Access blocked?
Results 1 to 3 of 3

Thread: Access blocked?

  1. April 21st, 2004, 03:52 AM #1
    Platypus
    Platypus is offline Virtual PC Surgeon!
    Join Date
    Jan 2003
    Location
    Australia
    Posts
    1,743

    Access blocked?

    Last week I set up a newer computer for my lady friend and her girls to get going with an internet connection. As they're newbies to this, and the girls ages go down to primary school, I set the system up fairly locked down, with We-Blocker and all the usual stuff.

    Fine at first, but it's looking like it might have got a nasty that blocks the connection whenever you try to go to a security site. Had a quick look last night, you can surf to your hearts content, but hit update on AdAware etc and DUN just stops, no further data transfer. Disabling We-Blocker and firewall doesn't change it, so it's not a setting there, although I did manage to update AVG with We-Blocker shut down, but the scan didn't pick up anything. Neither do AdAware or a2 squared, both a week out of date.

    I ran out of time to do anything more beyond a HijackThis sweep, so I'll post it below in case anyone spots something known, or can suggest something I might have missed. Anyone know if the no-name BHO is suspect? Meanwhile I'll install the most up-to-date Spybot 1.3 Beta on it, and if that doesn't find anything, I'll pull the drive and do an online scan on my system. Grrr...

    TIA for any ideas.


    Logfile of HijackThis v1.97.7
    Scan saved at 8:05:11 PM, on 4/20/04
    Platform: Windows 98 SE (Win9x 4.10.2222B)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
    C:\PROGRAM FILES\AGNITUM\OUTPOST 1.0\OUTPOST.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\RUNDLL32.EXE
    C:\PROGRAM FILES\COMMON FILES\SCM\ICONFIG.EXE
    C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
    C:\WINDOWS\SYSTEM\QTTASK.EXE
    C:\WINDOWS\SYSTEM\SYSWB6.EXE
    C:\PROGRAM FILES\MULTIKEYBOARD DRIVER\KBDDRV.EXE
    C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\WINDOWS\SYSTEM\WINKB6.EXE
    C:\WINDOWS\SYSTEM\RNAAPP.EXE
    C:\WINDOWS\SYSTEM\TAPISRV.EXE
    C:\UTIL\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=127.0.0.1:6711
    O1 - Hosts: 204.244.184.143 SafeWeb.com
    O1 - Hosts: 204.244.184.143 WWW.SafeWeb.com
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [LEDTRAY] C:\PROGRA~1\COMMON~1\SCM\LEDTRAY.EXE
    O4 - HKLM\..\Run: [ICONFIG] C:\PROGRA~1\COMMON~1\SCM\ICONFIG.EXE
    O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
    O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost 1.0\outpost.exe /waitservice
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
    O4 - HKLM\..\Run: [SYSWB6] SYSWB6
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
    O4 - HKLM\..\RunServices: [Outpost Firewall] C:\PROGRAM FILES\AGNITUM\OUTPOST 1.0\outpost.exe /service
    O4 - Startup: MutiKeyboard Driver.lnk = C:\Program Files\MultiKeyboard Driver\KbdDrv.exe
    O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    Reply With Quote Reply With Quote
  2. April 21st, 2004, 08:47 AM #2
    Platypus
    Platypus is offline Virtual PC Surgeon!
    Join Date
    Jan 2003
    Location
    Australia
    Posts
    1,743
    Quick update. Progress I think. Had a short while to investigate tonight, and at least part of the problem may be due to installing We-Blocker after the security utilities. The new Spybot 1.3 installation pointed out that there is a 127.0.0.1 proxy set up, and updates will have to be set to use that proxy, not a direct connection.

    The proxy is something We-Blocker does, and looks like appropriate settings should sort out the updating. I still don't see why the entire internet access should stop functioning though. We'll see.
    Reply With Quote Reply With Quote
  3. April 21st, 2004, 01:57 PM #3
    Luv2Learn2
    Luv2Learn2 is offline Virtual Intern
    Join Date
    Apr 2003
    Location
    CO
    Posts
    178
    The following link might be helpful to you. Seems others have had the same sort of problem with that software.

    http://www.tweaknews.net/forum/viewt...&view=previous

    l2l2
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules