URL blocked, can not open a browser now?

socketopencloud.su/a/getupdate.php?id1=173&id2=1&guid=c0811eab-c960-4bf0-8a2a-46bdf0f38278

URL blocked MAL when i try to open my browser, it says this is being blocked. i open firefox, this popup from avast comes, and then firefox.exe runs using damn near all of the system resources, but the browser never actually opens on my screen. its been doing this for a while now. i was surfing google, and was reading up on something cooking related, and it blocked 3-4 links saying they were viruses, and then now im getting this. any help please? I can find nothing else wrong with the PC other than i can not open a browser. Although, if i run firefox as an administrator, it opens, and blocks nothing? this is extremely weird.

DOH! Edit:

I forgot to say. I use windows 7. :slight_smile:

Hi helpmepls111,

You probably have a Alureon AT.gen infection from that site (now dead), a trojan downloader, wait for essexboy to help you out with cleansing your machine,

polonus

Report 2011-05-20 00:53:58 (GMT 1)
Website socketopencloud.su
Domain Hash d77ac6a663479e36e660f5694aa00b50
IP Address 194.28.44.165 [SCAN]
IP Hostname -
IP Country – (–)
AS Number 56659
AS Name BALTI-AS OOO Balt-Eksima
Detections 2 / 23 (9 %)
Status SUSPICIOUS

Scanning site with: AMaDa CLEAN
Scanning site with: BrowserDefender UNRATED
Scanning site with: DNS-BH CLEAN
Scanning site with: DShield SDL CLEAN
Scanning site with: Google Diagnostic CLEAN
Scanning site with: hpHosts UNRATED
Scanning site with: joewein.de LLC CLEAN
Scanning site with: Malc0de CLEAN
Scanning site with: Malware Domain List CLEAN
Scanning site with: Malware Patrol CLEAN
Scanning site with: MyWOT UNRATED
Scanning site with: Norton SafeWeb UNRATED
Scanning site with: ParetoLogic URL Clearing House CLEAN
Scanning site with: PhishTank CLEAN
Scanning site with: SCUMWARE CLEAN
Scanning site with: SpamhausDBL CLEAN
Scanning site with: SURBL DETECTED
Scanning site with: Threat Log CLEAN
Scanning site with: Trend Micro Site Safety Center DETECTED
Scanning site with: URIBL CLEAN
Scanning site with: VSCAN CLEAN
Scanning site with: Web Security Guard UNRATED
Scanning site with: ZeuS Tracker CLEAN

Check your computer for malware with this

Malwarebytes Anti-Malware 1.50.1 http://filehippo.com/download_malwarebytes_anti_malware/
always update so you have the latest signatures before you scan
click on the remove selected button to quarantine anything found

post the scan log here

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the “Scan” button to start scan

http://public.avast.com/~gmerek/aswMBR1.png

On completion of the scan click save log, save it to your desktop and post in your next reply

http://public.avast.com/~gmerek/aswMBR2.png

THEN

Download OTS to your Desktop and double-click on it to run it

[*]Make sure you close all other programs and don’t use the PC while the scan runs.
[*]Select All Users
[*]Under additional scans select the following
Reg - Disabled MS Config Items
Reg - Drivers32
Reg - NetSvcs
Reg - SafeBoot Minimal
Reg - Shell Spawning
Evnt - EventViewer Logs (Last 10 Errors)
File - Lop Check

[*]Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT

[*]Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
[*]When the scan is complete Notepad will open with the report file loaded in it.
[*]Please attach the log in your next post.

Hi, i have the same problem, i did all the steps, hare are my logs:

aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
Run date: 2011-05-24 21:52:28
-----------------------------
21:52:28.227    OS Version: Windows 6.1.7600 
21:52:28.227    Number of processors: 2 586 0x170A
21:52:28.242    ComputerName: AGUILERA  UserName: fernando
21:52:29.272    Initialize success
21:56:12.430    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:56:12.430    Disk 0 Vendor: TOSHIBA_ FG00 Size: 238475MB BusType: 3
21:56:12.430    Disk 0 MBR read error 0
21:56:12.430    Disk 0 MBR scan
21:56:12.446    Disk 0 unknown MBR code
21:56:12.446    MBR BIOS signature not found 0
21:56:12.462    Disk 0 scanning sectors +488395120
21:56:12.462    Disk 0 scanning C:\windows\system32\drivers
21:56:17.890    Service scanning
21:56:19.107    Disk 0 trace - called modules:
21:56:19.138    ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys sppf.sys halmacpi.dll >>UNKNOWN [0x84d68938]<<
21:56:19.154    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8654d948]
21:56:19.154    3 CLASSPNP.SYS[88e0459e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85a98028]
21:56:19.170    Scan finished successfully
21:56:29.325    Disk 0 MBR has been saved successfully to "I:\MBR.dat"
21:56:29.575    The log file has been saved successfully to "I:\aswMBR.txt"



And

In attach xDDD

^^

PD: Sorry my bad English, i dont speak it very well yet xDDD

@ TLOTS,

Although you have the same problem and I sincerely appreciate you providing the necessary logs, it will confuse the current thread that the OP started if we help you in this thread. Therefore I am asking you to start a new thread in this section of the forum (Viruses and Worms)…just cut and past your post and attach your logs and we will help you there.

In addition, please tell us when your problem started and how your machine is acting.

I have notified Essexboy and he will work with you to help you with your malware removal.

Please do not make any further changes to your machine after you have provided the logs.

IMPORTANT: If you are on a home network, disconnect the affected machine from the network. Do not share a USB/flash drive with this affected machine. Do not use this machine unless Essexboy instructs you do to malware removal instructions; use a different machine to check email, sync your phone, etc. if possible.

Let me know if you have any questions. Thank you again for understanding about starting a new thread. :slight_smile: