Windows Support Forum

Browser redirects, Windows Update blocked, slow to load Windows

Q: Browser redirects, Windows Update blocked, slow to load Windows

I am constantly having redirects and new tabs spontaneously open to spammy websites in slow blocked, Windows load Browser redirects, Windows Update to both Browser redirects, Windows Update blocked, slow to load Windows IE and Firefox I cannot get to Windows Browser redirects, Windows Update blocked, slow to load Windows Update it either says it can't connect or takes me to a fake search engine page Windows is very slow to load at start and after working for a little while I tend to get Generic Host Process for Win Services Browser redirects, Windows Update blocked, slow to load Windows errors after which my machine locks up Malwarebytes has not found anything AVG says it finds infections and fixes The infections are in svchost exe iexplorer exe and explorer exe where it says that a Trojan horse Agent r XJ Object was removed from each I do have access to my Windows XP Install disk Thanks so much for your help coxpac DDS Ver - - - NTFSx NETWORK Internet Explorer BrowserJavaVersion Run by mcox at on - - Microsoft Windows XP Professional GMT - Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS system svchost exe -k netsvcs svchost exe svchost exe C WINDOWS Explorer EXE C Program Files Mozilla Firefox firefox exe C Program Files Mozilla Firefox plugin-container exe C Documents and Settings mcox Desktop dds com C WINDOWS system WSCRIPT exe Pseudo HJT Report uInternet Settings ProxyOverride local BHO AcroIEHlprObj Class e f-c d - d -b d- b d be b - c program files adobe acrobat activex AcroIEHelper dll BHO AVG Safe Search ca f - f e- b -a e- e e c c - c program files avg avg avgssie dll BHO WhiteSmoke Toolbar -af c- c - def-f e f c - c program files whitesmoketoolbar whitesmoketoolbarX dll BHO avast WebRep e e -ad d- bf-ac d-d f d - c program files avast software avast aswWebRepIE dll BHO Adobe PDF Conversion Toolbar Helper ae cd -e - f- - ee - c program files adobe acrobat acrobat AcroIEFavClient dll BHO Java tm Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dll BHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program files java jre lib deploy jqs ie jqs plugin dll TB Adobe PDF -d c - - fa - e eaac - c program files adobe acrobat acrobat AcroIEFavClient dll TB avast WebRep e e -ad d- bf-ac d-d f d - c program files avast software avast aswWebRepIE dll TB WhiteSmoke Toolbar -af c- c - def-f e f c - c program files whitesmoketoolbar whitesmoketoolbarX dll EB Adobe PDF ec be- - c -a -beb d a b - c program files adobe acrobat acrobat AcroIEFavClient dll uRun ctfmon exe c windows system ctfmon exe uRun MSMSGS quot c program files messenger msmsgs exe quot background uRunOnce spchecker quot c program files avg avg notification SPCheckerTE exe quot uRunOnce FlashPlayerUpdate c windows system macromed flash FlashUtil p Plugin exe -update plugin mRun RTHDCPL RTHDCPL EXE mRun SkyTel SkyTel EXE mRun Alcmtr ALCMTR EXE mRun StartCCC quot c program files ati technologies ati ace core-static CLIStart exe quot MSRun mRun IntelliPoint quot c program files microsoft intellipoint point exe quot mRun Acrobat Assistant quot c program files adobe acrobat distillr Acrotray exe quot mRun lt NO NAME gt mRun QuickTime Task quot c program files quicktime qttask exe quot -atboottime mRun AVG TRAY c program files avg avg avgtray exe mRun iTunesHelper quot c program files itunes iTunesHelper exe quot mRun SunJavaUpdateSched quot c program files common files java java update jusched exe quot mRun googletalk c program files google google talk googletalk exe autostart mRun avast quot c program files avast software avast avastUI exe quot nogui StartupFolder c docume mcox startm programs startup autoho lnk - c documents and settings mcox application data microsoft installer c -a ed- c e- - be eab icons exe StartupFolder c docume alluse startm programs startup adobea lnk - c windows installer ac ba - - - - SC Acrobat exe StartupFolder c docume alluse startm programs startup micros lnk - c program files microsoft office office OSA EXE StartupFolder c docume alluse startm programs startup ultramon lnk - c windows installer cccbdc- a - f b- df- c b d IcoUltraMon ico StartupFolder c docume alluse startm programs startup window lnk - c program files windows desktop search WindowsSearch exe StartupFolder c docume alluse startm programs startup winzip lnk - c program files winzip WZQKPICK EXE IE Convert link target to Adobe PDF - c program files adobe acrobat acrobat AcroIEFavClient dll AcroIECapture html IE Convert link target to existing PDF - c program files adobe acrobat acrobat AcroIEFavClient dll AcroIEAppend html IE Convert selected links to Adobe PDF - c program files adobe acrobat acrobat AcroIEFavClient dll AcroIECaptureSelLinks html IE Convert selected links to existing PDF - c program files adobe acrobat acrobat AcroIEFavClient dll AcroIEAppendSelLinks html IE Convert selection to Adobe PDF - c program files adobe acrobat acrobat AcroIEFavClient dll AcroIECapture html IE Convert selection to existing PDF - c program files adobe acrobat acrobat AcroIEFavClient dll AcroIEAppend html IE Convert to Adobe PDF - c program files adobe acrobat acrobat AcroIEFavClient dll AcroIECapture html IE Convert to existing PDF - c program files adobe acrobat acrobat AcroIEFavClient dll AcroIEAppend html IE E amp xport to Microsoft Excel - c progra micros office EXCEL EXE IE e e dd -d - - b -f ba - windir Network Diagnostic xpnetdiag exe IE FB F -F - d -BB E- C F - c program files messenger msmsgs exe Trusted Zone jocogov org ims Trusted Zone wycokck org www DPF E A- D- EE - C-DC FA D FC - hxxp www update microsoft com microsoftupdate v V Controls en x client muweb site cab DPF AD C - E- D -B E - F D - hxxp java sun com update jinstall- -windows-i cab DPF CAFEEFAC- - - -ABCDEFFEDCBA - hxxp java sun com update jinstall- -windows-i cab DPF CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA - hxxp java sun com update jinstall- -windows-i cab DPF E E F- F- FB - -AC BF A - hxxp platformdl adobe com NOS getPlusPlus gp cab Handler linkscanner - F C- F - D -A D -FBDDE F D - c program files avg avg avgpp dll Notify AtiExtEvent - Ati evxx dll Notify itlnfw - itlnfw dll SSODL WPDShServiceObj - AAA BA- A C- B - D - D DB - c windows system WPDShServiceObj dll STS FencesShlExt Class dd - cf- cd-ab - f fea - c program files stardock fences FencesMenu dll SEH Windows Desktop Search Namespace Manager f e- - c - f - a bcc - c program files windows desktop search MSNLNamespaceMgr dll FIREFOX FF - ProfilePath - c documents and settings mcox application data mozilla firefox profiles u h cpr default FF - prefs js browser startup homepage - hxxp www microsoft com isapi redir dll prd ie amp pver amp ar msnhome FF - prefs js network proxy type - FF - component c program files avg avg firefox components avgssff dll FF - plugin c program files google google earth plugin npgeplugin dll FF - plugin c program files google update npGoogleUpdate dll FF - plugin c program files java jre bin new plugin npdeployJava dll FF - Ext Default ce c - e - -a - ce fd - c program files mozilla firefox extensions ce c - e - -a - ce fd FF - Ext Java Console CAFEEFAC- - - -ABCDEFFEDCBA - c program files mozilla firefox extensions CAFEEFAC- - - -ABCDEFFEDCBA FF - Ext Microsoft NET Framework Assistant a -c - ed- e - b - c windows microsoft net framework v windows presentation foundation DotNetAssistantExtension FF - Ext AVG Safe Search E B- B - be- C D- B ABC C - c program files avg avg Firefox FF - Ext Java Quick Starter jqs sun com - c program files java jre lib deploy jqs ff FF - Ext Microsoft NET Framework Assistant a -c - ed- e - b - profile extensions a -c - ed- e - b FF - Ext Leapforce - Search Engine Evaluator Toolbar qrptoolbar leapforceathome - profile extensions qrptoolbar leapforceathome FF - Ext EWOQ Rater Helper feee d c-da - c - - de f b - profile extensions feee d c-da - c - - de f b FF - Ext XHTML Mobile Profile ea e- - f- e -bceb f d f - profile extensions ea e- - f- e -bceb f d f FF - Ext EWOQ Mobile Setup extension f aa -ee - e e- d - e f a - profile extensions f aa -ee - e e- d - e f a FF - Ext wmlbrowser c dc a- - eb-b f-b aa cdc b - profile extensions c dc a- - eb-b f-b aa cdc b FF - Ext Flashblock d eb f- - df- - b cc f a - profile extensions d eb f- - df- - b cc f a SERVICES DRIVERS R AVGIDSEH AVGIDSEH c windows system drivers AVGIDSEH sys - - R Avgrkx AVG Anti-Rootkit Driver c windows system drivers avgrkx sys - - R Avgtdix AVG TDI Driver c windows system drivers avgtdix sys - - S Avgldx AVG AVI Loader Driver c windows system drivers avgldx sys - - S Avgmfx AVG Mini-Filter Resident Anti-Virus Shield c windows system drivers avgmfx sys - - S AVGIDSAgent AVGIDSAgent c program files avg avg identity protection agent bin AVGIDSAgent exe - - S avgwd AVG WatchDog c program files avg avg avgwdsvc exe - - S clr optimization v Microsoft NET Framework NGEN v X c windows microsoft net framework v mscorsvw exe - - S gupdate Google Update Service gupdate c program files google update GoogleUpdate exe - - S Ias Network Security c windows system svchost exe -k netsvcs - - S itlperf Intel CPU c windows system svchost exe -k itlsvc - - S UltraMonUtility UltraMon Utility Driver c program files common files realtime soft ultramonmirrordrv x UltraMonUtility sys - - S AVGIDSDriver AVGIDSDriver c windows system drivers AVGIDSDriver sys - - S AVGIDSFilter AVGIDSFilter c windows system drivers AVGIDSFilter sys - - S AVGIDSShim AVGIDSShim c windows system drivers AVGIDSShim sys - - S gupdatem Google Update Service gupdatem c program files google update GoogleUpdate exe - - S MBAMSwissArmy MBAMSwissArmy c windows system drivers mbamswissarmy sys - - S WPFFontCache v Windows Presentation Foundation Font Cache c windows microsoft net framework v wpf WPFFontCache v exe - - File Associations scr AutoCADScriptFile Created Last - - ----a-w- c windows system Iasv dll - - ----a-w- c windows system itlnfw dll - - ----a-w- c windows system itlpfw dll - - -------- d-----w- c documents and settings mcox application data whitesmoketoolbar - - -------- d-----w- c program files whitesmoketoolbar - - -------- d-----w- c documents and settings all users application data Kaspersky Lab Setup Files - - -------- d-----w- c program files AVAST Software - - -------- d-----w- c documents and settings all users application data AVAST Software - - -------- d-----w- c windows pss - - -------- d-----w- c documents and settings mcox application data Malwarebytes - - ----a-w- c windows system drivers mbamswissarmy sys - - ----a-w- c windows system drivers mbam sys - - -------- d-----w- c program files Malwarebytes' Anti-Malware - - -------- d-----w- c documents and settings all users application data Malwarebytes - - -------- d-----w- c program files MSXML - - -------- d-----w- c program files AnswerWorks - - -------- d-----w- C Land Projects - - -------- d-----w- c program files Land Desktop - - ----a-w- c windows system javacpl cpl - - ----a-w- c windows system deployJava dll - - ----a-w- c program files mozilla firefox plugins npdeployJava dll - - -------- d-----w- c documents and settings mcox local settings application data File Renamer Basic - - ----a-w- c windows File Renamer - Basic Uninstaller exe - - -------- d-----w- c program files File Renamer Find M - - ----a-w- c windows system drivers AVGIDSDriver sys - - ----a-w- c windows ativpsrm bin - - ----a-w- c windows system dnssd dll - - ----a-w- c windows system jdns sd dll - - ----a-w- c windows system dnssdX dll - - ----a-w- c windows system dns-sd exe - - ----a-w- c windows system drivers avgtdix sys - - ----a-w- c windows system drivers avgrkx sys - - ----a-w- c windows system inetcomm dll - - ----a-w- c windows system vbscript dll - - ----a-w- c windows system win k sys - - --sha-w- c windows system Msjet dll - - --sha-w- c windows system Msjint dll - - --sha-w- c windows system Msjter dll - - --sha-w- c windows system Msrd x dll - - --sha-w- c windows system Msxbse dll ROOTKIT Stealth MBR rootkit Mebroot Sinowal TDL detector by Gmer GMER - Rootkit Detector and Remover Windows Disk ST AS rev AAH - gt Harddisk DR - gt Device Ide IdeDeviceP T L -e device opened successfully user MBR read successfully Disk trace error Read A device attached to the system is not functioning kernel MBR read successfully asm XOR AX AX MOV SS AX MOV SP x c STI PUSH AX POP ES PUSH AX POP DS CLD MOV SI x c b MOV DI x b PUSH AX PUSH DI MOV CX x e REP MOVSB RETF MOV BP x be MOV CL x CMP BP x CH JL x e JNZ x a detected disk devices detected hooks Driver atapi DriverStartIo - gt x B B user amp kernel MBR OK FINISH

Relevancy 100%
Preferred Solution: Browser redirects, Windows Update blocked, slow to load Windows

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/directdownload.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Browser redirects, Windows Update blocked, slow to load Windows

Hello, Welcome to TSF.
I'm nasdaq and will be helping you.

You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your logs are clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.

If there is anything you don't understand, please ask BEFORE proceeding with the fixes.

Please ensure that you follow the instructions in the order I have them listed.

Please do not install or uninstall any programs, or run any other scanners or software, unless I specifically ask you to do so. Also please copy and paste logs into the thread, rather than add them as attachments.
===

Please download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop
Disable your Anti-Virus and Anti-Spyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
Some Rookit infection may damage your boot sector. The Windows Recovery Console may be needed to restore it. Do not bypass this installation. You may regret it.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Note: If you have difficulty properly disabling your protection programs, refer to this link --> How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do not mouse click ComboFix's window while it's running. That may cause it to stall
===

For AVG antivirus and anti-spyware security software users only.

Quote:




Due to recent changes in AVG and how it interacts with CF, AVG must be uninstalled to run ComboFix. You will get a message from CF stating such.

If AVG will not uninstall, it is first recommended to uninstall it with this AppRemover by Opswat. The AVG uninstaller can be downloaded from here > AppRemover.exe Go to their homepage and you will see they have support for removal of other AV's as well AVG appremover tool.

http://www.techsupportforum.com/forums/f100/browser-redirects-windows-update-blocked-slow-to-load-windows-576409.html
Relevancy 102.92%

I recently installed Windows XP and all my programs on a new hard drive as the old one would not boot Last week Windows redirects, browser load to Windows slow Update blocked, I received a quot Generic host process for Win services quot error My machine locked up and I had to restart Then I started having issues where Windows would not load or would take a very long time I am able to start Windows in Safe Mode but it takes much longer than it should Now sometimes when starting IE or Firefox or when surfing new tabs are started on spammy webpages Other times IE or Firefox will not start Windows Update blocked, browser redirects, slow to load Windows I also cannot go to the Windows Update site Neither Malwarebytes nor Avast find any instance of infection AVG says that it finds infections and repairs Just in case it would help here is that part of the AVG log file C WINDOWS system svchost exe memory a Trojan horse Agent r XJ C WINDOWS system svchost exe Trojan horse Agent r XJ Object was removed C Program Files Internet Explorer iexplore exe memory Trojan horse Agent r XJ C Program Files Internet Explorer iexplore exe Trojan Windows Update blocked, browser redirects, slow to load Windows horse Agent r XJ Object was removed C WINDOWS explorer exe memory a Trojan horse Agent r XJ C WINDOWS explorer exe Trojan horse Agent r XJ Object was removed Thanks for any help you can provide coxpac Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Safe mode with network support Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS Explorer EXE C Documents and Settings mcox Desktop HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dll O - BHO avast WebRep - E E -AD D- bf-AC D-D F D - C Program Files AVAST Software Avast aswWebRepIE dll file missing O - BHO Adobe PDF Conversion Toolbar Helper - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dll O - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dll O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - Toolbar avast WebRep - E E -AD D- bf-AC D-D F D - C Program Files AVAST Software Avast aswWebRepIE dll file missing O - HKLM Run RTHDCPL RTHDCPL EXE O - HKLM Run SkyTel SkyTel EXE O - HKLM Run Alcmtr ALCMTR EXE O - HKLM Run StartCCC quot C Program Files ATI Technologies ATI ACE Core-Static CLIStart exe quot MSRun O - HKLM Run IntelliPoint quot C Program Files Microsoft IntelliPoint point exe quot O - HKLM Run Acrobat Assistant quot C Program Files Adobe Acrobat Distillr Acrotray exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run AVG TRAY C Program Files AVG AVG avgtray exe O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run SunJavaUpdateSched quot C Program Files Common Files Java Java Update jusched exe quot O - HKLM Run googletalk C Program Files Google Google Talk googlet... Read more

A:Windows Update blocked, browser redirects, slow to load Windows

Is there anyone out there that can help me, or can I provide any additional information?
 

https://forums.techguy.org/threads/windows-update-blocked-browser-redirects-slow-to-load-windows.995899/
Relevancy 91.59%

I have problems which I believe to be unrelated but no virus scan or malware scans have detected any problems The first started a while ago and my windows update will not connect to download updates I websites/Windows blocked/MS on run update blocked/RootRepeal Browser some won't redirect website believe something is blocking it Also if Browser redirect on some websites/Windows update blocked/MS website blocked/RootRepeal won't run I go to the microsoft website to download an update manually when I click to download I get a page cannot load error So I think something is stopping me from updating my version of windows Vista SP The next issue just started recently and at first I suspected it was just one webpage and it was their issue Whenever I'd go to the site it'd redirect to an ad different each time It would block all access to the site because it'd just redirect to an ad site Then as randomly as it started it will occasionally let me onto the site and then again start redirecting I thought it was the site because it does this in every browser and also on my Mac in safari amp firefox If I try opening with NoScript running it just opens a blank page Anyway I now believe it's not that site that's the problem because now another unrelated site is doing the same thing I tried doing everything listed in the quot before you post quot thread but RootRepeal will not run It just freezes at the quot Initializing quot screen I did a search and found one place where someone having that problem was told to rename it something else but when I did that I got quot Could not load driver xc quot Here is the stuff from running DDS DDS Ver - - - NTFSx Run by Jason at on Sun Internet Explorer BrowserJavaVersion Microsoft Windows Vista Home Premium GMT - SP Windows Defender disabled Updated D DDC A- F- FAE- E -DA C ACF Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system nvvsvc exe C Windows system svchost exe -k rpcss C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Program Files Creative Shared Files CTAudSvc exe C Windows system SLsvc exe C Windows system svchost exe -k LocalService C Windows system svchost exe -k NetworkService C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceNoNetwork C Program Files Common Files AOL ACS AOLAcsd exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Windows system astsrv exe C Program Files Bonjour mDNSResponder exe C WINDOWS system CTsvcCDA exe C Program Files Linksys Linksys Updater bin LinksysUpdater exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Common Files Nero Nero BackItUp NBService exe C Program Files Norton Internet Security Engine ccSvcHst exe C Windows system opservice exe C Windows system java exe C Windows system PnkBstrA exe C Windows system svchost exe -k NetworkServiceNetworkRestricted C Windows system svchost exe -k regsvc C Program Files CyberLink Shared Files RichVideo exe C Program Files Common Files Roxio Shared SharedCOM RoxWatch exe C Windows system svchost exe -k imgsvc C Program Files TomTom HOME TomTomHOMEService exe C Program Files TVersity Media Server MediaServer exe C Program Files Viewpoint Common ViewpointService exe C Windows System svchost exe -k WerSvcGroup C Windows system SearchIndexer exe C Windows system WUDFHost exe C Program Files Common Files Pure Networks Shared Platform nmsrvc exe C Program Files Common Files Roxio Shared SharedCOM RoxMediaDB exe C Windows system DllHost exe C Windows system taskeng exe C Program Files iPod bin iPodService exe C Windows system SearchProtocolHost exe C Windows system rundll exe C Program Files Norton Internet Security Engine ccSvcHst exe C Windows system Dwm exe C Windows system taskeng exe C Windows Explorer EXE C Program Files Cre... Read more

A:Browser redirect on some websites/Windows update blocked/MS website blocked/RootRepeal won't run

Hi demonscars,Welcome to BC HijackThis forum. I am farbar. I am going to assist you with your problem.Please refrain from making any changes to your system (scanning or running other tools, updating Windows, installing applications, removing files, etc.) from now on as it might interfere with our fixes. Please let me know in your next reply if you agree with this.I see your system is infected.If you have not resolved the issue please post a fresh DDS.txt log. In case you have installed any new software please also post the Attach.txt.Since you have already run ComboFix also post the log it created.

http://www.bleepingcomputer.com/forums/t/273202/browser-redirect-on-some-websiteswindows-update-blockedms-website-blockedrootrepeal-wont-run/
Relevancy 90.73%

Problem Windows update site is blocked many microsoft support sites blocked or redirects even this site was redirected when I tried to post the issue now I am using my own PC Generic Windows process fails causing disabling of network sharing with local computers This is my daughters PC she complains update stuborn generic blocked, windows fails, process redirects, Windows malware these issues have been present for many months I have tried a number of things to clean this in last two days but no luck I am hoping you can help Tried already - AVG finds no infections - AVG PC Tuneup fixed registry errors - HiJack this found and deleted a virus yesterday I forget the name but now shows nothing unusual current log is available - AVG history had many viruses deleted over past few months I think this one is making the PC vulnerable - AVG was uninstalled to allow for Combofix to be installed and executed it deleted som files but did not fix the problem DDS txt copied here DDS Ver - - - NTFSx Run by Kyla at on Internet Explorer BrowserJavaVersion Microsoft Windows XP Home Edition GMT - Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe svchost exe svchost exe C WINDOWS system spoolsv exe svchost exe C Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Windows update blocked, redirects, generic windows process fails, stuborn malware Program Files Bonjour mDNSResponder exe C Program Files Common Files LightScribe LSSrvc exe C WINDOWS system svchost exe -k imgsvc C WINDOWS system Tablet exe C Program Files Western Digital WD Drive Manager WDBtnMgrSvc exe C Program Files Hewlett-Packard Shared hpqwmiex exe C WINDOWS system wscntfy exe C WINDOWS Explorer EXE C Program Files hpq HP Wireless Assistant HP Wireless Windows update blocked, redirects, generic windows process fails, stuborn malware Assistant exe C WINDOWS system igfxtray exe C WINDOWS system igfxpers exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files HP QuickPlay QPService exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files Canon MyPrinter BJMyPrt exe C Program Files Western Digital WD Drive Manager WDBtnMgrUI exe C Program Files Common Files Java Java Update jusched exe C WINDOWS System svchost exe -k HTTPFilter C Program Files Hp HP Software Update HPWuSchd exe C Program Files Common Files Real Update OB realsched exe C Program Files DivX DivX Update DivXUpdate exe C Program Files iTunes iTunesHelper exe C Program Files Skype Phone Skype exe C WINDOWS system ctfmon exe C Program Files Wacom TabUserW exe C PROGRA HPQ Shared HPQTOA EXE C Program Files iPod bin iPodService exe C Program Files Skype Plugin Manager skypePM exe C Program Files Mozilla Firefox firefox exe C Program Files Mozilla Firefox plugin-container exe C WINDOWS system wuauclt exe C WINDOWS System svchost exe -k netsvcs C Documents and Settings Kyla My Documents Downloads dds scr Pseudo HJT Report uStart Page hxxp www google ca uInternet Connection Wizard ShellNext iexplore uInternet Settings ProxyOverride local BHO Java tm Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dll uRun Skype quot c program files skype phone Skype exe quot nosplash minimized uRun ctfmon exe c windows system ctfmon exe mRun hpWirelessAssistant c program files hpq hp wireless assistant HP Wireless Assistant exe mRun igfxtray c windows system igfxtray exe mRun igfxhkcmd c windows system hkcmd exe mRun igfxpers c windows system igfxpers exe mRun High Definition Audio Property Page Shortcut CHDAudPropShortcut exe mRun SynTPEnh c program files synaptics syntp SynTPEnh exe mRun QPService quot c program files hp quickplay QPService exe quot mRun Cpqset c program files hpq default settings cpqset exe mRun RecGuard c windows sminst RecGuard exe mRun ISUSPM Startup c progra common instal update ISUSPM exe -startup mRun ISUSScheduler quot c program files common files installshield updateservice issch exe quot -start m... Read more

A:Windows update blocked, redirects, generic windows process fails, stuborn malware

https://forums.techguy.org/threads/windows-update-blocked-redirects-generic-windows-process-fails-stuborn-malware.965761/
Relevancy 86%

Hello I have been living with some issues for the last months and need help to get the problem figured out I believe I was infected by a virus of some sort on June that has stuck around despite NIS and Malwarebytes scans Any help would be appreciated Symptoms Since the infection I have not been able to automatically or manually update Windows via the Windows Automatic Update tool or by manually going to the Microsoft Update web page Each time IE opens I get error number x EFF quot The website has encountered a problem and cannot display the page you are trying to view The options provided below might help you solve the problem quot I can get onto the internet page leak update Windows redirects svchost and blocked, web memory/cpu to any other site It is just the windows update site that seems blocked I have a svchost process that grows with time Windows update blocked, svchost memory/cpu leak and web page redirects until it is using MB of my memory and usually ends up pegging the CPU to - I have viewed the process using Process Explorer and note that the thread start address that peg the CPU are ntll dll RtAllocateHeap x c If I kill those threads I am able to work on the computer for a little more time until the threads peg the system CPU again But the memory usage is concerning me as I need to utilize that memory for my work and I get programs failing because of memory allocation errors which I attribute to this svchost issue I will periodically get redirected to other sites while surfing This happens sporadically It may be a day or two between occurrences But if it starts to happen I restart the web browser to get back to a normal browsing session I am constantly getting warnings that NIS blocked a recent attack when I am browsing The last one was an attempt by teiretorkie com I have NIS and have had it scan the entire system on a weekly basis I have had the following Trojan Horses removed via NIS at AM File Actions vmain class Contained in c documents and settings lee application data sun java deployment cache ba - b d Deleted at AM File Actions vmain class Contained in c documents and settings lee application data sun java deployment cache a c - Windows update blocked, svchost memory/cpu leak and web page redirects f e Deleted On computers as of at PM at PM File Actions vmain class Contained in c documents and settings lee application data sun java deployment cache f - d b d Deleted On computers as of at PM at PM File Actions vload class Contained in c documents and settings lee application data sun java deployment cache ba - b d Deleted at PM File Actions javaupdatemanager class Contained in c documents and settings the sousley group application data sun java deployment cache bcf - a b Deleted at PM File Actions javaupdateapplication class Contained in c documents and settings the sousley group application data sun java deployment cache bcf - a b Deleted at PM File Actions File c documents and settings lee local settings temp lslj exe Removed at AM File Actions Infected file c documents and settings lee local settings temporary internet files content ie omyd ant n r j rf af bxf bc ayb f z f p Removed Also ran Malwarebytes on and had the following infections Registry Keys Infected HKEY CURRENT USER SOFTWARE Microsoft Windows CurrentVersion Ext Stats b ca - a - d -a df- bb Trojan Agent - gt Quarantined and deleted successfully HKEY LOCAL MACHINE SOFTWARE avsuite Rogue AntivirusSuite - gt Quarantined and deleted successfully Subsequent runs of Malwarebytes have not found any other issues Thanks in advance Lee XP Pro Ver SP Dell Dimension Pentium GHz GB RAM NIS

A:Windows update blocked, svchost memory/cpu leak and web page redirects

Hi,
That's not good that you let this issue persist for six months. There's some things you should try here. For one, download DR. Web CureIt. Do a google search for that and it should pop up. It's probably better if you run it in safe mode. post back the log when it finishes. note that this scan will take a long time. Make sure that when presented with options, you select cure and then move incurable. After that, look for Kaspersky's free virus removal tool 2010 and run that. That should find some stuff if anything will. kaspersky has very strong find and removal capabilities. Finally, run an online scan with Eset online scanner. You can find it at eset.com/onlinescan. Post back the three logs in your next reply. Hope this helps.

Good luck,
Chromebuster

http://www.bleepingcomputer.com/forums/t/361960/windows-update-blocked-svchost-memorycpu-leak-and-web-page-redirects/
Relevancy 83.85%

I had been infected with the AVE exe virus and finally got it off of my system though it kept reviving itself in my config systemprofile appdata local folder But then I started getting the browser redirects and just whole new windows opening on their own The last redirect Avast caught this morning amp identified in the Webshield log as L JS Prontexi-AM Trj I switched over to Avast yesterday after deciding that AVG just wasn t cutting it anymore It seems to be working a little better at least I m also not able redirect Update Browser / Windows blocked to connect to Windows Update When I do it through Windows it will sometimes detect new updates but mostly pops up an error EFE which comes up with results on a search That error comes up when trying to download install when it does detect new updates Clicking a link to Windows Update on Google refreshes the search page with quot webhp ei -k S OHBqGOMuShzLQE quot added after the com The actual website quot http windowsupdate microsoft com quot shows an quot IE cannot display the webpage quot Just opened the update through windows again amp it is showing that there have never been checks or updates which is incorrect as I was able Browser redirect / Windows Update blocked to get a Browser redirect / Windows Update blocked few updates here and there over the last few days Defender would not update no matter what but when I downloaded the file directly from the MS Defender page it installed fine The same with the Malicious Software removal tool I have to upload my scans through my daughter s laptop the forum kicks me out of the post screen whenever I add them I d appreciate any help I can get at this point cause I m about to pull my hair out Thanks DDS Ver - - - NTFSx Run by Taren at on Mon Internet Explorer BrowserJavaVersion Microsoft Windows Vista Home Premium GMT - SP Spybot - Search and Destroy disabled Updated ED FAF- B F- B -ACA - E C DADBE SP Windows Defender enabled Updated D DDC A- F- FAE- E -DA C ACF SP SUPERAntiSpyware disabled Updated A C- - e- F- E AC DA Running Processes C Windows system wininit exeC Windows system lsm exeC Windows system svchost exe -k DcomLaunchC Windows system nvvsvc exeC Windows system svchost exe -k rpcssC Windows System svchost exe -k secsvcsC Windows System svchost exe -k LocalServiceNetworkRestrictedC Windows System svchost exe -k LocalSystemNetworkRestrictedC Windows system svchost exe -k netsvcsC Windows system svchost exe -k GPSvcGroupC Windows system SLsvc exeC Windows system rundll exeC Windows system svchost exe -k LocalServiceC Windows system svchost exe -k NetworkServiceC Program Files Alwil Software Avast AvastSvc exeC Program Files Lavasoft Ad-Aware AAWService exeC Windows System spoolsv exeC Windows system svchost exe -k LocalServiceNoNetworkC Windows system taskeng exeC Windows system Dwm exeC Windows Explorer EXEC Windows system taskeng exeC Windows System rundll exeC Program Files Alwil Software Avast AvastUI exeC Program Files POP Peeper POPPeeper exeC Program Files Common Files ArcSoft Connection Service Bin ACService exeC Program Files Kodak printer center KodakSvc exec Program Files Common Files LightScribe LSSrvc exeC Program Files Common Files Motive McciCMService exeC Program Files Common Files Microsoft Shared VS Debug mdm exeC Windows system svchost exe -k NetworkServiceNetworkRestrictedC Program Files Common Files Intuit QuickBooks QBCFMonitorService exeC Windows system svchost exe -k imgsvcC Windows System svchost exe -k WerSvcGroupC Windows system DRIVERS xaudio exeC Program Files Spybot - Search amp Destroy SDWinSec exeC Windows system wbem unsecapp exeC Windows system wbem wmiprvse exeC Program Files Lavasoft Ad-Aware AAWTray exeC Users Taren Desktop dds scrC Windows system wbem wmiprvse exe Pseudo HJT Report uStart Page hxxp www yahoo com mStart Page hxxp www google com BHO Spybot-S amp D IE Protection - f - d - - d f - c progra spybot SDHelper dllBHO Groove GFS Browser Helper - c - d -b f - bbc d a e - c program fil... Read more

A:Browser redirect / Windows Update blocked

Hello Taren421 Welcome to the BC HijackThis Log and Analysis forum. I will be assisting you in cleaning up your system.I ask that you refrain from running tools other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond the your topic and facilitate the cleaning of your machine.Please keep in mind that we have a large backlog of users just like yourself waiting to be helped so try to be as timely as possible in your replies. Since we do this on a part-time voluntary basis we are limited on how many logs we can respond to and keep open due to time restraints. If you have to be away or can't answer for some other reason just let me know. Thank you for your understanding.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.Run RKill right before you run ComboFix.RKill by GrinlerLink #1Link #2Link #3Link #4Download Link #1.Save it to your Desktop.Double click the RKill desktop icon.If you are using Vista please right click and run as Admin!A black screen will briefly flash indicating a successful run.If this does not occur please delete that application and download Link #2.Continue process until the tool runs.If the tool does not run from any of the links tell me about it.Please download ComboFix from one of these locations:Link 1Link 2* IMPORTANT !!! Save ComboFix.exe to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Instruction can be found HEREDouble click on ComboFix.exe & follow the prompts.When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.Note: Please post the log in the reply window and do not make it an attachment. Do this with all subsequent replies unless I ask otherwise.Thanks,thewall

http://www.bleepingcomputer.com/forums/t/307398/browser-redirect-windows-update-blocked/
Relevancy 83.85%

Let me start by saying that I am trying to get this fixed Windows XP SP for a friend of mine She brought me the computer saying she couldn t get on the internet After my Ccleaner Browser and Update Windows Redirect Blocked Avast Malwarebytes etc It had removed trojans spywares virus etc Everything appears to be doing better but IE takes a long time to open up and when it does anything you search and click on in Google redirects you to unrelated pages and if you try going to Windows Update it appears to be blocked I could not include the GMER scan file as it locks up on a file SYSTEM WPA Starter DDS Ver - - - Browser Redirect and Windows Update Blocked NTFSx Run by Elaina Steely at on Fri Internet Explorer Running Processes C Program Files Alwil Software Avast AvastSvc exe C WINDOWS system spoolsv exe C Program Files Trend Micro RUBotted RUBotSrv exe C WINDOWS system wdfmgr exe C WINDOWS Explorer EXE C Program Files Alwil Software Avast avastUI exe C Program Files Trend Micro RUBotted RUBottedGUI exe C WINDOWS system ctfmon exe C WINDOWS System Browser Redirect and Windows Update Blocked alg exe C Program Files Browser Redirect and Windows Update Blocked Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C Documents and Settings Elaina Steely Desktop dds scr C WINDOWS system svchost exe -k NetworkService C WINDOWS system svchost exe -k LocalService C WINDOWS system svchost exe -k LocalService C WINDOWS system svchost exe -k imgsvc C WINDOWS System svchost exe -k netsvcs Pseudo HJT Report uStart Page hxxp www google com uSearch Page hxxp www google com uSearchAssistant hxxp www google com ie uSearchURL Default hxxp www google com search q s mSearchAssistant hxxp www google com ie TB Zip GT Toolbar eed -bccd- f b- f -ee d bae d - TB DD A C- FE- B -BA - F EC F - No File EB Real com fe fa -d c- d - fa- c f afe - c windows system Shdocvw dll uRun ctfmon exe c windows system ctfmon exe mRun avast quot c program files alwil software avast avastUI exe quot nogui mRun Trend Micro RUBotted V Beta c program files trend micro rubotted RUBottedGUI exe DPF BFB - - D - - A AFC - hxxp download eset com special eos OnlineScanner cab DPF FFBE D- C C- - BD- DC B C - hxxp fpdownload macromedia com get flashplayer current polarbear ultrashim cab DPF D CDB E-AE D- CF- B - - hxxp fpdownload macromedia com pub shockwave cabs flash swflash cab Notify igfxcui - igfxdev dll SERVICES DRIVERS R clr optimization v Microsoft NET Framework NGEN v X R gupdate Google Update Service gupdate R ivtnnmeg ivtnnmeg R mkdrv mkdrv R vseamps vseamps R vsedsps vsedsps R vseqrts vseqrts R WPFFontCache v Windows Presentation Foundation Font Cache S aswFsBlk aswFsBlk S aswSP aswSP S avast Antivirus avast Antivirus S avast Mail Scanner avast Mail Scanner S avast Web Scanner avast Web Scanner S NPF NetGroup Packet Filter Driver S Trend Micro RUBotted Service Trend Micro RUBotted Service Created Last - - -------- d-----w- c program files ESET - - -------- d-sha-r- C cmdcons - - ----a-w- c windows sed exe - - ----a-w- c windows MBR exe - - ----a-w- c windows PEV exe - - ----a-w- c windows SWREG exe - - -------- d-s---w- C ComboFix - - -------- d-----w- c docume alluse applic Trend Micro - - -------- d-----w- c docume alluse applic AVS YOU - - -------- d-----w- c docume elaina applic AVS YOU - - -------- d-sh--w- c documents and settings elaina steely PrivacIE - - -------- d-----w- c program files common files AVSMedia - - -------- d-----w- c program files AVS YOU - - -------- d-----w- c program files WinPcap - - ----a-r- c docume elaina applic microsoft installer a - bc- b-a a - fcba d HiJackThis exe - - -------- d-----w- c program files Trend Micro - - -------- d-----w- c docume elaina applic Malwarebytes - - ----a-w- c windows system drivers mbamswissarmy sys - - ----a-w- c windows system drivers mbam sys - - -------- d-----w- c program files Malwarebytes Anti-Malware - - -------- d-----w- c docume alluse applic Malwarebytes - - ----a-w- c windows a... Read more

A:Browser Redirect and Windows Update Blocked

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OKDeFogger may ask you to reboot the machine, if it does - click OKDo not re-enable these drivers until otherwise instructed.Download DDS:Please download DDS by sUBs from one of the links below and save it to your desktop:
Download DDS and save it to your desktop

Link1
Link2
Link3

Please disable any anti-malware program that will block scripts from running before running DDS.

