Tech Problem Aggregator

Virus/Trojan Problem (Google Installer Encountered Problem Message)

Q: Virus/Trojan Problem (Google Installer Encountered Problem Message)

Ok il try to make this as brief as possilbe.

Sister clicked a stupid website link today on my laptop. Started doing weird things.

Now when i boot it up a popup appears saying google installer has encountered a problem. You know when it asks wheither to send error report or not. Now for the weird parts

It wont let me run any anti-virus removal software. I can run IE/Firefox ok. Even when i go into their folder and change the .exe filename to something like fluffy it opens them for like 5 secs and when i run the scan it closes str8 away.

Again when i search for anything on google about the problem i get a message saying my connection has been reset. Obv the virus/trojan is doing this.

Now i try to reboot in safe mode and it wont let me do it either. Im going insane here.

I cant even do a PC recovery because it says the recovery partition cannot be found.

Any ideas are most welcome

A: Virus/Trojan Problem (Google Installer Encountered Problem Message)

We Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

14 more replies
Answer Match 79.8%

My laptop had this virus/rootkit and it killed it, and now my desktop has it too. I got it even though I had anti virus software running..Behaviour of virus as follows.. 1. It launches popups which say "Google installer has encountered a problem and needs to close". They keep appearing, and clicking on 'dont send' seems to make it worse and the computer crashes or freezes. With my laptop this eventually got so bad it would only stay on for 2 minutes or so before freezing.2. Online, using any search engine or browser, it will give you your page of search results ok, but when you click on a link it redirects (in another browser tab) to a page filled with dodgy ads.3. System restore is disabled4. malwarebytes ant-malware finds 3 infections, and sometimes the problem goes way for a few minutes after reboot, then it comes back -a rootkit maybe?5. Lastly the weirdest thing is that random audio adverts will play, even with no browser running. My laptop had all this and more, and eventually had to be reformatted. So far I have tried running AVG free scan and MalWareBytes anti malware, both of which found infected items, which were healed but the problem is still there. I really need help with this - can't afford to lose this machine too!EDIT: I just ran rootkitrevealer, after reading a few other threads on here, and it found a file called UACd.sys. I googled this, and it appears to be a rootkit trojan thingy. So how do i get rid of this?

A:Google Installer has encountered a problem - virus, need help

Please post your Malwarebytes and RootRepeal results. We can go from there

3 more replies
Answer Match 98.7%

Hello,

Whenever my computer starts up, I receive a window informing me that "Google Installer has encountered a problem and needs to close." I also receive the same message about ViewMgr.exe. Whenever I leave my computer idle for a certain amount of time (I estimate it around 10 minutes, but I haven't actually clocked it) I receive another error message informing me that the Google Installer has encountered a problem.

I am running Google Chrome as my browser and have no trouble browsing the Internet, but attempting to run a scan using HouseCall doesn't ever get past the loading screens. I have tried to run HouseCall in IE as well as Firefox, but not only does the scanner fail to load in those browsers as well, but all Google results are hijacked.

Beyond that, Malewarebytes will not open and I was only able to get HijackThis up and running after a couple of renaming attempts. Any help would be greatly appreciated.

Thanks,
Aaron
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:46:28 AM, on 5/26/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
F:\WINDOWS\Explo... Read more

More replies
Answer Match 98.7%

I get an annoying "Google Installer has encountered a problem" everytime I log onto my XP machine. The only noticeable problem is that I can not run any anti Virus software. I initially had Mcafee running when I noticed I could no longer scan my machine. I tried installing Malwarebytes Anti-Malware without any success. I couldn't boot up in safe mode as well Since I've never tried booting up in safe mode, I don't know if the problem is related.

Any ideas ?
 

More replies
Answer Match 98.7%

Hi there.

My problem started Saturday with infection by Spyware Protect 2009. Finally was able to get rid of it (I think). I wasn't able to use malwarebytes cause I didn't know about the replacing the .exe file with another name. Anyway, now the pop ups for Spyware Protect 2009 have stopped but I'm getting constant popups that say "Google installer has encountered a problem and has to close." I don't have any idea what it is. AND, I can now access the internet but it is SOOOOOO slow. It is worse than when I had dial-up. It takes 5 or 6 minutes to load yahoo or google. I have tried system restore but it tells me that nothing has changed since that restore point even though I went back two months. Any help will be appreciated.

A:Google installer has encountered a problem...

Do you have Google Chrome?

8 more replies
Answer Match 96.6%

I've been dealing with this problem for a while. Seems i have spyware, virus, etc that i can't get rid of. Problems: popups stating "Google installer says they encountered a problem"; popup stating "viewpoint says they encountered a problem"; not able to get updates from MS, can't login to site; can't access a number of sites you all recommend--seem as the virus is blocking access to these sites to protect itsself. I use IE as my browser and it starts out pretty good after a reboot but slows considerably the longer it stays on.

I would appreciate any help you gives can give! Below is the Hijackthis log
Logfile of HijackThis v1.99.1
Scan saved at 06:59:19, on 12/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINNT\System32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINNT\System32\ezSP_Px.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\QUICKENW\QAGENT.EXE
C:\WINNT\system32\PROMon... Read more

More replies
Answer Match 96.6%

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 7:37:05 PM, on 1/18/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\WINDOWS\V0230Mon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Prog... Read more

A:help me with this problem. Unable to run antivirus,Google installer has encountered.

Hi and welcome to TSF

Please follow our pre-posting process outlined here:
http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, please post the requested logs in the Virus/Trojan/Spyware Help forum, not here.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.


BG

1 more replies
Answer Match 96.6%

Hello,I recently started receiving a Microsoft Error message indicating that my Google Installer Has Encountered a problem and needs to close.I did some research and decided to run the Windows Live OneCare Safety Scanner on my computer. After I ran the Safety Scanner - link http://onecare.live.com/site/en-us/center/howsafe.htm, I had several issues that were detected and cleaned. Unfortunately, there were 3 that could not be cleaned by this product. They are the following:Severe - TrojanClicker:ASX/Wimad.gen!KMedium - Adware:Win32/ClariagainMedium - Adware:Win32/Clariagain.BSince these issues are not able to be removed and I am still receiving the Google Installer Error message every 30 minutes or so, can you please assist? I am not sure of the severity of the Virus and want to ensure that my information is protected.Thanks in advance for your help.

A:ASX Wimad.exe Clariagain Google Installer Has Encountered a Problem

Welcome to BCThe process of cleaning your computer may require you to temporarily disable some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware Free version and save it to your desktop.NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finishe... Read more

3 more replies
Answer Match 94.5%

Hi there! I think there's something wrong with my computer. Every 2-5 minutes or so, i get a pop up saying that "Internet Explorer has encountered a problem and needs to close. We are sorry for the inconvenience." The funny thing is -- i was not using Internet Explorer at all. I'm using firefox. When I first started firefox, a pop up similar to the one with Internet Explorer popped up, but when ignored it firefox worked fine. When i start my computer, there is a google installer popup. After an hour or so, my computer would freeze up and i would have to restart it. I ran a symantec Antivirus Scan earlier today and no viruses/threats were found. I also ran MalwareBytes and two detections were found (rebooted computer to clear it). This happened today after i ran the scans. Yesterday, i had a problem with the fake Antivirus adware; which is now taken cared of.When i clicked the error report for the Internet Explorer pop-up:AppName: iexplore.exeAppver: 8.0.6001.18702ModName: unknownModver:0.0.0.0Offset: 00ee1626Google Installer:AppName: googleupdate.exeAppVer: 1.2131.7ModName: googleupdate.exeModVer: 1.2131.7Offset: 00006eefFirefoxAppName: firefox.exe AppVer: 1.9.0.3642 ModName: unknownModVer: 0.0.0.0 Offset: 00da1626My DDS log:DDS (Ver_09-12-01.01) - NTFSx86 Run by Windows at 22:44:59.10 on 01/10/2010 SunInternet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13Microsoft Windows XP Professional 5.1.2600.2.936.86.1033.18.703.69 [GMT -5:0... Read more

A:Internet Explorer/Firefox.exe/Google Installer: has encountered a problem and needs to close.

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No inp... Read more

21 more replies
Answer Match 86.52%

I'm receiving an error message: "Google Installer has encountered a problem and needs to close" and "View Mgr has encountered a problem and needs to close" messages. Additionally, my google chrome started crashing frequently.

Also, just a few hours ago I returned to my computer and it sounded like a radio talkshow broadcast was playing in the background.

Below is my HiJackThis log. Would really appreciate any help. Thank you.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:14:44 PM, on 3/25/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.ex... Read more

A:"Google Installer has encountered a problem and needs to close"

8 more replies
Answer Match 86.52%

I'm receiving an error message: "Google Installer has encountered a problem and needs to close."

Also, audio advertisements keep playing in the background. I have been stopping them by ending the process iexplorer.exe from my Task Manager.

I also tried downloading Malwarebytes and ComboFix. When I tried to install either, the installation failed. Malwarebytes failed when the installation was unpacking files. ComboFix seemed like it never began. When I opened my taskmanager, the programs were running, but neither would actually appear.

I also have an older version of Malwarebytes on my desktop from a previous issue. That also would not start.

Below is my HiJackThis log and GooredLog. That is all that would fit in my initial post, so I'm going to reply with my GMER results. Would really appreciate any help. Thank you.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:01:26 PM, on 9/9/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.ex... Read more

A:"Google Installer has encountered a problem and needs to close"

9 more replies
Answer Match 80.22%

Hi guys,
I just receive this stupid popup: Windows installer have encountered a problem and needed to close.
When I click on view technical information, the Modname is msi.dll. I tried replacing this file from another machine but it says that it's being in used. Please help me cuz i can't even install MS office (I just do a clean install a few days ago).
Any help would be appreciated.
Thanx

A:Windows installer encountered a problem... Help!!

my windows server 2003 is disable

1 more replies
Answer Match 80.22%

I'm trying to install some software that I need urgently but every time I try I get a 'windows installer has encountered a problem and needs to close.'

The setup file is legitamate - downloaded from the company website and I know that a colleague of mine has been able to install it without any problems.

I have tried...
1. Typing msiexec /unreg then msiexec /regserver in run.
2. I've installed updates - including version 4.5 of windows installer.
3. I downloaded 'Windows install clean up' but the program I've been trying to install isn't listed so I haven't done anything with this.
4. I tried examining the status of windows installer in services (msconfig, services) but windows installer is not listed!

So I'm at a loss. I have never had a problem installing anything before.

Any help would be much appreciated.

More replies
Answer Match 79.8%

I'm having popup problems with something that comes up in a browser window showing login.tracking101 or something close to that. I've gone through the preparation section on this forum but I can't seem to do the download stuff due to a Windows Installer Error. I've read about this error and checked my Registry to see that /v was there in the Hkey Local Machine Control Set (hope you guys know what I'm talking about cause I'm not sure...lol) Anyway I have two Control Sets 001 and 002 and I checked both of them according to directions at MS. Anyway hopefully this HJT log will show what's going on there as well. So seems I have two problems that I know of and likely more, here is my log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:29:33 AM, on 3/25/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeC:\WINDOWS\System32\snmp.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\akcvbk.exeC:�... Read more

A:Trojan, Virus? Hjt Log And Windows Installer Problem

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Please download ComboFix and save it to your desktop.Prior to running Combofix.exe you should disable your antivirus program and disconnect from the internet.Double click combofix.exe and follow the prompts.When it's done running it will produce a log for you. Please post that log in your next reply.Important Note - Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

8 more replies
Answer Match 78.54%

I have a game. The problem is that i can only play it for sometime. After sometime an error message appears stating game.exe has encountered a problem and needs to close. We're sorry for in inconvenience. It happens every time i open it.

Game - Mad Cars

System Requirement of the game

Processor - Pentium lll 500 MHz
Graphic Card - 32MB graphic card
Ram - 256MB Ram
OS - Windows 95/98/XP

I have it.
It's not the problem with requirements.

This is the report in Event Viewer

Event Viewer Details -

Description-
Faulting application madcars.exe, version 0.0.0.0, faulting module madcars.exe, version 0.0.0.0, fault address 0x0006f3d1.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data - Bytes

0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 6d 61 64 ure mad
0018: 63 61 72 73 2e 65 78 65 cars.exe
0020: 20 30 2e 30 2e 30 2e 30 0.0.0.0
0028: 20 69 6e 20 6d 61 64 63 in madc
0030: 61 72 73 2e 65 78 65 20 ars.exe
0038: 30 2e 30 2e 30 2e 30 20 0.0.0.0
0040: 61 74 20 6f 66 66 73 65 at offse
0048: 74 20 30 30 30 36 66 33 t 0006f3
0050: 64 31 0d 0a d1..

Data - Words
0000: 6c707041 74616369 206e6f69 6c696146
0010: 20657275 64616d20 73726163 6578652e
0020: 302e3020 302e302e 206e6920 6364616d
0030: 2e737261 20657865 2e302e30 20302e30
0040: 6f207461 65736666 30302074 33663630
0050: 0a0d3164

HELP..

Thanks..
 

More replies
Answer Match 75.18%

Hi,

I've started getting this c.exe has encountered a problem message today and needs to close. we are sorry for the inconveience.

Would anyone know what I can do about correcting this?
Thanks in advance for any help of this subject

Basil

A:c.exe has encountered a problem message

I just thought about this problem and I'm gong to use the system restore and go back in time before this message started poping up .....I'm keeping my fingers crossed that it will work.

3 more replies
Answer Match 74.34%

Hello Bleeping Computer,Having removed a particularly stubborn version of 'virtumode' with excellent help here from Teacup61 my system was clean...clean.I uninstalled Norton IS and then used the Norton Removal Tool - no problems.Next I ran an XP Disk Defrag - no problems.Then I tried to install Norton IS 2007 from a known good 3-user CD.When the CD autoplays the NIS Install panel comes up OK.I choose install...and then immediately get a box up saying"Setup stub has encontered a problem and needs to close...Please tell Microsoft etc...etc"I click Don't Send and it carries on installing.Then when it's mostly done the same message box pops up"Setup stub has encontered a problem and needs to close...Please tell Microsoft etc...etc"I click Don't Send...and the installation aborts and I'm left with a part installed NIS product.I have then used Norton Removal Toool to remove it.Tried to re-Install but exactly the same thing happens.Next I downloaded AVG and tried to install that - same problem except that the program in the message is the AVG exe.I have looked all over and found the drwtsn32.log which contains the data shown at the end of this post each time I try and install.I have re-registered msi installer at 3.1 - no change.I have run sfc /scannow - no change.I have tried going back with system restore - no change.MalwareBytes Anti Malware runs clean.Hijack This log is clean.Any help or advice would be much appreciated please.Many Tha... Read more

A:Xxx.exe Has Encountered A Problem - Message On Any Install

Try removing it again. Then download the Windows Installer Cleanup Utility Open it and check the boxes that refer to AVG or Norton and run it. Then try redownloading the AV program again.

14 more replies
Answer Match 73.5%

Hi,
I have a website hosted by Yahoo Geocities and just recently when I am updating my site in the yahoo pagebuilder, I get this message...

Internet Explorer has encountered a problem with an add-on and needs to close. The following add-on was running when this problem occured. File-msjava.dll

The only option is to click 'ok' which then closes down I.E. completely. Geocities requires java to run and I only get this error when I am working on my site, never when just surfing the net etc. I havn't changed any java settings and it has always worked before.
I have run Ad-aware and spybot and also done a full system scan, cleansweep and one button check-up with Norton.
Thanks for any advice, and sorry if I posted this in the wrong section.
Lisa.

A:msjava.dll error message IE has encountered a problem.....

They recently updated page builder so you will need to update IEs java runtime enviroment to work with pagebuilder.


or you can just download Firefox.

2 more replies
Answer Match 72.66%

This happens occassionally and is annoying. IE7 runs ok. I`m on Windows XP Home Edition sp2. I see solution for IE6 but not for IE7. Any clues
 

More replies
Answer Match 72.66%

reeiving error message lik MSIEXEC.exe has encountered problem when m tring to install a new thing...............i was going to install sweetimsetup and before that winzip11..............but its not allowing me to setup any new applications...................plz help me as soon as possible.............

A:reeiving error message lik MSIEXEC.exe has encountered problem

Hello darshan28687

This is a Windows Installer error

Here are a couple of thing to try for a start

1. On the "Start" menu, click "Run:.

2. In the "Open" box, type "msiexec /unreg", and then press ENTER.

3. On the "Start" menu, click "Run".

4. In the "Open" box, type "msiexec /regserver", and then press ENTER.

If that does not help try reinstalling it
http://www.microsoft.com/downloads/d...displaylang=en

1 more replies
Answer Match 72.66%

When attempting to click on certain links or open attachments, the error message saying that "IE has encountered a problem and must shut down" occurs. At other times, programs will freeze up. I have disabled toolbar add-ons, and that was no help. I used Easy Cleaner to clean registy and to delete unnecessay files. There was a .tmp file that would not delete. I did not find that file using Autoruns.

I would very much appreciate any help you have to offer.

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Charles Moehring at 17:27:17.26 on Sun 04/10/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.512.132 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Yahoo!\Common\YMailAdvisor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sony\Giga Pocket\... Read more

A:Constantly getting error message saying IE encountered a problem and must shut down

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

2 more replies
Answer Match 72.66%

Hello,

I bought my daughter a cd software game SpongeBob Squarepants the Movie, but after I installed it and clicked on the icon to play (or rather she did), we got an error message that said, "sb4.exe has encountered a message and needs to close." From advice, I updated the video card driver but upon downloading the driver from Sis, I was not able to install it, getting two error messages. The first said, "Update driver for Plug and Play Device: Error", and the second driver I tried said, "File invalid or corrupted". The first was for Nt/XP and the other was for just XP (I tried each of them). I tried to download each drivers again, but same message.

Unfortunately, Sis does not offer any tech support to end users.

I am running XP Pro with 240 of RAM. I wasn't sure what else to include so I pasted my dxdiag file, following.

Thanks so much

------------------
System Information
------------------
Time of this report: 1/4/2006, 16:35:44

Operating System: Windows XP Professional (5.1, Build 2600) Service Pack 2 (2600.xpsp_sp2_gdr.050301-1519)
Language: English (Regional Setting: English)
System Manufacturer: Matsonic
System Model: MS8308E
BIOS: Version 1.00
Processor: AMD Duron(tm) Processor, MMX, 3DNow, ~1.3GHz
Memory: 240MB RAM
Page File: 234MB used, 278MB available
Windows Dir: C:\WINDOWS
DirectX Version: DirectX 9.0c (4.09.0000.0904)
DX Setup Parameters: Not found
DxDiag Version: 5.03.2600.2180 32bit Unicode

------------
DxDiag N... Read more

A:SpongeBob the Movie has encountered a problem and needs to close message

Try this one or this one.

Also try reinstalling DirectX as the log says that Direct3d is not available.
 

2 more replies
Answer Match 72.24%

Wasn't sure if I was supposed to start a new topic to reply to your reply. I posted it as a reply on the existing topic as well as started a new one here. Please let me know the correct way to post a reply to one. I apologize if I am doing this incorrectly as a new member. Thank you.Thank you for your reply. I have installed and run Ewido Security Suite. Here are the logs you asked for:Logfile of HijackThis v1.99.1Scan saved at 9:28:31 PM, on 5/22/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\PackethSvc.exeC:\Program Files\Common Files\Acronis\Schedule2\schedul2.exeC:\Program Files\Compaq\Compaq Advisor\bin\compaq-rba.exeC:\Program Files\Common Files\Real\Update_OB\evntsvc.exeC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\WINDOWS\system32\Smtray.exeC:\WINDOWS\system32\pctspk.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\... Read more

A:Windwos Explorer Has Encountered A Problem And Must Close, Dr Watson Has Encountered A Problem And Must Close, Problem Occurs W...

Please continue in this thread. http://www.bleepingcomputer.com/forums/t/53295/windwos-explorer-has-encountered-a-problem-and-must-close-dr-watson-has-encountered-a-problem-and-must-close/Thanks.

1 more replies
Answer Match 71.82%

I have a Gateway Notebook (model 6020GZ) that runs Windows XP Home Edition. Microsoft Works 8 came pre-installed on the system. I recently started using the calender/reminder feature in Microsoft Works 8. It worked fine for several weeks, then I began to get the error message: Microsoft Works 8 has encountered a problem and needs to close

Details are: App Name: wkscal.exe App Ver: 8.4.623.0
Mod Name: wkscalac.dll
Mod Ver: 8.4.623.0 Offset: 00066736

I have gone to support.microsoft.com. and located the page that I believe would help me fix the problem, which they say is caused by either the mswkscal.wcd file is corrupted - or - the calendar file has reached a large size (which I don't think applies to me).

Microsoft's resolution includes removing Microsoft Works 8, running the Windows Installer CleanUp Utility, then re-installing Works 8.

My dilemma is I don't have a disc to reinstall. I have contacted Gateway, and they told me I needed to contact Microsoft Support. Microsoft Support tells me that since the software came pre-installed, they can't help me, and I need to contact Gateway - Do you see where this is going?

I do not want to uninstall Works 8 until I am sure I will be able to re-install it. Is there a download to re-install Works 8 or a patch that will fix the problem?

Any information would be greatly appreciated!
 

A:Error Message : Microsoft Works 8 has encountered a problem and needs to close

I have this same issue on my HP desktop computer. I can open and use the spreadsheet application in Microsoft works but not the word processing software. I do not have a disk to reinstall works - help please!
 

2 more replies
Answer Match 71.82%

HELP!!!
I desperately need help to fix my windows XP service pack 2 machine.
I have been getting the error "windows explorer has encountered a problem and needs to close..." everytime I try to access files or folders on my desktop.
I have run several virus, anti-spyware, and anti-malware programs, as well as bug fixes and registry mechanics to try to fix my computer.
The only thing I have left is to ask for help.
Here is my hijackthis logfile for someone to help me!!

Logfile of HijackThis v1.99.1
Scan saved at 1:58:16 PM, on 12/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\OneStepSearch\one... Read more

A:HELP!! error message: windows explorer has encountered a problem and needs to close.

You've definitely got some nasty malware on your system there. Please click on and follow the directions in the 5 Steps link in my signature below to scan your system for malware and to post a Deckard's System Scanner log in the HijackThis forum section. Unfortunately we cannot advise about HijackThis logs in the XP section.

As far as the explorer error, if you have a Windows XP CD you can insert the cd and then go to Start > Run and type "cmd" w/o quotes. Then type in "sfc /scannow" without quotes to run the Windows File Checker. It will check the system files on your PC and if they have been altered they will be replaced with a copy from your XP cd.

Definitely follow the 5 steps link in my signature below though. You've got some nasties on your system.

BMR777

1 more replies
Answer Match 71.82%

This is happening after i've run adaware, spybot, norton full system scan. after rebooting the problem still persists. the error signature when trying to open IE is AppName: iexplore.exe AppVer: 6.0.2900.2180 ModName: unknownModVer: 0.0.0.0 Offset: 0014072fLogfile of HijackThis v1.99.1Scan saved at 02:50:29, on 13/06/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\HPQ\IAM\bin\asghost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\AGRSMMSG.exeC:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exeC:\Program Files\Java\jre1.5.0\bin\jusched.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\WINDOWS\system32\dla\tfswctrl.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\HPQ\Quick Launch Buttons\EabServr.exeC:\Program Files&... Read more

A:I Keep Getting The Message "internet Explorer Has Encountered A Problem And Needs To Close. We Are Sorry For The Inconveni...

Hi philnorv and Welcome to the Bleeping Computer!Download GMER from HereRight Click the Zip and Select "Extract All"Double Click gmer.exe to launch the program.Click on the Rootkit Tab and then click Scan.It takes a while to run,once complete,copy the results to notepad and save them somewhere safe.Post those results in the next reply.

1 more replies
Answer Match 70.98%

Hello,

During download of movies using bit torrent 6, I started getting this problem mentioned below.
"Google installer encountered a problem & needs to close. Please Contact Microsoft " This message appeared after every hour. Adobe stopped functioning altogether. The moment I open a file, I get the message -
"Adobe 9.0 has encounterd a problem and needs to close, Please contact Microsoft" and Adobe closes.
I normally use chrome along with Firefox as my browser. Occasionally I also started getting this message -
"IE has encountered a problem and needs to close, Please contact Microsoft.

I use norton antivirus and check my drive after every download to see if there is any malware in the system. This time I didn't and watched the movies instantly. I also watched a movie online directly on the website and from then on I have been having the problem as mentioned above.
I was able to run Norton Antivirus Corporate Edition and Spybot which was already installed on my computer. I was also able to download other antivirus software to identify this problem. I downloaded CCleaner, Avast antivirus, Ad-Adware to identify the source of the problem. Avast Antivirus did find some viruses especially Trojans at startup and was deleted. But after the antivirus run and XP loads up, the problems still persisted. Avast antivirus has a memory scan and from that I realized that there was more viruses in memory which were not detected and deleted. In the meantime... Read more

A:Adobe closes with the message - encountered a problem & needs to close. Please Contact Microsoft

Hello ...Please post your last infected Malwarebytes scan log.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.Please run one more tool.Next run ATF and SAS:Note.. SAS doesn't open the registry hives for other user accounts on the system, so scans should be done from each user account.Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".From your regular user account..Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..DO NOT run yet.Open SUPER from icon and install and Update itUnder Scanner Options make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.Now reboot into Safe Mode: How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows X... Read more

7 more replies
Answer Match 68.46%

I'm running Windows 2000 Professional
I wonder if anyone can help me before I deposit my computer in the loch

After downloading updates for Spyware Doctor I ran a complete scan of my PC. I asked it to fix all of the problems it had found. It 'told' me that I wold need to restart my computer. This I duly did, but as the computer was shutting down a Windows Installer box appeared briefly. On restarting, the box appeared again. Apparently it was trying to install HP Brio Management Agent WMI. However I then got the message: -

'The feature you are trying to use is on a network resource that is unavailable'

'Click OK to try again or enter an alternative folder containing the installation package 'HP Brio Management Agent WMI.msi' in the box below'
In the, Use source, box below was C:/Documents and Settings\Default User\_is44F\

After clicking OK to try again I got the message: -

'Error 1706 No valid source could be found for product HP Brio Management Agent WMI. The Windows Installer cannot continue'

Everytime I start up, or connect to the internet, or open another page I get the Installer thing all over again! It will eventually 'cancel' but is very persistent - I would really appreciate some feedback

Thanking you in anticipation.

Hell's Fairy

A:error message 1706 Problem with Windows Installer

It's OK everyone - computer is not laying at the bottom of the loch, but working sweetly I downloaded a Windows Installer Cleanup Utility from http://support.microsoft.com/default.aspx?...kb;en-us;290301and this seems to have done the trick - just thought I'd post this in case anyone else might have/be having a similar problem.Thanks for letting me get it out of my system anyway!!Love, Hells fairy

2 more replies
Answer Match 68.46%

Twice in about the last two weeks, I have encountered the following set of circumstances in different locations with people who don't know each other. Anyone know of a virus going around that might be causing this:
The user states it was running fine when they left it (left it on).
When the user returned, the computer was displaying a black POST screen with a message (words to the effect) indicating the system cannot find the boot sector.
Examination of the hard disk indicates there are no partitions
Data recovery programs find absolutely nothing on the active partition and only a very few unrecoverable file (names) in the system recovery partition.
To be clear, it is as though the active partition has been zeroed.
 

A:Encountered this problem twice, different places--virus??

6 more replies
Answer Match 68.04%

Having some trouble - followed as much as possible from previous posts ...

Running XP - SP3
Computer running VERY slow today - eventually started to pop up warnings ...
"google installer has encountered a problem ..."

System restore does not work (ie nothing happens)
MBAM & SAS do not work
(MBAM - nothing happens)
(SAS - windows error - has to close)

Tried starting in safe mode - does not work.

Reboot to last known good configuration.

"google installer has encountered a problem ..."

Ran SAS from "Alternate Start"
190+ tracking cookies - nothing else.
Removed.

Can't install MBAM (even with renaming)
Can't delete MBAM either.

Ran RKILL

Able to install MBAM (from renamed file)
Didn't ACTUALLY install or update

Ran RKILL again.

Able to install & update MBAM
Ran SCAN (log follows)

3 items detected and removed.

At reboot, computer "seemed" back to normal ...

... but, couldn't open or run MBAM.

Ran RKILL again.

No change.

Still can't use safe mode.

Reboot to last known good configuration.

"google installer has encountered a problem ..."

And we're going around in circles.

Here's the log that MBAM ran ...

--------------------------------------------------------------------------------------------------------------------------------------------

Malwarebytes' Anti-Malware 1.43
Database version: 3499
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

1/5/2010 11:4... Read more

A:"Google Installer" Malware Problem

Hello sorry you were lost in the pile. We have been just swamped. Let's try one or two more. Looks like you have an active rootkitDo you have safe mode yet? If not use normal. Try the SAS repair tab again now that some Malware is gone.Rerun MBAM (MalwareBytes) like this:Open MBAM in normal mode and click Update tab, select Check for Updates,when doneclick Scanner tab,select Quick scan and scan (normal mode).After scan click Remove Selected, Post new scan log and Reboot into normal mode.Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible. Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.Please download Dr.Web CureIt and save it to your desktop. DO NOT perform a scan yet.alternate download linkNote: The file will be randomly named (i.e. 5mkuvc4z.exe).Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".Scan with Dr.Web CureIt as follows:Double-click on the randomly named file to open the program and click Start. (There is no need to update if you just downloaded the most current versionRead the Virus check by DrWeb scanner promp... Read more

17 more replies
Answer Match 67.62%

A few weeks ago, it seems I got a Google redirect virus. I've run Avira (Free), Windows Defendrr, SpyBot, Malwarebytes, and AdAware. I've also been running the free ZoneAlarm firewall for more than a year. I really think that this all started a month or so when ZoneALarm detected something and I MISTAKENLY clicked "Accept" rather than "Deny." The problem has not been resolved. In fact, it seems like it may slowly be getting worse. My computer is freezing up (becoming compltely unresponsive) more and more often. My whole computer is running unusually slow now. After about 30-60 minutes of use, I seem to now be getting an error message: "Generic host process for win32 services has encountered a problem and needs to close." I can try to ignore this for a while. Once I click on it, it makes my sound card stop working, and the volume controls unresponsive. It also makes my networking processes (i.e. if I want to choose a different wireless network) unresponsive). The only way to get them back is to restart, and use them for 30-60 minutes until the same error pops up.I really want to fix this, but I'm really hoping that I won't have to reformat my drive and start from scratch. I've heard about HijackThis for years -- never used it. I've downloaded it, but, following the instuctions of the form, it seems that this is not desired/requested for now. I've followed the "Preparation Guide" for the forum and dowloaded and run DDS. I also tried to run a GREM Log -- I've att... Read more

A:Google Redirect & "Generic host process for win32 services has encountered a problem and needs to close"

Hello odonnela, My names Syler and I will be helping you to solve your malware issues.Please note we are very busy, so if I don't hear from you within 5 days the topic will be closed, If you have since resolved your issues I would appreciate if you would let me no so I can close this topic.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Under the Custom Scans/Fixes box at the bottom, paste in the following bold text.%systemroot%\system32\*.dll /lockedfiles%systemroot%\Tasks\*.job /lockedfiles%systemroot%\System32\config\*.sav%systemroot%\*. /mp /s%SYSTEMDRIVE%\*.exenetsvcsmsconfigdrivers32CREATERESTOREPOINTPush the button.Two reports will open, copy and paste them in a reply here:OTL.txt Will be openedExtra.txt Will be minimizedPlease follow these instructions to disable any CD Emulation programs using DeFogger.Download and Run MBR Rootkit Scan Please download MBR Rootkit Detector and save it on your desktop. Go to Start >> Run then copy and paste the following line into the run box"%userprofile%\desktop\mbr.exe" -t Select Run when you recieve a Security Warning The process is automatic, a black DOS window will appear and disappear suddenly. This is normal. A log file will the be created on your desktop where you ran mbr.exe from. Copy and paste the contents of mbr.log on your next reply.Then ... Read more

8 more replies
Answer Match 67.62%

Trying to help a co-worker with these issues;

Started out with the Google redirects now;
"svchost.exe-Application Error" The instruction at 0x001a61ae referenced memory at 0x00000000. The memory could not be written.

Click OK to terminate the program.
Click CANCEL to debug the program.

While this error message was popping up the machine was pretty much non-usable, I couldn't get 'task manager' to work, I couldn't 'right' click on "my computer", sometimes clicking 'start' didn't do anything, the pc would just lock up just the mouse would move around.

After doing some research I found some suggestions to "turn off" MS Automatic Updates, then "manually" run MSUpdates; Which I did and that seemed to have fixed the 'svchost.exe errors'. They weren't coming back and I was able to continue using the machine.

Malewarebyte wouldn't run (installed), I couldn't install Spybot S&D or Superantispyware. I had to change the names of the executable files to get them to install AND to get them to run.
Malewarebytes did find 3 different things; one of them was a DNS Name Server changer, which temporarily fixed my Google redirector.
Spybot found some type spyware, Coupon bar, etc. and Superantispyware didn't find anything (ran that last, 3rd).

Although these found some items I still couldn't get the correct 'executable' files for Malewarebyte, Spybot and Superantispyware... Read more

A:google redirects, svchost.exe - app error, generic host process win32 encountered problem

I have since returned this machine back to it's owner. They were getting impatient with waiting.

I'm sorry if anyone spent any time trying to figure out what this might have needed.

I did run TDSSKiller and it did fix a majority of the issues; The svchost popup error is gone along with the generic host process error.
I am now able to run all my anti-virus and anti malware products with out any problems.

Here is the log from the TDSSKiller for anyones reference;
2010/10/26 21:35:44.0214 TDSS rootkit removing tool 2.4.5.1 Oct 26 2010 11:28:49
2010/10/26 21:35:44.0214 ================================================================================
2010/10/26 21:35:44.0214 SystemInfo:
2010/10/26 21:35:44.0214
2010/10/26 21:35:44.0214 OS Version: 5.1.2600 ServicePack: 3.0
2010/10/26 21:35:44.0214 Product type: Workstation
2010/10/26 21:35:44.0214 ComputerName: ROBOCLOSER
2010/10/26 21:35:44.0214 UserName: HP_Administrator
2010/10/26 21:35:44.0214 Windows directory: C:\WINDOWS
2010/10/26 21:35:44.0214 System windows directory: C:\WINDOWS
2010/10/26 21:35:44.0229 Processor architecture: Intel x86
2010/10/26 21:35:44.0229 Number of processors: 1
2010/10/26 21:35:44.0229 Page size: 0x1000
2010/10/26 21:35:44.0229 Boot type: Normal boot
2010/10/26 21:35:44.0229 ================================================================================
2010/10/26 21:35:44.0589 Initialize success
2010/10/26 21:35:48.0901 =====================================================... Read more

2 more replies
Answer Match 67.62%

Need help. I searched for a thread on this...please redirect me if there is one. I belive the pc is infected. McAfee virus scan will not run "scanning has encountered a problem". I tried using other tools but this virus seems to block them from use. I am not much of a tech guy but you guys were able to help me in the past...which was awesome. Sure would appreciate some help before I cave and do a reinstall.

Thanks
Dave
 

A:Probable Virus - Scanning has encountered a problem

10 more replies
Answer Match 67.62%

Need help. I searched for a thread on this...please redirect me if there is one. I belive the pc is infected. McAfee virus scan will not run "scanning has encountered a problem". I tried using other tools but this virus seems to block them from use. I am not much of a tech guy but you guys were able to help me in the past...which was awesome. Sure would appreciate some help before I cave and do a reinstall.

Cannot run Hijack this..when I tried to it shut down, when I try to er-run I get an error message "Windows cannot access the specified device, path, or file. You may not have the appropriate permission to access the item."

I even installed in Safe Mode and tried to run it, same result. Would surely appreciate anu help.

Thanks,
Dave
 

A:Probable Virus - Scanning has encountered a problem

Was able to run Symantec online scan. Results were:

Virus Status: Infected!
Your computer is infected with at least one known threat.
Virus Status: Unknown
The Scan was unable to determine your vulnerability status.
184950 files scanned, 15 file(s) infected on your disk drives.
No viruses were detected in memory.

Your computer is free of known threats. Virus Detection does not check compressed files.

Your computer appears safe for now. For real-time protection from viruses, hackers and privacy threats, upgrade to Norton Internet Security™.

No viruses were detected in memory.

The scan was cancelled before finishing. To restart the scan, click here.

Your computer is free of known threats. Virus Detection does not check compressed files.

Your computer appears safe for now. For real-time protection from viruses, hackers and privacy threats, upgrade to Norton Internet Security™.

Search for the name of the threat(s) listed below on the Symantec Security Response site for removal information.

Warning! The scan detected a virus that is active in your computer's memory.
The scan ended to prevent further infection.

You should shut down your computer immediately and restart it with an antivirus rescue disk or similar tool.
No viruses were detected in memory.

Your computer is infected with at least one known virus or Trojan horse.

Search for the name of the threat(s) listed below on the Symantec Security Response site for removal information... Read more

2 more replies
Answer Match 66.36%

Was told by HP support to run AdAware, CW Shreeder and Spy Subtract. Problem persisted. Ran SpyBot search & destroy which didn't fix the problem. Here is my Hijack this log. I am also experiencing at times that Standby mode can not occurr due to some device driver. The screen is frozen. I reboot. Go to desktop screen saver, hit apply, ok and it is fine until it happens randomly.Hope you can help.Randy BreyerLogfile of HijackThis v1.99.1Scan saved at 10:46:53 PM, on 5/21/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\PackethSvc.exeC:\Program Files\Compaq\Compaq Advisor\bin\compaq-rba.exeC:\Program Files\Common Files\Real\Update_OB\evntsvc.exeC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\WINDOWS\system32\Smtray.exeC:\WINDOWS\system32\pctspk.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\Compaq\Easy Access Button Support\StartEAK.exe... Read more

A:Windwos Explorer Has Encountered A Problem And Must Close, Dr Watson Has Encountered A Problem And Must Close

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Please download Ewido Security Suite it is a trial version of the program.Install ewido security suiteWhen installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".Launch ewido, there should be an icon on your desktop double-click it.The program will now go to the main screenYou will need to update ewido to the latest definition files.On the left hand side of the main screen click updateThen click on Start UpdateThe update will start and a progress bar will show the updates being installed.If you are having problems with the updater, you can use this link to manually update ewido.http://www.ewido.net/en/download/updates/Once the updates are installed do the following:Click on scannerClick on Complete System Scan and the scan will begin.While the scan is in progress you will be prompted to clean files, click OKWhen it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK.Once the scan has completed, there will be a button located on the bottom of the screen named Save reportClick Save report.Save the report .txt file to your desktop.Now close ewido security suite.Reboot your computer and post a new hijackthis log and the log from Ewido.

27 more replies
Answer Match 66.36%

I believe I have a virus these are the symptoms i am experiencing and what I have tried so far:-

1. I am having problems using google, sometimes when I click on results they go to another page, sometimes it decided i am not connected to the internet when I know I am.

2. I started by trying to run Malwarebytes but this would not open, then the same problem occurred with Spybot, it wont open.

3. I tried to scan with Trend Micro but the virus has prevented Java from working and so Trend does not work.

4. Tried to do a system restore but that says the drive failed during the restore.

5. AVG does not find any viruses when scanned.

6. Computer will not hibernate, it goes to blackscreen and then back to the desktop.

7. I managed to get Malwarebytes working by renaming the file from mbam.exe to mbam1.exe but now it freezes is not responding about halfway through the scan, have also told it not to scan registry items but it still freezes. Also after it has frozen it will not close even by trying to end the process.

So they are my problems can anyone help? Thanks

A:Virus, google problem, Malwarebyte problem, Spybot problem, etc

Try this scan. You can copy it over from another computer on a CD or pen drive if you need to.Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible. Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.Please download DrWeb-CureIt and save it to your desktop. DO NOT perform a scan yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".Scan with Dr.Web CureIt as follows:Double-click on drweb-cureit.exe to open the program and click Start. (There is no need to update if you just downloaded the most current versionRead the Virus check by DrWeb scanner prompt and click Ok where asked to Start scan now? Allow the setup.exe to load if asked by any of your security programs.The Express scan will automatically begin.
(This is a short scan of files currently running in memory, boot sectors, and targeted folders).If prompted to dowload the Full version Free Trial, ignore and click the X to close the window.If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All. (This will move any detected f... Read more

1 more replies
Answer Match 65.52%

Hello!

I have been getting a really annoying error lately every time I reboot.

The error message "Windows Explorer has encountered a problem and needs to close. We are sorry for the inconvenience" appears a few minutes after start-up.

I click "To see what data this error report contains, click here." and it shows this:

AppName: explorer.exe AppVer: 6.0.2900.3156 ModName: ws2_32.dll
ModVer: 5.1.2600.2180 Offset: 0000664d

I have run Spybot S&D, Ad-Aware Professional and Trend Micro OfficeScan but i still get the problem whenever I restart my computer.

Although my windows seems to be working properly after I click "don't send report" (due to restore settings?), the error message annoys me every time i restart my computer.

What shall I do to repair the problem? Please let me know if you need my HJT log. Thank you and I hope to hear from you soon!

Kaye

A:Start-up error message: "windows has encountered a problem & needs to close"

The next time the error dialog opens, use [Details] to get the exact Error Code and description.

Now see: Windows System Error Codes

You should bookmark the above site AND Microsoft Stop (BSoD) Codes

2 more replies
Answer Match 65.52%

I don't know what in the world I did. I did open an email link that went to youtube and showed a video of a Christmas flash mob. I also searched for articles comparing hand washing to using hand sanitizer. Then I tried to stop programs on start-up by logging on as administrator (even though my regular account has administrative privileges it wouldn't let Some stop stuff from starting up). In any case, now I have a redirect virus (not necessarily just in google). It redirects unless I can copy the address into the address bar. Pop-ups are coming up - some with an innocent listing of other websites and some that look, well, let's just say bad. I also have an Internet Explorer error message popping up constantly whether internet explorer is open or not. It says "Internet Explorer has encounted a problem and needs to close. We are sorry for the inconvenience." But it never closes anything. Finally, I can't read the body of my yahoo emails anymore. I see there are emails. I'm looking at the listing, but I can't see the body either in the preview space below or by double clicking on the email (it opens but there's nothing at all there - not even to and from).

So here's what I've done in an attempt to stop this based on solutions offered on this site and others: "restore" back before I opened the email, searched hand washing, and messed with start-up programs (I've even tried restoring futher back), downloaded... Read more

More replies
Answer Match 65.52%

Hi all..

Every time I put a cd in my cd-rom I get this error :

"mmjb MFC Application has encountered a problem and needs to close. We are sorry for the inconvenience."

I do not even know what this program is, but I am quite tired of seeing this message. Can you tell me how to get rid of it?

Thanks in advance.
 

A:Error message "mmjb MFC Application has encountered a problem..." when I put in a cd.

Bump...
 

2 more replies
Answer Match 65.52%

Hi all,
I am a total Newbie so please have patience with me.
I am working mostly with Mozilla Firefox, but occasionally I go into Internet Explorer as I have got a website and it does display it different sometimes in IE than with Mozilla.
I have noticed recently that when I open IE everything seems to work fine first (the home page comes up and looks alright), but as soon as I enter anything in the search bar on the top and hit "enter", I have got this message coming up:
Internet Explorer has encountered a problem and needs to close. We are sorry for the inconvenience.
With the Mozilla Firefox Browser everything seems ok.
Why is that, and how can it be fixed?
When I go in ->My Network Places ->View Network Connections, I have got LAN or High-Speed Internet, and there are 2 connections mentioned:
Local Area Connection2, which says: (Network Cable Unplugged, Fire...Intel(R) Pro/100 VM Network...)
Local Area Connection, which says: (Connected, Firewalled, Motorola SURFboard SB5100)
I don't know whether that has anything to do with it, but I thought I mention it.
The same problem happens when I want to use a Software I have downloaded, called "Directory Submitter", every time I want to use that the same message appears, just as "Directory Submitter has encountered a problem and needs to close. We are sorry for the inconvenience.". I can just assume that Directory Submitter connects through Internet Explorer and that's why t... Read more

A:Message "Internet Explorer has encountered a problem and needs to close."

First, you did not state what version of IE you use, IE6 or IE7; and what OS, WinXP what (Pro/Home, SP2/SP3).

Second, why Firefox? Do you really need it? I ask because there are reported problems with conflicts between IE and Firefox by some users. These seem to be reported by people like you who try to use both browsers. People who use Firefox exclusively, don't see the problem.

I assume your are in business and that's why you use Directory Submitter. By the way, is it from the .COM or .ORG site? You use it as PR for a WEB site you publish, correct?

5 more replies
Answer Match 65.1%

Hi there

for some reason I started getting an error message (tss.exe has encountered a problem and needs to close. We are sorry for the inconvenience.") and I've got no idea what this means and what's causing it.

I've run my spyware programs and did a virus search but nothing was found. I also tried a system restore but it won't even do that. Can anyone help please please pretty please cause it's driving me nuts!!! Thanks!

Oh, and I am using windows XP!

Tan
 

A:Error Message "tss.exe has encountered a problem and needs to close" - please help!

9 more replies
Answer Match 65.1%

Hey, I've completed all the 5 preliminary steps. And as an extra precaution I have run Malware-bytes Anti-malware which seems to have gotten rid of most of the problems, however I still get the odd detection. I was wondering if there was a surefire way to make sure my system is virus free. Nothing serious is happening to my pc (ie. no popups, homepage hijacking, or severe system slowdown) Anti-vir my antivirus program stil says i have a virus on my pc. I have run Hijackthis and hoping if someone could help me determine whats a virus and what isnt. Also on how best to protect my pc from this in the future. I already have installed SpywareBlaster and the Zoneout and IE restricted page programs. Im a bit of a noob so hopefully someone can help. Here is my HJT log. Thanks in advance... PS I dont no th name of the actual initial virus that could still be lurking in my system only that it had fake in its name and that it was a trojan and the other said adware in the title. I erased the quarantined items so thats why i dont know their exact names (my bad). Thanks again.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:59:05 PM, on 10/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files (x86)\HP\QuickPlay\QPService.exe
C:\Program Files ... Read more

A:trojan problem from a cracked windows office installer (.exe)

please BUMP

1 more replies
Answer Match 64.68%

I'm running Outlook 2000 with XP Pro with all the latest updates. After I installed MSN's Search Toolbar, whenever I shut down Outlook an error message "MS Outlook has encountered a problem and needs to close". The details in the Event Viewer refer to "faulting application outlook.exe.version....". Any suggestions on how to fix this? Uninstalling the MSN Toolbar is not a viable option as its Form Fill and Desktop Search tools are great.
 

A:Outlook 2000 Message: Outlook Has Encountered A Problem, Etc.

Have you applied ALL the service packs for Office 2000 (as this directly affects Outlook 2000)?
 

2 more replies
Answer Match 64.26%

My father’s computer is having some issues. He only started to complain that his Internet Explorer kept shutting down illegally. So I went over and re-installed Mozilla Firefox. I tried to reinstall IE 7, but the computer wouldn’t let me something about the Windows Installer.

I found the Microsoft support article for “The Windows Installer service could not be accessed” (KB315346) and followed the resolution instructions. They did not resolve the problem. http://support.microsoft.com/kb/315346

So I downloaded the Windows Installer CleanUp Utility 4.71.1015. (Didn’t use it. Don’t think that was really what I wanted. I wanted something to fix the installer, not delete partially installed programs.)

My father mentioned that he downloaded AntiVirus 2009. I was a little suspicious. So I decided to update his scanning software on his computer. His AVG version was 7 not 8. I found out that the program to install AVG 8 needs the Windows Installer and will not install. When I click on AVG 8 this is the error message: “c:\ProgramFiles\AVG\AVG8\avgui.exe This application has failed to start because the application configuration is incorrect. Reinstalling the application may fix this problem.” So he does not have an antivirus program on his computer right now.

I did an online scan with Kaspersky. It did not find anything bad. Next I did get Ad-Aware to update to 2008 version and ran it. It reported 2 virus’: win32.trojan.Agent and win32.backdoor.sinowal and removed them. I ... Read more

A:Multiple Virus and IE & AVG Installer Problem

Okay, here is the update for today:

I installed and ran CCleaner. It cleaned up a lot of problems.

I emptied the Internet Explorer Cache. IE still wouldn't run though.

I ran Disk CleanUp. I also ran Error Checking.

I uninstalled AVG8 and reinstalled AVG8 and it worked! I ran a scan. AVG randomly keeps finding malicious files. I keep quarantining/removing them.

So I rebooted the computer numerous times today and all seems to be better.

I ran a panda scan again today and was able to fix the c:\I386\GTDownDE_87.ocx and the c:\windows\system32\GTDownDE_87.ocx.

There are some low and medium threats that involve registry keys. Don't know how to correct them.

I was unable to fix the vulnerabilities. The vulnerabilities are:
MS07-045
MS07-033
MS07-069
MS07-057
MS07-027
MS07-016 I think these are all related to Microsoft Internet Explorer Security

I uninstalled IE7 and reinstalled IE7. Still no luck. I can't get it to run. How can I fix the vulnerabilities and get it to run? Is there some way to do this with Mozilla? I can't get IE to load, it stops responding and I have to ctl, alt, delete and kill it in the processes. Not sure if all of the virus is gone yet either.

Any help would be appreciated.

Thanks,
Roseann
 

1 more replies
Answer Match 64.26%

hi,
i am trying to install something using windows installer, however, i keep getting the error message (this is for windows vista):

Problem signature:
Problem Event Name: BEX
Application Name: msiexec.exe
Application Version: 4.0.6000.16386
Application Timestamp: 4549af77
Fault Module Name: StackHash_4457
Fault Module Version: 0.0.0.0
Fault Module Timestamp: 00000000
Exception Offset: 10000000
Exception Code: c0000005
Exception Data: 00000008
OS Version: 6.0.6000.2.0.0.768.3
Locale ID: 1033
Additional Information 1: 4457
Additional Information 2: 14d756d0c67e61d9a1d90045e757e73c
Additional Information 3: cec2
Additional Information 4: 87be9e9b2ed7524d6f4bfc4b6e6f5612

Read our privacy statement:
http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0409
i think i may have downloaded some virus earlier from a torrent website without knowing until after (when i read the forum posts - i was in a bit of a rush). so i tried doing scans and nothing showed up. any help on how i can get of a virus that may be causing this? could the virus name file be mentioned somewhere up there in the info vista gave me?

thanks.
 

A:windows installer problem - maybe virus.

if anyone would like any clarifications on this problem, please ask.
thanks!
 

1 more replies
Answer Match 63.42%

This is my first visit to a forum and first attempt to post.
I use Windows XP SP3 and am trying install a Microsoft LifeCam HD 300 camera for use with Skyype.
I initially installed the cam using the software on the supplied disk. On completion of installation I got the above message. I have just installed Skype and found that the mic was working but when I tried to set up the camera I got the message " The camera is in use by another programme. I could not find any other programme using the cam. I uninstalled the programme and re-installed. Same result.
I then seardhed for drivers on the web and found LifeCam3.22.exe which I downloded and installed. With this I got the message "There is no camera installed on this computer"
I then came to the Microsoft site and found LifeCam3.60.exe and downloaded and installed it. I have come the full circle and am back with the original error message and at a loss where to go next.

Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
Processor: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz, x86 Family 6 Model 15 Stepping 6
Processor Count: 2
RAM: 2029 Mb
Graphics Card: NVIDIA GeForce 7300 GS, 512 Mb
Hard Drives: C: Total - 238456 MB, Free - 156257 MB; D: Total - 238472 MB, Free - 217041 MB;
Motherboard: Intel Corporation, DG965WH, AAD41692-304, BQWH636000XB
Antivirus: ESET NOD32 antivirus system 2.70, Updated: Yes, On-Demand Scanner: Enabled

beetle57
 

A:MS LifeCam HD 300 gives message LifeCam.exe has encountered a problem

Update. Microsoft offered to replace cam so I returned it to retailer instead. I traded it for a different manufacturers camera, am I permitted to say (a Logitech HD webcam C510), which installed perfectly, including identifying I had Skype, Windows Live and Facebook. I believe the problem was software.
 

1 more replies
Answer Match 60.06%

My computer became infected with various sorts of spyware and trojans. It seemed that I was able to remove all of it with malwarebytes, superantispyware, and adaware. However, there is still one problem that I have now:

When I click on google search results, firefox browser opens suspicious-looking pages in a new tab or new window. I have uninstalled firefox (including all my settings) and re-installed it, which did not solve the problem.

Besides that, my computer keeps showing me a message about an "internet explorer script error", even when I am not using Internet Explorer. It includes the following URL: hxxp://ui.mevio.com/static/js/combined/index.js?r=38312. I suspect that this message could be caused by a virus too.

Many thanks in advance for any help you can give. As instructed, here is the content of the DDS.txt file:
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by F at 20:01:04,82 on 06.04.2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.615 [GMT -4:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: Symantec Endpoint Protection *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
FW: Symantec Endpoint Protection *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
... Read more

A:google redirect problem in firefox & suspicious IE error message

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

14 more replies
Answer Match 59.64%

white smoke randomly is on my laptop now no idea what that is, also google installer and several other programs randomly stop working that i do not recognize. i have had registry issues too, my internet stopped working recently due to a winsock error and i had to load the files off a different computer.

I currently run panda cloud anti virus, i have vista 64x os on a dell studeio 15

thanks for your help

A:I think I have trojan(s) and mal ware, /google installer/white smoke

white smoke randomly is on my laptop now no idea what thatThat sounds like a serious hardware related problem...overheating due to faulty power supply, faulty fans, MB going bad or some other electical issue. This could be a dangerous fire hazard and needs to be your first priority before dealing with any possible malware issues. I suggest you take the laptop to a qualified technician for inspection ASAP if it is no longer covered by a warranty.

7 more replies
Answer Match 59.64%

Hello. I have tried everything to remove above mentioned problems. I have run Malwarebytes numerous times. Have quarantined and deleted, have shut my system restore off to make a new clean point after reboot of removing trojans. As soon as new reboot, I run Malwarebytes again, and they are back. Files Infected:
C:\WINDOWS\system32\tdlclk.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdlcmd.dll (Rogue.Installer) -> Quarantined and deleted successfully.

I had the system32 folder open, watched as tdlclk.dll and tdlcmd.dll were deleted. Then also watched as they magically reappeared upon new scan of Malwarebytes.

Also, when I first installed Malwarebytes and ran for first time, it found 14 problems. Here is a cut and paste of them.

Registry Keys Infected:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{3446af26-b8d7-199b-4cfc-6fd764ca5c9f} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft... Read more

A:Trojan.TDSS and Rogue.Installer and google redirect

Hi and welcome to the HijackThis Logs and Virus/Trojan/Spyware/Malware Removal forum,I am and I am here to help you!I ask that you refrain from running tools other than those I suggest to you while I am cleaning up your computer. The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Please perform all steps in the order received and do not proceed if you need clarification.Please copy and paste al logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems please stop and tell me about it. When your computer is clean I will alert you of such. I will also provide you with detailed suggestions for prevention.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please be courteous and appreciative for the assistance provided!Again I would like to remind you to make no further changes to your computer unless I ... Read more

72 more replies
Answer Match 59.64%

Hello, my computer was infected by what looks like a virus called "Malware Defense." I was able to run Malwarebytes and did a quick scan. The program found one trojan and deleted it. After restarting, I did a full scan and was told my laptop was clean.

However, I am now getting period pop ups saying Google Installer has to shut down. Whenever this happens my laptop tells me that I might have a malware labeled "UACD.sys." In addition, I also get messages from my computer telling me that Windows Defender Command Line Utility has stopped working and was closed.

Malwarebytes continues to tell me that there is nothing injected on my computer.

Any thoughts on how I might be able to fix this?

Thank you!!

A:Google Installer Virus and Malware Defense Virus

bump

10 more replies
Answer Match 59.22%

k im hopin someone can help me, I've downloaded Google Chrome and it does not work. It just stays there, loading a page. It doesnt matter if that page is on the internet or not. Even when I click help, it opens a new tab to the help contents but it just stays there loading. no error message, what so ever. I tried reins...talling different times, with different browsers, from different sites, can anyone help me? Every other browser is perfectly working, just not Chrome. Oh and I need it because there's an extension I want to run that is not available on other browsers. Thanks!
 

A:Problem with google chrome. Keeps loading pages none stop, with no error message.

Try this troubleshooting page.
Pages load slowly only in Google Chrome
http://www.google.com/support/chrome/bin/answer.py?hl=en&answer=113910
 

1 more replies
Answer Match 59.22%

when i start my computer i am getting the following errors

at login i get :ALUSchedulerSvc.exe - Application error
The exception breakpoint 0x80000003 occured in the application at location 0x0040da64
then right after that i get

Googleupdate.exe-application error
The exception breakpoint ox80000003 occured in the application at location 0x00406eef

once logged in and everything is loading i get
Google Installer encountered a problem and needed to close
and everything starts to run very slow,i dont get redirected by IE or firefox , they just run very slow and then everything freezes up and i have to restart. i am not able to open up any antivirus or malware bytes or SUPERAntiSpyware unless i changed the file names but after the scans nothing was fixed.

any help will be highly appreciated.
thanks

A:google installer virus

when i start my computer i am getting the following errorsat login i get :ALUSchedulerSvc.exe - Application error The exception breakpoint 0x80000003 occured in the application at location 0x0040da64then right after that i get Googleupdate.exe-application error The exception breakpoint ox80000003 occured in the application at location 0x00406eefonce logged in and everything is loading i get Google Installer encountered a problem and needed to closeand everything starts to run very slow,i dont get redirected by IE or firefox , they just run very slow and then everything freezes up and i have to restart. i am not able to open up any antivirus or malware bytes or SUPERAntiSpyware unless i changed the file names but after the scans nothing was fixed.any help will be highly appreciated.thanksHello, I see you have a problem with Symatec Live Update. In order to fix the problem you will need to go download the removal program from Symantec. It seems Norton gets in the way sometimes. Author -- SymantecPart of -- Symantec LiveUpdateCommon Location -- %programfiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exehttp://service1.symantec.com/Support/tsgen...005033108162039I then would unistall the Google update. You can find out information here:http://antivirus.about.com/od/windowsbasic...oogleupdate.htmI would recommend SuperantiSpyware Pro and Free AVG to help keep you safe... Read more

1 more replies
Answer Match 59.22%

Hi Guys,Would really appreciate some help with this one. Google installer and Google update messages keep appearing. I removed everything google that I could find but things are still coming up and its making my computer less than snail paced!! None of my anti-virus programs are picking anything up but I am beginning to think AVG sucks! It seems it also inhibits certain virus scanners from running e.i. reboots my PC! Here is my Hijack this log. Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:55:20, on 17/06/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16827)Boot mode: NormalRunning processes:D:\WINDOWS\System32\smss.exeD:\WINDOWS\system32\csrss.exeD:\WINDOWS\system32\winlogon.exeD:\WINDOWS\system32\services.exeD:\WINDOWS\system32\lsass.exeD:\WINDOWS\system32\svchost.exeD:\WINDOWS\system32\svchost.exeD:\WINDOWS\System32\svchost.exeD:\WINDOWS\system32\svchost.exeD:\WINDOWS\System32\svchost.exeD:\WINDOWS\System32\svchost.exeD:\WINDOWS\system32\spoolsv.exeD:\WINDOWS\System32\svchost.exeD:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exeD:\PROGRA~1\AVG\AVG8\avgwdsvc.exeD:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeD:\Program... Read more

A:Google Installer Virus

Hi superdan86,Welcome to BC HijackThis forum. I am farbar. I am going to assist you with your problem.Please refrain from making any changes to your system (updating Windows, installing applications, removing files, etc.) from now on as it might prolong handling your log and make the job for both of us more difficult.Please run Notepad (start > All Programs > Accessories > Notepad) and copy and paste the text in the code box into a new file:
@ECHO OFF
sc stop gupdate1c99c26c6f41006
sc delete gupdate1c99c26c6f41006
sc stop gusvc
sc delete gusvc
rd /s /q "D:\Program Files\Google\Common\Google Updater"
rd /s /q "D:\Program Files\Google"
Go to the File menu at the top of the Notepad and select Save as.Select save in: desktopFill in File name: remove.batSave as type: All file types (*.*)Click save.Close the Notepad.Locate and double-click remove.bat on the desktop. If everything goes well the remove.bat opens and disappears after removing the service.Please copy and paste a fresh Hijackthis log to your reply.

23 more replies
Answer Match 59.22%

I recently have become infected with this malware. It will not allow me to run any spyware, adware removers. My Mcafee has detected some things and removed or quarantined them but the problem persists. I get multiple warning windows and have trouble keeping active windows open.
DDS (Ver_09-06-26.01) - NTFSx86
Run by Curtis at 17:25:20.34 on Wed 07/22/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1329 [GMT -7:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee&#... Read more

A:Google Installer Virus

Hello and welcome to Bleeping Computer.My name is Syler, I will be helping you to solve your Malware issues. Whilst I am helping you, I wouldbe grateful if you would note the following: Please do not run other tools or scans unless I ask you to and follow all the steps I give you, in order.
Copy and paste all logs requested in you reply, Do not attach them unless asked too.
If you don't know or understand something, please don't hesitate to say or ask before you proceed with my instructions.
Please continue to work with me, until I tell you your machine appears to be clean. Absence of symptoms does not mean that everything is clear.
If I do not hear back from you within 5 days of my last post, then this topic will be closed.Please download Malwarebytes' Anti-Malware from HereNote: If you already have Malwarebytes' Anti-Malware, just update then run it.Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Full Scan", then click Scan (the scan may take some time to finish, so please be patient).When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be p... Read more

2 more replies
Answer Match 59.22%

Hello there, and thank you in advance. I am currently having some trouble with the Google Installer virus. I get the error on startup, but it does not persist throughout usage of my PC. I don't have the usual symptoms (the weird audio advertisements, and hi-jacked search engines), but I am unable to run most of any protection software. (I've tried my usual Norton, which is what I first noticed not working. Then, malwarebytes, and recently downloaded combofix. None of which will even start.) Another strange symptom I have is.. It's like I hit the windows key, but the start menu does not pop up. Any text I'm typing in will be put on the back burner, and I'll need to click to reset the cursor. Any games I'm playing will minimize.. It's pretty annoying.

I would like to point out that I am not entirely tech savvy, but I will do my best to not be completely helpless.

I'd also like to point out that I received this virus at the same time I got the viewpoint virus. (or whatever you want to call it.) I believe I removed the viewpoints virus, but the google installer does not want to budge. And since I cannot run any of my protection software, I feel kind of helpless.

So, that's what brings me here! I sure hope you guys can assist me, because otherwise I think I'm boned.

As I stated before, thank you in advance.

Sincerely,

Chryo.

A:Google Installer Virus, Please Help.

Hi and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, as far as they possibly can, before posting for assistance.

http://www.techsupportforum.com/f50/...lp-305963.html

If you have problems with any of the steps, simply move on to the next one and make a note of the problem in your reply.

Please note that the Security Forum is always busy, so I would ask for your patience while waiting for a reply - it may take a few days.

This thread will now be closed.

1 more replies
Answer Match 59.22%

Hello. I think I have a virus of some kind as I keep getting a message saying that "Google installer has encountered a problem and needs to close. we are sorry for the inconvenience." I am also noticing that I am getting directed to odd websites that I am not trying to get to. Can someone help?

A:google installer virus

Hello and welcome please run these next to rule out malware. If you have Spybot installed temporarily disable it.Next run ATF:Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".Please download ATF Cleaner by Atribune & save it to your desktop.Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox browser click Firefox at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browser click Opera at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.Next run MBAM (MalwareBytes):NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not ma... Read more

14 more replies
Answer Match 59.22%

Hello again, and sorry for my previous post.

Alright, I ran the DDS and I have the logs for that in a zip folder, which I will attach now.

However, when I downloaded Gmer.exe, extracted to my desktop, and double clicked it.. nothing happened. (I'm not sure if this is the case, but the virus appears to be blocking other programs such as norton, malwarebytes, etc. However, I did do as stated and uninstalled everything but norton, along with all CD emulation software and that stuff.)

Alrighty, I attached what I could. If there is any way I can get the gmer.exe to run, please let me know and I will provide you with it's information.

Thanks in advance,

Chryo.



DDS (Ver_09-12-01.01) - NTFSx86
Run by Davis Pitts at 15:47:47.35 on Thu 12/31/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3262.2578 [GMT -5:00]

AV: PC-cillin Internet Security - Virus Protection *On-access scanning disabled* (Outdated) {7D2296BC-32CC-4519-917E-52E652474AF5}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
C:\Program Files\AlienGUIse\wbload.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files... Read more

A:Google Installer Virus, Please Help. V2

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

I need to see a gmer log in order to help you. Please rename gmer.exe to gmer.com and see if it will run.

If it still won't run, delete your existing copy of gmer. Please run this special version of gmer:

Download GMER Rootkit Scanner from here and Save it to your Desktop. Double-click gmer.exe to run it. If asked to allow gmer.sys driver to load, please consent.
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.



Click the image to enlarge it


In the right panel, you will see several boxes that have been checked. Uncheck the following ...Sections
IAT/EAT
Drives/Partition other than Systemdrive (typically C:\)
Show All (don't miss this one)

Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop, and attach it to your next reply.

**Cau... Read more

2 more replies
Answer Match 58.8%

Whenever i turn on the computer i get a error that says "google installer has encountered a problem and needs to close. we are sorry for the inconvenience." I heard this is from the google installer virus and i have no idea how to get rid of it. I tried to use combofix. but i got an error possibly because my Malwarebytes-Anti Mawlare was on (i dont think its not the full verison though). I dont know how to turn it off though. Then i heard combofix should be used with a supervisor. I have no clue where to go from here.

A:Google Installer Virus [Moved]

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.

5 more replies
Answer Match 58.8%

I am having trouble having any anti-virus programs to run and get the google installer error every few minutes. This started after I installed syware doctor as part of googlepack. I had Mcafee pre-installed, but it does not run anymore (no icon in the system tray). I had tried combofix per tonysgeektips to no avail. I have since read your thread and understand it probably wasn't the right thing to do.

DDs file attached below. I couldn' get GMER to run initially. Had to rename it to something obscure. Both attach and ARk are attached as a zip file.

I cannot find my original windows installation disks and do not have a boot disk.

Thanks for your help.


DDS (Ver_09-12-01.01) - NTFSx86
Run by Ship at 0:33:39.95 on Thu 12/31/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_06
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.767.495 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple... Read more

A:[SOLVED] Google Installer Virus

Hi sangship,

The title of your topic is marked as "Solved". We would like to make sure that it's indeed solved. Please let us know.

Thanks.

3 more replies
Answer Match 58.8%

I have ran ad-aware, spybot, and AVG. They all said they removed the trojan but upon restart it returns. I tried running malwarebytes but the program will not start. I have installed Hijackthis on the computer and just ran the Comedian program. The computer finished all the steps but would not create a registry restore point. I can runt and post the log if you want from hijack this. Any help is appreciated.

A:Google Installer Virus [Moved]

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.

13 more replies
Answer Match 58.8%

Hi, I got the google installer virus and went to this page "http://tonysgeektips.wordpress.com/2009/04/01/google-installer-virus-removal/"

The first step was to run Combofix, but it would not open. The second step was to run MalwareBytes Anti-Malware but I could not open that either. Basically I can not run any anti-spyware stuff. I also tried Killbox in safe mode but it would not start up.

So, what should I do to get rid of this?

Thanks

A:Google Installer Virus/Malware

Hello and welcome to TSF.

Tonysgeektips is not authorised to recommend the use of Combofix in that manner.

ComboFix is not a tool which should be used in an unsupervised environment.

Quote:




Why we don't ask you to run ComboFix from the onset

As stated by the author of ComboFix:

ComboFix is a very powerful tool which when improperly used may render your machine to a doorstop.

We first need to verify if there's any rootkits present and how they could affect our tools. DDS & GMER are preliminary scans. We use their logs to map our strategy for attack.

With these logs we can determine the infections present & decide whether to deploy ComboFix.




We want all our members to perform the steps outlined in the link given below, before posting for assistance. Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

1 more replies
Answer Match 58.8%

I'm having issues with a google installer virus that seems very similar to the one described in this thread: http://www.bleepingcomputer.com/forums/t/244830/google-installer-exe-error/I tried to follow similar steps finding many of the same issues, i.e. Malwarebytes would not work anymore, even if I re-installed and renamed the .exe file (I would then receive an error). When running Dr. Web (in safe mode) my computer inevitably freezes, sometimes on the express but always at some point in the complete scan. I was able to run Sophos rootkit, but nothing was recommended to be removed and I did not want to start randomly removing any files.Any suggestions or assistance that could be offered would be very much appreciated.

More replies
Answer Match 57.96%

Hello,

I'm having a problem installing Quickbooks Pro 2009 on Window XP pro

When I launch the installer from the CD I get this screen:
Click for full size - Uploaded with plasq's Skitch

The text is read-only -- looks like options for install method? Previous version of QB (2006 PRO) did not include such a screen.

Anyway - when I click OK the window disappears and nothing happens - no activity from the CD drive -- no further messages from QB

Here's the full text from the installer window:
Code:
Windows ® Installer. V 4.5.6001.22159

msiexec /Option <Required Parameter> [Optional Parameter]

Install Options
</package | /i> <Product.msi>
Installs or configures a product
/a <Product.msi>
Administrative install - Installs a product on the network
/j<u|m> <Product.msi> [/t <Transform List>] [/g <Language ID>]
Advertises a product - m to all users, u to current user
</uninstall | /x> <Product.msi | ProductCode>
Uninstalls the product
Display Options
/quiet
Quiet mode, no user interaction
/passive
Unattended mode - progress bar only
/q[n|b|r|f]
Sets user interface level
n - No UI
b - Basic UI
r - Reduced UI
f - Full UI (default)
/help
Help information
Restart Options
/norestart
Do not restart after the installation is complete
/p... Read more

A:Solved: Problem Installing Quickbooks - Problem with Windows Installer?

9 more replies
Answer Match 57.96%

Sorry, but since it wasn't letting me post for some reason, I had no choice but to put everything in a .txt file:

Update: the thing from the post I found relating to part of this problem is keeping the google installer virus at bay for now, but it still keeps popping up, I await your reply

A:Google Installer and Windows PC Defender Virus

Hello,My name is Syler and I will be helping you to solve your Malware issues. If you have since resolved your issues I would appreciate if youwould let me no so I can close this topic, if you still need help please let me no what issues you are still having, in your next reply.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up.Download random's system information tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)Please download GMER from one of the following locations, and save it to your desktop:Main Mirror
This version will download a randomly named file (Recommended)Zip Mirror
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs, as this process may crash your computer.Temporarily disable any real-time active protection so your security program drivers will not conflict with gmer's driver.Double click on Gmer to run it.Allow the gmer.sys driver to load if asked.You may see a rootkit warning window, If you do, click No.Untick the following boxes on the right side of the Gmer screen.
... Read more

2 more replies
Answer Match 57.96%

Hey, all - first time here! OS: Windows XP Professional - Service Pack 2 Problem started yesterday (ran an unsafe application). Both Firefox and Internet Explorer are now having the same problem: when searching by Google or Yahoo! and clicking on a search result, often the search will redirect to an advertisement site instead. If I use the "Back" command and click on the same search result quickly, I am sent to the proper site. Does not happen with every click. I've been looking through these forums for potential solutions, but with no success. I've checked the registry and deleted the executable files that were produced by the original trojan app, but there are leftovers to find. I have the most recent Malwarebytes' Anti-Malware, but it has not been able to resolve the issue even after a full system scan of every hard drive I have.Additional symptoms: Malwarebytes' Anti-Malware must be renamed from "mbam.exe" to something else or will run (I see it in the Task Manager briefly), but is quickly canceled. A file called "ernel32.dll" has appeared (45 Kb, modified 12/20/2004 7:00AM), and is marked as a malware file by MBAM. But, it can only be deleted in Safe Mode. It returns to the Windows/System32 folder upon restart.Logs provided: MBAM (main executable renamed to m32bam.exe) - Quick Scan log. Rootkit Unhooker LE - Report(Scan) for Processes, Drivers, and Stealth CodePlease help me!---------------------------------... Read more

More replies
Answer Match 57.96%

Hi to you guys, i keep being infected by Pakes.ELE in windows temp svchost.exe, my virus protection keeps picking it up then i delete.. if i leave my computer with the interenet connected i'll have a list of about 10 Pakes.ELE within an hourAlso having the google hijack problem.. tried using spybot, adaware, malwarebytes, AVG but not in safe mode as when i try and use safe mode i get a blue screen with an error i think with hardware but i'm not totaly sure, i have the error code if it would help.. here is my HJlog hope you can help Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:48:37, on 13/01/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\AVG\AVG9\avgwdsvc.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\... Read more

A:problem with trojan pakes.ELE and google hijack and probably more

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Fo... Read more

8 more replies
Answer Match 57.96%

Hi,

Abt 2 weeks ago AntiVir detected some viruses/malwares on my laptop while I was surfing net. Here are some of the detections (there're more than 20 detections!)

Virus or unwanted program 'TR/Crypt.XPACK.Gen2 [trojan]'
detected in file 'C:\Documents and Settings\xx\Local Settings\Temp\ecmanwosxr.tmp.
Virus or unwanted program 'TR/Drop.Bamital.BK [trojan]'
detected in file 'C:\Documents and Settings\xx\Local Settings\Temp\croewasnmx.tmp.
Action performed: Delete file.
Virus or unwanted program 'TR/Crypt.ZPACK.Gen [trojan]'
detected in file 'C:\Documents and Settings\xx\Temporary Internet Files\Content.IE5\1NQ08K12\truefix70700duo[1].exe.
Action performed: Delete file

A day later this was detected:
Virus or unwanted program 'TR/Crypt.XPACK.Gen2 [trojan]'
detected in file 'C:\WINDOWS\Temp\_ex-68.exe.
Action performed: Delete file

My laptop was then working fine for a few days, but 2 days ago after leaving my laptop on for the whole afternoon, I received msg saying "Generic Host Process for Win32 Services has encountered some problem and needs to close" and other similar errors that left little things for me to do. I then switched off. The same msgs would pop up after restart. I followed some instructions and changed some registry which stopped the msgs from popping up. However the Generic Host Process msg is still appearing from time to time, heres the error it describes:
szAppName : svchost.exe szAppVer : 5.1.2600.5512 szModName : ntdll.dll
szModVer : 5.... Read more

A:Trojan, Malwares, Google redirect problem and/or others!?

Hi

Please do the following:
Download OTL and save it to your desktop.
Double click on the icon to run it.
Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top, make sure Standard output is selected.
Under the Extra Registry section, check Use SafeList
Download the following file scan.txt to your Desktop. Click here to download it. You may need to right click on it and select "Save"
Double click inside the Custom Scan box at the bottom
A window will appear saying "Click Ok to load a custom scan from a file or Cancel to cancel"
Click the Ok button and navigate to the file scan.txt which we just saved to your desktop
Select scan.txt and click Open. Writing will now appear under the Custom Scan box
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

13 more replies
Answer Match 57.54%

Hello, my computer got infected with the "Google Installer Virus" about 1 month ago. I followed a guide from tonygeektips and have been running repeated ComboFix, SpyBot S&D, Malware Bytes, Ad-Aware, and Mcafee scans. Even though my computer is usable I hate having to run Combofix every couple of days to hopefully stop the infection from getting worse.

I still get the Google Installer Virus pop-up every once in awhile (Whoa! Google has crashed or w/e message), and other than that I do not know what other malware my computer is infected with. I would really appreciate any help. Thank you in advance.

~ Roland

Here is the DDS.txt and attached are Attached.txt and Ark.txt:
DDS (Ver_09-09-29.01) - NTFSx86
Run by UberSexiness at 20:33:24.67 on Fri 10/09/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.228 [GMT 2:00]

AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Outdated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C... Read more

A:Infection started with "Google Installer Virus" about 1 month go

Hello and to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.*If you have since resolved the original problem you were having, we would appreciate you letting us know. *If not please perform the following steps below so we can have a look at the current condition of your machine. *If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.**If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. In order to be notified via email when your topic has a reply you need to enable topic notifications. To enable topic notifications you should do the following: 1. Click on the My C... Read more

7 more replies
Answer Match 57.54%

Hi,

I'm having the same issue as described here: http://www.bleepingcomputer.com/forums/topic459767.html.

Adobe Flash Player Installer is popping up every 10 minutes and sites are being redirected to random ads. In Chrome I get the following error message when trying to visit any site: "The site's security certificate is signed using a weak signature algorithm!"

I've run a quick scan on Malwarebytes a few times and it detects trojans, deletes them, reboots the computer but the problem persists. Now Malwarebytes is blocking services.exe and svchost.exe every five minutes.

I'm running Windows 7 Home Premium 64-bit.

Any help would be greatly appreciated.

Thank you.

A:Flash Player Installer and Google Redirect Virus

DownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) DownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

3 more replies
Answer Match 57.54%

Hello,
Hi I have recently been infected with a Virus with no solutions to it. I have run several online virus scanners with no luck finding the problem. In the begging when ever I would turn on my computer or let it run for some time a Googleinstallerupdate has encountered an error and needs to be shutdown please send error message to Microsoft, this problem recently stop and a new problem came around of random sounds being heard through my speakers (Advertisements, with out internet or Mozilla open), and now more recently I'll get pop ups behind open browsers on common sites like Hotmail.com and Facebook.com I will post the following Hijackthis reports etc and wait to hear a response Thanks
DDS (Ver_09-12-01.01) - NTFSx86
Run by Jason at 0:17:20.98 on Sat 01/01/2005
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1534.872 [GMT -6:00]

AV: Symantec Endpoint Protection *On-access scanning disabled* (Outdated) {FB06448E-52B8-493A-90F3-E43226D3305C}
FW: Symantec Endpoint Protection *disabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}
FW: NVIDIA Firewall *disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
svchost.exe
svchost.e... Read more

A:google Installer error leading on to other virus problems

Hello,My name is Syler and I will be helping you to solve your Malware issues. If you have since resolved your issues I would appreciate if youwould let me no so I can close this topic, if you still need help please let me no what issues you are still having, in your next reply.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up.Download random's system information tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)Please download GMER from one of the following locations, and save it to your desktop:Main Mirror
This version will download a randomly named file (Recommended)Zip Mirror
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs, as this process may crash your computer.Temporarily disable any real-time active protection so your security program drivers will not conflict with gmer's driver.Double click on Gmer to run it.Allow the gmer.sys driver to load if asked.You may see a rootkit warning window, If you do, click No.Untick the following boxes on the right side of the Gmer screen.
... Read more

2 more replies
Answer Match 57.12%

hello my symantec started to show a few days ago that i have a risk: backdoor.trojan, action:deleted ,count:2, filename:mdm.exe, threat type: file, original location: c:\docume~1\74B5~1\LOCALS~1\Tempe\~temp\mpl258\since then it does not stop showing me this message every few minutes and when i stand on a window it goes of the window after some seconds, let's say when i'm writing this message every 4 words i need to click on the window again because it unchecks automatically. another thing it did was to reopen msn messenger so i deleted it and of course it stopped. i'm attaching here my logs you asked for your review. i tryed to run gmer.exe but it closed windows.. so i uploaded only the dds.txt and the attach.txt in the ziped filethank you !!! and i hope someone can help me resolve this problem. mark

A:is this trojan constant popup message from semantec indicates a bigger problem ? who do i make it stop ?

Hello marikg, Welcome to Bleeping Computer. My name is fireman4it and I will be helping you with your Malware problem.Please take note of some guidelines for this fix: Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. If you do not understand any step(s) provided, please do not hesitate to ask before continuing. Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". Finally, please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.1.Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.Link 1Link 2Link 3Link 4 Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how. Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator) A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed. If not... Read more

11 more replies
Answer Match 57.12%

I was having redirect issues with google searches. After some research on this site, I tried to clean up the issue by doing the following.1) downloaded ATF-Cleaner, I already had Malwarebytes and SuperAntiSpyware, so I just updated them withe the latest updates.2) rebooted to Safe mode and ran the above programs in this order. ATF-Cleaner, Malwarebytes, SuperAntiSpyware3) rebooted to normal mode and it looked like the redirction was gone.4) downloaded IE8 and installed.Started getting alerts from AVG that a SVhost file was trying to start and it stoped it. However, the log from AVG to not show the event. I suspected a Trojan and downlowed GMER.When I try to run this after unzipping it, the first time it caused a reboot. ( I had outpost running and gave it allow rights when it loaded) about 2 minutes in the scan, the system rebooted.I disabled outpost and re-ran GMER and this time it hung about 2 minutes into the scan. The screen froze and periodicly I could move the mouse, but nothing responded. The window for GMER went blank when this happened.I am going to include all the log files I have except the GMER which I will continue to try to capture if I can get it to run.Thank you for your help. Other than trying to get GMER to run, I will not make any other attempts to fix anything.Update: Unable to run GMER.

A:Trojan problem after fixing Google redirect issue

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

11 more replies
Answer Match 57.12%

My virgin media security comes up with a message saying it has detected multiple threats which it can't delete eg C:\windows\installer\{bc9154fb etc can anyone help me to get rid of it, will love you forever if you can xxx*Moderator Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Queen-Evie*

A:trojan virus / windows installer

DownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan resultsDownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

1 more replies
Answer Match 56.7%

I am unable to install any software in my windows 8 laptop. The error message is as follows :

"The installer has encountered an unexpected error installing this package. This may indicate a problem with this package.The error code is 2503. "
Please help me to solve this problem.
Thanks & Regards,

Anish Uthuman

More replies
Answer Match 56.7%

Got problem wif this Virus Alert message on my tray icon.. when i click the message it go to the Spywarequake sitehow to remove this help me please ....anyway im runnig a game serverhere the log fileLogfile of HijackThis v1.99.1Scan saved at 8:58:10 AM, on 6/13/2006Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\RUNDLL32.EXEC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\MSN Messenger\MsnMsgr.ExeC:\apache2triad\bin\apache.exeC:\apache2triad\mysql\bin\mysqld.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\apache2triad\bin\apache.exeC:\apache2triad\mail\bin\XMail.exeC:\WINDOWS\System32\ZoneLabs\isafe.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Documents and Settings\sannosi\Desktop\My Files\HijackThis.exeO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-... Read more

A:Got Problem Wif This Virus Alert Message On My Tray Icon

Hello wan88,

Welcome to Bleeping Computer

I need to see a log made in normal mode, with everything enabled at startup. HijackThis cannot see everything otherwise, which means I cannot either.

Thanks,
tea

2 more replies
Answer Match 56.28%

 Attach.txt   11.47KB
  0 downloads
 ark.txt   3.01KB
  0 downloadsSo far I've managed to contract a couple different types of viruses (half of them from antivirus programs or cleaners), failed miserably at a system restore (Backup just threw everything in with no rhyme or reason-unrelated files together in same folder and some even in a folder, files and folders put in places they don't belong, duplicates, etc. The COMPUTER doesn't even know where it put them), deleted vital files and folders, restored the registry to the last good, which happened to be a day when I had the Avira desktop virus AND my keyboard didn't work due to IDVault, and restored the registry to around the time dinosaurs roamed the earth.Last night, after a failed installation of installer files, most of my drivers stopped working. I'm getting Errors 3, 31,0x80004005 and some I can't remember and when I go into Microsoft Defrag, the bar is almost completely red. My CPU's are at 100%. . I tried lowering priority of winlogon and csrss, but it says "access denied." It also says that when I try to do anything with Avira in Services. I can't find any form of the word "Avira" when I search, but you see on the log that it's there's a file called "avgio" and a couple others. I tried to run system restore again this morning, but it kept saying nothing was changed when I logged back on. My compu... Read more

A:Google Redirect, Antivir Desktop Virus, Windows Update Virus, Lost Desktop, Failed System Restore (twice), Drivers/ Installer N...

