Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Weird website/script barring content


  • Please log in to reply
4 replies to this topic

#1 Keeger

Keeger

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 29 December 2012 - 10:08 AM

Whenever i open up steam, in the "store" category i get this message. (its an all white screen with this in black text):

"#RESTRITO#

A URL solicitada não pode ser acessada e foi

barrada pelo Controle de Conteúdo - http://c20info

Na tentativa de acessar o seguinte endreço: http://store.steampowered.com/

O seguinte erro foi encontrado:

Proibido o Acesso.
O controle de acessos impediu sua requisição. Caso você não concorde com isso, por favor, contate o Gerente da sua CONTA na http://c20info


Generated Fri, 28 Dec 2012 03:19:29 GMT by c20info♥♥♥♥ (squid/2.7.STABLE3)"

This is strange because it is in Portuguese and i have had nothing but english set up for my steam account. This message translates into this:

"# # RESTRICTED

The requested URL Could not be accessed and was

Barred by Content Control - http://c20info

In an attempt to access The Following addr: http://store.steampowered.com/

The Following error was encountered:

Forbidden Access.
The access control Prevented your request. If you do not agree with this, please contact your account manager in http://c20info


Generated Fri, 28 Dec 2012 03:19:29 GMT by c20info♥♥♥♥ (squid/2.7.STABLE3)"

I have no idea what this is. I have looked online and have found no help what so ever. I have scanned my computer with malwarebytes but it found nothing. I know i have no active blocks or restrictions on my internet. Im sure this is a malicious script.

Anything you can do to help would be great.

i have attached screenshots of both the problems. I might add i have taken a ticket out with steam help and posted this exact message but havnt gotten a reply (been 2 days)

Posted Image

BC AdBot (Login to Remove)

 


#2 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,995 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:07:35 AM

Posted 29 December 2012 - 10:14 AM

Hi,

It seems you have a proxy set...
Download MiniToolBox and save the file to the Desktop.
Close the browser and run the tool, check the following options:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
Click on Go.

Post the resulting log in your next reply.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#3 Keeger

Keeger
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 29 December 2012 - 10:20 AM

set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : keegan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : D-Link DFE-530TX PCI Fast Ethernet Adapter (rev.C)
Physical Address. . . . . . . . . : 00-17-9A-05-1C-AE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b56e:c819:1820:8e48%8(Preferred)
IPv4 Address. . . . . . . . . . . : 172.16.1.81(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : December-27-12 6:43:22 PM
Lease Expires . . . . . . . . . . : December-30-12 12:11:57 AM
Default Gateway . . . . . . . . . : 172.16.1.254
DHCP Server . . . . . . . . . . . : 172.16.1.254
DHCPv6 IAID . . . . . . . . . . . : 201332634
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-CE-0A-52-00-17-9A-05-1C-AE
DNS Servers . . . . . . . . . . . : 172.16.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.gateway.2wire.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:1075:2a40:53ef:feae(Preferred)
Link-local IPv6 Address . . . . . : fe80::1075:2a40:53ef:feae%9(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : isatap.gateway.2wire.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: home
Address: 172.16.1.254

Name: google.com
Addresses: 2001:4860:4008:802::1000
74.125.226.65
74.125.226.66
74.125.226.67
74.125.226.68
74.125.226.69
74.125.226.70
74.125.226.71
74.125.226.72
74.125.226.73
74.125.226.78
74.125.226.64



Pinging google.com [74.125.226.66] with 32 bytes of data:

Reply from 74.125.226.66: bytes=32 time=43ms TTL=56

Reply from 74.125.226.66: bytes=32 time=42ms TTL=56



Ping statistics for 74.125.226.66:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 42ms, Maximum = 43ms, Average = 42ms

Server: home
Address: 172.16.1.254

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=159ms TTL=52

Reply from 98.138.253.109: bytes=32 time=82ms TTL=52



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 82ms, Maximum = 159ms, Average = 120ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
8 ...00 17 9a 05 1c ae ...... D-Link DFE-530TX PCI Fast Ethernet Adapter (rev.C)
1 ........................... Software Loopback Interface 1
12 ...00 00 00 00 00 00 00 e0 isatap.gateway.2wire.net
9 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
13 ...00 00 00 00 00 00 00 e0 isatap.gateway.2wire.net
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 172.16.1.254 172.16.1.81 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
172.16.1.0 255.255.255.0 On-link 172.16.1.81 276
172.16.1.81 255.255.255.255 On-link 172.16.1.81 276
172.16.1.255 255.255.255.255 On-link 172.16.1.81 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 172.16.1.81 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 172.16.1.81 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
9 18 ::/0 On-link
1 306 ::1/128 On-link
9 18 2001::/32 On-link
9 266 2001:0:9d38:953c:1075:2a40:53ef:feae/128
On-link
8 276 fe80::/64 On-link
9 266 fe80::/64 On-link
9 266 fe80::1075:2a40:53ef:feae/128
On-link
8 276 fe80::b56e:c819:1820:8e48/128
On-link
1 306 ff00::/8 On-link
9 266 ff00::/8 On-link
8 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

**** End of log ****

Oh bleep now that i think about it i tried to change my IP address manual a while ago to try to get the American verision of Netflix (i live in Canada.) Could that be it?

#4 Keeger

Keeger
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:35 AM

Posted 29 December 2012 - 10:28 AM

Fiogured out the problem. It was a proxy setting. Thanks for the help!

#5 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,995 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:07:35 AM

Posted 29 December 2012 - 10:35 AM

No Problem. :thumbup2:

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users