Double-Click on dds.scr and a command window will appear. This is normal.Shortly after two logs will appear:
DDS.txt Attach.txtA window will open instructing you save & post the logsSave the logs to a convenient place such as your desktopCopy the contents of both logs & post in your next replyScan With RKUnHookerPlease Download Rootkit Unhooker Save it to your desktop.Now double-click on RKUnhookerLE.exe to run it.Click the Report tab, then click Scan.Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.Wait till the scanner has finished and then click File, Save Report.Save the report somewhere where you can find it. Click Close.Copy the entire contents of the report and paste it in a reply here.Note** you may get this warning it is ok, just ignore"Rootkit Unhooker has detected a parasite inside itself!It is recommended to remove parasite, okay?""just click on Cancel, then Accept".information and logs:In your next post I need the following

.logs from DDSlog from RKUnHookerlet me know of any problems you may have hadGringo

http://www.bleepingcomputer.com/forums/t/367926/browser-redirect-and-windows-update-blocked/
Relevancy 83.85%

Hello I m trying to fix an infected PC for one of my work colleagues The PC is running Windows XP Home SP and has a working version of McAfee Security Center There are active user accounts on the machine They brought me the computer at the end of June complaining that McAfee was reporting a problem and the browser IE was re-directing to random websites Through a combination of rkill Malwarebytes Windows blocked, redirecting update browser CCleaner etc I was able to return the machine to what I thought was working order it seemed that the website re-direction was caused Windows update blocked, browser redirecting by an infected Google toolbar Unfortunately the machine is back again and I have taken another look at it Malwarebytes reports the machine is clean I think have removed all suspicious startup entries and McAfee reports it Windows update blocked, browser redirecting is ok Typing a web address directly into IE works except for the Windows Update website which posts an quot Internet Explorer cannot display the webpage quot message with the standard quot Diagnose connection problems quot button If you search from the Google website the search links work however if you use the built-in IE search which is using Google clicking the links takes you to random websites So it looks like I never got rid of the problem in the first place Some help would be appreciated Thanks Nick

http://www.bleepingcomputer.com/forums/t/337894/windows-update-blocked-browser-redirecting/
Relevancy 82.13%

windows xp pro internet explorer got something that has caused my browser update windows browser hijacked and antivirus sites blocked to block me from ANY antivirus site like panda or trend micro etc also windows update site and page This site is evenblocked any place I try to go for help is blocked I m on a laptop so I browser hijacked antivirus sites and windows update blocked could get on here for help I had a copy of hijackthis on my browser hijacked antivirus sites and windows update blocked pc so I browser hijacked antivirus sites and windows update blocked ran it heres what it said if I need it yet Code Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C Program Files Windows Defender MsMpEng exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Program Files Creative SBAudigy Surround Mixer CTSysVol exe C Program Files Creative SBAudigy DVDAudio CTDVDDet EXE C WINDOWS system CTHELPER EXE C WINDOWS System DSentry exe C Program Files Dell Media Experience PCMService exe C WINDOWS system dla tfswctrl exe C Program Files Dell Photo AIO Printer dlbtbmgr exe C Program Files MUSICMATCH MUSICMATCH Jukebox mmtask exe C Program Files Dell Photo AIO Printer dlbtbmon exe C Program Files Microsoft IntelliPoint point exe C Program Files Windows Defender MSASCui exe C WINDOWS system ctfmon exe C WINDOWS system drivers svchost exe C PROGRA AVG AVG avgwdsvc exe C WINDOWS System CTsvcCDA exe C Program Files Promise Utility MsgAgt exe C WINDOWS System svchost exe C Program Files Webroot Spy Sweeper WRSSSDK exe C PROGRA AVG AVG avgrsx exe C WINDOWS System MsPMSPSv exe C PROGRA AVG AVG avgemc exe C Program Files AVG AVG avgtray exe C Program Files Internet Explorer Iexplore exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dell me com myway R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Local Page C WINDOWS PCHealth HelpCtr System panels blank htm R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dll O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO no name - A -E CA- D - CD - D B - no file O - Toolbar FlashGet Bar - E E AB-F - D - D - BA E - no file O - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exe O - HKLM Run IntelMeM C Program Files Intel Modem Event Monitor IntelMEM exe O - HKLM Run CTSysVol C Program Files Creative SBAudigy Surround Mixer CTSysVol exe O - HKLM Run CTDVDDet C Program Files Creative SBAudigy DVDAudio CTDVDDet EXE O - HKLM Run CTHelper CTHELPER EXE O - HKLM Run AsioReg REGSVR EXE S CTASIO DLL O - HKLM Run UpdReg C WINDOWS UpdReg EXE O - HKLM Run DVDSentry C WINDOWS System DSentry exe O - HKLM Run PCMService quot C Program Files Dell Media Experience PCMService exe quot O - HKLM Run dla C WINDOWS system dla tfswctrl exe O - HKLM Run UpdateManager quot C Program Files Common File... Read more

A:browser hijacked antivirus sites and windows update blocked

this is so screwy I can go to googles site but can only go to a few other sites, I can get to a couple local town forums but cant get to any help forms for virus help like this one. if I could figure out how to get to trend micro or panda I would try a online scan. its like it knows every site that offers virus help. scary really. please help guys.
 

https://forums.techguy.org/threads/browser-hijacked-antivirus-sites-and-windows-update-blocked.754642/
Relevancy 81.7%

Hello First I want to thank you for your assistance It's greatly - help windows update redirects and Browser pls cannot appreciated My brother just gave me his computer because it's having some problems running and he believes it has a virus The symptoms are numerous and random pop-up's browser re-directs and what he believes are not legit flash updates He unfortunately did not have anti-virus software on the computer or back-up his data I went through the computer's running programs and installed programs and did not see anything too unusual I also ran trendmicro's house call and spybot without finding anything I noticed that Browser redirects and cannot update windows - help pls he had not updated windows windows -bit home premium in a while I tried to perform the update and got the error message quot Windows update cannot currently check for updates because the service is not running You may need to restart your computer quot Obviously a restart did not fix the problem I then noticed that windows defender was not enable and tried to enable that but got the error message quot The specified service does not exist as an installed service error code x quot I went to services msc and did not even see windows defender listed I haven't seen this problem before so didn't know where to go from there Again your help is appreciated Oh also I have a window's cd from another computer obviously a different key on the bottom of this one but am not sure if it will work but I believe it should both same bit version of windows Here is the DSS DDS Ver - - - NTFSAMD Internet Explorer Run by Ann at on - - Microsoft Windows Home Premium GMT - SP Windows Defender Enabled Updated D DDC A- F- fae- E -DA C ACF Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system ibmpmsvc exe C Windows system nvvsvc exe C Windows system svchost exe -k RPCSS C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k LocalService C Windows system svchost exe -k NetworkService C Windows system WLANExt exe C Windows system conhost exe C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceAndNoImpersonation C Windows system nvvsvc exe C Windows SYSTEM WISPTIS EXE C Program Files LENOVO HOTKEY TPHKSVC exe C Program Files x Lenovo Access Connections AcPrfMgrSvc exe C PROGRA Lenovo HOTKEY tpnumlk exe C Windows System svchost exe -k LocalServiceNoNetwork C Windows Microsoft Net Framework v WPF PresentationFontCache exe C Windows system HPSIsvc exe C Program Files Lenovo Communications Utility CAMMUTE exe C Program Files LENOVO HOTKEY MICMUTE exe C Program Files Lenovo Communications Utility TPKNRSVC exe C Program Files LENOVO VIRTSCRL lvvsst exe C Program Files NVIDIA Corporation Performance Drivers nvPDsvc exe C Program Files Common Files Intel WirelessCommon RegSrvc exe C ProgramData Skype Toolbars Skype C C Service c c service exe C Program Files x Common Files Ulead Systems DVD ULCDRSvr exe C Program Files Common Files Microsoft Shared Windows Live WLIDSVC EXE C Program Files x Lenovo Access Connections AcSvc exe C Program Files Intel WiFi bin EvtEng exe C Windows system svchost exe -k bthsvcs C Program Files Common Files Microsoft Shared Windows Live WLIDSvcM exe C Windows system wbem unsecapp exe C Windows system taskhost exe C PROGRA LENOVO VIRTSCRL virtscrl exe C PROGRA Lenovo HOTKEY tpnumlkd exe C Windows SYSTEM WISPTIS EXE C Program Files Common Files microsoft shared ink TabTip exe C Windows system Dwm exe C Program Files x Common Files Microsoft Shared Ink TabTip exe C Windows system wbem wmiprvse exe C Windows Explorer EXE C Program Files Synaptics SynTP SynTPEnh exe C Program Files Lenovo HOTKEY TPOSDSVC exe C Windows System TpShocks exe C Program Files Lenovo Communications Utility TPKNRRES exe C Program Files Microsoft IntelliPoin... Read more

A:Browser redirects and cannot update windows - help pls

Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

One or more of the identified infections is a backdoor trojan/rootkit.

This type of infection allows hackers to remotely control your computer, log keystrokes, steal critical system information, and download and execute files without your knowledge.

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Please refer to Microsoft's Online Safety article for tips on creating a strong password.

Do not change passwords or do any transactions from the infected computer until it has been cleaned.

------------------------------------------------------

Please download aswMBR.exe to your desktop. Double-click aswMBR.exe to run it.
When prompted to download the latest Avast! virus definitions, please choose Yes
Click the Scan button to start scan.
Wait until it says, 'Scan finished successfully'. ( Note - do not select any Fix at this time)
Click Save log, and save it to your desktop.
Click Exit.
Please post the contents of that log, aswMBR.txt, in your next reply.
------------------------------------------------------

When you run this tool, remember to choose 'Skip' not 'Cure' if it finds something. We just want a scan, not a fix.

Download tdsskiller.exe and Save it to your Desktop.

Double-click tdsskiller.exe and click 'Run'

Click 'Start scan'.

If no infection is found, click 'Close' and let me know.

If an infection is found, select 'Skip' from the dropdown menu under 'Cure' then click 'Continue' > 'Close' > 'Close'.

It will produce a log here > C:\TDSSKiller.2.7.48.0_date_time_log.txt

Please navigate to the file, double-click to open it, and copy/paste the contents in your next reply.

------------------------------------------------------

Please download this file from here and save it to your desktop. Double-click on the downloaded file. It should only take a few seconds to run.
When complete, it will say .. "Done! Please check if BFE service is running now"
Don't worry about checking to see if the service is running.
Please reboot your computer.
------------------------------------------------------

Open Notepad and copy/paste the entire contents of the codebox below into Notepad:


Code:
@echo off
if exist peek.txt del /q peek.txt
regedit /a peek.txt "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE"
notepad peek.txt
del %0
Save this as peek.bat Choose to Save type as - All Files to your desktop then close the Notepad file.
It should look like this:

Right-click on peek.bat and choose 'Run as administrator' to allow it to run. A Notepad file will open. Copy/paste that information into your next reply, please.

------------------------------------------------------

http://www.techsupportforum.com/forums/f100/browser-redirects-and-cannot-update-windows-help-pls-658528.html
Relevancy 81.27%

Hello This site has helped me many times to remove malware but this is my first time posting for help Running windows XP SP Explorer pops up an extra window on startup and randomly with random sites adsonar comes up alot they often have a large yellow congratulations banner on top Google links all redirect elsewhere Yahoo causes intermitent redirects I ended up with the Antivirus Soft from one of the redirects Also noticed windows / redirects wont page Google update load I cannot access windows update whatsoever the pages will not load I get a page reset errorInstalled IE on startup it warns me that a program is trying to change my default search engine Redirects Google redirects / windows update page wont load persist I installed Mozilla Firefox and the xtra window pop ups and google redirects are happening with it as well Ran Defogger DDS and GMER DDS Ver - - - NTFSx Run by Owner at on Wed Internet Explorer Microsoft Windows XP Home Edition GMT - Running Processes C WINDOWS system svchost -k DcomLaunchsvchost exeC WINDOWS System svchost exe -k netsvcsC WINDOWS system svchost exe -k WudfServiceGroupsvchost exesvchost exeC WINDOWS system spoolsv exeC WINDOWS Explorer EXEC PROGRA CA ETRUST realmon exeC Program Files iTunes iTunesHelper exeC WINDOWS system igfxtray exeC Program Files Common Files Java Java Update jusched exeC WINDOWS system ctfmon exesvchost exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC Program Files CA eTrust Antivirus InoRpc exeC Program Files CA eTrust Antivirus InoRT exeC Program Files CA eTrust Antivirus InoTask exeC Program Files Common Files Intuit Update Service IntuitUpdateService exeC Program Files Java jre bin jqs exeC Program Files Common Files Microsoft Shared VS DEBUG MDM EXEC WINDOWS system svchost exe -k imgsvcC WINDOWS system wuauclt exeC Program Files iPod bin iPodService exeC WINDOWS System svchost exe -k HTTPFilterC Documents and Settings Owner Desktop dds scr Pseudo HJT Report uSearch Bar hxxp www google com ieuStart Page https www juno com start login do MID yid Fstart Fsp douInternet Settings ProxyServer http BHO Adobe PDF Reader Link Helper e f-c d - d -b d- b d be b - c program files common files adobe acrobat activex AcroIEHelper dllBHO Java Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dllBHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program files java jre lib deploy jqs ie jqs plugin dllBHO f add df- a- a - e - caa e - No FileuRun windll quot c windows system windll dll quot uRun ctfmon exe c windows system ctfmon exeuRunOnce Shockwave Updater c windows system adobe shockwave SwHelper exe -Update - - quot Mozilla compatible MSIE Windows NT NET CLR NET CLR NET CLR NET CLR NET CLR NET CLR NET CLR quot - quot http www nickjr com kids-games little-bears-jigsaw-puzzle html quot mRun Realtime Monitor c progra ca etrust realmon exe -smRun QuickTime Task quot c program files quicktime qttask exe quot -atboottimemRun iTunesHelper quot c program files itunes iTunesHelper exe quot mRun IgfxTray c windows system igfxtray exemRun HotKeysCmds c windows system hkcmd exemRun SunJavaUpdateSched quot c program files common files java java update jusched exe quot dRunOnce RunNarrator Narrator exeIE e e dd -d - - b -f ba - windir Network Diagnostic xpnetdiag exeIE FB F -F - d -BB E- C F - c program files messenger msmsgs exeIE B - CC- C -B BE- C C A - FF E -CC A- E E-BF B- E D - c progra micros office REFIEBAR DLLTrusted Zone microsoft com v windowsupdateTrusted Zone microsoft com windowsupdateTrusted Zone microsoft com wwwDPF B BCA- F C- CF- - - hxxp download macromedia com pub shockwave cabs director sw cabDPF C - A - A - -F F D - hxxp download macromedia com pub shockwave cabs director sw cabDPF B - - - A - A DE AD - hxxp photos walmart com WalmartActivia cabDPF B-B - D-A D -FCFDF E C - hxxp www update microsoft com windowsupdate v V Controls en x client wuweb site cab DPF DABFBF-D AB- FA- C -CC F - ... Read more

A:Google redirects / windows update page wont load

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREPlease download GMER from one of the following locations and save it to your desktop:Main MirrorThis version will download a randomly named file (Recommended)Zipped MirrorThis version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply.Exit GMER and re-enable all active protection when done.-- If you encounter any problems, try running GMER in Safe Mode.

http://www.bleepingcomputer.com/forums/t/319580/google-redirects-windows-update-page-wont-load/
Relevancy 81.27%

PC was infected with a rogue antivirus software called System Tool Followed instruction from MalwareBytes website to remove the program Seems to be gone bu the system is running slow cannot reach Windows Updates blocked and the browser is redirecting web searches DDS Ver - - - NTFSx Run by DDorman at on Mon Internet Explorer Microsoft Windows XP Professional GMT - AV AVG computer slow, browser Updates Windows redirecting blocked, Anti-Virus Free Enabled Updated DDD - FF- F- E B- D D BF Running Processes C WINDOWS system Ati evxx exe C WINDOWS system svchost -k DcomLaunch svchost Windows Updates blocked, computer slow, browser redirecting exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C WINDOWS system spoolsv exe Windows Updates blocked, computer slow, browser redirecting svchost exe C PROGRA AVG AVG avgwdsvc exe C Program Files Java jre bin jqs exe C Program Files LogMeIn x RaMaint exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Microsoft SQL Server MSSQL MSSQL Binn sqlservr exe C PROGRA AVG AVG avgrsx exe C Program Files Common Files Protexis License Service PsiService exe C PROGRA AVG AVG avgnsx exe C Program Files Microsoft SQL Server Shared sqlwriter exe C WINDOWS system svchost exe -k imgsvc C WINDOWS Explorer EXE C PROGRA AVG AVG avgtray exe C Program Files ACT Act for Windows Act Outlook Service exe C Program Files ATI Technologies ATI ACE cli exe C WINDOWS system ctfmon exe C Program Files SUPERAntiSpyware SUPERAntiSpyware exe C WINDOWS System mshta exe C Program Files ATI Technologies ATI ACE cli exe C Program Files ATI Technologies ATI ACE cli exe C WINDOWS System mshta exe C Program Files Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C WINDOWS System mshta exe C Program Files Internet Explorer iexplore exe C Documents and Settings ddorman Desktop dds scr Pseudo HJT Report uSearch Page hxxp www google com uStart Page hxxp www google com uInternet Connection Wizard ShellNext iexplore uInternet Settings ProxyServer http uSearchAssistant hxxp www google com ie uSearchURL Default hxxp www google com search q s mSearchAssistant hxxp www google com ie mURLSearchHooks AVG Security Toolbar BHO a bc a - f - -aa - d c - c program files avg avg toolbar IEToolbar dll BHO amp Yahoo Toolbar Helper d -c f - efb- b - eca - c program files yahoo companion installs cpn yt dll BHO Adobe PDF Link Helper df c-e ad- -a -fa c ebdc - c program files common files adobe acrobat activex AcroIEHelperShim dll BHO AVG Safe Search ca f - f e- b -a e- e e c c - c program files avg avg avgssie dll BHO AVG Security Toolbar BHO a bc a - f - -aa - d c - c program files avg avg toolbar IEToolbar dll BHO Google Toolbar Helper aa ed - dd- d - -cf f - c program files google google toolbar GoogleToolbar dll BHO Google Toolbar Notifier BHO af de - d - -b fa-ce b ad d - c program files google googletoolbarnotifier swg dll BHO Google Dictionary Compression sdch c d fe-e d- -bb - c e e c e - c program files google google toolbar component fastsearch A FB BD dll BHO Java Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dll BHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program files java jre lib deploy jqs ie jqs plugin dll BHO SingleInstance Class fdad da - a - fd - c - f ac - c program files yahoo companion installs cpn YTSingleInstance dll TB Google Toolbar c b - - d - b - a cd f - c program files google google toolbar GoogleToolbar dll TB AVG Security Toolbar ccc a -b ca- -b a - f dd - c program files avg avg toolbar IEToolbar dll TB Yahoo Toolbar ef bd -c fb- d - f- d f - c program files yahoo companion installs cpn yt dll uRun swg c program files google googletoolbarnotifier GoogleToolbarNotifier exe uRun ctfmon exe c windows system ctfmon exe uRun SUPERAntiSpyware c program files superantispyware SUPERAntiSpyware exe mRun LogMeIn GUI quot c program files logmein x LogMeInSystray exe quot mRun AVG TRAY c progra avg avg ... Read more

A:Windows Updates blocked, computer slow, browser redirecting

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OKDeFogger may ask you to reboot the machine, if it does - click OKDo not re-enable these drivers until otherwise instructed.Download DDS:Please download DDS by sUBs from one of the links below and save it to your desktop:
Download DDS and save it to your desktop

Link1
Link2
Link3

Please disable any anti-malware program that will block scripts from running before running DDS.

Double-Click on dds.scr and a command window will appear. This is normal.Shortly after two logs will appear:
DDS.txt Attach.txtA window will open instructing you save & post the logsSave the logs to a convenient place such as your desktopCopy the contents of both logs & post in your next replyScan With RKUnHookerPlease Download Rootkit Unhooker Save it to your desktop.Now double-click on RKUnhookerLE.exe to run it.Click the Report tab, then click Scan.Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.Wait till the scanner has finished and then click File, Save Report.Save the report somewhere where you can find it. Click Close.Copy the entire contents of the report and paste it in a reply here.Note** you may get this warning it is ok, just ignore"Rootkit Unhooker has detected a parasite inside itself!It is recommended to remove parasite, okay?""just click on Cancel, then Accept".information and logs:In your next post I need the following

.logs from DDSlog from RKUnHookerlet me know of any problems you may have hadGringo

http://www.bleepingcomputer.com/forums/t/371155/windows-updates-blocked-computer-slow-browser-redirecting/
Relevancy 80.84%

Hello I m a system admin and I have an employees work computer that has a search page redirect Also they are unable to go to Browser use Update Windows redirects can't search and windows update and it looks like this may have been for some time I ve dealt with a lot of rootkits before similar to this but I have always been able to clean them up thanks to your site and admins posts However in this case I can t seem to get rid of it I have run rootrepeal McAfee Root detective we Browser search redirects and can't use Windows Update also use McAfee Enterprise and rootreveal spybot combofix Ad-Aware HJT MBAM mbr TDLfix GMER new MVPS host file and more Most attempts were based on the directions of what was posted by admins here All the data was backed up so losing everything and reinstalling would not be a problem However I prefer to learn by doing and I want to know how to handle this one going forward Also another computer seems to have the same symptoms and reformatting THAT one is an absolute last resort OK enough small talk here we go The computer runs XP Professional with SP and IE It also had Opera but I uninstalled that and other programs not needed At work we use an Oracle Forms app that limits our browser and java choices due to compatability For example IE and Java do not work so we need to use lesser versions like IE The ComboFix did ran fine and said it needed to reboot after rootkit activity The log said that PCIIDE SYS was infected and cleaned However after rebooting the redirects remained I also ran Combofix twice in a row and it still found the rootkit for PCIIDE SYS GMER also revealed issues with ATAPI SYS quot suspicious modification of atapi sys quot and I replaced both with clean disk copies I check versions too and still the same problems MBAM Spybot McAfee Ad-Aware etc have not found anything I know I should have come to the experts here before the attempts but since I always was able to clean up viruses and spyware before I didn t want to admit defeat well now I admit defeat Again my attempts did follow the steps posted for similar problems Also MBAM realtime does decrease redirects by catching attempts to sites like and I checked the hosts file no entries but did change it to the MVP hosts file As of right now I have MBAM with realtime protection McAfee Enterprise and HiJack this installed I uninstalled Ad-Aware Spybot Combofix etc I hope I didn t ramble too much John PS - I m not the OTS admin so I don t set security policies for all our computers I m more a dba and database admin so I hope I don t get yelled at here for some crappy virus spyware protection policies I certainly going to improve them now for our department

A:Browser search redirects and can't use Windows Update

Hello and welcome. I feel it would be best to get a deeper look and have our Malware Removal Team ID the problem.Please go here....Preparation Guide ,do steps 6 - 9.Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.Include your ComboFix log.Let me know if that went well.

http://www.bleepingcomputer.com/forums/t/323931/browser-search-redirects-and-cant-use-windows-update/
Relevancy 80.84%

Hi I'm using Windows XP Pro SP I fails redirects, Browser update windows keep getting redirects to spam sites when clicking on Google search results Also I can't access http windowsupdate microsoft com even though it works fine on my other computers It seems any browser query involving quot windowsupdate quot results in quot Problem loading page quot in Firefox Also I can't view the C drive in Device Manager DDS DDS Ver - - - NTFSx Run by test at on Fri Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV AntiVir Desktop On-access scanning enabled Updated AD - F - A-A -FDD C Running Processes C WINDOWS system Ati evxx exe C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs C WINDOWS system svchost exe -k WudfServiceGroup C WINDOWS system Ati evxx exe svchost exe svchost exe C WINDOWS system spoolsv exe D Program Files Avira AntiVir Desktop sched exe svchost exe C WINDOWS Explorer EXE D Program Files Google Update GoogleCrashHandler exe D Program Files Avira AntiVir Desktop avguard exe D Program Files Bonjour mDNSResponder exe D Program Files Cisco Systems VPN Client cvpnd exe D Program Files Pure Digital Technologies FlipShare FlipShareService exe D Program Files Java jre bin jqs exe D Program Files Nero Nero Nero BackItUp NBService exe C Program Files Common Files Native Instruments Hardware NIHardwareService exe C WINDOWS Browser redirects, windows update fails System svchost exe -k imgsvc D Program Files TeamViewer Version TeamViewer Service exe C WINDOWS VM STI EXE D Program Files Unlocker UnlockerAssistant exe D Program Files Roland VSC vsc cnf exe D Program Files TomTom HOME TomTomHOMEService exe D Program Files Roland VSC vscvol exe D Program Files Google Google Desktop Search GoogleDesktop exe D Program Files SyncroSoft Pos H O cledx exe D Program Files HP HP Software Update HPWuSchd exe D Program Files Nero Nero Nero BackItUp NBKeyScan exe D Program Files Java jre bin jusched exe D Program Files Brownie BrstsWnd exe D Program Files Viewpoint Common ViewpointService exe D Program Files Avira AntiVir Desktop avgnt exe D Program Files TeamViewer Version TeamViewer exe C WINDOWS system ctfmon exe D Program Files HP Digital Imaging bin hpqtra exe D Program Files Airlink Airlink PS Software PsLink exe D Program Files Philips SPC NC PC Camera TrayMin exe D Program Files Brownie Brnipmon exe C WINDOWS psmon exe D Program Files HP Digital Imaging bin hpqSTE exe C Program Files Common Files Nero Lib NMIndexingService exe D Program Files Mozilla Firefox firefox exe C WINDOWS system mmc exe C WINDOWS system dmremote exe C WINDOWS System dmadmin exe D Program Files Mozilla Firefox plugin-container exe C WINDOWS system mmc exe C Documents and Settings test Desktop dds scr Pseudo HJT Report uStart Page hxxp www google com mSearch Bar hxxp us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html mURLSearchHooks AIM Toolbar Search Class f - dc - -bc - e fefafe - d program files aim toolbar aimtb dll BHO amp Yahoo Toolbar Helper d -c f - efb- b - eca - d progra yahoo companion installs cpn yt dll BHO Adobe PDF Link Helper df c-e ad- -a -fa c ebdc - c program files common files adobe acrobat activex AcroIEHelperShim dll BHO AskBar BHO f d - - d - c -aa e ed - d program files askbardis bar bin askBar dll BHO Winamp Toolbar Loader cee ec- - bc- b - ddc ab c - d program files winamp toolbar winamptb dll BHO Free TV Bar Toolbar a -d - c - b- b aa fb a - d program files free tv bar tbFre dll BHO Google Toolbar Notifier BHO af de - d - -b fa-ce b ad d - d program files google googletoolbarnotifier swg dll BHO AIM Toolbar Loader b cda -b - eef-a - a ac dbf - d program files aim toolbar aimtb dll BHO Java tm Plug-In SSV Helper dbc -a - b-bc - c c c a - d program files java jre bin jp ssv dll BHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - d program files java jre lib deploy jqs ie jqs plugin dll BHO SingleInstance Class fdad da - a -... Read more

A:Browser redirects, windows update fails

Hi,

Please do the following:

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

http://www.techsupportforum.com/forums/f100/browser-redirects-windows-update-fails-505918.html
Relevancy 80.84%

My wife s computer seems to have developed a Virus malware problem even though we are running McAfee I Windows Update and not Browser Redirects opening - Help started out as just browser redirects but has progressed Help - Browser Redirects and Windows Update not opening and she tried STOPZilla which seemed to make things worse I was out of town and this is her work from home computer Now McAfee seems corrupt - will not open all the way Internet Explorer is corrupt and every time I do anything to try and fix it it will not connect to the Internet anymore I have finally thrown up my hands loaded Firefox and decided to ask for help as I am not getting anywhere I am posting the HiJack This log that I ran moments ago Please respond with further troubleshooting steps Thank you in advance for any help you can provide Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Unable to get Internet Explorer version Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS system Ati evxx exe C WINDOWS System brsvc a exe C WINDOWS System brss a exe C WINDOWS system spoolsv exe C WINDOWS system CSHelper exe C WINDOWS System svchost exe C Program Files Google Update GoogleUpdate exe C WINDOWS system inetsrv inetinfo exe C Program Files Java jre bin jqs exe C Program Files McAfee SiteAdvisor McSACore exe C Program Files Common Files Motive McciCMService exe C PROGRA McAfee MSC mcmscsvc exe c PROGRA COMMON mcafee mcproxy mcproxy exe C PROGRA McAfee VIRUSS mcshield exe C Program Files McAfee MPF MPFSrv exe C Program Files Tripp Lite PowerAlert Engine pa exe C WINDOWS System tcpsvcs exe C WINDOWS System snmp exe C WINDOWS System svchost exe C WINDOWS system mqsvc exe C WINDOWS system mqtgsvc exe C WINDOWS system BRMFRSMG EXE C WINDOWS Explorer EXE c PROGRA mcafee com agent mcagent exe C PROGRA McAfee VIRUSS mcsysmon exe C Program Files ATI Technologies ATI Control Panel atiptaxx exe C Program Files Microsoft IntelliType Pro type exe C Program Files Microsoft IntelliPoint point exe C Program Files ATI Technologies ATI HydraVision HydraDM exe C Program Files Adobe Acrobat Distillr Acrotray exe C WINDOWS SOUNDMAN EXE C Program Files Common Files Java Java Update jusched exe C Program Files Scansoft PaperPort pptd nt exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C WINDOWS System MDM EXE C WINDOWS System svchost exe C Program Files Mozilla Firefox firefox exe C WINDOWS system msiexec exe C Program Files Trend Micro HijackThis HiJackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www att net R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO scriptproxy - DB D A - - E -B D- F C - C Program Files McAfee VirusScan scriptsn dll O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - C Program Files Google Google Toolbar GoogleToolbar dll O - BHO Adobe PDF Conversion Toolbar Helper - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dll O - BHO McAfee SiteAdvisor BHO - B E -A B - A -B - CD E A FF - c PROGRA mcafee SITEAD ... Read more

Relevancy 80.84%

Hello I m doing some work on a friend s computer I m getting browser redirects when going to security related sites Kapersky com mcafee com and I m also unable to download updates for windows This from what I can see has been happening since August I know I know She just feels bad asking me for help Lame excuse I know but what can you do Anyways I ve run several scans with AVG free spybot search and destroy and ccleaner Removed a few things but problems persist I ve followed the documentation on what to do and here are my logs No problems running DDS Here Browser run to update redirects/unable windows is the contents of the dds txt file Attach txt is um attached The GMER log is also attached nbsp Attach txt nbsp nbsp KB nbsp nbsp downloads nbsp gmer log nbsp nbsp KB nbsp nbsp downloads Thank you so much Look forward to hearing your reply Jeremy DDS Ver - - - NTFSx Run by Dawn Browser redirects/unable to run windows update at on Wed Internet Explorer Microsoft Windows Vista Home Premium GMT - AV AVG Anti-Virus Free Edition Enabled Updated A B -DEE -F A-FBCD-ADB C F SP AVG Anti-Virus Free Edition Enabled Updated E A -F D -F D -C D- C DBE F D SP Browser redirects/unable to run windows update Windows Defender Disabled Outdated D DDC A- F- fae- E -DA C ACF Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system svchost exe -k rpcss C Windows system Ati evxx exe C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows system Ati evxx exe C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k GPSvcGroup C Windows system SLsvc exe C Windows system svchost exe -k LocalService C Windows system svchost exe -k NetworkService C Windows System WLTRYSVC EXE C Windows System bcmwltry exe C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceNoNetwork C Windows system taskeng exe C Windows system taskeng exe C Windows system aestsrv exe C Windows system dlbccoms exe C Windows system svchost exe -k hpdevmgmt C Windows system Dwm exe C Program Files Common Files Motive McciCMService exe C Windows Explorer EXE C Windows System svchost exe -k HPZ C Windows System svchost exe -k HPZ C Windows system svchost exe -k NetworkServiceNetworkRestricted C Program Files Common Files Roxio Shared SharedCOM RoxWatch exe C Windows system STacSV exe C Windows system svchost exe -k imgsvc C Program Files Viewpoint Common ViewpointService exe C Windows System svchost exe -k WerSvcGroup C Windows system SearchIndexer exe C Windows system DRIVERS xaudio exe C Program Files Yahoo SoftwareUpdate YahooAUService exe C Program Files Spybot - Search amp Destroy SDWinSec exe C Program Files Synaptics SynTP SynTPEnh exe C Windows System WLTRAY EXE C Program Files Dell MediaDirect PCMService exe C Program Files HP HP Software Update hpwuSchd exe C Program Files Sigmatel C-Major Audio WDM sttray exe C Program Files DellSupport DSAgnt exe C Program Files Digital Line Detect DLG exe C Program Files HP Digital Imaging bin hpqtra exe C Program Files Common Files Nikon Monitor NkMonitor exe C Program Files Dell QuickSet quickset exe C Windows system wbem wmiprvse exe C Program Files HP Digital Imaging bin hpqSTE exe C Program Files HP Digital Imaging bin hpqbam exe C Windows system svchost exe -k LocalServiceAndNoImpersonation C Program Files Common Files Intuit Update Service IntuitUpdateService exe C Windows system wuauclt exe C Program Files AVG AVG avgtray exe C Program Files AVG AVG Identity Protection agent bin avgidsmonitor exe C Program Files Google Google Toolbar GoogleToolbarUser exe C Program Files AVG AVG avgwdsvc exe C Program Files AVG AVG avgrsx exe C Program Files AVG AVG avgcsrvx exe C Program Files AVG AVG avgchsvx exe C Program Files AVG AVG avgnsx exe C Program Files AVG AVG avgemcx exe C Program Files AVG AVG Identity Protection Agent Bin AVGIDSAgent exe C Windows system WUD... Read more

A:Browser redirects/unable to run windows update

HiPlease do the following:Download Combofix from either of the links below. You must rename it to iexplore before saving it. Save it to your desktop. Change the save as file type to "all files"**Note: In the event you already have Combofix, delete it, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**If you are using Firefox, make sure that your download settings are as follows:
Tools->Options->Main tabSet to "Always ask me where to Save the files". Link 1 Link 2-----------------------------------------------------------Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

-----------------------------------------------------------
NOTE: If ComboFix asks to install the Recovery Console, please ALLOW it to do so.

-----------------------------------------------------------Double click on the renamed ComboFix.exe & follow the prompts. When finished, it will produce a report for you. Please post the C:\ComboFix.txt so we can continue cleaning the system.-----------------------------------------------------------

http://www.bleepingcomputer.com/forums/t/388169/browser-redirectsunable-to-run-windows-update/
Relevancy 80.41%

Well I m getting redirected to all sorts of garbage urls google-analytics com in both Firefox and IE and some sites won t load altogether anymore windows update site some forums I m not sure how this computer was infected It is an XP pro machine running sp I ran the CD Emu disabler dds and gmer Logs below DDS TXT DDS Ver - - - NTFSx Run by PatrickP at on Tue Internet Explorer BrowserJavaVersion update Win redirect windows XP worm/virus pro (name??), blocked work browser computer has Microsoft Windows XP Professional GMT - AV Trend Micro OfficeScan Antivirus On-access scanning enabled Updated F AB F- D- -BEAA-C A E F Running Processes C WINDOWS system svchost Win XP pro work computer has browser redirect worm/virus (name??), windows update blocked -k DcomLaunch svchost exe Win XP pro work computer has browser redirect worm/virus (name??), windows update blocked C WINDOWS System svchost exe -k netsvcs C WINDOWS system svchost exe -k WudfServiceGroup svchost exe svchost exe C WINDOWS system spoolsv exe svchost exe C Program Files Java jre bin jqs exe C Program Files Microsoft SQL Server MSSQL INVENTORCONTENT Binn sqlservr exe c Program Files Microsoft SQL Server MSSQL UTSSQLEXPRESS MSSQL Binn sqlservr exe C WINDOWS System svchost exe -k HPZ c Program Files Microsoft SQL Server Shared sqlwriter exe C WINDOWS system svchost exe -k imgsvc C WINDOWS Explorer EXE C WINDOWS system igfxpers exe C Program Files Java jre bin jusched exe C Program Files Common Files SolidWorks Installation Manager Scheduler sldIMScheduler exe C WINDOWS system ctfmon exe C Program Files Microsoft SQL Server Tools Binn sqlmangr exe C Program Files GSDS spnsrv x exe C WINDOWS system wuauclt exe C Program Files Trend Micro OfficeScan Client pccntmon exe C Program Files Trend Micro OfficeScan Client ntrtscan exe C WINDOWS TEMP OE EXE C Program Files Microsoft Office Office OUTLOOK EXE C Program Files Microsoft Office Office WINWORD EXE C Program Files Mozilla Firefox firefox exe C Program Files Mozilla Firefox plugin-container exe C Documents and Settings patrickp Desktop dds com Pseudo HJT Report uStart Page hxxp www google com mSearchAssistant hxxp www google com ie BHO Adobe PDF Reader Link Helper e f-c d - d -b d- b d be b - c program files adobe acrobat activex AcroIEHelper dll BHO dsWebAllowBHO Class f d c- - f-a - e bd e - c program files windows desktop search dsWebAllow dll BHO Java Plug-In SSV Helper bb-d f - c-b eb-d daf d d - c program files java jre bin ssv dll BHO fdbba- d - f - a b- a c b - c windows system msrbting dll BHO Java Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dll BHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program files java jre lib deploy jqs ie jqs plugin dll uRun ctfmon exe c windows system ctfmon exe mRun IgfxTray c windows system igfxtray exe mRun HotKeysCmds c windows system hkcmd exe mRun Persistence c windows system igfxpers exe mRun SigmatelSysTrayApp sttray exe mRun IntelAudioStudio quot c program files intel audio studio IntelAudioStudio exe quot BOOT mRun OfficeScanNT Monitor quot c program files trend micro officescan client pccntmon exe quot -HideWindow mRun QuickTime Task quot c program files quicktime qttask exe quot -atboottime mRun SunJavaUpdateSched quot c program files java jre bin jusched exe quot mRun SolidWorks CheckForUpdates quot c program files common files solidworks installation manager scheduler sldIMScheduler exe quot scheduler mRun MSConfig c windows pchealth helpctr binaries MSConfig exe auto StartupFolder c docume patrickp startm programs startup shortc lnk - c program files gsds spnsrv x exe StartupFolder c docume alluse startm programs startup servic lnk - c program files microsoft sql server tools binn sqlmangr exe mPolicies-explorer NoWelcomeScreen x IE E amp xport to Microsoft Excel - c progra micros office EXCEL EXE IE e e dd -d - - b -f ba - windir Network Diagnostic xpnetdiag exe IE FB F -F - d -BB E- C F - c program files messenger ms... Read more

A:Win XP pro work computer has browser redirect worm/virus (name??), windows update blocked

This is my first time asking for help here, please let me know if I'm doing anything wrong or need to do anything additional.===========Hello While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our MRT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us want someone to assist you who is not familiar with your issue and attempt to fix it.We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to by a member of the MRT Team. The reason we ask this or do not respond to your requests is because that would remove you from the active queue that Techs and Staff have access to. The malware staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response, there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.That is why I have made an edit to your last post, instead of a reply. Please do not multiple post here, as that only pushes you further down the queue and causes confusion to the staff.Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.Thank you for understanding.Orange Blossom ~ forum moderator

http://www.bleepingcomputer.com/forums/t/354697/win-xp-pro-work-computer-has-browser-redirect-wormvirus-name-windows-update-blocked/
Relevancy 79.98%

So I noticed my computer was having some redirect issues using Firefox and searching through google I am running windows xp service pack I then attempted to use Microsoft Security Essentials which disappeared when i tried to mouse over the tray icon I tried to restart MS update, redirects MS Windows possible security browser and essentials, security essentials once it opens up it is in Windows update, MS security essentials, and possible browser redirects red status PC at risk If i click on start now it gives me the error quot Couldn t start the security essentials service error code x quot I then used malwarebytes and it found trojan happili supposedly quarantined but I found it later on while in safemode using malwarebytes again I also ran HitmanPro which found a sirefec fc hitmanpro claims to have removed it I have used the microsoft support to restart the windows update from this link http support microsoft com kb the windows fixit to reset it will not run so there is no windows update listed still in services msc If i try to go update microsoft com I am redirected to http support microsoft com kb and cannot update In addition if i try to click on windows firewall from the control panel it says quot Due to an unidentified problem windows cannot display Windows Firewall settings quot and does not run My attempts at fixing this are not working and any help would be appreciated

A:Windows update, MS security essentials, and possible browser redirects

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/459955 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system. If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.Thank you for your patience, and again sorry for the delay.*************************************************** We need to see some information about what is happening in your machine. Please perform the following scan again: Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.DDS.scr DDS.pifDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results. Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE We also need a new log from the GMER anti-rootkit Scanner. Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log. Please first disable any CD emulation programs using the steps found in this topic: Why we request you disable CD Emulation when receiving Malware Removal Advice Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here: How to create a GMER logAs I am just... Read more

http://www.bleepingcomputer.com/forums/t/459955/windows-update-ms-security-essentials-and-possible-browser-redirects/
Relevancy 79.12%

Visiting my sister s house for Easter I Windows Update and redirects funnies remnants--browser Malware thought I d do some routine maintenance on her PC running WinXP Pro SP -bit Automatic Windows Updates were not enabled so I went to the Windows Update site and after or cycles including at least one reboot had all the applicable patches installed After all patches were installed I turned on Automatic Malware remnants--browser redirects and Windows Update funnies Windows Updates Finally I tried to go to the Microsoft Security Essentials site to install that but got redirected to some off-brand search site Uh oh Tried to Google MSE and open various links from www microsoft com but all were redirected Downloaded Malware remnants--browser redirects and Windows Update funnies MalwareBytes on a nd uninfected computer carried that to the infected machine and tried to install it Got the classic quot What program do you want to use to open this file with quot problem Searched Google on the uninfected machine found a registry edit to solve the quot can t launch exe files quot problem and successfully ran MalwareBytes It found some problems I asked it to repair them and crossed my fingers that everything would be okay Unfortunately it s not I have noticed the following problems so far Firefox is still being redirected IE doesn t seem to be getting redirected but the Windows Update site does not respond correctly It asks if I want to turn on Automatic Windows Updates even though if I go to Control Panel gt System gt Austomatic Updates quot Automatic quot is checked When I go to the Windows Update page and try to quot Upgrade to Microsoft Update quot the install fails with error x I was eventually able to install MSE and run a Quick Scan but it did not resolve the issues I tried to run the Kaspersky Online Scanner v in both Firefox and IE but it failed with the error quot License has expired quot Could someone please help me stamp out these last malware remnants Thank you Jim

A:Malware remnants--browser redirects and Windows Update funnies

After digging some more this morning, I realized the problem was the TDSS rootkit, and MalwareBytes had not completely cured it. Following the advice in the "Browser Hijacked" thread on this forum, I ran the Kaspersky TDSS removal tool, which identified the TDSS infection and cured it. That solved the browser redirect issues.I still had the problem with the MS Update not working properly, and the disconnect between various bits of Windows thinking I had not enabled Automatic Updates when I had. Via some Google searching, I found a suggestion to re-register the wuaueng.dll (Start>Run "regsvr32 wuaueng.dll"). After doing this, visiting the Windows Update site gets me the Microsoft Update service, and it also correctly reports that Automatic Updates are enabled.My sister's computer appears to be back in business. I'm now running deep scans using MalwareBytes and MS Security Essentials to get some confidence that it's okay.Jim

http://www.bleepingcomputer.com/forums/t/392874/malware-remnants-browser-redirects-and-windows-update-funnies/
Relevancy 78.69%

Hello looks like my home computer has a rootkit perhaps Last weekend we had Antivirus Action hijacking the computer I slow, running very browser cannot update AV redirects, found some instructios to remove it ran CCleaner and installed Adaware Things seems ok but took a turn for the worse Whole system slowed down to a crawl and get brower running very slow, browser redirects, AV cannot update redirects saying system is infected click Ok to scan etc Also getting pop ups about svchost application error Below is the DDS log and I attached attach txt But I can running very slow, browser redirects, AV cannot update t upload the ark txt it said it was too big It is kb in size so I made it a zip file Hope this works DDS Ver - - - NTFSx NETWORK Run by HP Administrator at on Sat Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV Ad-Aware Total Security Enabled Updated - F B- F - A - AA FBB FW Ad-Aware Personal Firewall Enabled Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS system svchost exe -k netsvcs svchost exe svchost exe C WINDOWS Explorer EXE C WINDOWS system taskmgr exe C Program Files Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C WINDOWS system ctfmon exe C Program Files Internet Explorer iexplore exe C Documents and Settings HP Administrator Desktop dump dds scr Pseudo HJT Report uStart Page about blank uSearch Page hxxp www google com uSearch Bar hxxp www google com ie uDefault Search URL hxxp ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd pavilion amp pf desktop uSearchMigratedDefaultURL hxxp www google com search q searchTerms amp sourceid ie amp rls com microsoft en-US amp ie utf amp oe utf mSearch Bar hxxp ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd pavilion amp pf desktop uInternet Connection Wizard ShellNext iexplore uInternet Settings ProxyServer http uInternet Settings ProxyOverride lt local gt uSearchAssistant hxxp www google com ie uSearchURL Default hxxp www google com search q s mSearchAssistant hxxp www google com ie mWinlogon Userinit c windows system userinit exe c program files lavasoft ad-aware total security avkkid avkcks exe BHO Ad-Aware WebFilter d- b - f-af - c a c - c program files lavasoft ad-aware total security webfilter AvkWebIE dll BHO Adobe PDF Link Helper df c-e ad- -a -fa c ebdc - c program files common files adobe acrobat activex AcroIEHelperShim dll BHO CA F - F E- B -A E- E E C C - No File BHO DriveLetterAccess ca d e- - cf- e - - c windows system dla tfswshx dll BHO Skype add-on for Internet Explorer ae - e c- ed - f b-f f a - c program files skype toolbars internet explorer skypeieplugin dll BHO Java Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dll BHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program files java jre lib deploy jqs ie jqs plugin dll TB HP view b e - d d- deb- b - d bcf f - c program files hp digital imaging bin HPDTLK dll TB Ad-Aware WebFilter d- b - f-af - c a c - c program files lavasoft ad-aware total security webfilter AvkWebIE dll TB CDD BF- FFB- - AD - DF B D - No File uRun LightScribe Control Panel c program files common files lightscribe LightScribeControlPanel exe -hidden uRun HDDHealth c program files hdd health hddhealth exe -wl uRun updateMgr quot c program files adobe acrobat reader AdobeUpdateManager exe quot AcRdB -reboot uRun Skype quot c program files skype phone Skype exe quot nosplash minimized uRun ctfmon exe c windows system ctfmon exe uRunOnce Shockwave Updater c windows system adobe shockw SWHELP EXE -Update - - quot Mozilla compatible MSIE Windows NT Trident NET CLR NET CLR Media Center PC InfoPath NET CLR NET CLR NET CLR quot - quot http perspective pearsonaccess com content resources learningresources rd cct imp html cct cct v quot mRun ehTray c windows ehome ehtray exe mRun KBD c hp kbd KBD EXE mRun x watchpro c program files x watch... Read more

A:running very slow, browser redirects, AV cannot update

Hello klklkl , Welcome to Bleeping Computer.
My name is fireman4it and I will be helping you with your Malware problem.

Please take note of some guidelines for this fix:
Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
Finally, please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.1.Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it.To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.2.Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4
Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how. Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator) A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed. If nothing happens or if the tool does not run, please let me know in your next reply3.Install Recovery Console and Run ComboFixThis tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.Download Combofix from any of the links below, and save it to your desktop. Link 1Link 2 Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.Close any open windows, including this one.Double click on ComboFix.exe & follow the prompts.As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. If you did not have it installed, you will see the prompt below. Choose YES.Follow the prompts to allow ComboFix to downloa... Read more

http://www.bleepingcomputer.com/forums/t/368111/running-very-slow-browser-redirects-av-cannot-update/
Relevancy 78.69%

I m trying to fix my sister s laptop which was obviously infected with a ton of stuff First I ran SuperAntiSpyware it found and deleted threats Then I ran MBAM and it found - off/random failure/Windows Help won't Windows Support installation browser SD redirects/Spybot turn Update failure and threats I ran HJTthis a few times and it found and fixed - threats Finally I ran SpybotSD from a thumb drive and it found a couple things I also installed Windows Essentials Symptoms - on bootup sometimes it tries to check the disk then cancels itself- Windows Help and Support starts as soon as the desktop shows When I click Windows Help and Support won't turn off/random browser redirects/Spybot SD installation failure/Windows Update failure the X it closes and immediately pops Windows Help and Support won't turn off/random browser redirects/Spybot SD installation failure/Windows Update failure back up - IE doesn t work at all - I installed Firefox It worked fine at first then randomly started redirecting me when I tried to click results on Google- I tried to run spybot installer to install the program on the computer but it failed when it started unpacking - I tried to run Windows update but it would start to download then fail- when I tried to run Gmer as directed in your instructions it caused the following message that said taskmgr exe was corrupt please run chkdsk message that said gmer exe was corrupt please run chkdsk logonscreensaver stopped responding and screen went whiteDDS Ver - - - NTFSx Run by Owner at on Fri Internet Explorer Microsoft Windows Vista Home Premium GMT - AV Microsoft Security Essentials On-access scanning enabled Updated BCF -A - -AEDE-D FCBCFCDF SP Microsoft Security Essentials enabled Updated BCF -A - -AEDE-D FCBCFCDE SP Windows Defender disabled Updated D DDC A- F- FAE- E -DA C ACF Running Processes C Windows system wininit exeC Windows system lsm exeC Windows system svchost exe -k DcomLaunchC Windows system svchost exe -k rpcssc Program Files Microsoft Security Essentials MsMpEng exeC Windows System svchost exe -k LocalServiceNetworkRestrictedC Windows System svchost exe -k LocalSystemNetworkRestrictedC Windows system svchost exe -k netsvcsC Windows system SLsvc exeC Windows system svchost exe -k LocalServiceC Windows system svchost exe -k NetworkServiceC Windows System spoolsv exeC Windows system svchost exe -k LocalServiceNoNetworkC Windows system Dwm exeC Windows system taskeng exeC Windows Explorer EXEC Program Files Apoint K Apoint exeC WINDOWS System igfxpers exeC Program Files Microsoft Security Essentials msseces exeC WINDOWS ehome ehtray exeC Windows system igfxsrvc exeC Windows ehome ehmsas exeC Program Files Apoint K ApMsgFwd exeC Program Files Apoint K Apntex exeC Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exeC Program Files Bonjour mDNSResponder exeC Program Files Common Files LightScribe LSSrvc exeC Windows system svchost exe -k NetworkServiceNetworkRestrictedC Windows system svchost exe -k imgsvcC Windows System svchost exe -k WerSvcGroupC Windows system SearchIndexer exeC Windows system WUDFHost exeC Windows helppane exeC Windows system wbem unsecapp exeC Windows system wbem wmiprvse exeC Users Owner Downloads dds scrC Windows System mobsync exeC Windows system wbem wmiprvse exeC Program Files Windows Media Player wmplayer exe Pseudo HJT Report uInternet Settings ProxyOverride lt local gt TB D C F- A- -A AD- D - No FileuRun ehTray exe c windows ehome ehTray exemRun Windows Defender ProgramFiles Windows Defender MSASCui exe -hidemRun Apoint c program files apoint k Apoint exemRun hpWirelessAssistant ProgramFiles Hewlett-Packard HP Wireless Assistant HPWAMain exemRun WAWifiMessage ProgramFiles Hewlett-Packard HP Wireless Assistant WiFiMsg exemRun IgfxTray c windows system igfxtray exemRun HotKeysCmds c windows system hkcmd exemRun Persistence c windows system igfxpers exemRun MSSE quot c program files microsoft security essentials msseces exe q... Read more

A:Windows Help and Support won't turn off/random browser redirects/Spybot SD installation failure/Windows Update failure

Please close this post as the problem is now fixed. I appreciate the service your forum provides. Thanks.

http://www.bleepingcomputer.com/forums/t/319915/windows-help-and-support-wont-turn-offrandom-browser-redirectsspybot-sd-installation-failurewindows-update-failure/
Relevancy 78.26%

Recently formatted installed Windows weeks ago Brother used computer and must have visited a sketchy site Yesterday I started to notice the internet get very very slow randomly and some redirects in my browser Firefox Today when I came home the computer had restarted and recovered from an unexpected Windows error but I couldn t copy the error code When I ran GMER the log that is produced is Browser unexpected redirects/slow internet/windows errors empty The rest of the logs are as follows HijackThis Log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows WinNT MSIE Internet Explorer v Boot mode Normal Running processes C ProgramData TVersity Media Server web admin TVersity exe C Program Files x Avira AntiVir Desktop avgnt exe C Program Files x Common Files Java Java Update jusched exe C Program Files x iTunes iTunesHelper exe C My Stuff Software RealTemp RealTemp exe C Program Files x Browser redirects/slow internet/windows unexpected errors Mozilla Firefox firefox exe C Program Files x Mozilla Firefox plugin-container exe C Users Nick Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKLM Software Microsoft Internet Explorer Main Local Page C Windows SysWOW blank htm R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName F - REG system ini UserInit userinit exe O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files x Java jre bin jp ssv dll O - HKLM Run avgnt quot C Program Files x Avira AntiVir Desktop avgnt exe quot min O - HKLM Run SunJavaUpdateSched quot C Program Files x Common Files Java Java Update jusched exe quot O - HKLM Run Adobe Reader Speed Launcher quot C Program Files x Adobe Reader Reader Reader sl exe quot O - HKLM Run Adobe ARM quot C Program Files x Common Files Adobe ARM AdobeARM exe quot O - HKLM Run QuickTime Task quot C Program Files x QuickTime QTTask exe quot -atboottime O - HKLM Run iTunesHelper quot C Program Files x iTunes iTunesHelper exe quot O - HKCU Run Sidebar C Program Files Windows Sidebar sidebar exe autoRun O - HKUS S- - - Run Sidebar ProgramFiles Windows Sidebar Sidebar exe autoRun User LOCAL SERVICE O - HKUS S- - - RunOnce mctadmin C Windows System mctadmin exe User LOCAL SERVICE O - HKUS S- - - Run Sidebar ProgramFiles Windows Sidebar Sidebar exe autoRun User NETWORK SERVICE O - HKUS S- - - RunOnce mctadmin C Windows System mctadmin exe User NETWORK SERVICE O - Startup RealTemp exe O - Startup TVersity lnk C ProgramData TVersity Media Server web admin TVersity exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button Research - B - CC- C -B BE- C C A - C PROGRA MICROS Office REFIEBAR DLL O - HKLM System CCS Services Tcpip BAA DFF - E - F - A E- FEFFC NameServer O - Service SystemRoot system Alg exe - ALG - Unknown owner - C Windows System alg exe file missing O - Service Avira AntiVir Scheduler AntiVirSchedulerService - Avira GmbH - C Program Files x Avira AntiVir Desktop sched exe O - Service Avira AntiVir Guard AntiVirService - Avira GmbH - C Program Files x Avira AntiVir Desktop avguard exe O - Service Apple Mobile Device - Apple Inc - C Progr... Read more

A:Browser redirects/slow internet/windows unexpected errors

TTT...anyone help me out?
 

https://forums.techguy.org/threads/browser-redirects-slow-internet-windows-unexpected-errors.968879/
Relevancy 78.26%

Referred from here http www bleepingcomputer com forums t computer-running-slow-browser-is-hijacked-redirects-or-opens-new-windows OBMy computer running very slow and my browser is hijacked redirects or opens new windows in IE Google Chrome and Firefox I have ran several malware removal programs including Spybot Malwarebytes' Anti-Malware and SUPERAntiSpyware Free Edition They usually find stuff but Computer redirects is Slow, or opens windows browser new hijacked, I think Computer Slow, browser is hijacked, redirects or opens new windows whatever it is reinstalls itself or it isn't being detected Please let me know what my first step should be in detecting the issue and solving this Thank Computer Slow, browser is hijacked, redirects or opens new windows you I tried running RootRepeal with no success It says intitalizing please wait and never does anything I even tried doing it in safe mode It kept telling me that I don't have enough virtual memory to run Computer Slow, browser is hijacked, redirects or opens new windows the application I downloaded Rkill and ran it Then I tried the RootRepeal again A system information box comes up and says that I do not have enough virtual memory and it is attempting to shut down unneeded processes to run RootRepeal I waited about an hour and it still locked up the computer My computer is running on MB RAM and an AMD Athlon XP GHz I have an A-Bit NF -S motherboard and am running on Windows XP Professional I'm gonna pick up some more RAM which I had planned on doing anyways and see if I can run it after that Win kDiag Running from C Documents and Settings Micah Desktop Win kDiag exeLog file at C Documents and Settings Micah Desktop Win kDiag txtWARNING Could not get backup privileges Searching 'C WINDOWS' Finished Log Volume in drive C is System GigVolume Serial Number is A - B Directory of C WINDOWS NtServicePackUninstall AM scecli dllDirectory of C WINDOWS NtServicePackUninstall AM netlogon dllDirectory of C WINDOWS NtServicePackUninstall AM eventlog dll File s bytesDirectory of C WINDOWS ServicePackFiles i PM scecli dllDirectory of C WINDOWS ServicePackFiles i PM netlogon dllDirectory of C WINDOWS ServicePackFiles i PM eventlog dll File s bytesDirectory of C WINDOWS system PM scecli dllDirectory of C WINDOWS system PM netlogon dllDirectory of C WINDOWS system PM eventlog dll File s bytesTotal Files Listed File s bytes Dir s bytes free DDS Ver - - - NTFSx Run by Micah at on Sat Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV avast antivirus VPS - On-access scanning enabled Updated DB - F - A -B - A FD D Running Processes C WINDOWS system svchost -k DcomLaunchsvchost exeC Program Files Windows Defender MsMpEng exeC WINDOWS System svchost exe -k netsvcsC WINDOWS system svchost exe -k WudfServiceGroupsvchost exesvchost exeC Program Files Alwil Software Avast aswUpdSv exeC Program Files Alwil Software Avast ashServ exeC Program Files Visual Networks Visual IP InSight SBC IPClient exeC Program Files BroadJump Client Foundation CFD exeC Program Files Windows Defender MSASCui exeC PROGRA ALWILS Avast ashDisp exeC Program Files QuickTime qttask exeC Program Files Java jre bin jusched exeC Program Files Microsoft ActiveSync WCESCOMM EXEC Program Files DNA btdna exeC Program Files Spybot - Search amp Destroy TeaTimer exeC Documents and Settings Micah Local Settings Application Data Google Update GoogleUpdate exeC Documents and Settings Micah Local Settings Application Data Google Update GoogleCrashHandler exeC WINDOWS system spoolsv exesvchost exeC WINDOWS System CTSvcCDA EXEC Program Files Java jre bin jqs exeC Program Files Common Files Motive McciCMService exeC Program Files Common Files Microsoft Shared VS Debug mdm exeC WINDOWS System svchost exe -k imgsvcC WINDOWS System MsPMSPSv exeC Program Files Alwil Software Avast ashMaiSv exeC Program Files Alwil Software Avast ashWebSv exeC WINDOWS explorer exeC WINDOWS system devldr exeC Program Files Internet Explorer i... Read more

A:Computer Slow, browser is hijacked, redirects or opens new windows

Hi,My name is Extremeboy (or EB for short), and I will be helping you with your log.We apologize for the delay of response. If you still require assistance we would like to see the current condition of your system so please post a new set of DDS Logs as well as a RootRepeal log and a description of any remaining problems or symptoms you may still have please.If for any reason you did not post a DDS log or RootRepeal log please refer to this page and in step #6 and Step #7 for further instructions on downloading and running DDS & RootRepeal. If you have any problems just let me know in your next reply or simply post a Hijackthis log.For your next reply I would like to see:-The DDS logs---DDS.txt and Attach logs-RootRepeal logs-Description of any remaining problems you may still have.Thanks again and we apologize for the delay.With Regards,Extremeboy

http://www.bleepingcomputer.com/forums/t/276728/computer-slow-browser-is-hijacked-redirects-or-opens-new-windows/
Relevancy 78.26%

Hi all browser + Update unreachable not disconnects + downloadable redirects WiFI & Windows I have a Dell Vostro laptop XP with SP Started acting strange a few weeks back I dont recall installing any software or other changes prior to WiFI disconnects + browser redirects + Windows Update unreachable & not downloadable this time While connected to WiFi and surfing after a few minutes the WiFi config window would open and state that Windows could not config the WiFi and to start Windows ZeroConfig Along with this problem Firefox would get re-directed to all sorts WiFI disconnects + browser redirects + Windows Update unreachable & not downloadable of odd places WiFI disconnects + browser redirects + Windows Update unreachable & not downloadable even if no button was being clicked Disable Re-enable the radio had to be done via System Manager and rarely got things working A reboot is usually required to get the WiFi working again Sometimes the reboot does not complete and all I get on my screen is my wallpaper with no icons The laptop is running Spybot SpywareBlaster Ad-Aware AVG and Symantec Endpoint Protection I updated all these to the latest rev and ran full scans one at a time A few trojans were found by Spybot AVG found nothing during the scan but reported another trojan while Ad-Aware was running Ad-Aware found cookies and one trojan Tools each reported that what they found was successfully removed quarantined I tried to update Windows by going to the Windows Update Site using the link in IE Tools- gt Windows Update The link gives the error quot The page cannot be displayed quot with quot Cannot find server quot in the window title bar I can get to the Microsoft main page www microsoft com I went to Security amp Updates link to Windows Update From there I can quot Try Windows Update Today quot and quot Review License Agreement quot After this the web page says quot The website has encountered a problem and cannot display the page you are trying to view quot I dug around and found the link to download the Window Update Installer exe file When I select the link and click quot Save As quot I get the quot The page cannot be displayed quot with quot Cannot find server quot in the window title bar problem again I m not sure if I have a bunch of separate problems or one infection with fingers in many pies Looking forward to any assistannce you can provide

http://www.bleepingcomputer.com/forums/t/368662/wifi-disconnects-browser-redirects-windows-update-unreachable-not-downloadable/
Relevancy 78.26%

I have a and to both slow windows load IE9 FF9 browser very PC with windows bit installed and a pair of SSDs striped as the primary drive Windows threw a wobbly the other day and said IE9 and FF9 both very slow to load browser windows it couldn't load and it appeared to be linked to the RAID array somehow It started working but ever since some programmes have had issues The majority have been fixed with a reinstall of the software with error I still have one really annoying issue Both IE and FireFox take an age IE9 and FF9 both very slow to load browser windows to start IE Loads up a browser but is unresponsive for a good secs and Firefox doesn't even display a browser window for nearly a minute Once a browser is open I can open a second window instantaneously However close all browser windows and it takes an age to re-open I have uninstalled Firefox Norton Security Java Flash etc and reinstalled them all but to no avail I have also run a clean reboot disabling all non MS Services and startup applications I have also run ccleaner and wiped everythings history cache etc Any suggestions greatly appreciated Andrew

A:IE9 and FF9 both very slow to load browser windows

Hi Andrew, Welcome to Seven Forums.

IE on my pc's is slightly faster in opening than FF (default) on which I use very little addons.

http://www.sevenforums.com/browsers-mail/209101-ie9-ff9-both-very-slow-load-browser-windows.html
Relevancy 77.83%

Wouldn't even let me post a message to this forum.


Testing again!

A:Windows update won't load, windows running slow NEED HELP.....PLEASE!

Why can't I post anything other than simple stuff????????

http://www.techsupportforum.com/forums/f100/windows-update-wont-load-windows-running-slow-need-help-please-501883.html
Relevancy 77.83%

This is my first post, thanks your anyone's help in advance.

My computer running very slow and my browser is hijacked, redirects or opens new windows in IE 7, Google Chrome and Firefox. I have ran several malware removal programs including Spybot, Malwarebytes' Anti-Malware and SUPERAntiSpyware Free Edition. They usually find stuff, but I think whatever it is reinstalls itself or it isn't being detected. Please let me know what my first step should be in detecting the issue and solving this! Thank you!!!

A:Computer Running Slow, browser is hijacked, redirects or opens new windows

Welcome to BCWe Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.=====================Please download Win32kDiag.exe by AD and save it to your desktop.alternate download 1alternate download 2This tool will create a diagnostic report Double-click on Win32kDiag.exe to run and let it finish. When it states Finished! Press any key to exit..., press any key on your keyboard to close the program. A file called Win32kDiag.txt should be created on your Desktop.Open that file in Notepad and copy/paste the entire contents (from Starting up... to Finished! Press any key to exit...) in your next reply.-------------------------------------- Go to > Run..., then copy and paste this command into the open box: cmdClick OK.At the command prompt C:\>, copy and paste the following command and press Enter:DIR /a/s %windir%\scecli.dll %windir%\netlogon.dll %windir%\eventlog.dll >Log.txt & START notepad Log.txtA file called log.txt should be created on your Desktop.Open that file and copy/paste the contents in your next reply.

http://www.bleepingcomputer.com/forums/t/275726/computer-running-slow-browser-is-hijacked-redirects-or-opens-new-windows/
Relevancy 77.83%

I am virus windows attacks, unauthoriized redirects update inaccessable, unknown browser having the following problems Internet redirects to bogus pages from various links including google searches slow performance freezing screens annoying underlined texts that when curser goes over tries to take me to non related advertisements the word vibrant shows up in these advertisementsi cannot access ony of the windows update pages to get security updates Antivirus software behving strange in terms of notifications and displaysantivir solutions pro popped up and really give me a hard time used system restore from safe mode to retsotre to previous date followed all instructions so far from your preparation guide all logs attached GregDDS Ver - - - NTFSx Run by greg at on Sun Internet Explorer Microsoft Windows XP Professional GMT - AV AVG Anti-Virus Free On-access scanning disabled Updated DDD - FF- F- E B- D D BF Running Processes C WINDOWS system svchost -k DcomLaunchsvchost exeC WINDOWS System svchost exe -k netsvcssvchost exesvchost exeC WINDOWS system spoolsv exesvchost exeC WINDOWS DOWNLO MyWebEx atnthost exeC PROGRA AVG AVG avgwdsvc exeC WINDOWS system dlcxcoms exeC PROGRA AVG AVG avgrsx exeC Program Files Java jre bin jqs exeC WINDOWS system nvsvc exeC WINDOWS system svchost exe -k imgsvcC WINDOWS Explorer EXEC WINDOWS system wscntfy exeC WINDOWS system RUNDLL EXEC WINDOWS system CTHELPER EXEC WINDOWS system CTXFIHLP EXEC WINDOWS System DLA DLACTRLW EXEC PROGRA AVG AVG avgtray exeC Program Files Common Files Java Java Update jusched exeC Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exeC WINDOWS System svchost exe -k HTTPFilterC WINDOWS system ctfmon exeC WINDOWS SYSTEM CTXFISPI EXEC PROGRA AVG AVG avgnsx exeC Program Files Internet Explorer iexplore exeC Documents and Settings greg Desktop dds scr Pseudo HJT Report uStart Page hxxp finance yahoo com mWinlogon Userinit c windows system userinit exeBHO Adobe PDF Link Helper df c-e ad- -a -fa c ebdc - c program files common files adobe acrobat activex AcroIEHelperShim dllBHO AVG Safe Search ca f - f e- b unknown virus attacks, windows update inaccessable, unauthoriized browser redirects -a e- e e c c - c program files avg avg avgssie dllBHO Spybot-S amp D IE Protection - f - d - - d f - c progra spybot SDHelper dllBHO C C A-E - b - D - CECB - No FileBHO DriveLetterAccess ca d e- - cf- e - - c windows system dla DLASHX W DLLBHO Windows Live Sign-in Helper unknown virus attacks, windows update inaccessable, unauthoriized browser redirects d - c - abf- ecc- c - c program files common files microsoft shared windows live WindowsLiveLogin dllBHO Google Toolbar Helper aa ed - dd- d unknown virus attacks, windows update inaccessable, unauthoriized browser redirects - -cf f - c program files google google toolbar GoogleToolbar dllBHO Google Toolbar Notifier BHO af de - d - -b fa-ce b ad d - c program files google googletoolbarnotifier swg dllBHO Java Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dllBHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program files java jre lib deploy jqs ie jqs plugin dllTB Google Toolbar c b - - d - b - a cd f - c program files google google toolbar GoogleToolbar dllTB CDD BF- FFB- - AD - DF B D - No FileuRun swg quot c program files google googletoolbarnotifier GoogleToolbarNotifier exe quot uRun ctfmon exe c windows system ctfmon exeuRun SpybotSD TeaTimer c program files spybot - search amp destroy TeaTimer exemRun NvCplDaemon RUNDLL EXE c windows system NvCpl dll NvStartupmRun nwiz nwiz exe installmRun NvMediaCenter RUNDLL EXE c windows system NvMcTray dll NvTaskbarInitmRun CTHelper CTHELPER EXEmRun CTxfiHlp CTXFIHLP EXEmRun DLA c windows system dla DLACTRLW EXEmRun AVG TRAY c progra avg avg avgtray exemRun SunJavaUpdateSched quot c program files common files java java update jusched exe quot mRun Adobe Reader Speed Launcher quot c program files adobe reader reader Reader sl exe quot ... Read more

A:unknown virus attacks, windows update inaccessable, unauthoriized browser redirects

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.We need to create an OTL report,Please download OTL from this link.Save it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Under the Custom Scan box paste this in:netsvcsmsconfigdrivers32 /all%systemroot%\system32\*.dll /lockedfiles%systemroot%\system32\*.sys /90%systemroot%\Tasks\*.job /lockedfiles%systemroot%\System32\config\*.sav %SYSTEMDRIVE%\*.*%systemroot%\system32\Spool\prtprocs\w32x86\*.dll%systemroot%\*. /mp /s/md5starteventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dlliaStor.sysnvstor.sysatapi.sysIdeChnDr.sysviasraid.sysAGP440.sysvaxscsi.sysnvatabus.sysviamraid.sysnvata.sysnvgts.sysiastorv.sysViPrt.syseNetHook.dllahcix86.sysKR10N.sysnvstor32ahcix86s.sysnvrd32.sysuser32.dllws2_32.dll/md5stop%systemroot%\*. /mp /sHKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AUCREATERESTOREPOINTClick the Quick Scan button.The scan should take a few minutes.Please copy and paste both logs in your reply.We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:Why we request you disable CD Emulation when receiving Malware Removal AdviceThen create another GMER log and post it as an attachment to the reply where you post your new OTL log. Instructions on how to properly create a GMER log can be found here:How to create a GMER logIn your reply, please post both OTL logs and the GMER log.

http://www.bleepingcomputer.com/forums/t/332643/unknown-virus-attacks-windows-update-inaccessable-unauthoriized-browser-redirects/
Relevancy 77.4%

Recently I discovered that windows update on my computer doesn t work anymore When I tried to access in doesn't load Windows browser page any Update Windows Update page all I got is quot This webpage is not available quot in google chrome In Internet Explorer when I try the windows update link the browser keeps closing and restarting with no success If trying to google about this problem concerning Windows Update page doesn't load in any browser windows update issues I also get the browser closing and restarting Also no succes in Mozzila Firefox nor in Apple Safari I tried all browsers with no success windows update page is not working Internet Explorer cannot display the webpage neither is it possible to update form Windows I just can t get updates to work no Windows Update page doesn't load in any browser matter I do When I tried to run Combofix to see the results the computer freezes and I need to shutdown and restart I scanned my computer with Malwarebytes Anti-Malware and I didn t get any objects infected What advice can you give me Thanks in advance PS also on this page in this post when I tried to paste the windows update adress link I could not post I get quot This webpage is not available quot in chrome In Safari Safari can t open Windows Update page doesn't load in any browser the page http www bleepingcomputer com forums index php The error is unknown error kCFErrorDomainWinSock And it is only because I pasted the adress of windows update site I could not post it no matter what browser I use

A:Windows Update page doesn't load in any browser

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:04:08 AM, on 12/4/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\roman\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\roman\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Safari\Safari.exe
C:\Documents and Settings\roman\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\roman\Desktop\Folders\Scripts\spyware adware\HijackThis.exe

R1 - HKCU\Software\Microsoft\... Read more

http://www.bleepingcomputer.com/forums/t/364755/windows-update-page-doesnt-load-in-any-browser/
Relevancy 77.4%

A couple of concerns that I have are unable to update windows quot The page cannot update spybot and adaware blocked redirect, blocked, windows windows be displayed because server it resides on does not respond spybot blocked, windows redirect, windows and adaware update blocked quot uninstalled Spybot and tried to reinstall without success and received spybot blocked, windows redirect, windows and adaware update blocked quot Error sending request The server name or address could not be resolved quot Adaware will not update spybot blocked, windows redirect, windows and adaware update blocked also quot connection error Check your settings errorcode - Malwarebyte s anti-malware will also not update Google search on internet explorer will redirect to another site when selected HJT log follows Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C Program Files Lavasoft Ad-Aware AAWService exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C WINDOWS System CTsvcCDA EXE C Program Files Common Files EPSON EBAPI SAgent exe C Program Files Java jre bin jqs exe C PROGRA McAfee MSC mcmscsvc exe C WINDOWS system devldr exe C WINDOWS Explorer EXE c PROGRA COMMON mcafee mna mcnasvc exe c PROGRA COMMON mcafee mcproxy mcproxy exe C PROGRA McAfee VIRUSS mcshield exe C Program Files McAfee MPF MPFSrv exe C Program Files McAfee MSK MskSrver exe C Program Files Norton Utilities NPROTECT EXE C WINDOWS System nvsvc exe C Program Files Speed Disk nopdb exe C WINDOWS System svchost exe C WINDOWS System MsPMSPSv exe C Program Files Linksys Wireless-G PCI Wireless Network Monitor WLService exe C Program Files Linksys Wireless-G PCI Wireless Network Monitor WMP Gv exe C WINDOWS system svchost exe c PROGRA mcafee com agent mcagent exe C Program Files Common Files Microsoft Shared Works Shared WkUFind exe C Program Files MUSICMATCH MUSICMATCH Jukebox mm tray exe C Program Files Roxio Easy CD Creator DirectCD DirectCD exe C Program Files MpcStar Codecs QuickTime QTSystem qttask exe C Program Files Java jre bin jusched exe C WINDOWS system ctfmon exe C Program Files Common Files Microsoft Shared Works Shared wkcalrem exe C Program Files Norton Utilities SYSDOC EXE C Program Files McAfee SiteAdvisor McSACore exe C WINDOWS system rundll exe C PROGRA McAfee VIRUSS mcsysmon exe C WINDOWS System svchost exe C Program Files Lavasoft Ad-Aware AAWTray exe C Program Files Adobe Acrobat Reader AcroRd exe C DOCUME Barry LOCALS Temp Bfr exe C WINDOWS system ntvdm exe C Program Files internet explorer iexplore exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http home eastlink ca index html region NS R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - URLSearchHook McAfee SiteAdvisor Toolbar - EBBBE -BAD - B C- E A- ABECAE - c PROGRA mcafee SITEAD mcieplg dll O - BHO amp Yahoo Toolbar Helper - D -C F - efb- B - ECA - C Program Files Yahoo Companion Installs cpn yt dll O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - no file O - BHO McAfee Phishing Filter - B A- - A -B -BE AFE AB - c PROGRA mcafee msk mskapbho dll O - BHO BitComet ClickCapture - F E - A- B A-BCAF- B BFDFEA - C Program Files BitComet tools BitCometBHO dll O - BHO no... Read more

A:spybot blocked, windows redirect, windows and adaware update blocked

https://forums.techguy.org/threads/spybot-blocked-windows-redirect-windows-and-adaware-update-blocked.918258/
Relevancy 76.97%

First of all I d like to apologize I jumped the gun and ran ComboFix once my computer started exploding several times until the thing ran properly after my usual antivirus program failed to reboot properly to remove the trojans it had detected I ve since run everything requested but did so afterwards This is also a fairly old machine but I ve had no insurmountable problems with viruses etc up to this point I have Connection and update, browser apparent redirects/new infection. tabs, windows rootkit reset on no idea what triggered it and I absolutely cannot afford to do without right now so any assistance would be sincerely welcomed Oh and this is a legitimate version of Windows XP Home Edition and I have access Connection reset on windows update, browser redirects/new tabs, and apparent rootkit infection. to the serial key but not the CD I purchased the computer with the operating system pre-installed and never had the CD and despite how spurious that sounds it has passed windows verification at every step I m not sure what additional information you require please just ask if I m missing anything Two successful ComboFix logs are also attached log txt comes before COMBOFIX txt chronologically GMER log will be edited in I have not yet managed to pull a successful run off of it and cannot run it in safe mode GMER log is now attached EDIT To explain further there now seems to be something wrong with an svchost exe process When left on in normal mode it will gradually consume all memory and not allow me to open anything or even properly shut down and eventually crash with a typical XP error report box thing GMER was not finishing the scan before this occurred Keeping the task manager open at all times and killing it periodically seems to be helping Whatever the hell this was also installed some malware antivirus thing all over the place but I killed that as well as some malevolent Firefox my primary browser addon I genuinely have no idea where all this came from DDS Ver - - - NTFSx Run by Owner at on Thu Internet Explorer BrowserJavaVersion Microsoft Windows XP Home Edition GMT - AV Norton Internet Security Disabled Outdated E A - - -B - C C F FW Norton Internet Security Disabled Running Processes C WINDOWS system svchost exe -k DcomLaunchsvchost exeC WINDOWS System svchost exe -k netsvcssvchost exesvchost exeC WINDOWS system spoolsv exesvchost exeC Program Files Java jre bin jqs exeC WINDOWS system libusbd-nt exeC WINDOWS system svchost exe -k imgsvcC Program Files Common Files Pure Networks Shared Platform nmsrvc exeC WINDOWS system wscntfy exeC WINDOWS explorer exeC WINDOWS system devldr exeC Program Files Mozilla Firefox firefox exeC Program Files Mozilla Firefox plugin-container exeC Documents and Settings Owner Local Settings Application Data Google Google Talk Plugin googletalkplugin exeC WINDOWS system NOTEPAD EXEC Documents and Settings Owner Desktop dds scr Pseudo HJT Report uStart Page hxxp www google ca mStart Page hxxp www google comuSearchAssistant hxxp www google comBHO SnagIt Toolbar Loader c d-c - c - -fce ad c - c program files techsmith snagit SnagitBHO dllBHO C C A-E - b - D - CECB - No FileBHO Windows Live Sign-in Helper d - c - abf- ecc- c - c program files common files microsoft shared windows live WindowsLiveLogin dllBHO Java Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dllBHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program files java jre lib deploy jqs ie jqs plugin dllTB Snagit ff e -abde- eb-b e-d aab cabe - c program files techsmith snagit SnagitIEAddin dllTB E BD F- B D- E-CCB -B EEDBE C - No FileuRun SUPERAntiSpyware c program files superantispyware SUPERAntiSpyware exemRun IgfxTray c windows system igfxtray exemRun HotKeysCmds c windows system hkcmd exemRun LVCOMS c program files common files logitech qcdriver LVCOMS EXEmRun BigDog c windows VM STI EXE VIMICRO USB PC Camera ZC mRun ccApp quot c program files common files symantec shared ccApp ... Read more

A:Connection reset on windows update, browser redirects/new tabs, and apparent rootkit infection.

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together ;)
Because of this, you must reply within three days failure to reply will result in the topic being closed!
Please do not PM me directly for help. If you have any questions, post them in this topic.
Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.____________________________________________________ One or more of the identified infections is a backdoor trojan and password stealer.This type of infection allows hackers to access and remotely control your computer, log keystrokes, steal critical system information, and download and execute files without your knowledge.If you do any banking or other financial transactions on the PC or if it contains any other sensitive information, then from a clean computer, change all passwords where applicable.It would also be wise to contact those same financial institutions to appraise them of your situation.I highly suggest you take a look at the two links provided below:1. How Do I Handle Possible Identify Theft, Internet Fraud, and CC Fraud?2. When should I re-format? How should I reinstall?We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.NEXT:Running TDSSKillerPlease read carefully and follow these steps. Download TDSSKiller and save it to your Desktop.Extract its contents to your desktop.Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


If an infected file is detected, the default action will be Cure, click on Continue.


If a suspicious file is detected, the default action will be Skip, click on Continue.


It may ask you to reboot the computer to complete the process. Click on Reboot Now.


If no reboot is require, c... Read more

http://www.bleepingcomputer.com/forums/t/388333/connection-reset-on-windows-update-browser-redirectsnew-tabs-and-apparent-rootkit-infection/
Relevancy 75.25%

Hello
 
I have windows 7 running on a HP Pavilion dm4 laptop.  Lately windows is very slow to start -close to 5 minutes just to get to the log in screen.  Also, the updates will not install.  I am getting various error messages and when I try to look them up I get general information.  
 
I have done a disk cleanup, defragged and removed some unneeded programs.  I am going to do the Security Tango also.  
 
What should I try next?
 
Ann

A:Windows is extremely slow to load and won't update

Welcome Ann,
If your self help attempts don't clear the problem [I suspect that they may not]. Or if you can't download, install, update and run any of the scanners please quit trying by yourself and go to the Am I Infected forum and get expert assistance.
Continuing to try different things without a plan can make things worse.
 
Dick

http://www.bleepingcomputer.com/forums/t/574304/windows-is-extremely-slow-to-load-and-wont-update/
Relevancy 74.39%

The computer is very slow I can't load windows updatesAVG quit working as well as ad aware I tried uninstalling AVG to relaod and it failed at that alsoMalware bytes runs and finds nothing The windows disk is lost We have way too many processes running and startup tasks I would like to see that get smaller The CPU runs idle but takes huge hits periodically Logfile of Trend Micro HijackThis v Scan saved at AM ad load windows slow and update aware Very or wont on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS Very slow and wont load ad aware or update windows system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Lavasoft Ad-Aware aawservice exeC WINDOWS Explorer EXEC WINDOWS system LEXBCES EXEC WINDOWS system spoolsv exeC WINDOWS system LEXPPS EXEC PROGRA AVG AVG avgwdsvc exeC WINDOWS system svchost exeC Program Files Java jre bin jqs exeC WINDOWS System svchost exeC WINDOWS system nvsvc exeC WINDOWS System svchost exeC Program Files RosettaStoneLtdServices RosettaStoneDaemon exeC WINDOWS system svchost exeC Program Files Common Files Symantec Shared CCPD-LC symlcsvc exeC PROGRA AVG AVG avgrsx exeC WINDOWS system wscntfy exeC Program Files Yahoo Messenger ymsgr tray exeC WINDOWS system wuauclt exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Default Search URL http ie redirect hp com svs rdr TYPE a amp pf desktopR - HKCU Software Microsoft Internet Explorer Main Search Page http co rd yahoo com customize ie defaul earch yahoo comR - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TYPE a amp pf desktopR - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer SearchURL Default http co rd yahoo com customize ie defaul earch yahoo comR - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhostR - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file O - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dllO - BHO Java Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO AVG Security Toolbar BHO - A BC A - F - -AA - D C - C Program Files AVG AVG Toolbar IEToolbar dllO - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dllO - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dllO - Toolbar AVG Security Toolbar - CCC A -B CA- -B A - F DD - C Program Files AVG AVG Toolbar IEToolbar dllO - HKLM Run ftutil rundll exe ftutil dll SetWriteCacheModeO - HKLM Run AVG TRAY C PROGRA AVG AVG avgtray exeO - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartupO - HKLM Run TkBellExe quot realsched exe quot -osbootO - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot backgroundO - HKCU Run Messenger Yahoo quot C Program Files Yahoo Messenger YahooMessenger exe quot -quietO - HKCU Run msnmsgr quot C Program Files MSN Messenger msnmsgr exe quot backgroundO - DEFAULT User Startup Pin lnk C hp bin CLOAKER EXE User 'Default user' O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button Internet Connection Help - E D D B- - a -B F- D D C - C WINDOWS PCHEALTH HELPCTR Vendors CN Hewlett-Packard L Cuperti... Read more

A:Very slow and wont load ad aware or update windows

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results. Post both logs (no need to zip attach.txt).Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREPlease download GMER from one of the following locations and save it to your desktop:Main Mirror
This version will download a randomly named file (Recommended)Zipped Mirror
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply.Exit GMER and re-enable all active protection when done.-- If you encounter any problems, try running GMER in Safe Mode.-------------------------------------------------------------Please be patient and I'd be grateful if you would note the followingThe cleaning process is not instant. DDS logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I ... Read more

http://www.bleepingcomputer.com/forums/t/276256/very-slow-and-wont-load-ad-aware-or-update-windows/
Relevancy 74.39%

A few weeks ago internet explorer started to act funny sometime when I opened a new browser window it would freeze in the new window but allowed me to continue using the previously opened load windows to Have several reboot explorer fails Slow/freezing browser, often. to times. windows I had to open several new windows until suddenly one of them worked Then the whole browser started freezing at random times specially when clickin on links or opening new windows or tabs I was not able to close it and reopen I had to kill the processes using task manager and even then many times it would freeze on the first window I tried several antivirus Trendmicro AVG FProt Eset Panda some would report some infected files others none After disinfecting with Panda the browser seemingly started working fine again but Slow/freezing browser, fails to load windows explorer often. Have to reboot several times. it only lasted for less than a week After that the problems became more annoying every day The last straw was that sometimes when turning on the PC it would freeze right before loading the windows explorer so I could only see the background of my screen Usually I rebooted and it will work but today I had to reboot about times before it worked again Any help will be greatly appreciated Thanks Gabriel DDS txt log DDS Ver - - - NTFSx Run by Admin at on Mon Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV Panda Global Protection On-access scanning enabled Updated BF E - F- -B A - FF FW Panda Personal Firewall enabled B DC - - BAF- -FD A C FB Running Processes C WINDOWS system Ati evxx exeC WINDOWS system svchost -k DcomLaunchsvchost exeC WINDOWS system svchost exe -k netsvcsC Program Files Panda Security Panda Global Protection TPSrv exeC WINDOWS system svchost exe -k WudfServiceGroupC WINDOWS system Ati evxx exeC PROGRAM FILES PANDA SECURITY PANDA GLOBAL PROTECTION WebProxy exesvchost exesvchost exeC Program Files Lavasoft Ad-Aware AAWService exeC WINDOWS system spoolsv exesvchost exeC Program Files Java jre bin jqs exeC Program Files Panda Security Panda Global Protection PsCtrls exeC Program Files Panda Security Panda Global Protection PavFnSvr exeC Program Files Common Files Panda Security PavShld pavprsrv exec program files panda security panda global protection firewall PSHOST EXEC Program Files Panda Security Panda Global Protection PsImSvc exec Program Files Common Files Protexis License Service PsiService exeC Program Files Panda Security Panda Global Protection PskSvc exeC Program Files Dell Support Center bin sprtsvc exeC WINDOWS system svchost exe -k imgsvcC Program Files Synergy synergys exeC Program Files Panda Security Panda Global Protection pavsrvx exeC WINDOWS system SearchIndexer exeC Program Files Panda Security Panda Global Protection AVENGINE EXEC WINDOWS Explorer EXEC WINDOWS RTHDCPL EXEC Program Files CyberLink PowerDVD DX PDVDDXSrv exeC Program Files Elaborate Bytes VirtualCloneDrive VCDDaemon exeC Program Files Panda Security Panda Global Protection APVXDWIN EXEC Program Files Common Files Java Java Update jusched exeC Program Files Common Files InstallShield UpdateService ISUSPM exeC Program Files ATI Technologies ATI ACE CLI EXEC Program Files Windows Live Messenger msnmsgr exeC WINDOWS System svchost exe -k HTTPFilterC WINDOWS system ctfmon exeC Program Files Skype Phone Skype exeC Program Files Roxio Drag-to-Disc Drgtodsc exeC Program Files Citrix GoToMeeting g mstart exeC Program Files IObit Advanced SystemCare AWC exeC Program Files TechSmith SnagIt SnagIt exeC Program Files Citrix GoToMeeting g mcomm exeC Program Files Citrix GoToMeeting g mlauncher exeC Program Files ATI Technologies ATI ACE cli exeC Program Files TechSmith SnagIt TSCHelp exeC Program Files TechSmith SnagIt SnagPriv exeC Program Files Panda Security Panda Global Protection SRVLOAD EXEC Program Files Panda Security Panda Global Protection PavBckPT exeC Program Files Windows Live Contacts wlcomm exeC Program Files Sky... Read more

A:Slow/freezing browser, fails to load windows explorer often. Have to reboot several times.

Hi and welcome to the Virus/Trojan/Spyware/Malware Removal forum,I am thcbytes and I am here to help you!I ask that you refrain from running tools other than those I suggest to you while I am cleaning up your computer. The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Please perform all steps in the order received and do not proceed if you need clarification.Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems please stop and tell me about it. When your computer is clean I will alert you of such. I will also provide you with detailed suggestions for prevention.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.After 5 days if your topic is not replied I we assume it has been abandoned and I will close it.I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please be courteous and appreciative for the assistance provided!Again I would like to remind you to make no further changes to your computer unless I direct you to do so. Your computer fix will be based on the current condition of your computer! Any changes might delay my ability to help you.==========I see you have uTorrent installed!Using any peer-to-peer (P2P) or file sharing program (i.e. Limewire, eMule, Kontiki, BitTorrent, uTorrent, BearShare, Azureus/Vuze) is a security risk which can make your system susceptible to a sm?rg?sbord of malware infections, remote attacks, and exposure of personal information.The reason for this is that file sharing relies on its members giving and gaining unfettered access to computers across the P2P network. This practice can make you vulnerable to data and identity theft, system infection and remote access exploit by attackers who can take control of your computer without your knowledge. Even if you change the risky default settings to a safer configuration, downloading files from an anonymous source increases your exposure to infection because the files you are downloading may actually contain a disguised threat. Many malicious worms and Trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities. In some instances the infection may cause so much damage to your system that recovery is not possible and a Repair Install will NOT help!. In those cases, the only option is to wipe your drive, reformat and reinstall the OS. Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The best way to eliminate these risks is to avoid using P2P applications.P2P Software User AdvisoriesRisks of File-Sharing TechnologyP2P file sharing: Anticipate the risks....Using such programs is very likely how your computer got infected!!==========Please download ComboFix from one of these locations:Link 1Link 2Save it to your Desktop <-- Important!!!Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Please refer to this link for instructions.Double click it & follow the prompts.As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Co... Read more

http://www.bleepingcomputer.com/forums/t/353214/slowfreezing-browser-fails-to-load-windows-explorer-often-have-to-reboot-several-times/
Relevancy 74.39%

My computer has been running super slow Also when I quot m browsing the Internet more than of my pictures won't open up As a matter of fact only six of the smilies show all XP Browser load Problem! Super on Windows system...not Internet slow my pictures up on the side of this message window that I'm posting I ran CWShredder and it came up clean I updated Adaware Windows XP Problem! Super slow system...not all pictures load on my Internet Browser and it found Windows XP Problem! Super slow system...not all pictures load on my Internet Browser some things which I promptly deleted So I ran hijack this Below is the log Please please please help me I love my computer and I can't get it going like it used to and I don't want to have to reformat it I have A LOT of files I need to save Please help Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system LEXBCES EXE C WINDOWS system spoolsv exe C WINDOWS system LEXPPS EXE C WINDOWS Explorer EXE C WINDOWS BCMSMMSG exe C Program Files Roxio Easy CD Creator DirectCD DirectCD exe C Program Files Common Files Dell EUSW Support exe C Program Files Lexmark X Series lxbkbmgr exe C Program Files Iomega AutoDisk ADUserMon exe C Program Files Iomega DriveIcons ImgIcon exe C Program Files Lexmark X Series lxbkbmon exe C Program Files Java j re bin jusched exe C Program Files ScreenPrint v ScreenPrint exe C Program Files Winamp winampa exe C Program Files QuickTime qttask exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C Program Files Media Access MediaAccK exe C Program Files Java j re bin jucheck exe C Program Files Dcdnxj Twxi exe C Program Files Media Access MediaAccess exe C Program Files Common Files Logitech QCDriver LVCOMS EXE C Program Files iTunes iTunesHelper exe C PROGRA AWS WEATHE Weather exe C WINDOWS system ctfmon exe C Program Files Warez P P Client warez exe C Program Files AIM aim exe C Program Files Yahoo Messenger ypager exe C WINDOWS system cisvc exe C PROGRA Iomega System AppServices exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C WINDOWS System nvsvc exe C WINDOWS System svchost exe C Program Files Iomega AutoDisk ADService exe C Program Files iPod bin iPodService exe C WINDOWS system wuauclt exe C Program Files Network Associates VirusScan avsynmgr exe C Program Files Network Associates VirusScan VsStat exe C Program Files Network Associates VirusScan Vshwin exe C Program Files Common Files Network Associates McShield mcshield exe C Program Files Network Associates VirusScan Avconsol exe C WINDOWS system cidaemon exe C Program Files Winamp winamp exe C Program Files Common Files Real Update OB realsched exe C HJT HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Local Page O - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C PROGRA Yahoo COMPAN Installs cpn ycomp dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - Toolbar amp Yahoo Companion - EF BD -C FB- D - F- D F - C PROGRA Yahoo COMPAN Installs cpn ycomp dll O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run BCMSMMSG BCMSMMSG exe O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run AdaptecDirectCD quot C Program Files Roxio Easy CD Creator DirectCD DirectCD exe quot O - HKLM Run DwlClient C Program Files Common Files Dell EUSW Support exe O - HKLM Run Lexmark X Series quot C Program Files Lexmark X Series lxbkbmgr exe quot O ... Read more

A:Windows XP Problem! Super slow system...not all pictures load on my Internet Browser

You have an outdated version of HJT. Please Download the newest version of HiJackThis . Delete the outdated one and use this newer one to Create a New Topic and include a fresh HJT log in the HiJackThisLog Help Forum

http://www.techsupportforum.com/forums/f10/windows-xp-problem-super-slow-system-not-all-pictures-load-on-my-internet-browser-62913.html
Relevancy 73.96%

I evidently have several viruses on my computer that my virus protection is not detecting McAfee blocked, Update Update Pop-ups, Redirects, Site Microsoft blocked site McAfee and Microsoft update websites are being blocked I am getting popups when opening IE and redirects Also Vimax add follows me from site to site I have scanned twice and the result is clean Pop-ups, Redirects, Microsoft Update site blocked, McAfee Update Site blocked small tracking cookies were removed Pop-ups, Redirects, Microsoft Update site blocked, McAfee Update Site blocked There are threads out there on these issues however they seem so situation specific i was scared to apply them to my system I see lots of other people loading and using multiple virus detecting programs etc If I should try this first as well please advise I am attaching my Hijack log for a review Thanks Hijack Log Reads Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C WINDOWS ehome ehtray exe C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C Program Files Java j re bin jusched exe C Program Files CyberLink PowerDVD DVDLauncher exe C Program Files Real RealPlayer RealPlay exe C WINDOWS system dla tfswctrl exe C Program Files Common Files InstallShield UpdateService issch exe C PROGRA MUSICM MUSICM mm tray exe C Program Files Google Google Desktop Search GoogleDesktop exe C Program Files Java j re bin jucheck exe C Program Files Corel Corel Photo Album MediaDetect exe C Program Files McAfee com Agent mcagent exe C Program Files DellSupport DSAgnt exe C WINDOWS system ctfmon exe C PROGRA MUSICM MUSICM MMDiag exe C Program Files America Online aoltray exe C Program Files Digital Line Detect DLG exe C Program Files Google Google Desktop Search GoogleDesktopIndex exe C Program Files MUSICMATCH Musicmatch Jukebox mim exe C Program Files Google Google Desktop Search GoogleDesktopDisplay exe C PROGRA COMMON AOL ACS AOLacsd exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C PROGRA McAfee MSC mcmscsvc exe c PROGRA COMMON mcafee mna mcnasvc exe c PROGRA COMMON mcafee mcproxy mcproxy exe C PROGRA McAfee VIRUSS mcshield exe C Program Files McAfee MPF MPFSrv exe C Program Files McAfee MSK MskSrver exe C WINDOWS system svchost exe C WINDOWS eHome ehmsas exe C WINDOWS system dllhost exe C PROGRA McAfee VIRUSS mcsysmon exe C Program Files Internet Explorer iexplore exe C PROGRA McAfee VIRUSS mcods exe c PROGRA mcafee VIRUSS mcvsshld exe C Program Files Trend Micro HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO McAfee Phishing Filter - B A- - A -B -BE AFE AB - c PROGRA mcafee msk mskapbho dll O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - BHO scriptproxy - DB D A - - E -B D- F C - C Program Files McAfee VirusScan scriptsn dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO GoogleAFE - CA C - B - E-A -A C DB F - c Program Files GoogleAFE GoogleAE dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run ehTray C WINDOWS ehome ehtray exe O - HKLM Run igfxtray C WINDOWS system igfxtray exe O - HKLM Run igfxhkcmd C WINDOWS s... Read more

A:Pop-ups, Redirects, Microsoft Update site blocked, McAfee Update Site blocked

https://forums.techguy.org/threads/pop-ups-redirects-microsoft-update-site-blocked-mcafee-update-site-blocked.784090/
Relevancy 73.1%

Hi Guys,

I have had a nasty virus on my PC for a few days.

The symptoms include
- no browsers will navigate to windows update
- Firefox is redirecting to ad sites (such as stopzilla).
- Generic Host Process intermittently crashing

I have tried malware bytes and it did clean up some infections. My AVG antivirus also picked up some infections, however it appears I am getting reinfected.

So far I have detected and cleaned SHeur3.BVQH and Generic22.IJY.dropper.

I really need some expert advice now, and would be grateful if anyone could help. Thanks for reading.

A:browser redirects and win upd blocked

Hello and welcome to TSF.

Please follow the instructions in our sticky topic New Instructions - Read This Before Posting for Malware Removal Help and post the requested logs in your next reply.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please note that the forum is very busy and if I don?t hear from you in three days this thread will be closed.

http://www.techsupportforum.com/forums/f100/browser-redirects-and-win-upd-blocked-568060.html
Relevancy 71.38%

Here is a link to my forum topic which resulted redirects. Virus blocked, software browser in sending me here http www bleepingcomputer com forums topic html page st gopid entry Here are the results from DDS DDS Ver - - - NTFS x NETWORK Internet Explorer Run by Colleen at on - - Microsoft Windows Vista Home Premium GMT - SP Windows Defender Disabled Updated D DDC A- F- fae- E -DA Virus software blocked, browser redirects. C ACF SP Lavasoft Ad-Watch Live Disabled Updated CDFD D- CAC- -C FC- ACB B Running Processes C Windows system wininit exe C Windows system lsm exe globalroot Device svchost exe svchost exe C Windows helppane exe C Windows explorer exe C Windows system notepad exe C Program Files Internet Explorer iexplore exe C Windows system wbem wmiprvse exe C Windows system svchost exe -k DcomLaunch C Windows system svchost exe -k rpcss C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows system svchost exe -k netsvcs C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k NetworkService C Windows system svchost exe -k LocalService C Windows system svchost exe -k LocalServiceNoNetwork C Windows system svchost exe -k NetworkServiceNetworkRestricted Pseudo HJT Report uStart Page hxxp www google com webhp rls ig uWindow Title Internet Explorer provided by Dell uDefault Page URL hxxp www google com ig dell hl en amp client dell-usuk amp channel us amp ibd mDefault Page URL hxxp www google com i BHO Adobe PDF Link Helper DF C-E AD- -A -FA C EBDC - c program files common files adobe acrobat activex AcroIEHelperShim dll BHO ADB E- AFF- - AA - DAC DFA - lt orphaned gt BHO SSVHelper Class BB-D F - C-B EB-D DAF D D - c program files java jre bin ssv dll BHO avast WebRep E E -AD D- bf-AC D-D F D - c program files avast software avast aswWebRepIE dll BHO CBrowserHelperObject Object CA C - B - E-A -A C DB F - c program files dell bae BAE dll TB avast WebRep E E -AD D- bf-AC D-D F D - c program files avast software avast aswWebRepIE dll uRun DellSupportCenter quot c program files dell support center bin sprtcmd exe quot P DellSupportCenter uRun ehTray exe c windows ehome ehTray exe uRun Aim lt no file gt mRun Windows Defender quot c program files windows defender MSASCui exe quot -hide mRun ECenter quot c dell e-center EULALauncher exe quot mRun WPCUMI c windows system WpcUmi exe mRun IgfxTray quot c windows system igfxtray exe quot mRun HotKeysCmds quot c windows system hkcmd exe quot mRun Persistence quot c windows system igfxpers exe quot mRun DellSupportCenter quot c program files dell support center bin sprtcmd exe quot P DellSupportCenter mRun CanonSolutionMenu quot c program files canon solutionmenu CNSLMAIN exe quot logon mRun CanonMyPrinter quot c program files canon myprinter BJMyPrt exe quot logon mRun SSBkgdUpdate quot c program files common files scansoft shared ssbkgdupdate SSBkgdupdate exe quot -Embedding -boot mRun OpwareSE quot c program files scansoft omnipagese OpwareSE exe quot mRun dscactivate quot c program files dell support center gs agent custom dsca exe quot mRun USB Check quot c windows system rundll exe quot quot c windows system PCLECoInst dll quot CheckUSBController mRun RtHDVCpl quot c windows RtHDVCpl exe quot mRun Windows Mobile-based device management c windows windowsmobile wmdSync exe mRun CarboniteSetupLite quot c program files carbonite CarbonitePreinstaller exe quot preinstalled showonfirst reshowat mRun MaxMenuMgr quot c program files seagate seagatemanager freeagent status StxMenuMgr exe quot mRun QuickTime Task quot c program files quicktime QTTask exe quot -atboottime mRun AppleSyncNotifier c program files common files apple mobile device support AppleSyncNotifier exe mRun iTunesHelper quot c program files itunes iTunesHelper exe quot mRun Adobe Reader Speed Launcher quot c program files adobe reader reader Reader sl exe quot mRun Adobe ARM quot c program files common files adobe arm AdobeARM exe quot mRun avast quot c program files avast ... Read more

A:Virus software blocked, browser redirects.

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OKDeFogger may ask you to reboot the machine, if it does - click OKDo not re-enable these drivers until otherwise instructed.Download DDS:Please download DDS by sUBs from one of the links below and save it to your desktop:
Download DDS and save it to your desktop

Link1
Link2
Link3

Please disable any anti-malware program that will block scripts from running before running DDS.

Double-Click on dds.scr and a command window will appear. This is normal.Shortly after two logs will appear:
DDS.txt Attach.txtA window will open instructing you save & post the logsSave the logs to a convenient place such as your desktopCopy the contents of both logs & post in your next replyScan With RKUnHookerPlease Download Rootkit Unhooker Save it to your desktop.Now double-click on RKUnhookerLE.exe to run it.Click the Report tab, then click Scan.Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.Wait till the scanner has finished and then click File, Save Report.Save the report somewhere where you can find it. Click Close.Copy the entire contents of the report and paste it in a reply here.Note** you may get this warning it is ok, just ignore"Rootkit Unhooker has detected a parasite inside itself!It is recommended to remove parasite, okay?""just click on Cancel, then Accept".information and logs:In your next post I need the following

.logs from DDSlog from RKUnHookerlet me know of any problems you may have hadGringo

http://www.bleepingcomputer.com/forums/t/409967/virus-software-blocked-browser-redirects/
Relevancy 71.38%

I am running Windows Vista. After a windows update and also a potentially fake Adobe update, my computer seems to be infected. There was a windows security warning that I had no anti-virus software. I tried launching my Trend Micro anti-virus and nothing happens. When I try to go to their website, I am redirected to random sites.

any help would be greatly apreciated.
I tried doing a system restore to 3 earlier dates and each one fails.

A:Anti Virus Blocked, Browser redirects.

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList last 10 Event Viewer logList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here.Be sure to restart the computer.The log can also be found here:C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txtOr at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt=============================================================================Please download GMER from one of the following locations and save it to your desktop:Main Mirror
This version will download a randomly named file (Recommended)Zipped Mirror
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply.Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.IMPORTANT! If for some reason GMER refuses to run, try again.If it still fails, try to UN-check "Devices" in right pane.If still no joy, try to run it from Safe Mode.

http://www.bleepingcomputer.com/forums/t/409910/anti-virus-blocked-browser-redirects/
Relevancy 71.38%

Hi running Visat bit IE Can not access kaspersky com or others windows will not update code error EFD Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows Vista SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Windows system Dwm exe C Windows Explorer EXE C Windows system taskeng exe C Program Files Realtek Audio HDA RtHDVCpl exe C Program Files Malwarebytes Anti-Malware mbamgui exe C Windows SoundMan exe F HijackThis exe C Program Files Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C Windows system SearchProtocolHost exe C Windows system SearchFilterHost exe R - HKCU Software Microsoft Internet Explorer Main Search Page websites update and windows blocked Ie blocked http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http au yahoo com fr mkg R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Ie websites blocked and windows update blocked Explorer Toolbar LinksFolderName R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll R - URLSearchHook no name - b f e-fe a- cf-a e- - no file R - URLSearchHook Ie websites blocked and windows update blocked no name - bf fa-e b - db -af e- d a bfc - no file O - Hosts localhost O - BHO amp Yahoo Toolbar Helper - D -C F - efb- B - ECA - C Program Files Yahoo Companion Installs cpn yt dll O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO IEVkbdBHO - AB -E D - F -A A - FA CCA C - C Program Files Kaspersky Lab Kaspersky Internet Security ievkbd dll O - BHO no name - C C A-E - b - D - CECB - no file O - BHO Search Helper - EBF - F- bff-A F-B E AAC B - C Program Files Microsoft Search Enhancement Pack Search Helper SEPsearchhelperie dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Easy Photo Print - DD - F- -A CA- DF AC EA - C Program Files Epson Software Easy Photo Print EPTBL dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll file missing O - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dll O - BHO Windows Live Toolbar Helper - E A DC - - A - EA-DC EC ACF - C Program Files Windows Live Toolbar wltcore dll O - BHO link filter bho - E CF -D - A- F - F A F - C Program Files Kaspersky Lab Kaspersky Internet Security klwtbbho dll O - BHO SingleInstance Class - FDAD DA - A - FD - C - F AC - C Program Files Yahoo Companion Installs cpn YTSingleInstance dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll file missing O - Toolbar amp Windows Live Toolbar - FA EF- D- D - B F- A D - C Program Files Windows Live Toolbar wltcore dll O - Toolbar Easy Photo Print - DD - F- -A CA- DF AC EA - C Program Files Epson Software Easy Photo Print EPTBL dll O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - HKLM Run RtHDVCpl C Program Files Realtek Audio HDA RtHDVCpl exe -s O - HKLM Run AVP quot C Program Files Kaspersky Lab Kaspersky Internet Security avp exe quot O - HKLM Run Malwarebytes Anti-Malware quot C Program Files Malwarebytes Anti-Malware mbamgui exe quot starttray O - HKLM Run RTHDCPL RTHDCPL EXE O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM R... Read more

A:Ie websites blocked and windows update blocked

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===[*]Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:R3 - URLSearchHook: (no name) - {b80f591e-fe9a-46cf-a13e-180377240586} - (no file)R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)O23 - Service: OSOAP - Unknown owner - C:\Users\Lou\AppData\Local\Temp\OSOAP.exe (file missing)Restart the computer normally.Windows Update error 80072efdhttp://windows.microsoft.com/en-US/windows-vista/Windows-Update-error-80072efdPlease check this Microsoft article and see if you can get the update.===Mean time lets check further.Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofixLink 1Link 2* IMPORTANT !!! Save ComboFix.exe to your DesktopIMPORTANT....1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Do not install any other programs until this if fixed.How to : Disable Anti-virus and Firewall...http://www.bleepingcomputer.com/forums/topic114351.htmlDouble click on ComboFix.exe & follow the prompts. When finished, it will produce a report for you. Please post the C:\ComboFix.txt Note:Do not mouse click ComboFix's window while it's running. That may cause it to stallNote: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

http://www.bleepingcomputer.com/forums/t/423799/ie-websites-blocked-and-windows-update-blocked/
Relevancy 70.95%

I'm running windows xp home edition. When i try to search for anything on the search engine and click a link, it takes me to an entirely different website. I have 2G memory, but my computer is running so slow. I ran a malwarebyte flash scan and found and deleted 2 infections. I also found 5 infections under full scan and deleted them. But i'm still having the same problems. I also cannot load windows updates at all. It takes me to a page cannot be displayed. I've tried going to search for it and when i try to click on anything with update in it it takes me back to the page cannot be updated page. Can anyone help me?

http://www.bleepingcomputer.com/forums/t/339713/computer-runs-slow-windows-wont-update-browser-hijack/
Relevancy 70.95%

i recently starting getting redirected on every site i go to. i was trying to solve it on my own and when i went to check my firewall, i get a message saying something like " due to an unidentified problem, we are unable to access this information".
 
also when i start up windows, it takes forever to load now.

A:browser redirects and firewall blocked viewing access

Hello bouncepass Welcome to The Forums!!Around here they call me Gringo and I'll be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.I need to get some reports to get a base to start from so I need you to run these programs first.-DeFogger-Please download DeFogger to your desktop.Double click DeFogger to run the tool.The application window will appearClick the Disable button to disable your CD Emulation driversClick Yes to continueA 'Finished!' message will appearClick OKDeFogger may ask you to reboot the machine, if it does - click OKDo not re-enable these drivers until otherwise instructed.-Security Check-Download Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.-Download DDS-Please download DDS from one of the links below and save it to your desktop:Download DDS and save it to your desktopLink1Link2Link3Double-Click on dds.scr and a command window will appear. This is normal.Shortly after two logs will appear:DDS.txtAttach.txtA window will open instructing you save & post the logsSave the logs to a convenient place such as your desktopCopy the contents of both logs & post in your next replyinformation and logsIn your next post I need the followingboth reports from DDSreport from security checklet me know of any problems you may have hadGringo

http://www.bleepingcomputer.com/forums/t/488618/browser-redirects-and-firewall-blocked-viewing-access/
Relevancy 70.09%

Most of the Google search results are redirecting me to different random sites when I click on the link both with Firefox and IE I cannot update Microsoft security updates and pop-ups are opening up with these malicious sites I have avast and it has not found anything Malwarebytes found item and deleted it but the problem continues updates redirects/Windows blocked Search result Kaspersky s TDSS killer found nothing I have scanned with dds and gmer and have included results Please advise on what to do next DDS Ver - - - NTFSx Run by Amaris at on Sat Internet Explorer BrowserJavaVersion Microsoft Windows XP Home Edition GMT Search result redirects/Windows updates blocked - AV avast antivirus VPS - On-access scanning disabled Updated DB - F - A -B - A FD D Running Processes C WINDOWS system svchost -k DcomLaunchsvchost exeC Program Files Windows Defender MsMpEng exeC WINDOWS System svchost exe -k netsvcsC WINDOWS system svchost exe -k WudfServiceGroupsvchost exesvchost exeC WINDOWS Explorer EXEC Program Files Alwil Software Search result redirects/Windows updates blocked Avast aswUpdSv exeC Program Files Alwil Software Avast ashServ exeC WINDOWS system pctspk exeC Program Files Windows Defender MSASCui exeC Program Files Logitech iTouch iTouch exeC WINDOWS system PV TRAY EXEC PROGRA ALWILS Avast ashDisp exeC Program Files Common Files Java Java Update jusched exeC Program Files AnVir Task Manager AnVir exeC Program Files Logitech MouseWare system em exec exeC WINDOWS system spoolsv exesvchost exeC Program Files Java jre bin jqs exeC WINDOWS system svchost exe -k imgsvcC Program Files Webroot Spy Sweeper SpySweeper exeC WINDOWS system SearchIndexer exeC Program Files Windows Live Mail wlmail exeC WINDOWS system SearchProtocolHost exeC WINDOWS system wscntfy exeC Documents and Settings Amaris Desktop dds scr Pseudo HJT Report uInternet Settings ProxyServer http uInternet Settings ProxyOverride lt local gt BHO Adobe PDF Reader Link Helper e f-c d - d -b d- b d be b - c program files adobe acrobat activex AcroIEHelper dllBHO IEbho Class c -e - df-a - fcd b bf - c program files ie pro IE pro dllBHO E D - A- EC-A -BA D E E - No FileBHO Windows Live Sign-in Helper d - c - abf- ecc- c - c program files common files microsoft shared windows live WindowsLiveLogin dllBHO FDMIECookiesBHO Class cc e f - e - fa- faa- bf - c program files free download manager iefdm dllBHO Java Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dllBHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program files java jre lib deploy jqs ie jqs plugin dllTB BF - F - - - FE E AA - No FileuRun AnVir Task Manager quot c program files anvir task manager AnVir exe quot MinimizedmRun PCTVOICE pctspk exemRun Windows Defender quot c program files windows defender MSASCui exe quot -hidemRun zBrowser Launcher quot c program files logitech itouch iTouch exe quot mRun Logitech Utility Logi MwX ExemRun NetscapeClient mRun KernelFaultCheck systemroot system dumprep -kmRun PV TRAY PV TRAY EXEmRun avast c progra alwils avast ashDisp exemRun SunJavaUpdateSched quot c program files common files java java update jusched exe quot mRun HitmanPro quot c program files hitman pro HitmanPro exe quot scan bootdRun DWQueuedReporting quot c progra common micros dw dwtrig exe quot -tStartupFolder c docume amaris startm programs startup wlmail lnk - c program files windows live mail wlmail exeStartupFolder c docume alluse startm programs startup adober lnk - c program files adobe acrobat reader reader sl exeStartupFolder c docume alluse startm programs startup window lnk - c program files windows desktop search WindowsSearch exeuPolicies-explorer NoActiveDesktop IE Download all with Free Download Manager - file c program files free download manager dlall htmIE Download selected with Free Download Manager - file c program files free download manager dlselected htmIE Download video with Free Download Manager - file c program files free download manag... Read more

A:Search result redirects/Windows updates blocked

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until instructed to do so! Let me know if any of the links do not work or if any of the tools do not work. Tell me about problems or symptoms that occur during the fix. Do not run any other programs or open any other windows while doing a fix. Ask any questions that you have regarding the fix(es), the infection(s), the performance of your computer, etc.Thanks.

http://www.bleepingcomputer.com/forums/t/339813/search-result-redirectswindows-updates-blocked/
Relevancy 70.09%

I recently installed the windows updates for my computer and as the title explains, it made my computer super slow for some reason. Once I log on, that is when it becomes unbearably slow. Also, the browser connects, but both IE and Firefox keep getting the error "connection timed out"...and that is for any website. I can get to my homepage (google), but once I try to go to any other page, it always times out.

I have windows XP SP2...
Specs:
Dell Optiplex GX60
256MB RAM
160GB HDD
Intel Celeron 1.70GHz
Intel integrated peripherals and a ATI gfx card (radeon all-in-wonder 7500)

A:[SOLVED] Windows Update renders comp SUPER SLOW and no browser connect

Also...my network connection is now getting the bubble; "limited or no connectivity"...and when I disable/enable it then it works for a brief minute and repeats the limited or no connectivity thing. I can see that I am connected, I see my network, the signal strength is 4 out of the 5 bars, but the "activity" says 1,528 packets sent and 4 received...?

http://www.techsupportforum.com/forums/f10/solved-windows-update-renders-comp-super-slow-and-no-browser-connect-183753.html
Relevancy 68.8%

Tech Support Guy System Info Utility version OS Version Microsoft Windows memory Windows gets zero In blocked mode Windows is Update virtual normal 7: reset and to Home Premium Service Pack bit Processor Intel R Celeron R CPU GHz Intel Family Model Stepping Processor Count RAM Mb Graphics Card Mobile Intel R Series Express Chipset Family Windows 7: In normal mode virtual memory gets reset to zero and Windows Update is blocked Mb Hard Drives C Total - MB Free - MB Motherboard Dell Inc G F Antivirus Microsoft Security Essentials Updated and Enabled I have a Dell Inspiron - laptop that I bought in Italy in December which is running Windows in Italian The computer is old short of memory and Windows 7: In normal mode virtual memory gets reset to zero and Windows Update is blocked is running hotter and hotter so I have been meaning to replace it with a newer laptop But I am a professional Japanese-English translator so on the new computer I will need Windows in English and or Japanese as well as MS Office in English and Japanese And for the last few months I have been in Montenegro where the language is Serbian and it might be hard to find even Windows in English and Albania don t even think about it At the end of Windows 7: In normal mode virtual memory gets reset to zero and Windows Update is blocked next week I should be flying to Tokyo and there I should be able to buy a new laptop to meet my requirements though I intend to keep my present laptop around for some time In the meantime today the laptop suddenly started acting up I have had Windows Update turned off since mid-May because after weeks of reading around and various attempts I could find no other way to keep Windows Update from sucking up all available system memory and slowing my CPU almost to a stop every minutes I had read that Microsoft intended to fix the problem by the end of Q so I have been meaning to turn Windows Update back on again on some day when I would not need to use my computer at all for - hours so that Windows Update could download and install all the updates it wanted while having complete freedom to lock up my system every minutes along the way This morning I turned on my laptop and when it had booted up I received for the first time ever an error message in the system tray regarding memory When I clicked on it there popped up a window which I later tracked down to the legitimate Windows process SystemPropertiesAdvanced exe and looking around inside it I found that my virtual memory had suddenly been set to zero Yesterday I had logged in for the first time in several days to QQ an enormous Chinese virtual world used by half a billion people essentially the Chinese equivalent of Facebook YouTube iTunes blogs games and everything else all in one place I had received a prompt that my QQ software was outdated and I had clicked on the option to update When prompted I had deselected all of the ancillary things that QQ wanted to install as well and went ahead with the installation Later in the day I started receiving messages from Windows asking if I wanted to permit QQ Protect to make changes to my system and I clicked on No So although I had turned down the option to install QQ Protect during the update to QQ apparently QQ installed it anyway on the sly This morning I ignored the popup window from SystemPropertiesAdvanced exe and went ahead with my work but after I had opened Google Chrome and one other program I received for the first time ever a popup message from Windows I thought it was from QQ Protect but I later discovered it was from a legitimate Windows process SystemPropertiesPerformance exe telling me that I had insufficient memory and that I should close some programs I ignored it and opened another window of Google Chrome but when I clicked on it in the task bar Google Chrome closed and disappeared the first time that had ever happened to me In the meantime I received another prompt from Windows asking if I wanted to permit QQ Protect to make... Read more

A:Windows 7: In normal mode virtual memory gets reset to zero and Windows Update is blocked

There are three other things, but I do not know if they are significant.

1. On my first bootup yesterday (the first bootup after the installation of the QQ upgrade) the computer stopped during bootup and I got a black-and-white screen telling me that the power source was not recognized, and to press F1 to continue, F2 to ..., etc. I pressed F1 to continue, and when I arrived in normal mode I saw that the computer was recognizing the battery just fine. Since then, however, I get this same problem every time I reboot the computer, unless I first remove the battery, hold the power button down for 5 seconds, and then reinsert the battery. I have had this problem a few times in the past, perhaps one or two times per year, and that is how I have always resolved the problem, apparently a problem of residual charge. But until yesterday I had never had the problem repeatedly. So it might be that instead of malware I simply have a bunch of corruptions to Windows that occurred during the upgrade of QQ. (But due to the aggressive way QQ hides itself and protects itself, I still suspect the presence of malware.)

2. When I booted up this morning into safe mode I received a popup message -- one that I received 1-2 times yesterday after I had tried inserting values for virtual memory -- telling me that duplicate paging files had been created, which might cause a problem. I checked how much virtual memory was allocated, and it was back to "no virtual memory". I specified once again a minimum of 2000 MB and a maximum of 3012 MB and clicked "Apply", but in safe mode I didn't receive any message telling me that I needed to reboot for the changes to take effect. I checked, and the values were correctly 2000 MB and 3012 MB as I had input them. Also, I noticed in normal mode that if I click the box to let the system decide how much virtual memory to dedicate I do not receive a prompt telling me I have to reboot (but in any case the choice does not stay in effect in normal mode, instead it immediately reverts to "no virtual memory").

3. Rebooting one time this morning I tried going into the "Administrator" account, an account that I never use, just to see if all of the same problems were occurring there. (I don't use it because my normal account has full administrator privileges anyway.) While there, I received a popup message from my firewall, "Windows7Firewall" (not a Microsoft program), that some connection attempts had been blocked. (Maybe the same sort of attempts had been taking place in my normal account, but there I have the program set to not give me popup notices of such events.) I attach here a screenshot of the blocked events, showing the IP addresses that the computer was attempting to reach. The program involved was "Interfaccia utente di consenso per applicazioni amministrative" (i.e., "User interface consented for administrative applications"), so I suspect this may have been a legitimate request by Windows.

Once again, I would be very grateful for any help anyone might be able to provide.
 

https://forums.techguy.org/threads/windows-7-in-normal-mode-virtual-memory-gets-reset-to-zero-and-windows-update-is-blocked.1154156/
Relevancy 68.8%

Hi. I'm using Opera on WIN 7 32x. Darn thing won't open any web pages or almost never. Something going on here I didn't know about?

A:Opera browser won't load pages / says blocked

Welcome to Seven Forums nickravo. We'll need more info I'm afraid. You have been using Opera fine until recently, and now this problem? Or is this a new install of Opera, and it never worked? When you open a web page that won't load. Post a screen shot of the error will help a lot.

Screenshots and Files - Upload and Post in Seven Forums

Give us as much info as possible, and we'll try and help you. A Guy

http://www.sevenforums.com/browsers-mail/253740-opera-browser-wont-load-pages-says-blocked.html
Relevancy 68.8%

Hi My computer runs Windows XP Pro A few weeks ago I got the Windows Recovery fake antivirus which hid my files told me the hard blocked ads, files, etc redirects, hidden Fake audio browser updates, antivirus, drive was corrupt etc I immediately realized it was a threat shut off the wireless ran antivirus and anti-malware scans The Windows Recovery disappeared but my browser was then taken over redirecting web searches random audio ads when Internet Explorer hadn t even been opened etc Interestingly this all started within an hour of installing Fake antivirus, audio ads, browser redirects, hidden files, blocked updates, etc a Java update Over the next couple of weeks I ran several of more scans in safe mode and normal mode and updated on a regular basis Symantec Spybot Adaware and Windows will not update automatically and Windows cannot even be updated manually Several trojans and viruses have been detected and deleted A couple more fake antivirus programs have popped up but each have been quarantined deleted I ve been able to manually remove some of the source files and fix some of the registry files At one point it seemed like I had gotten rid of everything but when I tried to do a system restore unsuccessfully I realized it was not all gone as the audio ads and browser redirects have come back Thanks for your help Programs I have run include Symantec Antivirus Corporate edition Adaware Spybot Malwarebites SuperAntiSpyware Norton Power Eraser HijackThis Deleted since this began Trojan Agent Gen-Nullo Gen-IEFake IExplorer and Gen-PEC Trojan FakeAlert Trojan Mijapt Trojan Horse Trojan Gen Hijack StartMenuInternet Heuristics Reserved Word Exploit Malware Trace Fraud WindowsRecovery Fraud InternetSecurity UltraDefragger Bloodhound MalPE DDS log DDS Ver - - - NTFSx Run by Kathleen at on Sun Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV Lavasoft Ad-Watch Live Anti-Virus Enabled Updated A C F E - FDE- -AFAE- EFC EDE AV Symantec AntiVirus Corporate Edition Enabled Updated FB E- B - A- F -E D C Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C Program Files Windows Defender MsMpEng exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C WINDOWS System WLTRYSVC EXE C WINDOWS System bcmwltry exe C WINDOWS system spoolsv exe c program files idt dellxpm b v wdm stacsv exe C Program Files Broadcom Corporation Broadcom USH Host Components CV bin HostControlService exe C Program Files Broadcom Corporation Broadcom USH Host Components CV bin HostStorageService exe svchost exe C Program Files Dell Dell ControlPoint Connection Manager SMManager exe C Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C Program Files WIDCOMM Bluetooth Software bin btwdins exe C Program Files Dell Dell ControlPoint DCPButtonSvc exe C Program Files Cisco Systems VPN Client cvpnd exe C Program Files Dell Dell ControlPoint System Manager DCPSysMgrSvc exe C Program Files Symantec AntiVirus DefWatch exe C Program Files Common Files Microsoft Shared VS DEBUG mdm exe C WINDOWS System svchost exe -k HPZ C WINDOWS system nvsvc exe C WINDOWS System svchost exe -k HPZ C WINDOWS system svchost exe -k imgsvc C Program Files Symantec AntiVirus Rtvscan exe C WINDOWS Explorer EXE C Program Files Wave Systems Corp Trusted Drive Manager TdmService exe C Program Files TomTom HOME TomTomHOMEService exe C Program Files IDT WDM sttray exe C WINDOWS system AESTFltr exe C WINDOWS OA Mon exe C Program Files DellTPad Apoint exe C WINDOWS system rundll exe C WINDOWS system RUNDLL EXE C WINDOWS system WLTRAY exe C Program Files DellTPad ApMsgFwd exe C Program Files Dell Dell ControlPoint Dell ControlPoint exe C Program Files Dell Dell ControlPoint Connection Manager Dell ... Read more

A:Fake antivirus, audio ads, browser redirects, hidden files, blocked updates, etc

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OKDeFogger may ask you to reboot the machine, if it does - click OKDo not re-enable these drivers until otherwise instructed.Download DDS:Please download DDS by sUBs from one of the links below and save it to your desktop:
Download DDS and save it to your desktop

Link1
Link2
Link3

Please disable any anti-malware program that will block scripts from running before running DDS.

Double-Click on dds.scr and a command window will appear. This is normal.Shortly after two logs will appear:
DDS.txt Attach.txtA window will open instructing you save & post the logsSave the logs to a convenient place such as your desktopCopy the contents of both logs & post in your next replyScan With RKUnHookerPlease Download Rootkit Unhooker Save it to your desktop.Now double-click on RKUnhookerLE.exe to run it.Click the Report tab, then click Scan.Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.Wait till the scanner has finished and then click File, Save Report.Save the report somewhere where you can find it. Click Close.Copy the entire contents of the report and paste it in a reply here.Note** you may get this warning it is ok, just ignore"Rootkit Unhooker has detected a parasite inside itself!It is recommended to remove parasite, okay?""just click on Cancel, then Accept".information and logs:In your next post I need the following

.logs from DDSlog from RKUnHookerlet me know of any problems you may have hadGringo

http://www.bleepingcomputer.com/forums/t/396270/fake-antivirus-audio-ads-browser-redirects-hidden-files-blocked-updates-etc/
Relevancy 68.8%

Have clearly got some kind of malware/virus. When accessing the web, searches on google will open in a new tab and redirect to other sites, normally to do with anti-spyware. All access to tech support sites is blocked - I'm having to write this from another computer - and AVG cannot connect to the update server (gives the message 'control file is missing')...

I read the 'New Instructions' post and tried to run Gmer.exe but all that happens is a little hang with an hourglass next to the cursor. That's it.

I realise this isn't much information. Not entirely sure what to do or how. Any help greatly appreciated,

Thanks...

A:Browser Hijacked - Google redirects, tech support sites blocked - Gmer won't run...

1. Download this file

2. Double click to run it

3. When finished, it shall produce a log for you. Post that log

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

http://www.techsupportforum.com/forums/f100/browser-hijacked-google-redirects-tech-support-sites-blocked-gmer-wont-run-319070.html
Relevancy 68.37%

Hi Gang Last Friday my PC was hit with AV Security Suite I removed it per online directions but my browser IE was redirected and AV Security Suite reappeared I have deleted the rouge software three times and I still notice occasional redirects and random browser windows popping up so I suspect there is still malicious code within the bowels of my machine but I am unable to locate it I have used Malwarebyte s Anti-Malware A-Squared Free AVG Anti-Viris Suite browser Browser windows/AV redirects/random Security AVG Anti-Rootkit Free CCLeaner and Disk Cleanup For your viewing pleasure my Hijack logo Thanks for the help Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files AVG AVG avgchsvx exeC Program Files AVG AVG avgrsx exeC Program Files AVG AVG avgcsrvx exeC WINDOWS system spoolsv exeC WINDOWS Explorer EXEC WINDOWS ehome ehtray exeC Program Files Digital Media Reader readericon G exeC Program Files Microsoft IntelliPoint ipoint exeC WINDOWS system RUNDLL EXEC Program Files iTunes iTunes iTunesHelper exeC PROGRA AVG AVG avgtray exeC Program Files Seagate SeagateManager FreeAgent Status StxMenuMgr exeC WINDOWS system ctfmon exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC Program Files uTorrent uTorrent exeC Program Files Microtek ScanWizard ScannerFinder exeC Program Files Browser redirects/random browser windows/AV Security Suite Microsoft Office Office FINDFAST EXEC Program Files Microsoft Office Office OSA EXEC Program Files Symantec LiveUpdate AluSchedulerSvc exeC Program Files AVG AVG avgwdsvc exeC Program Files Bonjour mDNSResponder exeC Program Files AVG AVG avgnsx exeC WINDOWS eHome ehRecvr exeC WINDOWS eHome ehSched exeC Program Files Seagate SeagateManager Sync FreeAgentService exeC Program Files Java jre bin jqs exeC WINDOWS system nvsvc exeC Program Files Common Files New Boundary PrismXL PRISMXL SYSC Program Files Photodex ProShowProducer ScsiAccess exeC WINDOWS system STacSV exeC WINDOWS system svchost exeC WINDOWS system Wacom Tablet exeC Program Files AVG AVG avgemc exeC WINDOWS system WTablet Wacom TabletUser exeC WINDOWS system Wacom Tablet exeC Program Files AVG AVG avgcsrvx exeC Program Files iPod bin iPodService exeC WINDOWS system dllhost exeC WINDOWS eHome ehmsas exeC Program Files Internet Explorer iexplore exeC Program Files Internet Explorer iexplore exeC Program Files Internet Explorer iexplore exeC Documents and Settings Owner Desktop HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http forum fpkclub com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer http O - BHO no name - AutorunsDisabled - no file O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dllO - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dllO - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dllO - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dllO - HKLM Run ehTray C WINDOWS ehome ehtray exeO - HKLM Run readericon C... Read more

A:Browser redirects/random browser windows/AV Security Suite

Hi,Download DDS and save it to your desktop from here or here or here.Disable any script blocker, and then double click dds.scr to run the tool. When done, DDS will open two (2) logs: DDS.txt Attach.txtSave both reports to your desktop. Post them back to your topic.

http://www.bleepingcomputer.com/forums/t/329255/browser-redirectsrandom-browser-windowsav-security-suite/
Relevancy 68.37%

Hi all Thanks in advance for helping with my problem -- I really appreciate it Last weekend I got a very bad infection that basically rendered my system unusable i plus multiple help to browser sites, redirects Please windows random - Browser e Please help - Browser redirects to random sites, plus multiple browser windows when I tried to launch resident programs such as Word some message said that the exe was infected and asked if I would like to activate my antivirus software The problem at that time was evidently a rogue antivirus program I ran several spyware cleaner programs those that I saw recommended on this forum and this seems to have been fixed -- so now it looks like I just have this redirect problem First my details - Windows XP Service Pack - IE - Firefox - Chrome Here s what happens When I use any of the above-mentioned browsers to search using Google or Yahoo and I click on one of the links in the search results I get taken to some random garbage website instead of the one mentioned in the search results Also multiple browser windows open repeatedly -- multiple windows with IE and multiple tabs with Chrome This seems to get worse over time until the next reboot Here s what I ve tried within the past two days - SuperAntiSpyware - Spybot Search amp Destroy - Malwarebytes Anti-malware - Spyware Doctor - Browser Hijack Recover - Windows Live Onecare Safety Scanner - My primary antivirus program had been McAfee but now I m running Microsoft Security Essentials instead I ve run scans with all of the above some of them in safe mode but the problem still exists Please help Thank you very much Harris

A:Please help - Browser redirects to random sites, plus multiple browser windows

Hello please post your SuperAntiSpyware logTo retrieve the removal information after reboot, launch SUPERAntispyware again.Click Preferences, then click the Statistics/Logs tab.Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.Please copy and paste the Scan Log results in your next reply.Click Close to exit the program.Rerun MBAM (MalwareBytes) like this:Open MBAM in normal mode and click Update tab, select Check for Updates,when doneclick Scanner tab,select Quick scan and scan (normal mode).After scan click Remove Selected, Post new scan log and Reboot into normal mode.We Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

http://www.bleepingcomputer.com/forums/t/276630/please-help-browser-redirects-to-random-sites-plus-multiple-browser-windows/
Relevancy 67.08%

Hi I've got a problem with my Windows pro Like many others I received the Windows reservation icon a while ago I reserved Win pro and it started downloading one day Now Windows is fully downloaded and it offers me to update the OS But I don't want to update immediately - I'd like to wait some time before upgrading blocked by Windows Update' 10 update (win7) 'Windows to make sure that all my hard- and sofware works fine and that the biggest issues are fixed before I upgrade Unfortunately my 'windows update' seems to be blocked by the windows update I can't search for other updates as the system tells me that I have to restart the computer and apply that win update first prior searching for further updates for win I canceled the windows reservation with no success - the reservation is canceled according to the win tool but the windows update is still downloaded and in the windows update queue How can I get rid of the Windows update from the windows update' and update to Win only in a few months TNX Plasma

A:'Windows Update' (win7) blocked by Windows 10 update

See here: Scared and Very Confused - Windows 10

http://www.sevenforums.com/installation-setup/378908-windows-update-win7-blocked-windows-10-update.html
Relevancy 67.08%

I downloaded a keylogger Can't spybot redirects load S&D, browser and ran the trial version on my computer for three days There were no issues during that time After uninstalling it two days ago I tried to run Spybot and encountered an error when I tried to download the updates I decided to delete it and reinstall it When I attempted installation the program was not able to access the server at safer-networking org As I used Firefox to search for assistance I noticed that my browser kept redirecting I am not able to access the safer-networking org website I was able to run the RunAnalyzer and it removed one entry a CWS file I think Can some one help me to delete the proper entries I d love to not have to format Can't load spybot S&D, browser redirects the hard drive Here is my Hijack This log Can't load spybot S&D, browser redirects Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Program Files Adobe Photoshop Elements PhotoshopElementsFileAgent exe C Program Files Logitech iTouch iTouch exe C Program Files Filseclab xfilter xfilter exe C Program Files Filseclab Twister twister exe C WINDOWS system RUNDLL EXE C WINDOWS SOUNDMAN EXE C Program Files Logitech MouseWare system em exec exe C Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Program Files Common Files Java Java Update jusched exe C Program Files iTunes iTunesHelper exe C Program Files TiVo Desktop TiVoServer exe C Program Files TiVo Desktop TiVoTransfer exe C Program Files TiVo Desktop TiVoNotify exe C Program Files Common Files Filseclab FilMsg exe C Program Files MozyHome mozystat exe C Program Files Bonjour mDNSResponder exe C Documents and Settings Suzy Local Settings Application Data Google Update GoogleCrashHandler exe C Program Files Java jre bin jqs exe C Program Files MozyHome mozybackup exe C WINDOWS system nvsvc exe C WINDOWS system svchost exe C Program Files iPod bin iPodService exe C WINDOWS system dllhost exe C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dll O - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dll O - HKLM Run zBrowser Launcher C Program Files Logitech iTouch iTouch exe O - HKLM Run Logitech Utility Logi MwX Exe O - HKLM Run XFILTER quot C Program Files Filseclab xfilter xfilter exe quot -a O - HKLM Run twister quot C Program Files Filseclab Twister twister exe quot -a O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run SunJavaUpdateSched quot C Program Files Common Files Java Java Update jusched exe quot O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKCU Run Google Update quot C Documents and Settings Suzy Local Settings Appli... Read more

A:Can't load spybot S&D, browser redirects

Download ComboFix here :

Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Here is a guide on how to disable them

Click me
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.
 

https://forums.techguy.org/threads/cant-load-spybot-s-d-browser-redirects.922122/
Relevancy 66.22%

Reposting--now with logs So here s the deal Yesterday I began receiving loads of popups from a version of Windows Security telling me that I was infected with viruses It then directed me to a fake antivirus program I ran AntiMalwareBytes which seemed to get rid of the fake popups However I am now suffering from nonstop browser redirects while using both IE and Firefox Additionally I am unable to receive Windows Updates I have scanned my computer with AntiMalwareBytes AdAware SuperAntiSpyware and Avast I have also run Microsoft s Malicious Software Scan and none of them Windows Updates Hijacker/Blocked Browser have fixed the issue I ve followed the instructions in your Preparation Guide and am attaching the dds txt and attach txt I cannot attach ark txt because every time I run GMER Windows crashes about halfway through the scan Browser Hijacker/Blocked Windows Updates This crap has taken over my computer and I m at a loss as to what to do about it Please help PS I am using a Gateway notebook computer with Windows Vista Home Basic

A:Browser Hijacker/Blocked Windows Updates

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Do not Attach logs unless I ask you to.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.Note** If you are having problems posting the complete log into this thread upload them here http://www.rapidshare.com/ and post the links in this thread Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Gmer is the best but can be hard to get a log lets try this and see what we get.Scan With RKUnHookerPlease Download Rootkit Unhooker Save it to your desktop.Now double-click on RKUnhookerLE.exe to run it.Click the Report tab, then click Scan.Check (Tick) Drivers, Stealth. Uncheck the rest. then Click OK.Wait till the scanner has finished and then click File, Save Report.Save the report somewhere where you can find it. Click Close.Copy the entire contents of the report and paste it in a reply here.Note** you may get this warning it is ok, just ignore"Rootkit Unhooker has detected a parasite inside itself!It is recommended to remove parasite, okay?"Gringo

http://www.bleepingcomputer.com/forums/t/325247/browser-hijackerblocked-windows-updates/
Relevancy 66.22%

A friend brought over his HP desktop computer for me to look at because he said it has been locking up and running slowly After a night looking at it I can see that Browser Updates - Help Hijacked/Windows Blocked Please Internet Explorer is being hijacked homepage is being changed and Google links are redirecting I also noticed that many of the Microsoft websites are blocked and there is no way to update his Windows I also noticed Browser Hijacked/Windows Updates Blocked - Please Help a message that keeps popping up Browser Hijacked/Windows Updates Blocked - Please Help saying that the D drive is full That is labled HP RECOVERY so I am guessing that is his backup and I am unsure if that message is from the virus spyware or Browser Hijacked/Windows Updates Blocked - Please Help if it is just full I ran DDS and GMER DDS ran through fine but GMER froze halfway through so I had to run it with only the two boxes checked in order to produce the log Hopefully you guys will be able to diagnose the problem based on what you see below Thanks in advance DDS Ver - - - NTFSx Run by HP Owner at on Wed Internet Explorer Microsoft Windows XP Home Edition GMT - AV Norton AntiVirus Disabled Updated E A - - -B - C C F AV avast Antivirus Disabled Updated DB - F - A -B - A FD D Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe c Program Files Common Files Symantec Shared ccProxy exe C WINDOWS Explorer EXE c Program Files Common Files Symantec Shared ccSetMgr exe c Program Files Norton AntiVirus navapsvc exe c Program Files Common Files Symantec Shared SNDSrvc exe c Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe c Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C Program Files Java jre bin jqs exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS system svchost exe -k imgsvc c Program Files Common Files Symantec Shared Security Center SymWSC exe C WINDOWS system VTTimer exe C Program Files Common Files Sonic Update Manager sgtray exe C Program Files Common Files Java Java Update jusched exe C WINDOWS system ps exe C Program Files iTunes iTunesHelper exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files iPod bin iPodService exe C windows system hpsysdrv exe C WINDOWS system hphmon exe C Program Files Common Files Symantec Shared ccApp exe C WINDOWS ALCXMNTR EXE C WINDOWS AGRSMMSG exe C WINDOWS system ctfmon exe C Program Files HP Digital Imaging bin hpqtra exe C Program Files McAfee Security Scan SSScheduler exe C Program Files Updates from HP Program Updates from HP exe C Program Files Messenger msmsgs exe C Documents and Settings HP Owner Desktop dds scr Pseudo HJT Report uStart Page hxxp flyingincognitosleep com cgi-bin h pl uSearch Page hxxp www google com uDefault Search URL hxxp ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd pavilion amp pf desktop uWindow Title Windows Internet Explorer provided by MSN amp Bing mSearch Bar hxxp ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd pavilion amp pf desktop uSearchAssistant hxxp www google com ie uSearchURL Default hxxp www google com search q s uURLSearchHooks Road Runner Toolbar e b -e c - -b e - f f b - c program files road runner tbRoad dll BHO Conduit Engine f b -b - - b- fba bd d - c program files conduitengine ConduitEngine dll BHO Search Toolbar d -d - -bab -ab a - c program files search toolbar SearchToolbar dll BHO CNisExtBho Class ecb - f - bbc- d- ddf e - c program files common files symantec shared adblocking NISShExt dll BHO CNavExtBho Class bdf e -b - ad-a -fadc b - c program files norton antivirus NavShExt dll BHO Java tm Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dll BHO Road Runner Toolbar e b -e c - -b e - f f b - c program files road runn... Read more

A:Browser Hijacked/Windows Updates Blocked - Please Help

Hello and welcome. Please follow these guidelines while we work on your PC:Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I’ve given you the “All clear.” Absence of symptoms does not mean your machine is clean!
Please do not run any scans or install/uninstall any applications without being directed to do so.
Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.
Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this linkDouble click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Please include the following in your next post:ComboFix log

http://www.techsupportforum.com/forums/f100/browser-hijacked-windows-updates-blocked-please-help-539748.html
Relevancy 65.36%

Hello all My cousin's computer appears to be infected with malware of some kind and as designated family computer guy it's fallen Update Windows Blocked to me to fix I've gone as far as I can on my own and now I'm at a dead end My primary symptom is that Windows Update is being redirected to Google I've removed three or four items identified from her Hijack This log but Windows Update is still being blocked Thank you for your help and kind consideration DDS log follows DDS Windows Update Blocked Ver - Windows Update Blocked - - NTFSx NETWORK Run by Sarah at on Wed Internet Explorer Microsoft Windows Vista Home Premium GMT - AV McAfee VirusScan On-access scanning enabled Updated B EE - - CDE-A A-DD BA FAD SP McAfee VirusScan enabled Updated C B C - - -BB - D CC E FW McAfee Personal Firewall enabled B - C F- -BDA - CA DA E Running Processes C Windows system wininit exeC Windows system lsm exeC Windows system svchost exe -k DcomLaunchC Windows system svchost exe -k rpcssC Windows System svchost exe -k LocalServiceNetworkRestrictedC Windows system svchost exe -k netsvcsC Windows System svchost exe -k LocalSystemNetworkRestrictedC Windows system svchost exe -k NetworkServiceC Windows system svchost exe -k LocalServiceC Windows system svchost exe -k LocalServiceNoNetworkC PROGRA McAfee VIRUSS mcods exeC Windows system svchost exe -k NetworkServiceNetworkRestrictedC Windows Explorer EXEC Windows system DllHost exeC Users Sarah Desktop dds scrC Windows system wbem wmiprvse exe Pseudo HJT Report uStart Page hxxp www google com ig dell hl en amp client dell-usuk-rel amp channel us amp ibd uWindow Title Internet Explorer provided by DelluInternet Settings ProxyOverride localBHO Adobe PDF Reader Link Helper e f-c d - d -b d- b d be b - c program files adobe acrobat activex AcroIEHelper dllBHO SSVHelper Class bb-d f - c-b eb-d daf d d - c program files java jre bin ssv dllBHO scriptproxy db d a - - e -b d- f c - c program files mcafee virusscan scriptcl dllBHO CBrowserHelperObject Object ca c - b - e-a -a c db f - c program files bae BAE dllTB B EA -A - -B BB- DE CCA - No FileEB DF Bar fcef - e- de- c - c a - SystemRoot system shdocvw dlluRun DellSupport quot c program files dellsupport DSAgnt exe quot startupuRun Aim uRun ehTray exe c windows ehome ehTray exeuRun DellSupportCenter quot c program files dell support center bin sprtcmd exe quot P DellSupportCenteruRun WMPNSCFG c program files windows media player WMPNSCFG exemRun Windows Defender quot c program files windows defender MSASCui exe quot -hidemRun SynTPEnh quot c program files synaptics syntp SynTPEnh exe quot mRun ISUSScheduler quot c program files common files installshield updateservice issch exe quot -startmRun lt NO NAME gt mRun ECenter c dell e-center EULALauncher exemRun Google Desktop Search quot c program files google google desktop search GoogleDesktop exe quot startupmRun PCMService quot c program files dell mediadirect PCMService exe quot mRun dscactivate quot c program files dell support center gs agent custom dsca exe quot mRun TkBellExe quot c program files common files real update ob realsched exe quot -osbootmRun DellSupportCenter quot c program files dell support center bin sprtcmd exe quot P DellSupportCentermRun AppleSyncNotifier c program files common files apple mobile device support bin AppleSyncNotifier exemRun SigmatelSysTrayApp sttray exemRun QuickTime Task quot c program files quicktime QTTask exe quot -atboottimemRun iTunesHelper quot c program files itunes iTunesHelper exe quot mRun NvCplDaemon RUNDLL EXE c windows system NvCpl dll NvStartupmRun NvMediaCenter RUNDLL EXE c windows system NvMcTray dll NvTaskbarInitmRun NVHotkey rundll exe c windows system nvHotkey dll StartmRun MskAgentexe c program files mcafee msk MskAgent exeStartupFolder c users sarah appdata roaming micros windows startm programs startup adobeg lnk - c program files common files adobe calibration Adobe Gamma Loader exeStartupFolder c progra micros windows startm programs startup a... Read more

A:Windows Update Blocked

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE

http://www.bleepingcomputer.com/forums/t/233087/windows-update-blocked/
Relevancy 65.36%

I have had what I thought Windows redirects Update update Windows Google/Can't to was a simple virus for Windows Update redirects to Google/Can't update Windows a few days It didn't seem that threatening so I didn't do much at first as it was finals time Now that finals are over I got fed up today by my Norton Corporate saying over and over again that I had the same infection that it cleaned seconds earlier I am running Windows Media Center Edition SP can't update I reformatted my machine only to find that I could not update windows Windows Update redirects me to Google with a grey English underneath it Thinking that I had done something wrong I reformatted again immediately after the first time Sadly it happened again I have spent the last hours scouring google reading lots of forum posts here and other forums detailing the problem I have tried every solution that everyone gave but nothing has worked This thing has also infected my wife's laptop After I get my machine taken care of I am going to deal with hers Thanks in advance I read the post guidelines and made the two log files the DDS txt and Attach txt DDS txt follows DDS Ver - - - NTFSx Run by HP Administrator at on Tue Internet Explorer Microsoft Windows XP Professional GMT - Running Processes C WINDOWS system svchost -k DcomLaunchC WINDOWS system svchost -k rpcssC WINDOWS System svchost exe -k netsvcsC WINDOWS system svchost exe -k NetworkServiceC WINDOWS system svchost exe -k LocalServiceC WINDOWS system spoolsv exeC WINDOWS Explorer EXEC WINDOWS ehome ehtray exeC WINDOWS RTHDCPL EXEC Program Files Intel Intel Matrix Storage Manager Iaanotif exeC WINDOWS system ctfmon exeC WINDOWS eHome ehRecvr exeC WINDOWS eHome ehSched exeC Program Files Intel Intel Matrix Storage Manager Iaantmon exeC Program Files Java jre bin jqs exeC Program Files Common Files Microsoft Shared VS DEBUG MDM EXEC WINDOWS system svchost exe -k LocalServiceC Program Files Intel IntelDH Intel reg Quick Resume Technology ELService exeC WINDOWS ehome mcrdsvc exeC WINDOWS system dllhost exeC WINDOWS system wscntfy exeC WINDOWS System alg exeC WINDOWS eHome ehmsas exeC WINDOWS System svchost exe -k HTTPFilterC HP KBD KBD EXEc windows system hpsysdrv exeC Program Files Java jre bin jusched exeC Program Files Internet Explorer IEXPLORE EXEC Documents and Settings HP Administrator Desktop dds scrC WINDOWS system wbem wmiprvse exe Pseudo HJT Report uStart Page about blankBHO AcroIEHlprObj Class e f-c d - d -b d- b d be b - c program files adobe acrobat activex AcroIEHelper dllBHO Java Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dllBHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program files java jre lib deploy jqs ie jqs plugin dllTB C B - - D - B - A CD F - No FileTB C E A- F - E-B E- B - No FileuRun ctfmon exe c windows system ctfmon exeuRun SUPERAntiSpyware c program files superantispyware SUPERAntiSpyware exemRun ehTray c windows ehome ehtray exemRun RTHDCPL RTHDCPL EXEmRun IAAnotif c program files intel intel matrix storage manager Iaanotif exemRun NvCplDaemon RUNDLL EXE c windows system NvCpl dll NvStartupmRun nwiz nwiz exe installquiet keeploaded nodetectmRun Recguard c windows sminst RECGUARD EXEmRun PCDrProfiler quot c program files pc-doctor for windows RunProfiler exe quot -rmRun HPBootOp quot c program files hewlett-packard hp boot optimizer HPBootOp exe quot runmRun Reminder quot c windows creator Remind XP exe quot mRun TrojanScanner c program files trojan remover Trjscan exe bootmRun SpyHunter Security Suite c program files enigma software group spyhunter SpyHunter exeIE E amp xport to Microsoft Excel - c progra micros office EXCEL EXE IE E D D B- - a -B F- D D C - c windows pchealth helpctr vendors cn hewlett-packard l cupertino s ca c us iebutton support htmIE FB F -F - d -BB E- C F - c program files messenger msmsgs exeDPF ED - B- DA -BF -BE C EC - hxxp cdn scan onecare live com resource download scanner wlscbase cabDPF AD C -... Read more

A:Windows Update redirects to Google/Can't update Windows

Hello jsetzler,Sorry about the delay. If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.Please do this:1. Download HijackThis? here:http://www.trendsecure.com/portal/en-US/th.../hijackthis.php2. Click 'Do a System Scan and Save log'.The HJT log will open in notepad.Thanks,tea

http://www.bleepingcomputer.com/forums/t/224850/windows-update-redirects-to-googlecant-update-windows/
Relevancy 64.93%

Alright, so relatively recently my computer has been attacked by pesky malware.
I have managed to flush it out to my knowledge, but i may be wrong....
Despite no more annoying adds i have notice other damage it may have dealt.
So here is the gist of it....my windows update service is completely broke from basically all directions.
It was blocked, disabled tampered with you get the idea.
I get many errors and i am trying to figure out how to fix it.
As of right now when i check for updates i get these two errors.
0x8024002E WU_E_WU_DISABLED Access to an unmanaged server is not allowed.
and
0x80070002
Any ideas?

https://social.technet.microsoft.com/Forums/en-US/f52512b6-2eaf-464b-bcfd-3c7e8177b554/windows-update-service-blocked-help?forum=w7itprogeneral
Relevancy 64.93%

When launching windows update from control panel I get the following error when I click the Check fo Updates button "Code 80072EFE Windows update encountered an unknown error." When attempting to go directly to the windows update site in IE, I get the message "Internet Exlporer cannot display the webpage" Can anyone help me resolve this issue?

Something is keying on the keywords for the update stie and blocking access to sites.... I had to remove the url and the .com site in the post because acces to this site was blocked unitl I removed them. Any ideas?

A:windows update site blocked

Sound like you either are infected and have a proxy server set up by malware...or you have a proxy server set up by now-removed malware.

Open Internet Explorer...click the Tools/Internet Options.

Click the Connections tab/LAN settings button.

Louis

http://www.bleepingcomputer.com/forums/t/352312/windows-update-site-blocked/
Relevancy 64.93%

My -year-old daughter has a Dell XPS M running Windows XP SP Her McAfee files are up-to-date but she managed to contract a virus that malware windows update blocked by disabled her IE windows update blocked by malware Firefox and Safari browsers but not her AOL browser She ran Malwarebytes and Spybot windows update blocked by malware which detected and removed several trojans but did not restore her browsers There were also a lot of flickering windows on boot up that were not there before contracting the virus but which open and shut so fast that I m not sure what they were SUPERAntiSpyware detected and removed several more trojans and seemed to have removed all the flickering windows on boot up and restored basic browser service for IE and Safari but not Firefox Firefox now redirects to a sex site and automatically opens Windows Media Player I closed both immediately but I suspect the media file was a more graphic embodiment of the redirect s website Somewhere along the line my daughter also ran ComboFix At this point each of the above malware detection programs McAfee Malwarebytes Spybot and SUPERAntiSpyware report that her system is fixed but she has lost access to the Windows Update service and who knows what else via IE and Safari and is still redirected on opening Firefox to a sex site The AOL Browser has access to everything but hangs shortly after pushing either the Express or Custom update buttons on the Microsoft Windows Update page I installed FixCleaner to see how far it would get in downloading and installing Microsoft updates FixCleaner created a system restore point reported that I needed Windows Update Agent to proceed further then downloaded the Windows Update Agent at my prompt but could not install it I think A window popped up after a minute or so I suspect it was bogus saying quot Install Complete Install is not needed since Windows Update Agent is already installed quot The installation window then hung Using the AOL browser I was able to see the history of successfully installed Windows updates on my daughter s PC There were about a dozen such updates on December but none thereafter The DDS TXT log follows I have included ARK TXT and Attach TXT as attachments and can provide the anti-malware logs if you feel they would be helpful All of the anti-malware programs I mentioned were up-to-date as of yesterday afternoon I hope you can help us Thank you in advance DDS Ver - - - NTFSx Run by Kealani at on Mon Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV McAfee Anti-Virus and Anti-Spyware Enabled Updated B EE - - CDE-A A-DD BA FAD FW McAfee Firewall Enabled Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs C WINDOWS system svchost exe -k WudfServiceGroup C Program Files Intel Wireless Bin EvtEng exe C Program Files Intel Wireless Bin S EvMon exe svchost exe svchost exe C WINDOWS system spoolsv exe svchost exe C PROGRA COMMON AOL ACS AOLacsd exe C WINDOWS system svchost exe -k hpdevmgmt C Program Files McAfee SiteAdvisor McSACore exe C WINDOWS Explorer EXE C Program Files Common Files McAfee McSvcHost McSvHost exe C Program Files Common Files McAfee SystemCore mfevtps exe C WINDOWS System svchost exe -k HPZ C Program Files Intel Wireless bin ZCfgSvc exe C Program Files Intel Wireless Bin ifrmewrk exe C WINDOWS system nvsvc exe C WINDOWS system Rundll exe C WINDOWS System DLA DLACTRLW EXE C Program Files McAfee com Agent mcagent exe C WINDOWS Samsung PanelMgr SSMMgr exe C WINDOWS Twain Samsung CLX Scan pc exe C Program Files FixCleaner FixCleaner exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files SUPERAntiSpyware SUPERAntiSpyware exe C WINDOWS system ctfmon exe C WINDOWS System svchost exe -k HPZ C Program Files McAfee Security Scan SSScheduler exe C Program Files Intel Wireless Bin RegSrvc exe C WINDOWS system stacsv exe C WINDOWS system svchost exe -k imgsvc C Program Files Common... Read more

A:windows update blocked by malware

Upon reading another post, I ran TDSKiller. It detected and removed a root activity virus. This restored access and functionality to the Windows Update page in IE and eliminated the redirect of Firefox to a sex site upon launch. From outward appearances, the computer seems to be fine. Nevertheless, I would very be grateful if you would review my daughter's PC logs at your convenience. I will rest easier knowing that a trained eye has reviewed this. Thank you in advance.

http://www.bleepingcomputer.com/forums/t/371266/windows-update-blocked-by-malware/
Relevancy 64.93%

hey i ve been infected i m sites windows being update i'm from blocked help all sure recently i ve been blocked from windows updates website as well as all of the malware removal sites i ve tried I ve also been experiencing random crashes needing a hard reset to solve Regarding the windows update problem i would normally just use automatic updates through IE however opening IE causes the system to freeze Any help would be really appreciated Dayton Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C help i'm being blocked from all windows update sites WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System WLTRYSVC EXE C WINDOWS System bcmwltry exe C WINDOWS system Ati evxx exe C WINDOWS system spoolsv help i'm being blocked from all windows update sites exe C Program Files Bonjour mDNSResponder exe C Program Files Java jre bin jqs exe C WINDOWS system libusbd-nt exe C Program Files Dell Support Center bin sprtsvc exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system WLTRAY exe C help i'm being blocked from all windows update sites Program Files SigmaTel C-Major Audio WDM stsystra exe C Program Files ATI Technologies ATI ACE CLI EXE C Program Files Dell Support Center bin sprtcmd exe C Program Files Java jre bin jusched exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Dell QuickSet quickset exe C WINDOWS system ctfmon exe C Program Files BitComet BitComet exe C Program Files Windows Live Messenger msnmsgr exe C Program Files DellAutomatedPCTuneUp PTAgnt exe C Program Files Sierra Planner PLNRnote exe C Program Files ATI Technologies ATI ACE cli exe C Program Files Windows Live Contacts wlcomm exe C Program Files Safari Safari exe C Documents and Settings Kaitlin Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www google ca R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO BitComet ClickCapture - F E - A- B A-BCAF- B BFDFEA - C Program Files BitComet tools BitCometBHO dll O - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dll file missing O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO AVG Security Toolbar - A A -BACC- D - - A E E - C PROGRA AVG AVG AVGTOO DLL file missing O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dll O - Toolbar AVG Security Toolbar - A A -BACC- D - - A E E - C PROGRA AVG AVG AVGTOO DLL file missing O - HKLM Run Broadcom Wireless Manager UI C WINDOWS system WLTRAY exe O - HKLM Run ATICCC quot C Program Files ATI Technologies ATI ACE CLIStart exe quot O - HKLM Run SigmatelSysTrayApp ProgramFiles SigmaTel C-Major Audio WDM stsystra exe O - HKLM Run dellsupportcenter quot C Program Files Dell Support Center bin sprtcmd exe quot P dellsupportcenter O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run Dell QuickSet C Program Files Dell QuickSet quickset exe O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run BitComet quot C Program Files BitComet BitComet exe quot tray O - HKCU Run msnmsgr quot C Prog... Read more

A:help i'm being blocked from all windows update sites

bump
 

https://forums.techguy.org/threads/help-im-being-blocked-from-all-windows-update-sites.832392/
Relevancy 64.93%

Hi to all Update ? Windows infection "blocked": I have PCs both running Windows XP pro SP all updates till july Symantec Endpoint protection Few days Windows Update "blocked": infection ? ago I noticed that my PC was very slow in task manager I found a svchost running of CPU I found Windows Update "blocked": infection ? that this was due to windows automatic updates I turned it off and all was OK I tried to run Windows Update from Microsoft site but the green bar looking for updates went over and over finally I closed IE I tried with the other PC and the behavior was exactly the same I tried many fixes from Microsoft but no result This is the only sign that I have in my PCs I surf the web with Firefox or Chrome OK no pop-ups no visible re-directions Symantec Endpoint Protection doesn't find anything and it runs updates fine I have MalwareBytes Antimalware free it downloaded updates and run OK and it finds nothing I ran Microsoft Safety Scanner nothing found Microsoft Defender Offline boot from CD nothing found Avira Rescue boot from CD nothing Windows Update "blocked": infection ? found TDSS Killer nothing found Symantec and F-Secure tools for Conficker someone told me I could have that virus nothing found Now I remember that some weeks ago I had an alert of GoogleUpdate exe trying to connect to Internet since I have a portable Chrome I was souspicious and denied then I went in the folder of the googleupdate exe and deleted it without any problem I know the strange rules of updating Chrome so I thought this could be compatible with my portable Chrome and forgot all But now I read some topics about ZeroAccess rootkit and its use of GoogleUpdate exe in McAfee Threat Advisory I am very worried so I am asking help to understand if I could be infected or not In my house there are also PCs running Windows starter and home premium and they both are OK make windows updates normally Thanks for any advice forgive my English Enrico

A:Windows Update "blocked": infection ?

You can easily check whether are you infected with ZeroAccess, on this way:
 
Go to Program Files --> Google --> Desktop --> Install --> {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}
 
Inside this folder is one with no name, then another with no name, and finally folder named ". . ." . If you get Location is not available message when you try to open that folder, then you are 99% infected with ZeroAcccess.

http://www.bleepingcomputer.com/forums/t/506902/windows-update-blocked-infection/
Relevancy 64.93%

hello all i'm having a bit of a failure on my computer and i hoped you might be able to help for some reason i've recently been having trouble with windows update when trying to access the site i get an error from windows update quot Error number x EE quot and i'm unable to do anything on the site we recently had an occurance of quot vundo quot in the office that we were able From Accessing Blocked Windows Update to eliminate using quot combofix quot so i wasn't sure if i had the same problem s or if this was something different all together when the error comes up Blocked From Accessing Windows Update it also directs me to a microsoft help page below but it doesn't seem to resolve the problem there is only line in the HOSTS file quot localhost quot and no mention of a windows update static IP even if i comment out or delete that line the only line in the file it doesn't help http www update microsoft com microsoftu n amp IsMu Truei've dowloaded DSS and HJT and am posting the main txt amp extra txt logs below if you have any questions or need more specific information please let me know thank you in advance Deckard's System Scanner v Run by John Siemer on - - Computer is in Normal Mode ---------------------------------------------------------------------------------- HijackThis run as John Siemer exe -----------------------------------------Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Common Files Symantec Shared ccSetMgr exeC Program Files Common Files Symantec Shared ccEvtMgr exeC Program Files Common Files Symantec Shared SPBBC SPBBCSvc exeC WINDOWS system spoolsv exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC Program Files Broadcom ASFIPMon AsfIpMon exeC Program Files Bonjour mDNSResponder exeC Program Files Wave Systems Corp Common DataServer exeC Program Files Symantec AntiVirus DefWatch exeC Program Files Intel Intel Matrix Storage Manager iaantmon exeC Program Files Common Files Microsoft Shared VS DEBUG MDM EXEC WINDOWS system nvsvc exeC WINDOWS System svchost exeC Program Files Symantec AntiVirus SavRoam exeC WINDOWS system svchost exeC Program Files Symantec AntiVirus Rtvscan exeC Program Files NTRU Cryptosystems NTRU Hybrid TSS v bin tcsd win exeC Program Files Java jre bin jusched exeC Program Files Wave Systems Corp Services Manager DocMgr bin docmgr exeC Program Files Intel Intel Matrix Storage Manager iaanotif exeC Program Files Common Files InstallShield UpdateService issch exeC Program Files HP HP Software Update HPWuSchd exeC Program Files HP ToolBoxFX bin HPTLBXFX exeC Program Files Common Files Symantec Shared ccApp exeC PROGRA SYMANT VPTray exeC Program Files Adobe Acrobat Acrobat Acrotray exeC Program Files iTunes iTunesHelper exeC Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exeC Program Files Windows Live Messenger MsnMsgr ExeC PROGRA Sony SONICS SsAAD exeC WINDOWS system rundll exeC Program Files Wave Systems Corp Services Manager Secure Update AutoUpdate exeC Program Files Logitech SetPoint SetPoint exeC Program Files iPod bin iPodService exeC Program Files Common Files Macrovision Shared FLEXnet Publisher FNPLicensingService exeC Program Files Common Files Logishrd KHAL KHALMNPR EXEC WINDOWS explorer exeC Program Files Windows Live Messenger usnsvc exeC Program Files Microsoft Office OFFICE OUTLOOK EXEC Program Files Microsoft Office OFFICE WINWORD EXEC Program Files Winamp winamp exeC WINDOWS notepad exeC Documents and Settings John Siemer Desktop vundo killer dss exeC PROGRA TRENDM HIJACK John Siemer exeR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explor... Read more

A:Blocked From Accessing Windows Update

Hi,Next is the cause why you're having this issue. You have a malicious DNS present:O17 - HKLM\System\CCS\Services\Tcpip\..\{E5C99749-5642-44F8-9479-7B7012C3EA7B}: NameServer = 85.255.116.87,85.255.112.174* Please download FixwareOut from the following site:http://download.bleepingcomputer.com/lonny/Fixwareout.exeSave it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.The fix will begin; follow the prompts. If your firewall gives an alert, (because this tool will download an additional file from the internet), please don't let your firewall block it, but allow it instead.Then you will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.Once the desktop loads please post the text that will open (report.txt) and a new Hijackthis log.

http://www.bleepingcomputer.com/forums/t/156894/blocked-from-accessing-windows-update/
Relevancy 64.93%

I have been using a graphic ping plotter -Nullsoft Netmon- for many years. It has run on Windows from Vista to 8.1 without any problems. After 15+ years on a satellite provider, it has saved me many hours in tracking down slow internet access.  I upgraded to windows 10 yesterday.  Netmon worked for about an hour after the upgrade and then stopped while I am still getting good internet access..
 
I am using Viper AV and Vipre firewall.  The firewall rules for ping and other ICMP packets block only Public Inbound and I have never had to change this.  I have to assume that some change in Win 10 is giving me the problem.  Where would I look to solve this problem?
 
This is an area I haven't had to deal with before and I am nervous about playing with security settings.

A:Ping blocked after update to Windows 10

Hi suti Is this the program you are talking about?http://www.1014.org/code/nullsoft/netmon/From what I can see, it hasn't been updated since 2000... which is 15 years ago. We cannot assume that the program will work on Windows 10 now. If you want, you can try to run it in Compatibility Mode of an older version of Windows. However if it doesn't work, maybe it's just not compatible with Windows 10. The program is 15 years old after all.

http://www.bleepingcomputer.com/forums/t/584870/ping-blocked-after-update-to-windows-10/
Relevancy 64.5%

Hi I ve been trying to solve this problem for a week now and have scouring various forums I first noticed a problem on my Desktop running Vista Home Premium The automatic updates were unable to connect to microsoft s servers so I tried going there and updating manually When I type update microsoft AV Google, to Update redirects update impossible Windows com into any web browser I am sent instead to Google English The URL remains what I typed in the address bar but the page is clearly Google English and functions as the same Running through various forums it became clear that it must be malware of some sort and I ve been given many recommendations as to which scanners online and install that I should use Windows Update redirects to Google, AV update impossible Some scanners I can download but will not update they all say that they cannot connect to their server Others when I try to visit Windows Update redirects to Google, AV update impossible their site such as malwarebytes org I get a page cannot be found error I have successfully download malwarebytes through CNet but again when it tries to update its definitions it is unable to connect to their server It is clearly not a connection problem as I can surf the internet perfectly fine it is just these sites that could potentially fix my problem are all blocked I have found this same problem now on of my computers which is all but the laptop running Ubuntu Its happening on my HP Pavilion Media Center m n running Windows Vista Home Premium -bit x GB hard drives GB ram as well as my Dell XPS M running Windows XP Pro SP x GB hd GB ram and my Toshiba Satellite R -S running Windows XP Pro SP After trying so much I finally decided Windows Update redirects to Google, AV update impossible to just do a clean wipe of my computers Using the XP install disc I did a boot install on the XPS deleting the main partition and doing a full NTSC format of the drive before letting the installation of Windows continue On the desktop I burned a Live Disc of Ubuntu and used linux s partition manager to delete and format into NTSC the primary hard drive before doing a boot install of Vista During that installation I used the Windows install to again format the main drive before it installed Since these formats and reinstalls I have only installed drivers for the XPS installed Avast Antivirus Ad-Aware and the driver for my Netgear wireless adapter Even after the formats the virus malware whatever is still plaguing my systems I can still not update any AV software nor update Windows I am at a loss as to what I can do next I suppose I might have to copy the extensive content of my secondary hard drive to an external and format everything but I m afraid that at best that would only solve the problem until I plug the external back in to scan that drive and retrieve the data I am even more perplexed by the XPS as the only thing held on its secondary storage drive was the drivers for that computer downloaded directly from Dell Any help you can offer would be greatly appreciated I ll include the results of the HijackThis log below though I see nothing there that would be of any help Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows Vista WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Windows system Dwm exe C Windows system taskeng exe C Windows SYSTEM WISPTIS EXE C Windows Explorer EXE C Program Files Windows Defender MSASCui exe C Program Files Lavasoft Ad-Aware AAWTray exe C Program Files Alwil Software Avast ashDisp exe C Program Files Windows Sidebar sidebar exe C Program Files NETGEAR WG v WG v exe C Program Files Internet Explorer ieuser exe C Program Files Internet Explorer iexplore exe C Windows system SearchFilterHost exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http go microsoft com fwli... Read more

Relevancy 64.5%

hey there Well my problem is this sometimes when Google Update Cant Redirects, Windows Update run or Avast im searching google and click a link i get redirected to a random page My normal scans dont show any problems but i have seen that quite alot of people have a similar problem gmer exe kept on Google Redirects, Cant Update Avast or run Windows Update giving me a blue screen then shutting my computer down so ill put what i think is the initial scan in a zip along with 'attach txt' Thanks alot in advance for any help Heres the DDS - DDS Ver - - - NTFSx Run by Connor at on Internet Explorer BrowserJavaVersion Microsoft Windows Vista Home Premium GMT SP Windows Defender disabled Updated D DDC A- F- FAE- E -DA C ACF Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system svchost exe -k rpcss C Windows system atiesrxx exe C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k GPSvcGroup C Windows system SLsvc exe C Windows system svchost exe -k LocalService C Windows system atieclxx exe C Windows system svchost exe -k NetworkService C Program Files Alwil Software Avast AvastSvc exe C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceNoNetwork C Program Files Realtek Audio HDA AERTSrv exe C Program Files Intel IntelDH CCU AlertService exe C Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C Program Files Diskeeper Corporation Diskeeper DkService exe C Windows system dlcgcoms exe C Program Files Common Files Intel IntelDH NMS AdpPlugins DQLWinService exe C Program Files Common Files Intel IntelDH NMS NMSCore NMSCore exe C Windows system PnkBstrA exe C Windows system PnkBstrB exe C Windows system svchost exe -k NetworkServiceNetworkRestricted C Program Files Intel IntelDH Intel Media Server Media Server bin qualitymanager exe C Windows system svchost exe -k regsvc c Program Files Microsoft SQL Server Shared sqlbrowser exe c Program Files Microsoft SQL Server Shared sqlwriter exe C Windows system svchost exe -k imgsvc C Windows System svchost exe -k WerSvcGroup C Windows system SearchIndexer exe C Program Files Intel IntelDH Intel Media Server Media Server bin ISSM exe C Program Files Intel IntelDH Intel Media Server Shells MCLServiceATL exe C Windows system WUDFHost exe C Program Files Intel IntelDH Intel Media Server Media Server bin mediaserver exe C Program Files Intel IntelDH Intel Media Server Shells Remote UI Service exe C Windows system taskeng exe C Windows system spool DRIVERS W X dlcgPSWX EXE C Windows system spool DRIVERS W X dlcgJSWX EXE C Program Files Windows Media Player wmpnetwk exe C Windows system wbem wmiprvse exe C Windows system taskeng exe C Windows system Dwm exe C Windows Explorer EXE C Program Files Common Files InstallShield UpdateService issch exe C Program Files Common Files Intel IntelDH NMS Support IntelHCTAgent exe C Program Files Intel IntelDH CCU CCU TrayIcon exe C Program Files Dell AIO DLCGmon exe C Program Files Adobe Reader Reader reader sl exe C Program Files Realtek Audio HDA RtHDVCpl exe C Program Files Common Files Java Java Update jusched exe C Program Files iTunes iTunesHelper exe C Program Files Alwil Software Avast AvastUI exe C Windows ehome ehtray exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Windows Media Player wmpnscfg exe C Program Files ATI Technologies ATI ACE Core-Static MOM exe C Windows ehome ehmsas exe C Windows system wbem unsecapp exe C Program Files Intel IntelDH CCU CCU Engine exe C Program Files iPod bin iPodService exe C Program Files ATI Technologies ATI ACE Core-Static CCC exe C Users Connor AppData Local Google Chrome Application chrome exe C Users Connor AppData Local Google Chrome Application chrome exe C Users C... Read more

A:Google Redirects, Cant Update Avast or run Windows Update

I'd like to try to get a more detailed log from GMER rootkit scanner.

Let's try this version of gmer. It will be a randomly named executable.


Download GMER Rootkit Scanner from here to your desktop. Double click the exe file.
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO, then use the following settings for a more complete scan.
In the right panel, you will see several boxes that have been checked. Ensure the following are unchecked IAT/EAT
Drives/Partition other than Systemdrive (typically C:\)
Show All (don't miss this one)

Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop, and attach it in reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

---------------------------------------------------------------------------------------------

If you still have troubles, try running the scan in Safe Mode.

Restart your computer and boot into Safe Mode by tapping the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Login on your usual account. Make sure to close any open browsers.

---------------------------------------------------------------------------------------------

If you still have troubles, run the scan with ONLY the Sections and C drive boxes ticked.



Click the image to enlarge it

http://www.techsupportforum.com/forums/f100/google-redirects-cant-update-avast-or-run-windows-update-479627.html
Relevancy 64.07%

A few days ago a small screen popped up in my browser with quot Java quot in large blue letters The dots blinked as if it were downloading something Shortly after McAfee notified me that it had detected and removed a Trojan I ran Malwarebytes and it identified infected files which were quarantined and removed I also ran Prevx which found threats My browser began to redirect and I am unable to shut down or restart normally I tried to do a system restore Browser down + Windows won't Redirects shut and received a message that system restore is not available Browser Redirects + Windows won't shut down Would appreciate any advice to correct the problem Thanks very much DDS and Browser Redirects + Windows won't shut down GMER files attached below Here is the Browser Redirects + Windows won't shut down DDS log DDS Ver - - - NTFSx Internet Explorer BrowserJavaVersion Run by J K at on - - Microsoft Windows XP Professional GMT - AV McAfee Anti-Virus and Anti-Spyware Enabled Updated B EE - - CDE-A A-DD BA FAD AV Prevx Enabled Updated D C- - CEB- CC -D B D FW McAfee Firewall Enabled Running Processes C WINDOWS system svchost exe -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs C Program Files Intel WiFi bin S EvMon exe svchost exe C WINDOWS Explorer EXE svchost exe C WINDOWS system spoolsv exe C Program Files TOSHIBA ConfigFree NDSTray exe svchost exe C Program Files Toshiba Toshiba Applet thotkey exe C Program Files TOSHIBA TOSHIBA Direct Disc Writer ddwmon exe C Program Files TOSHIBA TOSHIBA Zooming Utility SmoothView exe C WINDOWS RTHDCPL EXE C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Camera Assistant Software for Toshiba traybar exe C Program Files Intel WiFi bin ZCfgSvc exe C Program Files Common Files Intel WirelessCommon iFrmewrk exe C WINDOWS system TPSMain exe C Program Files TOSHIBA TOSHIBA Controls TFncKy exe C Program Files Adobe Acrobat Acrobat Acrotray exe C WINDOWS system agrsmsvc exe C WINDOWS system igfxsrvc exe C Program Files McAfee com Agent mcagent exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files TOSHIBA ConfigFree CFSvcs exe C Program Files Camera Assistant Software for Toshiba CEC MAIN exe C Program Files Iomega AutoDisk ADUserMon exe C WINDOWS system TPSBattM exe C Program Files Prevx prevx exe C Program Files Iomega DriveIcons ImgIcon exe C WINDOWS system ctfmon exe C Program Files Intel WiFi bin EvtEng exe C PROGRA Iomega System AppServices exe C Program Files Java jre bin jqs exe C Program Files Malwarebytes Anti-Malware mbamservice exe C Program Files Prevx prevx exe C Program Files Common Files Mcafee McSvcHost McSvHost exe C WINDOWS system mfevtps exe C Program Files McAfee Online Backup MOBKbackup exe C WINDOWS System svchost exe -k HPZ C TOSHIBA IVP ISM pinger exe C WINDOWS System svchost exe -k HPZ C Program Files Common Files Intel WirelessCommon RegSrvc exe C WINDOWS system svchost exe -k imgsvc C Program Files Smith Micro StuffIt ArcNameService exe c TOSHIBA IVP swupdate swupdtmr exe C Program Files TOSHIBA TOSHIBA Applet TAPPSRV exe C WINDOWS system TODDSrv exe C Program Files Iomega AutoDisk ADService exe C Program Files Common Files McAfee SystemCore mcshield exe C Program Files Common Files McAfee SystemCore mfefire exe C WINDOWS system wbem unsecapp exe C WINDOWS system rundll exe C WINDOWS System svchost exe -k HTTPFilter C WINDOWS system NOTEPAD EXE C Program Files Mozilla Thunderbird thunderbird exe C Program Files Mozilla Firefox firefox exe C Program Files Mozilla Firefox plugin-container exe C Program Files Mozilla Firefox plugin-container exe Pseudo HJT Report uStart Page hxxp www yahoo com uInternet Settings ProxyOverride lt local gt uSearchURL Default hxxp search yahoo com search fr mcafee amp p s BHO ContributeBHO Class c dc - - a a- d-c c - c program files adobe Adobe Contribute CS contributeieplugin dll BHO Adobe PDF Lin... Read more

A:Browser Redirects + Windows won't shut down

Here is an urgent update of the situation as of Monday, 9/12/11:

This morning as I was working, Prevx alerted me that there were infected files. I proceeded with cleanup but when the computer rebooted, I got a bluescreen error message: 0x0000007B.

Windows XP does not open in safe mode.
It does not open in Last Best Configuration.

I opened the Windows Recovery Console and ran chkdsk /r. It reported that the disk had been repaired.

But I still cannot reboot - the blue screen error keeps coming up.

I don't meant to jump the help queue but am really worried. Can anyone suggest what I can do to get Windows to reboot?

Thanks very much!

NoJoke

http://www.bleepingcomputer.com/forums/t/418317/browser-redirects-windows-wont-shut-down/
Relevancy 64.07%

Hi, I am having a lot of trouble on my Windows 8.1 machine and removing a bad malware infection. I performed system restores, installed and ran AVG and several malware tools which have all ultimately not resolved the issue of pop-ups and redirects in chrome and ie. Other things also seem very strange such as files saved to my desktop now have a location of "C:\Users\Janet\Cookies\Desktop"
 

https://malwaretips.com/threads/browser-hijack-redirects-pop-ups-etc-on-windows-8-1.57591/
Relevancy 64.07%

Customer s XP Pro PC got Windows XP Repair WXR I apparently have gotten rid of WXR but IE is being redirected I have done the following Combofix Malwarebytes Superantispyware RKills amp TDSSkiller SPYbot Search amp Destroy checked the host file no proxy server entry in Connections LAN Just ran HiJack This and the log is included Hope someone has an idea soon Thanks John Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss "Windows after Repair" redirects Browser XP exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS Browser redirects after "Windows XP Repair" system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Broadcom ASFIPMon AsfIpMon exe C DesktopCentral bin Apache exe C WINDOWS system eTSrv exe C WINDOWS system DID LS exe C DesktopCentral bin Apache exe C Program Files CA SharedComponents iTechnology igateway exe C Program Files CA eTrustITM InoRpc exe C Program Files CA eTrustITM InoRT exe C Program Files CA eTrustITM InoTask exe C Program Files CA SharedComponents PPRealtime bin ITMRTSVC exe C Program Files Java jre bin jqs exe C Program Files Malwarebytes Anti-Malware mbamservice exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Microsoft SQL Server MSSQL FERRARIS GROUP Binn sqlservr exe C Program Files SonicWALL SSL-VPN NetExtender NEService exe C Program Files CA eTrustITM ppcl exe C WINDOWS system svchost exe C PROGRAM FILES MEDITECH PRINT VMAGICPPII EXE C Program Files VMware VMware View Client bin wsnm exe C Program Files VMware VMware View Client bin wsnm usbctrl exe C Program Files Canon VDC AuVdc exe C WINDOWS system wbem wmiapsrv exe C WINDOWS Explorer EXE C Program Files Analog Devices Core smax pnp exe C Program Files ATI Technologies ATI ACE cli exe C Program Files CyberLink PowerDVD DVDLauncher exe C Program Files Google Google Desktop Search GoogleDesktop exe C WINDOWS System DLA DLACTRLW EXE C Program Files Common Files InstallShield UpdateService issch exe C Program Files Google Google Desktop Search GoogleDesktopIndex exe C Program Files CA eTrustITM realmon exe C Program Files Common Files Java Java Update jusched exe C Program Files Citrix ICA Client concentr exe C WINDOWS Twain Fjscan SOP FtLnSOP exe C Program Files Google Google Desktop Search GoogleDesktopDisplay exe C Program Files SonicWALL SSL-VPN NetExtender NEGui exe C Program Files DYMO DYMO Label Software DLSService exe C WINDOWS system eTCrtMng exe C Program Files Citrix ICA Client wfcrun exe C Program Files Malwarebytes Anti-Malware mbamgui exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files DYMO DYMO Label Software DymoQuickPrint exe C WINDOWS system ctfmon exe C Program Files Digital Line Detect DLG exe C WINDOWS twain Fjscan ERG FTErGuid exe C Program Files McAfee Security Scan SSScheduler exe C Program Files Microsoft SQL Server Tools Binn sqlmangr exe C Program Files Ferraris Group SymphonetClient Impresario FTPTransport srvany exe C Program Files Ferraris Group SymphonetClient Impresario FTPTransport FTPTransport exe C Program Files ATI Technologies ATI ACE cli exe C Program Files Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C WINDOWS system msiexec exe C Program Files Common Files Java Java Update jucheck exe C Program Files Trend Micro HiJackThis HiJackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL www google com ig dell hl en amp client dell-usuk-rel amp channel us amp ibd R - HKCU Software Microsoft Internet Explorer Main Start Page www google com ig dell hl en amp client dell-usuk-rel amp channel us amp ibd R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explo... Read more

http://www.bleepingcomputer.com/forums/t/407894/browser-redirects-after-windows-xp-repair/
Relevancy 64.07%

I started getting search redirects and random browser windows and random browser Redirects windows. opening about days ago At first it wasnt very bad a redirect here and there a browser window occasionly Now everytime i move to Redirects and random browser windows. a different web page i get - browswer windows opening and get redirected on almost every search I also think i may be getting fake browser crashes When i load a topic on this forum i get an internet explorer has crashed would you like to send an error report yet if i move the window asside i can still browse the page freely Im in need of assistance so that i may get back to browsing the web freely Going to bed so i'll get back to you in the morningHeres my hijackthis logLogfile of Trend Micro HijackThis v Scan saved Redirects and random browser windows. at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system nvsvc exeC WINDOWS system svchost exeC WINDOWS System svchost exeD Program Files Lavasoft Ad-Aware aawservice exeC WINDOWS system spoolsv exeC Program Files Creative Shared Files CTAudSvc exeC Program Files Common Files Autodesk Shared Service AdskScSrv exeD PROGRA AVG AVG avgwdsvc exeC Program Files Java jre bin jqs exeD PROGRA AVG AVG avgrsx exeC WINDOWS system PnkBstrA exeC WINDOWS system PnkBstrB exeC Program Files Microsoft SQL Server Shared sqlwriter exeC Program Files Blue Coat K Web Protection k filter exeC WINDOWS Explorer EXED PROGRA AVG AVG avgtray exeC WINDOWS system CTXFIHLP EXEC WINDOWS system RUNDLL EXED Program Files Razer Habu razerhid exeC Program Files Java jre bin jusched exeC WINDOWS system ctfmon exeC WINDOWS SYSTEM CTXFISPI EXED Program Files Razer Habu razerofa exeC WINDOWS system wuauclt exeC WINDOWS system ctfmon exeC Program Files Messenger msmsgs exeC Documents and Settings Izik Desktop HiJackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http www wowhead com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO no name - D -C F - efb- B - ECA - no file O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelperShim dllO - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - D Program Files AVG AVG avgssie dllO - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dllO - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dllO - Toolbar msdxmLC dll - amp Radio - E - F- D - E- A C - C WINDOWS system Msdxm ocxO - HKLM Run AVG TRAY D PROGRA AVG AVG avgtray exeO - HKLM Run amd dc opt D Program Files AMD Dual-Core Optimizer amd dc opt exeO - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run AudioDrvEmulator quot C Program Files Creative Shared Files Module Loader DLLML exe quot - AudioDrvEmulator quot C Program Files Creative Shared Files Module Loader Audio Emulator AudDrvEm dll quot O - HKLM Run DevconDefaultDB C WINDOWS READREG SILENT FAIL O - HKLM Run CTxfiHlp CTXFIHLP EXEO - HKLM Run nwiz nwiz exe installO - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInitO - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartupO - HKLM Run Habu D Program Files Razer Habu razerhid exeO - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot ... Read more

A:Redirects and random browser windows.

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Also, please subscribe to this topic, so you are notified when someone replies. Please continue to check manually on occasion, as every now and then the email may be caught by your spam filter.To enable topic notifications you should do the following:Click on the My Controls link at the top of the page to enter your control panel.Scroll down to the Options category in the left hand side menu bar and click on the Email Settings link.Put a checkmark in the checkbox labeled Enable 'Email Notification' by default?.Set the If ticked, choose default type: menu option to Immediate Email Notification to have an email sent immediately when someone replied.Information on A/V control HERE

http://www.bleepingcomputer.com/forums/t/274516/redirects-and-random-browser-windows/
Relevancy 64.07%

This Toshiba computer had the Windows 7 Updated loaded onto it. Now when the computer starts up I receive the Safe Mode etc...options. I select Start Normally and from there is when it takes about an hour or more to load windows.

When the system finally loads, to click on anything takes about 10 minutes or more to populate anything.

A loading error message is received in the bottom right hand corner which says something about logging in as administrator and loading a disc.

This is my friends computer(previously mine) and I need to get to the pictures and save them in case I'm going to need to reset anything. If someone can tell me how to get at the pictures faster or fixing this without wiping out the pics that would be great. Much appreciated!! Tiff

A:Download Update for Windows 7, now comp takes about an hour to load windows

Right now I am in safe mode and it's seconds faster but not much and i did not receive that error in the bottom right corner.

http://www.techsupportforum.com/forums/f217/download-update-for-windows-7-now-comp-takes-about-an-hour-to-load-windows-678578.html
Relevancy 64.07%

I have an xp pro sp3 box that cannot access win update and gets 4-6 random popups in a day. This started 3 days ago when I ended up with the HDD plus junk. After much ado, that went away, but my current probs seemingly started after HDD was removed. I've run adaware, s&d, etc, and nothing is showing up. What might I try that will produce a log that might let someone point me in the right direction.

A:windows update blocked, occasional popups

got it fixed. thanks for the quick replies?

http://www.bleepingcomputer.com/forums/t/366226/windows-update-blocked-occasional-popups/
Relevancy 64.07%

Can anyone tell me why this review was blocked on Windows App Store for violating the Windows Store Terms of Use Original review for Windows - My review for the Microsoft review Windows store to Update App blocked the on Music application after an update removed a feature - Apparently there was an update that removed the full screen animation for now playing Update to review blocked on the Windows App store To bad that feature set it apart from the others Now this app is just like any other Update to review blocked on the Windows App store Ho Hum player After update to Windows there was an update to the application so I updated my review which was blocked for violating Windows Store Terms of Use - Seriously - Advertisements while I play music I own I don't think so Everyone keeps saying how Zune was much better Zune is still available so I will go back to Zune until you get real Store Terms of use - Can I comment on apps in the Windows Store As a courtesy to developers and customers Microsoft offers you the capability to comment on your experience with apps You may not include or submit any content that is untrue misleading defamatory infringing or harassing that constitutes hate speech that is or includes sexual content that insinuates profanity or that is otherwise objectionable You may not post links to websites or materials that could harm other users or their computers including links to any viruses corrupted data or other harmful disruptive or destructive files You may not post comments on the Windows Store for any commercial purpose including by advertising or promoting anything without the express prior written consent of Microsoft You grant Microsoft the right to use modify adapt reproduce distribute and display any content you post Not sure what I am violating - Advertisements while playing My Music collection - Untrue No - Misleading No Defamatory No Infringing or harassing No if anything it is Infringing and harassing me So I guess I am promoting Zune by stating it is still available even though I have no commercial interest in Zune

http://www.eightforums.com/software-apps/35768-update-review-blocked-windows-app-store.html
Relevancy 64.07%

Hi This computer had a lot of viruses and malware adware installed prior to this log After running Spybot AVG Adaware and Windows Defender and installing comodo Firewall Pro they all Windows Blocked Redirect Google And Update finally stated there was no residual problems I tried to run Trend Micro online Google Redirect And Windows Update Blocked scan but it would not connect to the Trend Micro page and had to download hijackthis from another source The computer cannot connect to Windows update and Google Redirect And Windows Update Blocked search pages like google and live com redirect to random advertisement pages Also I tried to update to Internet Explorer and Windows XP SP but I could not get to the pages Finally the start menu and the My computer were missing all their icons they have all come back apart from the C drive the only hard drive and the log off button Here is a hijackthis log Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C Program Files Windows Defender MsMpEng exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C Program Files Lavasoft Ad-Aware aawservice exe C Program Files TalkTalk bin sprtcmd exe C PROGRA AVG AVG avgtray exe C Program Files COMODO SafeSurf cssurf exe C Program Files COMODO Firewall cfp exe C Program Files Windows Defender MSASCui exe C WINDOWS system spoolsv exe C PROGRA AVG AVG avgwdsvc exe C Program Files COMODO Firewall cmdagent exe C Program Files TalkTalk bin sprtsvc exe C Program Files Common Files Supportsoft bin tgsrvc exe C PROGRA AVG AVG avgrsx exe C PROGRA AVG AVG avgemc exe C program files hijackthis HijackThis exe O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - HKLM Run TalkTalk quot C Program Files TalkTalk bin sprtcmd exe quot P TalkTalk O - HKLM Run AVG TRAY C PROGRA AVG AVG avgtray exe O - HKLM Run COMODO SafeSurf quot C Program Files COMODO SafeSurf cssurf exe quot -s O - HKLM Run COMODO Firewall Pro quot C Program Files COMODO Firewall cfp exe quot -h O - HKLM Run Windows Defender quot C Program Files Windows Defender MSASCui exe quot -hide O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User 'LOCAL SERVICE' O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User 'NETWORK SERVICE' O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User 'SYSTEM' O - HKUS DEFAULT Run CTFMON EXE C WINDOWS system CTFMON EXE User 'Default user' O - Extra button no name - DFB A - F - C -A - CAB FD A - C PROGRA SPYBOT SDHelper dll O - Extra 'Tools' menuitem Spybot - Search amp Destroy Configuration - DFB A - F - C -A - CAB FD A - C PROGRA SPYBOT SDHelper dll O - Service Lavasoft Ad-Aware Service aawservice - Lavasoft - C Program Files Lavasoft Ad-Aware aawservice exe O - Service AVG Free E-mail Scanner avg emc - AVG Technologies CZ s r o - C PROGRA AVG AVG avgemc exe O - Service AVG Free WatchDog avg wd - AVG Technologies CZ s r o - C PROGRA AVG AVG avgwdsvc exe O - Service Symantec Lic NetConnect service CLTNetCnService - Unknown owner - C Program Files Common Files Symantec Shared ccSvcHst exe file missing O - Service COMODO Firewall Pro Helper Service cmdAgent - Unknown owner - C Program Files COMODO Firewall cmdagent exe O - Service SupportSoft Sprocket Service TalkTalk sprtsvc TalkTalk - SupportSoft Inc - C Program Files TalkTalk bin sprtsvc exe O - Service SupportSoft RemoteAssist - SupportSoft Inc - C Program Files Common Files Supportsoft bin ssrc exe O - Service SupportSoft Repair Service TalkTalk tgsrvc TalkTalk - SupportSoft Inc - C Program Files Common Files Supportsoft bin tgsrvc exe -- End of file - bytes

A:Google Redirect And Windows Update Blocked

I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please reply to this topic stating that you still need help and I will work with you on resolving your computer problems. If your problem has been resolved, please post a reply letting us know so we can close your topic.

Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, feel free to create a new one.

Once again, I apologize for the delay in responding to this topic.

http://www.bleepingcomputer.com/forums/t/169491/google-redirect-and-windows-update-blocked/
Relevancy 64.07%

I ve been having problems for about days now It started with a fake windows security antivirus popup I was able to get rid of update problems blocked redirect windows and that but once that was gone my search results Google or Yahoo on IE or Firefox starting being redirected Windows Update won redirect problems and windows update blocked t run and and the website is blocked in both browsers Over the past week I ve run Symantec Ad-aware Spy-bot Malwarebytes Combofix and BitDefender They all found problems but none redirect problems and windows update blocked of the fixes changed anything My more computer-literate roommate tried to help and ran some other things but didn t keep a good record of what they were He tried to repair Windows to get Update working and now we can t open almost anything I was able to get things to open through the Administrator running in safe mode by fixing Regedit HKEY CLASSES ROOT exe data file entry was secfile instead of exefile but for some reason I still can t open things in my user safe mode or regular my user is an administrator and the only user that comes up when not in safe mode Because of the repair job I m also currently running Service Pack instead of I m so frustrated I need my computer for work I m out of ideas and I really don t want to wipe the drive and start over because I wouldn t be able to replace some of the programs I disconnected my computer from the internet but I can check posts and emails or download things on my roommate s computer I ve followed most of the previous steps for this forum I don t think I have CD emulation software and now I promise to leave it alone and not let my roommate near it until you tell me otherwise The DDS logs are below Most things will only run in Adminstrator safe-mode but for some reason I was able to get DDS to run in my user on SafeMode I don t know if any of the differences in the logs matter but I ve included them for both the Administrator Ad and user J I couldn t run gmer in my user - the application shows up as a secfile instead of an exe even if I copy and paste the application from the Adminstrator desktop onto the user desktop so only the gmer log for the Adminstrator is attached Please please help if you can Thank you so much for you time DDS Ad DDS Ver - - - NTFSx MINIMAL Run by Administrator at on Sat Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV Symantec AntiVirus Corporate Edition On-access scanning disabled Updated FB E- B - A- F -E D C Running Processes C WINDOWS system svchost -k DcomLaunchsvchost exeC WINDOWS system svchost exe -k netsvcsC WINDOWS Explorer EXEC WINDOWS system ctfmon exeC Documents and Settings Administrator Desktop dds scr Pseudo HJT Report BHO AcroIEHlprObj Class e f-c d - d -b d- b d be b - c program files adobe acrobat activex AcroIEHelper dllBHO Java Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dllBHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program files java jre lib deploy jqs ie jqs plugin dlluRun ctfmon exe c windows system ctfmon exemRun VTTimer VTTimer exemRun QuickTime Task quot c program files quicktime qttask exe quot -atboottimemRun ccApp quot c program files common files symantec shared ccApp exe quot mRun vptray c progra symant VPTray exemRun MimBoot c progra musicm musicm mimboot exemRun iTunesHelper quot c program files itunes iTunesHelper exe quot mRun Ad-Watch c program files lavasoft ad-aware AAWTray exemRun SunJavaUpdateSched quot c program files common files java java update jusched exe quot mRun BluetoothAuthenticationAgent rundll exe bthprops cpl BluetoothAuthenticationAgentmRun SRFirstRun rundll srclient dll CreateFirstRunRpdRunOnce tscuninstall systemroot system tscupgrd exeStartupFolder c docume alluse startm programs startup adober lnk - c program files adobe acrobat reader reader sl exeStartupFolder c docume alluse startm programs startup bttray lnk - c program files belkin bluetooth softwar... Read more

A:redirect problems and windows update blocked

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

http://www.bleepingcomputer.com/forums/t/310528/redirect-problems-and-windows-update-blocked/
Relevancy 64.07%

hi blocked and sites windows antivirus update all im not sure if its a trojan or windows settings somwhere but if you need any additional information i would gladly provide antivirus sites and windows update blocked it system windows xp russian version a v avast run full system scan nothing found a m malwarebytes run full scan nothing antivirus sites and windows update blocked found im posting here a hijack log run a few minutes ago thank you in advance Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS antivirus sites and windows update blocked System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system Ati evxx exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system svchost exeC WINDOWS system Ati evxx exeC Program Files Alwil Software Avast AvastSvc exeC WINDOWS system spoolsv exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC WINDOWS Explorer EXEC WINDOWS system svchost exeC WINDOWS RTHDCPL EXEC Program Files QuickTime QTTask exeC PROGRA ALWILS Avast avastUI exeC WINDOWS AGRSMMSG exeC Program Files LClock LClock exeC WINDOWS system ctfmon exeC Program Files Windows Live Messenger msnmsgr exeC Program Files Skype Phone Skype exeC Program Files IncrediMail bin IncMail exeC Program Files Skype Plugin Manager skypePM exeC Program Files IncrediMail bin IMApp exeC WINDOWS system wbem wmiapsrv exeC Documents and Settings Admin temp TeamViewer Version TeamViewer exeC Program Files Internet Explorer IEXPLORE EXEC Program Files Mozilla Firefox firefox exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http mystart incredimail com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localR - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - URLSearchHook no name - ba e- - -b f - e d cc - no file F - REG system ini UserInit C WINDOWS system userinit exeO - BHO no name - D -C F - efb- B - ECA - no file O - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - C PROGRA MICROS Office GRA E DLLO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - C Program Files Google Google Toolbar GoogleToolbar dllO - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dllO - Toolbar no name - C F - - FD -AF -B C - no file O - Toolbar Google Toolbar - C B - - d - B - A CD F - C Program Files Google Google Toolbar GoogleToolbar dllO - Toolbar no name - ba e- - -b f - e d cc - no file O - HKLM Run RTHDCPL RTHDCPL EXEO - HKLM Run Alcmtr ALCMTR EXEO - HKLM Run QuickTime Task quot C Program Files QuickTime QTTask exe quot -atboottimeO - HKLM Run avast C PROGRA ALWILS Avast avastUI exe noguiO - HKLM Run AGRSMMSG AGRSMMSG exeO - HKCU Run LClock C Program Files LClock LClock exeO - HKCU Run ctfmon exe C WINDOWS system ctfmon exeO - HKCU Run msnmsgr quot C Program Files Windows Live Messenger msnmsgr exe quot... Read more

A:antivirus sites and windows update blocked

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREPlease download GMER from one of the following locations and save it to your desktop:Main MirrorThis version will download a randomly named file (Recommended)Zipped MirrorThis version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply.Exit GMER and re-enable all active protection when done.-- If you encounter any problems, try running GMER in Safe Mode.

http://www.bleepingcomputer.com/forums/t/319492/antivirus-sites-and-windows-update-blocked/
Relevancy 64.07%

I have tried everything I can think of. I'm still getting pop-ups, always redirected when clicking a link from search engine and my windows updates are blocked ( I get an error that keeps me from updating). This has been goin on for awhile now no antivirus finds it. This is a computer thats less then a yr old running windows 7.

A:Pop-up/redirecting/windows update blocked virus

Please follow these instructions: How to remove Google Redirects or the TDSS, TDL3, Alureon rootkit using TDSSKillerDouble-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.When the program opens, click the Start Scan button.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure is selected, then click Continue > Reboot now to finish the cleaning process. <- Important!!
Note: If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection.A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.-- For any files detected as 'Suspicious' (except those identified as Forged to be cured after reboot) get a second opinion by submitting to Jotti's virusscan or VirusTotal. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.Step 9 recommends that you scan your computer using Malwarebytes Anti-Malware to remove any traces that may still be present. If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware. After performing that step, please post the complete results of your scan for review.

http://www.bleepingcomputer.com/forums/t/367151/pop-upredirectingwindows-update-blocked-virus/
Relevancy 64.07%

For about three days my computer has been completely unable to access the windows update website, getting the error "The connection to the server was reset while the page was loading." Likewise, running the windows update program results in Error Code 80072EFE.

Likewise, for three days, google results have been occasionally redirecting to seemingly random websites like marthastewart.com. Occasionally a firefox tab will open up and AVG will block it, while using firefox. Very rarely, a windows error box will come up saying "Windows Host Service has stopped working".

I've tried scanning with, so far.. AVG, Ad-aware, Spybot, and Malwarebytes Anti-malware. Both in normal mode and safe mode, and they either find nothing, or the things they find apparently aren't what I have.

Running Windows Vista SP2. 32-bit.

EDIT: One of the popups is "google.com/webhp", and it's occured twice lately.

http://www.bleepingcomputer.com/forums/t/326702/windows-update-blocked-google-redirecting/
Relevancy 64.07%

I cannot update.
I am attaching a screenshot for comments?

A:[SOLVED] Blocked windows update service?

Hi, this error means the system could not initialize a network connect, a com object, or a failed dependency, so we need to establish why.

Likely causes are Norton or McAfee (have either ever been on your machine, even as a trial, installed or not installed)? What Anti Virus do you use?

Are the windows service dependencies running.

Main one is RPC service also check the BITS service.

Corrupt winsock setting, go to start search and type:- cmd, right click on the returned cmd.exe and select "run as administrator" at the prompt type:-


Code:
netsh winsock reset
(press enter) Netsh cmds take immediately so no need to restart.

http://www.techsupportforum.com/forums/f217/solved-blocked-windows-update-service-681508.html
Relevancy 64.07%

I recently noticed that I was getting redirected during searches to Info.com. I have done a virus scan which does not seem to find anything. I later noticed that I am unable to connect to received Windows Updates and if I go directly to Microsoft's website for updates, I am redirected to google.com. I am at a loss as to what to do but I am going nuts trying to find a fix for this issue. Please help as soon as possible!!!

A:Windows update blocked/Searches are redirected

Hi and welcome to BleepingComputer The process of cleaning your computer may require temporarily disabliling some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen:Click on the Show Results button to see a list of any malware that was found.Make sure that everything is checked, and click Remove Selected.When removal is completed, a log report will open in Notepad.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply and exit MBAM.Note:-- If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. Note 2:-- MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes (like Spybot's Teatimer), they may interfere with the fix or alert you after scanning with MBAM. Please disable such programs until disinfection is complete or permit them to allow the changes. To disable these programs, please view this topic: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

http://www.bleepingcomputer.com/forums/t/228970/windows-update-blockedsearches-are-redirected/
Relevancy 64.07%

I have recently been trying to remove the vista defender with malware bytes with no luck. I also can not install, download, or access anything to do with Windows updates. Also my search's are redirected. On top of that my usb keyboard will no longer function on this machine (tested on other machines). The keyboard works on the welcome screen after removing the Rogue virus with malwarebytes but immediately stops working shortly after I log on. It seems that all these problems are related.

Any ideas?

Windows Vista
Malware Bytes run completed

A:Vista Defender, blocked windows update

If this helps, I ran a GMER scan and have a suspicious atapi.sys file:GMER 1.0.15.15281 - http://www.gmer.netRootkit quick scan 2010-04-14 22:38:43Windows 6.0.6001 Service Pack 1Running: 53g6qmw6.exe; Driver: C:\Users\Chris\AppData\Local\Temp\pwldapob.sys---- Devices - GMER 1.0.15 ----Device \FileSystem\Ntfs \Ntfs 852421F8Device \FileSystem\fastfat \Fat 876691F8AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)AttachedDevice \Driver\tdx \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB)AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)Device -> \Driver\atapi \Device\Harddisk0\DR0 870A5AC8---- Files - GMER 1.0.15 ----File C:\Windows\system32\drivers\atapi.sys suspicious modification---- EOF - GMER 1.0.15 ----

http://www.bleepingcomputer.com/forums/t/309834/vista-defender-blocked-windows-update/
Relevancy 64.07%

Hi I really hope redirecting Windows update blocked & google you can help me please Last week I had a few issues Computer going slow Error messages with screen saver Generic host errors AVG ALERTS - Exploit Rogue Security Threat Analysis Type Windows update blocked & google redirecting and Exploit Rogue Scanner Type This all started after streaming a video off a site called Crazymotion We did a system restore back to the day before I had gone on this site The computer worked faster - no error messages BUT currently the computer sometimes redirects to other sites and then pop-ups appear Also windows or windows defender can not up date because they will not let me connect to their website - quot internet explorer cannot display the page quot as though it is blocked I have AVG running as virus protection Have run Malwarebytes Anti-Malware and SpyBot Search both of which found various infected files and adware and Windows update blocked & google redirecting said they had removed these effectively However the above problems still continue Please can anyone shed any light on this problem Here is my Hijack This Log Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files AVG AVG avgchsvx exe C Program Files Windows update blocked & google redirecting AVG AVG avgrsx exe C Program Files AVG AVG avgcsrvx exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Program Files AVG AVG avgwdsvc exe C Program Files Intel Intel Application Accelerator iaantmon exe C Program Files Java jre bin jqs exe C WINDOWS system nvsvc exe C Program Files AVG AVG avgnsx exe C WINDOWS system svchost exe C WINDOWS system wuauclt exe C Program Files Analog Devices Core smax pnp exe C Program Files Intel Intel Application Accelerator iaanotif exe C Program Files Intel Modem Event Monitor IntelMEM exe C Program Files CyberLink PowerDVD DVDLauncher exe C Program Files Real RealPlayer RealPlay exe C Program Files Dell Media Experience DMXLauncher exe C WINDOWS system dla tfswctrl exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files Dell Photo AIO Printer dlbtbmgr exe C Program Files MusicMatch MusicMatch Jukebox mmtask exe C Program Files MUSICMATCH MUSICMATCH Jukebox mm tray exe C Program Files Common Files Java Java Update jusched exe C PROGRA AVG AVG avgtray exe C Program Files Dell Support DSAgnt exe C Program Files Messenger msmsgs exe C WINDOWS system ctfmon exe C Program Files Dell Photo AIO Printer dlbtbmon exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files Logitech SetPoint KEM exe C Program Files Logitech SetPoint KHALMNPR EXE C Program Files Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dell co uk myway R - HKCU Software Microsoft Internet Explorer Main Search Bar http bfc myway com search de srchlft html p DK R - HKCU Software Microsoft Internet Explorer Main Start Page http www google co uk R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dll O - BHO Spybot-S amp D IE P... Read more

https://forums.techguy.org/threads/windows-update-blocked-google-redirecting.929616/
Relevancy 64.07%

Infected WinXP Home system Browser hijacking especially with redirect of search results via IE and Foxfire This seems to cpu svchost ms hijacking blocked Browser update high be running through svchost exe showing high cpu and high memory usage My Browser hijacking svchost high cpu blocked update ms exposure appears to be from or My virus security software was able to detect and clean several items following within a day of a windows update The cleaned up items included ExploitPDF-JSGen Gen Malware Heur bq bGet rhi Gen Trojan Heur FU fqW aKr ZDd and Gen Browser hijacking svchost high cpu blocked update ms Trojan Heur LP dy aWcgUHiG My Security Shield AV software crashed and lost the rest of the logs It cannot detect anything else related to current ongoing infection MS Onecare live was also unable to detect any issues Windows update site and others seem to be blocked DDS Ver - - - NTFSx Run by Alan at on Mon Internet Explorer Microsoft Windows XP Home Edition GMT - AV Security Shield Antivirus On-access scanning enabled Updated C BB C-B ED- F -A C- BB FW Security Shield Firewall enabled F- E - A -A - D B F Running Processes C WINDOWS system svchost -k DcomLaunchsvchost exeC Program Files Browser hijacking svchost high cpu blocked update ms Common Files BitDefender BitDefender Update Service livesrv exeC Program Files PCSecurityShield BitDefender vsserv exeC WINDOWS System svchost exe -k netsvcssvchost exesvchost exeC WINDOWS system spoolsv exesvchost exeC WINDOWS system CTsvcCDA exeC Program Files Cisco Systems VPN Client cvpnd exeC WINDOWS System svchost exe -k HPZ C WINDOWS system nvsvc exeC WINDOWS System svchost exe -k HPZ C WINDOWS system svchost exe -k imgsvcC Program Files Google Update GoogleUpdate exeC WINDOWS Explorer EXEC WINDOWS system ctfmon exeC WINDOWS RTHDCPL EXEC WINDOWS system RUNDLL EXEC Program Files CyberLink PowerDVD PDVDServ exeC Program Files HP HP Software Update HPWuSchd exeC Program Files HP hpcoretech hpcmpmgr exeC Program Files Adobe Reader Reader Reader sl exeC Program Files PCSecurityShield BitDefender bdagent exeC Program Files Common Files Ahead Lib NMBgMonitor exeC Program Files Creative Sync Manager Unicode CTSyncU exeC WINDOWS CTRegRun EXEC Program Files Creative Product Registration English InetReg exeC Program Files PCSecurityShield BitDefender seccenter exeC WINDOWS system wuauclt exeC Program Files HP Digital Imaging bin hpqnrs exeC Program Files HP Digital Imaging bin hpqSTE exeC Documents and Settings Alan Desktop dds scr Pseudo HJT Report uStart Page hxxp www google com uInternet Settings ProxyOverride localBHO Adobe PDF Reader Link Helper e f-c d - d -b d- b d be b - c program files common files adobe acrobat activex AcroIEHelper dllTB Security Shield Toolbar ffde - - f -b d-fc a f c - c program files pcsecurityshield bitdefender IEToolbar dlluRun ctfmon exe c windows system ctfmon exeuRun BgMonitor E - C C- d f- C - D A B AA quot c program files common files ahead lib NMBgMonitor exe quot uRun CTSyncU exe quot c program files creative sync manager unicode CTSyncU exe quot uRun CTRegRun c windows CTRegRun EXEmRun RTHDCPL RTHDCPL EXEmRun NvMediaCenter RUNDLL EXE c windows system NvMcTray dll NvTaskbarInitmRun RemoteControl quot c program files cyberlink powerdvd PDVDServ exe quot mRun HP Software Update c program files hp hp software update HPWuSchd exemRun HP Component Manager quot c program files hp hpcoretech hpcmpmgr exe quot mRun Adobe Reader Speed Launcher quot c program files adobe reader reader Reader sl exe quot mRun BDAgent quot c program files pcsecurityshield bitdefender bdagent exe quot mRun BitDefender Antiphishing Helper quot c program files pcsecurityshield bitdefender IEShow exe quot mRun NvCplDaemon RUNDLL EXE c windows system NvCpl dll NvStartupStartupFolder c docume alluse startm programs startup hpdigi lnk - c program files hp digital imaging bin hpqtra exeStartupFolder c docume alluse startm programs startup micros lnk - c program files microsoft office office OSA... Read more

A:Browser hijacking svchost high cpu blocked update ms

Hello AlanMac5,Sorry for the delay. If you still need help, please post a new DDS/HijackThis log and I'll be happy to look at it. Thanks,tea

http://www.bleepingcomputer.com/forums/t/353016/browser-hijacking-svchost-high-cpu-blocked-update-ms/
Relevancy 63.64%

Hi My first post here and I m wondering if someone can help with my problem since I ve completely run out of ideas For the last few months I have been unable to load Windows Update Windows Search or the Personalize Desktop option when right clicking on the desktop When I click on these items a window will open for a second completely white and then close instantly There s seemingly no way around this and the same is true in Safe Mode Suspecting a virus trojan or similar I have run a number of scans AVG SpyBot Ad Aware Malware Bytes Kaspersky Norton command line sfc etc Apart from a few tracking cookies nothing has been found Running HijackThis also revealed nothing untoward I ve search the MS Knowledge base extensively and not found anything There are similar problems regarding specific error numbers but I do not get one just a window that opens then quickly closes I have tried MS s own FixIt tool for Windows Update and it didn t make any difference I can still search using the quick search bar in the start menu but clicking quot search everywhere quot does Update/Windows not will load Desktop Windows Search/Personalize nothing I can still change my desktop background by right clicking on an image and choosing quot set as desktop background quot I cannot run Windows Update All of my other software is completely up Windows Update/Windows Search/Personalize Desktop will not load to date I still suspect that this is some sort of very clever trojan rather than an OS error but since I m not getting any error messages I can t be sure Any advice would be very much appreciated

A:Windows Update/Windows Search/Personalize Desktop will not load

Can you run regedit?

Access the Microsoft website?

Update your installed AV program?

What other system anomalies exist?

Louis

http://www.bleepingcomputer.com/forums/t/394433/windows-updatewindows-searchpersonalize-desktop-will-not-load/
Relevancy 63.64%

Hi I ran a bunch of scans as directed by boopme in the Am I Infected forum and he asked me to follow up by creating a post here Topic referenced is here http www bleepingcomputer com forums t please-help-browser-redirects-to-random-sites-plus-multiple-browser-windows OBHere's the latest log he asked me to post Running from C Documents and Settings Harris Desktop Win kDiag exeLog file at C Documents and Settings Harris Desktop Win kDiag txtWARNING Could not get backup privileges Searching 'C WINDOWS' Finished Thank you very much for all your help HarrisEditing redirects; windows browser multiple Google in rootkit scan from other topic OBSophos Anti-Rootkit Version Sophos PlcStarted logging on at AMUser Harris on computer HARRIS-SYSTEM Google redirects; multiple browser windows Windows version SP Service Pack build SM x PT x Win Info Starting process scan Info Starting registry scan Hidden registry item HKEY USERS S- - - - - - - Software Microsoft Windows CurrentVersion Explorer FileExts doc JSESSIONID G TDVbRhB yc WKVpvCsDh zLF JpQPyPjcT YYrmBGySzVzxYgK fileContentID Info Starting disk scan of C NTFS Stopped logging on at AM

A:Google redirects; multiple browser windows

Hi,My name is Extremeboy (or EB for short), and I will be helping you with your log.We apologize for the delay of response. If you still require assistance we would like to see the current condition of your system so please post a new set of DDS Logs as well as a RootRepeal log and a description of any remaining problems or symptoms you may still have please.If for any reason you did not post a DDS log or RootRepeal log please refer to this page and in step #6 and Step #7 for further instructions on downloading and running DDS & RootRepeal. If you have any problems just let me know in your next reply or simply post a Hijackthis log.For your next reply I would like to see:-The DDS logs---DDS.txt and Attach logs-RootRepeal logs-Description of any remaining problems you may still have.Thanks again and we apologize for the delay.With Regards,Extremeboy

http://www.bleepingcomputer.com/forums/t/277329/google-redirects;-multiple-browser-windows/
Relevancy 63.64%

Hello I have been having problems with malware recently and have not been able to remove it with Trend micro Ad-Aware or Spybot Browser Security redirects, Alert Windows and I m at my Browser redirects, Windows Security Alert wits end The redirects can occur any time I click a link but its usually after I use a link from a search engine One of the more distinctive redirects is a fake Windows Explorer window titled Windows Security which performs a fake scan on my system and reports various false infections Any help would be greatly appreciated Jbonna DDS Browser redirects, Windows Security Alert Ver - - - NTFS AMD Run by Adam at on Mon Internet Explorer BrowserJavaVersion Microsoft Windows Vista Home Premium GMT SP Windows Defender enabled Updated D DDC A- F- FAE- E -DA C ACF Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system nvvsvc exe C Windows system svchost exe -k rpcss C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Program Files x Creative Shared Files CTAudSvc exe C Windows system svchost exe -k GPSvcGroup C Windows system SLsvc exe C Windows system svchost exe -k LocalService C Windows system WUDFHost exe C Windows system nvvsvc exe C Windows system Dwm exe C Windows Explorer EXE C Users Adam AppData Roaming Microsoft Windows shell exe C Users Adam AppData Roaming Microsoft svchost exe C Windows system WUDFHost exe C Windows system svchost exe -k NetworkService C Program Files x Lavasoft Ad-Aware AAWService exe C Users Adam AppData Local Temp dwm exe C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceNoNetwork C Windows system taskeng exe C Windows system taskeng exe C Program Files x Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Windows SysWOW PnkBstrA exe C Windows system svchost exe -k NetworkServiceNetworkRestricted C Program Files x NVIDIA Corporation D Vision nvSCPAPISvr exe C Windows system svchost exe -k imgsvc C Windows System svchost exe -k WerSvcGroup C Windows system SearchIndexer exe C Program Files NVIDIA Corporation NetworkAccessManager bin nSvcAppFlt exe C Program Files NVIDIA Corporation NetworkAccessManager bin nSvcIp exe C Windows system wbem wmiprvse exe C Windows system wbem unsecapp exe C Program Files Logitech GamePanel Software LGDevAgt exe C Program Files Logitech GamePanel Software G-series Software LGDCore exe C Program Files Logitech GamePanel Software LCD Manager LCDMon exe C Windows vsnp std exe C Program Files x Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Windows Sidebar sidebar exe C Windows ehome ehtray exe C Windows ehome ehmsas exe C Windows SysWOW CtHelper exe C Program Files x Common Files Java Java Update jusched exe C Windows tsnp std exe C Program Files x iTunes iTunesHelper exe C Program Files x Common Files Nokia MPlatform NokiaMServer exe C Program Files x PC Connectivity Solution ServiceLayer exe C Program Files x PC Connectivity Solution Transports NclUSBSrv exe C Program Files x PC Connectivity Solution Transports NclRSSrv exe C Program Files iPod bin iPodService exe C Program Files x Lavasoft Ad-Aware AAWTray exe C Windows system taskeng exe C Program Files x Internet Explorer iexplore exe C Program Files x Internet Explorer iexplore exe C Program Files x Google Google Toolbar GoogleToolbarUser exe C Windows system WUDFHost exe C Windows System mobsync exe C Windows temp remove exe C Windows system msiexec exe C Windows system msiexec exe C Windows system MsiExec exe C Program Files x Internet Explorer iexplore exe C Windows SysWOW Macromed Flash FlashUtil k ActiveX exe C Windows system wuauclt exe C Program Files x Internet Explorer iexplore exe C Program Files x Common Files Java Java Update jucheck exe C Program Files x Internet Explorer iexplore exe C Windows system SearchProtocolHost exe C Windows sy... Read more

A:Browser redirects, Windows Security Alert

Hi jbonna, and welcome to Bleeping Computer.Download OTL.exe by OldTimer to your Desktop.Close all windows and double click OTL.exe.In the "Custom Scans/Fixes" window (under the light green bar) paste the following in bold:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

Click Run Scan and let the program run uninterrupted.When the scan completes, it will open two Notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Post both logs in this thread.You may need to use two posts to get it all.

http://www.bleepingcomputer.com/forums/t/363715/browser-redirects-windows-security-alert/
Relevancy 63.64%

Hi I have been having computer problems for a little while now My daughter just informed me I probably have a virus Google browser keeps redirecting when I click a link when I do a search It redirects Infected...browser and by new windows redirects open themselves to yahoo and other various sites some of which are blank Separate sites are also opening up in new windows on there own Any help is much appreciated Here are my logs as requested DDS Ver - - - NTFSx Run by Owner at on Sun Internet Explorer Microsoft Windows XP Home Edition GMT - AV avast Antivirus Disabled Updated DB - F - A -B - A FD D Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C Program Files Alwil Software Avast AvastSvc exe C WINDOWS Explorer EXE C WINDOWS system RUNDLL EXE C Infected...browser redirects and new windows open by themselves Program Files NVIDIA Corporation NvMixer NVMixerTray exe C Program Files CyberLink PowerDVD PDVDServ exe C Program Files Digital Media Reader shwiconem exe C Program Files Alwil Software Avast avastUI exe C Program Files QuickTime qttask exe C Program Files Messenger msmsgs exe C WINDOWS system ctfmon exe C WINDOWS system spoolsv exe svchost exe C Program Files Bonjour mDNSResponder exe C Program Files Kodak AiO Center ekdiscovery exe C WINDOWS system nvsvc exe C Program Files Common Files New Boundary PrismXL PRISMXL SYS C WINDOWS system svchost exe -k imgsvc C Program Files Internet Explorer IEXPLORE EXE C Program Files Internet Explorer IEXPLORE EXE C WINDOWS system wscntfy exe C Documents and Settings Owner Desktop dds scr Pseudo HJT Report uSearch Bar hxxp www google com ie uStart Page hxxp www emachines com BHO AcroIEHlprObj Class e f-c d - d -b d- b d be b - c program files adobe acrobat reader activex AcroIEHelper dll BHO B CA - A - D -A DF- BB - No File BHO Groove GFS Browser Helper - c - d -b f - bbc d a e - c progra micros office GROOVEEX DLL BHO avast WebRep e e -ad d- bf-ac d-d f d - c program files alwil software avast aswWebRepIE dll BHO Office Document Cache Handler b f a - e - -ba - b e ff - c progra micros office URLREDIR DLL BHO FDD B - D - ffb- - B AD ACC - No File TB AOL Toolbar d a-c b- -b b-b b e d c - c program files aol toolbar toolbar dll TB avast WebRep e e -ad d- bf-ac d-d f d - c program files alwil software avast aswWebRepIE dll EB Real com fe fa -d c- d - fa- c f afe - c windows system Shdocvw dll uRun MSMSGS quot c program files messenger msmsgs exe quot background uRun ctfmon exe c windows system ctfmon exe mRun Recguard c windows sminst RECGUARD EXE mRun NvCplDaemon RUNDLL EXE c windows system NvCpl dll NvStartup mRun nwiz nwiz exe install mRun NvMediaCenter RUNDLL EXE c windows system NvMcTray dll NvTaskbarInit mRun NVMixerTray quot c program files nvidia corporation nvmixer NVMixerTray exe quot mRun NeroFilterCheck c windows system NeroCheck exe mRun RemoteControl quot c program files cyberlink powerdvd PDVDServ exe quot mRun SunKistEM c program files digital media reader shwiconem exe mRun lt NO NAME gt mRun avast quot c program files alwil software avast avastUI exe quot nogui mRun Conime windir system conime exe mRun EKIJ StatusMonitor c windows system spool drivers w x EKIJ MUI exe mRun QuickTime Task quot c program files quicktime qttask exe quot -atboottime mRun BCSSync quot c program files microsoft office office BCSSync exe quot DelayServices IE E amp xport to Microsoft Excel - c progra micros office EXCEL EXE IE Se amp nd to OneNote - c progra micros office ONBttnIE dll IE e e dd -d - - b -f ba - windir Network Diagnostic xpnetdiag exe IE FB F -F - d -BB E- C F - c program files messenger msmsgs exe IE A- - f c- - EE C C - E -E D - - C-F F E C - c program files microsoft office office ONBttnIE dll IE D A-C B- -B B-B B E D C - D A-C B- -B B-B B E D C - c program files aol toolbar toolbar dll IE FE F- FC - A - -EDE DB C CA - FFFDC -B - AE -AB - D B - c program files microsoft office office ONBttnIE... Read more

A:Infected...browser redirects and new windows open by themselves

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together ;)
Because of this, you must reply within three days failure to reply will result in the topic being closed!
Please do not PM me directly for help. If you have any questions, post them in this topic.
Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.____________________________________________________Rootkit UnHooker (RkU)Please download Rootkit Unhooker from one of the following links and save it to your desktop.Link 1 (.exe file)Link 2 (zipped file)Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.Double-click on RKUnhookerLE.exe to start the program.
Vista/Windows 7 users right-click and select Run As Administrator.Click the Report tab, then click Scan.Check Drivers, Stealth, and uncheck the rest.Click OK.Wait until it's finished and then go to File > Save Report.Save the report to your Desktop.Copy and paste the contents of the report into your next reply.-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".NEXT:Running OTLWe need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply her... Read more

http://www.bleepingcomputer.com/forums/t/387779/infectedbrowser-redirects-and-new-windows-open-by-themselves/
Relevancy 63.64%

A few days ago I encoutered the Windows Recovery Virus which hid all the contents of my C drive and displayed a fake windows recovery window clamining there were multiple errors with my hard Browser & Recovery Windows Redirects Virus drive that needed to be fixed I was able to remove this by Windows Recovery Virus & Browser Redirects deleting the RANDOM exe files in ProgramData and using the Unhide exe and scanning with Malwarebytes I still noticed some lingering symptons such as my iGoogle homepage not displaying some of Windows Recovery Virus & Browser Redirects the usual content Two days later I noticed browser redirects when searching on google especially when accesing anti-virus related websites The same windows recovery virus occured again and this time I searched thoroughly and tried countless anti-malware programs to scan and cleanse my system I think I have made some progress however the browser redirects continue to happen I notice that iexplore exe is continuously running in the background surfing advertising websites When I close the process via task manager it re-opens again I tried running TDSSKiller exe but it will not open even when I rename it to iexplore com Any Windows Recovery Virus & Browser Redirects help would be appreciated I can post logs from Malwarebytes if necessary Thanks in advance

A:Windows Recovery Virus & Browser Redirects

Hello,Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.Orange Blossom

http://www.bleepingcomputer.com/forums/t/430099/windows-recovery-virus-browser-redirects/
Relevancy 63.64%

This is my first time here and while I am fairly computer literate this browser redirect is really annoying I have tried many anti virus scans and they all find things delete them and they come back Any help would be greatly appreciated Here is my hijackthis log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system Ati evxx exeC WINDOWS system svchost exec Program Files Microsoft Security Essentials MsMpEng exeC WINDOWS System svchost exeC WINDOWS system svchost exeC WINDOWS system Ati evxx exeC WINDOWS system spoolsv exeC Program Files Avira AntiVir Desktop sched exeC WINDOWS RTHDCPL EXEC Program Files new and related Redirects ad opens windows Browser Microsoft Security Essentials msseces exeC Program Files Keymaestro Multimedia Keyboard Browser Redirects and opens new ad related windows MMKeybd exeC Program Files Common Files Java Java Update jusched exeC WINDOWS system LVCOMSX EXEC Program Files Logitech Browser Redirects and opens new ad related windows Video LogiTray exeC Program Files Zune ZuneLauncher exeC Program Files USB Disk Win Driver Res EXEC Program Files iTunes iTunesHelper exeC Program Files Avira AntiVir Desktop avgnt exeC Program Files RegDefense RDFNSListener exeC WINDOWS system ctfmon exeC Program Files NETGEAR WG T wlan t exeC Program Files Microsoft Office Office OSA EXEC Program Files ATI Technologies ATI ACE Core-Static MOM exeC Program Files Keymaestro Multimedia Keyboard nhksrv exeC Program Files Avira AntiVir Desktop avguard exeC Program Files slcdrvr exeC Program Files slcdrvr exeC Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exeC Program Files Keymaestro Multimedia Keyboard TrayMon exeC Program Files Keymaestro Onscreen Display OSD exeC Program Files Avira AntiVir Desktop avshadow exeC Program Files Bonjour mDNSResponder exeC Program Files Logitech Video FxSvr exeC Program Files Common Files InterVideo RegMgr iviRegMgr exeC Program Files Java jre bin jqs exeC Program Files Common Files Protexis License Service PsiService exeC Program Files ATI Technologies ATI ACE Core-Static ccc exeC WINDOWS system svchost exec WINDOWS system ZuneBusEnum exeC Program Files iPod bin iPodService exeC WINDOWS System svchost exeC Program Files Windows Live Messenger msnmsgr exeC WINDOWS explorer exeC Program Files Internet Explorer iexplore exeC Program Files Internet Explorer iexplore exeC Program Files Internet Explorer iexplore exeC WINDOWS system msiexec exeC Program Files Trend Micro HiJackThis HiJackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Local Page R - HKLM Software Microsoft Internet Explorer Main Local Page O - BHO SnagIt Toolbar Loader - C D-C - C - -FCE AD C - C Program Files TechSmith Snagit SnagitBHO dllO - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelperShim dllO - BHO no name - C C A-E - b - D - CECB - no file O - BHO RoboForm BHO - d a - d - d - - e a - C Program Files Siber Systems AI RoboForm roboform dllO - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dllO - BHO Ask Toolbar BHO - D C F- A- -A AD- D - no file O - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dll... Read more

A:Browser Redirects and opens new ad related windows

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OKDeFogger may ask you to reboot the machine, if it does - click OKDo not re-enable these drivers until otherwise instructed.Download DDS:Please download DDS by sUBs from one of the links below and save it to your desktop:Download DDS and save it to your desktopLink1Link2Link3Please disable any anti-malware program that will block scripts from running before running DDS.Double-Click on dds.scr and a command window will appear. This is normal.Shortly after two logs will appear: DDS.txt Attach.txtA window will open instructing you save & post the logsSave the logs to a convenient place such as your desktopCopy the contents of both logs & post in your next replyScan With RKUnHookerPlease Download Rootkit Unhooker Save it to your desktop.Now double-click on RKUnhookerLE.exe to run it.Click the Report tab, then click Scan.Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.Wait till the scanner has finished and then click File, Save Report.Save the report somewhere where you can find it. Click Close.Copy the entire contents of the report and paste it in a reply here.Note** you may get this warning it is ok, just ignore"Rootkit Unhooker has detected a parasite inside itself!It is recommended to remove parasite, okay?"MBRCheckPlease also download MBRCheck to your desktop Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)It will show a Black screen with some data on it a report called MBRcheck will be on your desktopopen this reportRight click on the screen and select > Select All Press Control+Cnow please copy that report to this threadinformation and logs:In your next post I need the following1.logs from DDS2.log from RKUnHooker3. report from MBRchecker4.let me know of any problems you may have hadGringo

http://www.bleepingcomputer.com/forums/t/332363/browser-redirects-and-opens-new-ad-related-windows/
Relevancy 63.64%

Mod Edit Moved from XP to Virus Trojan Spyware and Malware Removal Logs boopmeIn the last few days both browsers Firefox and IE on my XP Prof SP system have started quot randomly quot redirecting web pages to surveys marketing pages etc of a variety of ilks XP SP3 on system Windows Pro Browser errors DNS and redirects In addition Windows update is no longer working giving me dns errors I Browser redirects and DNS errors on Windows XP Pro SP3 system ve updated my McAfee VirusScan AntiSpyware to the latest dats and run several scans over the last few days Most of the scans come up clean though it did pick up and evidently delete two items on two seperate scans New Malware lg and DNSChanger asDespite the cleaning the system is still exhibiting the problem I also updated Windows Defender to the latest signatures via a flash drive as it could not update over the net and ran a full scan but it didn t detect anything Thanks for any help you can give HiJackThis log follows Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system Ati evxx exeC WINDOWS system svchost exeC Program Files Windows Defender MsMpEng exeC WINDOWS System svchost exeC WINDOWS system S EvMon exeC WINDOWS system spoolsv exeC WINDOWS system ZCfgSvc exeC WINDOWS system XConfig exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC Program Files Bonjour mDNSResponder exeC Program Files Java jre bin jqs exeC Program Files McAfee VirusScan Enterprise EngineServer exeC Program Files McAfee Common Framework FrameworkService exeC Program Files McAfee VirusScan Enterprise VsTskMgr exeC WINDOWS system Ati evxx exeC WINDOWS system mfevtps exeC WINDOWS Explorer EXEC WINDOWS system RegSrvc exeC WINDOWS system SearchIndexer exeC Program Files McAfee VirusScan Enterprise Mcshield exeC Program Files Intel NCS PROSet PRONoMgr exeC Program Files McAfee Common Framework udaterui exeC Program Files iTunes iTunesHelper exeC Program Files Common Files Java Java Update jusched exeC Program Files Microsoft Office Office GrooveMonitor exeC Program Files Windows Defender MSASCui exeC WINDOWS system ctfmon exeC Program Files Spybot - Search amp Destroy TeaTimer exeC Program Files McAfee Common Framework McTray exeC Program Files Microsoft Office Office ONENOTEM EXEC Program Files iPod bin iPodService exeC Program Files Internet Explorer IEXPLORE EXEC Program Files Internet Explorer IEXPLORE EXEC WINDOWS system SearchProtocolHost exeC Program Files Trend Micro HijackThis HijackThis exeR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Connection Wizard ShellNext http windowsupdate microsoft com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localO - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelperShim dllO - BHO Spybot-S amp D IE Protection - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dllO - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - C Program Files Microsoft Office Office GrooveShellExtensions dllO - BHO scriptproxy - DB D A - - E -B D- F C - C Program Files McAfee VirusScan Enterprise scriptsn dllO - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dllO - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dllO ... Read more

A:Browser redirects and DNS errors on Windows XP Pro SP3 system

Hi,Download DDS and save it to your desktop from here or here or here.Disable any script blocker, and then double click dds.scr to run the tool. When done, DDS will open two (2) logs: DDS.txt Attach.txtSave both reports to your desktop. Post them back to your topic.---Download GMER here by clicking download exe -button and then saving it your desktop:Double-click .exe that you downloadedClick rootkit-tab, uncheck files option and then click scan.Don't check Show All box while scanning in progress!When scanning is ready, click Copy.This copies log to clipboardPost log (if the log is long, archive it into a zip file and attach instead of posting) in your reply.

http://www.bleepingcomputer.com/forums/t/319872/browser-redirects-and-dns-errors-on-windows-xp-pro-sp3-system/
Relevancy 63.64%

Hello! For the past few days I've been having issues with Windows Startups; first a black error screen, then sometimes a blue one. Also all day today Google has been redirecting to a "302 this page has moved" screen. I'm running Windows 7. The only action I've taken is to run Webroot, but that didn't comeup with anything. Thank you in advance.

A:Browser redirects and Windows startup issues

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download Farbar Service Scanner and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity CenterWindows UpdatePress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply.====================================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here.Be sure to restart the computer.The log can also be found here:C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txtOr at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt=============================================================================Download aswMBR to your desktop.Double click the aswMBR.exe to run it.If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".Click the "Scan" button to start scan.On completion of the scan click "Save log", save it to your desktop and post in your next reply.NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

http://www.bleepingcomputer.com/forums/t/438102/browser-redirects-and-windows-startup-issues/