screw it" since the fight is rarely worth the battle. I'm convinced that whatever caused it (on multiple machines) was some moron dropping a little something in to change something to give me a headache. So even when the malware/virus is gone, the results remain the same. So in this instance, a reformat and reinstall of the primary partition clears the problem, and a rescan of every other partition makes sure the delivery agent is still gone. I'm a firm believer that a fresh install runs better anyway, so I regularly clean, wipe, and reinstall anyway. I just prefer it to be on my schedule.

The problem is fixed, and I've started utilizing SandBoxie more to run all applications and browsers to keep the bad guys away. A fine little piece of software with enough configurations to have everything run within a sandbox automatically without ever touching the machine itself.

 

[elstupido]

Thanks again Slartybart.

I always install my OS in a separate partition away from all other data to guard against this very scenario, because there comes a time when you just have to say "screw it" since the fight is rarely worth the battle. I'm convinced that whatever caused it (on multiple machines) was some moron dropping a little something in to change something to give me a headache. So even when the malware/virus is gone, the results remain the same. So in this instance, a reformat and reinstall of the primary partition clears the problem, and a rescan of every other partition makes sure the delivery agent is still gone. I'm a firm believer that a fresh install runs better anyway, so I regularly clean, wipe, and reinstall anyway. I just prefer it to be on my schedule.

The problem is fixed, and I've started utilizing SandBoxie more to run all applications and browsers to keep the bad guys away. A fine little piece of software with enough configurations to have everything run within a sandbox automatically without ever touching the machine itself.

Nice to see somebody else who finnally gets it :shock:Sandboxie...dont open your browser without it.