There was a glitch when I was posting this so it doubled. How do I delete a post?

2 more replies
Answer Match 56.28%

So far I've managed to contract a couple different types of viruses (half of them from antivirus programs or cleaners), failed miserably at a system restore (Backup just threw everything in with no rhyme or reason-unrelated files together in same folder and some even in a folder, files and folders put in places they don't belong, duplicates, etc. The COMPUTER doesn't even know where it put them), deleted vital files and folders, restored the registry to the last good, which happened to be a day when I had the Avira desktop virus AND my keyboard didn't work due to IDVault, and restored the registry to around the time dinosaurs roamed the earth.Last night, after a failed installation of installer files, most of my drivers stopped working. I'm getting Errors 3, 31,0x80004005 and some I can't remember and when I go into Microsoft Defrag, the bar is almost completely red. My CPU's are at 100%. . I tried lowering priority of winlogon and csrss, but it says "access denied." It also says that when I try to do anything with Avira in Services. I can't find any form of the word "Avira" when I search, but you see on the log that it's there's a file called "avgio" and a couple others. I tried to run system restore again this morning, but it kept saying nothing was changed when I logged back on. My computer has been very slow, files are missing, in the wrong place or corrupt, several drives and msiexec won't work, ... Read more

A:Google Redirect, Antivir Desktop Virus, Windows Update Virus, Lost Desktop, Failed System Restore (twice), Drivers/ Installer N...

Someone is helping me go through all the neccessary steps to remove whatever is infecting my IS. I will update when the issue has been resolved. Thank you

3 more replies
Answer Match 56.28%

Referred from here: http://www.bleepingcomputer.com/forums/topic372790.html/ ~ OBHello, I have been experiencing the following issues with my computer:?A message box pops up and states: "Generic Host process for Win32 services encountered a problem and needs to close."?Taskbar changes from its normal blue color to gray. Start button changes its look to a more Windows 95 old look.?Unable to get to Windows Updates page. When I click on Start-> Windows Update a page opens in IE and says "Page cannot be displayed"?On first start up today, it loaded all the way to desktop background but desktop icons never appeared. Did a hard shut down and then icons appeared on next startup.?IE, Firefox, and Chrome do not open sometimes. Sometimes they open, sometimes they dont.?Receiving Pop-up ads in browser. ?Computer sometimes does not shut down and I must manual shut down holding down power button.?Startup seems to take longer than it used to.?When shutting down, i think some kind of red circular icon appears in system tray for a few seconds then disappears. Looks like a solid red circle.Below I have pasted my DDS log and attached the Attach.txt file. Please note while in the process of the GMER scan about 10 minutes in my computer screen turned blue with a full screen message beginning with "A problem has been detected andd windows has been shut down to prevent damage to your computer....by the following file : kxtdqpow.sys" So I was unable to retrieve the ... Read more

A:Virus problem - Generic Host process for Win32 message + more

Hello and welcome to Bleeping Computer We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far. Upon completing the steps below another staff member will review your topic an do their best to resolve your issues. If you have already posted a DDS log, please do so again, as your situation may have changed. Use the 'Add Reply' and add the new log to this thread. Thanks and again sorry for the delay. We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scr DDS.pifDouble click on the DDS icon, allow it to run. A small box will open, with an explaination about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that... Read more

10 more replies
Answer Match 56.28%

I tried vundofix and superantispyware, but to no avail. Here goes:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 4:17:01 AM, on 1/1/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\System32\regsvr32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Raveen\Application Data\WinTouch\WinTouch.exe
C:\Program Files\Router\Router.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Raveen\Desktop\HiJackThis_v2\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blan... Read more

More replies
Answer Match 55.86%

First thank you for any and all assistance. I was directed to post to this forum by administrator boopme who initially helped me with my problem. My system: Dell XPS M140 laptop, 2 Ghz Pentium M, 2 GB Ram, Windows XP Pro SP 3, all updates installed, all drivers up to date.Anti-Virus software the virus slipped through: IObit Security 1.41, IObit System Care, SkyBot S&D, Firefox 3.6.2 w/ No Script and Ad Block PlusSymptoms: Using Firefox, when I do a Google search in the Google window I get the usual 10 blue links. Upon selecting a link I am redirected to a different site not associated in any way with the link.My corrective actions have been:Attempt 1: terminated all programs and anti-virus programs, ran Defogger, ran DDS. My system would not run DDS, it returned a report of gibberish as follows: p?"ns??e??Xc???Dg??????|?0 O ??E ??? J?\#2\???bN?\Mk?(?^EK?] mAttempt 2: terminated all programs and anti-virus programs, ran Defogger, ran RSIT successfully and generated a report, ran GMER successfully and generated a report.These are the result from the RSIT and GMER log. Attached will be the GMER log file named "gmer_scan" and the RSIT file named "rsit_Log2"RSIT Log File:Logfile of random's system information tool 1.06 (written by random/random)Run by Carlos at 2010-04-03 06:40:41Microsoft Windows XP Professional Service Pack 3System drive C: has 13 GB (25%) free of 52 GBTotal RAM: 2039 MB (75% free)Logfile of Tren... Read more

A:A Google Redirect Virus problem

Hi,My name is Extremeboy (or EB for short), and I will be helping you with your log. I apologize for the delay.If you still require assistance we would like to see the current condition of your system so please post a new set of DDS Logs as well as a GMER log and a description of any remaining problems or symptoms you may still have please.If for any reason you did not post a DDS log or GMER log please refer to this page and in step #6 and Step #7 and Step #8 for further instructions on downloading and running DDS & GMER. If you have any problems when running the tools or unable to produce a report for any reason, just let me know in your next reply.For your next reply I would like to see:-The DDS logs---DDS.txt and Attach logs-GMER log-Description of any remaining problems you may still have.With Regards,Extremeboy

12 more replies
Answer Match 55.86%

When I click on a link in google, the link gets redirected to an adware site. I downloaded Malwarebytes to remove it first (I know I should have asked someone first, but at the time I could only see suggestions and direct sites). It worked for about three days and now the virus is back. First it attacked Mozilla Firefox (my primary browser). Then, it attacks Google Chrome. How do I know this? Because I found this forum by googling it right now. I have tried to follow the steps as much as possible as according to the Preparation Guide. Any help will be appreciated!

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Harry Potter at 21:55:33.51 on Sat 04/30/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_24
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3999.2411 [GMT -4:00]
.
AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svch... Read more

A:Google Redirect Virus Problem!!!

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

18 more replies
Answer Match 55.86%

I picked up what looks like a Google re-direct virus late last week. Whenever I try to go to a web site through Google I am redirected to a completely unrelated page. My computer is running impossibly slow now on all tasks either on-line or off. Occasionally Internet Explorer will open a new page on its own. AVG 2011 and Spybot have been no help. AVG has sent a lot of stuff to the vault including SHeur3.CETU with no result.
I am running Windows XP Pro but I do not have an install or boot CD
I have completed the pre-posting steps to the best of my ability and am including the logs that resulted from the requested scans of my computer.
Any help, please.
.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.5.0_17
Run by User at 11:54:45 on 2011-05-16
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.353 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Program Files\AVG\AVG10\... Read more

A:Google redirect virus problem

Hi and welcome to TSF.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem as soon as possible.

You may wish to subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please be patient with me during this time.

19 more replies
Answer Match 55.86%

Hi, I have the hijackthis log below, please please help!!:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 22:19:11, on 11/05/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.17023)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB&... Read more

A:Another google redirect virus problem

Hello, fizz_da_wizzWelcome to the Bleeping Computer Forums. My name is Thomas (Tom is fine), and I will be helping you fixing your problems.If you do not make a reply in 5 days, we will have to close your topic.You may want to keep the link to this topic in your favourites. Alternatively, you can click the button at the top bar of this topic and Track this Topic. The topics you are tracking can be found here.Please take note of some guidelines for this fix:Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.Please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if ... Read more

6 more replies
Answer Match 55.86%

I was innocently searching for some office furniture using the Google search window in my Firefox 3.6.2 browser when after clicking a blue link, I was redirected to a different website. This website could be located in any part of the world. As I researched the problem on the internet I came across the Google Redirect Virus (GRV) and further research led me to this forum.

The virus is my laptop. Windows XP Pro SP3, 2Ghz Pentium M, 2 GB Ram, all MS updates installed, all drivers up to date. Used the following to remove the virus before posting on this forum:
IObit Security: deep scan; IObit System Care: spyware removal, registry fix and registry defrag; SpyBot S&D, Hijack This; GMER which reported a suspicious activity with atapi.sys (I took no action).

I try to run a clean machine but one got by. Thank you for any assistance provided.

A:A Google Redirect Virus problem

You will need to replace the atapi file with a clean one.please go here....Preparation Guide ,do steps 6 - 9.Create a DDS log and post it in the new topic from step 9,not in this thread.Let me know if that went well.

4 more replies
Answer Match 55.86%

Hi. I had intermittent problems with the Google redirect virus on Firefox and tried a whole variety of solutions, including TDSKiller and even redirecting my DNS. Nothing has worked. I am not prevented from accessing or running any programs, I just get redirected occasionally (not every time) I Google something. This only happens when I click a Google result --- I end up going to another page instead of the one I've clicked. I ended up uninstalling Firefox and switching to IE and didn't have problems for several days. Today it's back and acting up on IE.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_31
Run by HP at 21:45:41 on 2013-01-08
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.6135.2848 [GMT -7:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows&... Read more

A:Another Google redirect virus problem!

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days.

Hello there, cjtemp I'm Conspire, I'll be glad to help you with your computer problems.Please observe these rules while we work:Read the entire procedureIt is important to perform ALL actions in sequence.If you don't know, stop and ask! Don't keep going on.Please reply to this thread. Do not start a new topic.Stick with me till you're given the all clear.Remember, absence of symptoms does not mean the infection is all gone.Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.

40 more replies
Answer Match 55.86%

Hello folks,Wandering if any kind soul would be able to help me identify and remove a google redirect virus from my machine. Had it for a couple of days, not sure where I got it from. It is also affecting yahoo and manifests itself in explorer and firefox. I have had no luck running spyware doctor and installing Norton to try to clean the bug out. I have followed the instructions on posting the info that you guys need and hope I've got everything right. DDS.txt file copied below and Attach.txt and ark.txt files attached. Many thanks in advance for any help.DDS (Ver_09-12-01.01) - NTFSx86 Run by 0003515t at 14:17:31.89 on 31/01/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1140 [GMT 0:00]AV: Norton 360 *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchC:\WINDOWS\system32\svchost -k rpcssC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Intel\Wireless\Bin\WLKeeper.exeC:\WIND... Read more

A:Google redirect virus problem

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Fo... Read more

24 more replies
Answer Match 55.86%

every time i click on a link from google i'm redirected to another page, i searched it and saw its a common problem and was instructed to download the following programs: CCleaner, malwarebytes, SUPERanti-spyware free edition, nd hijack this. I have logs from malwarebytes and superanti-spyware but for the time being here is just my hijackthis log. pleassseeee help me----

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:00:14 AM, on 2/23/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Comcast\De... Read more

A:google redirect virus problem please help

I also noticed when i look at my system32drivers/ect/hosts there are SEVERAL hosts with names similar to this::

127.0.0.1 0websearch.com # ***Inserted By STOPzilla***
127.0.0.1 2005-search.com # ***Inserted By STOPzilla***
127.0.0.1 600pics.com # ***Inserted By STOPzilla***
127.0.0.1 a1.interclick.com # ***Inserted By STOPzilla***
127.0.0.1 absolutepics.net # ***Inserted By STOPzilla***

127.0.0.1 nude-teen-bodies.com # ***Inserted By STOPzilla***
127.0.0.1 onlyhotlinks.com # ***Inserted By STOPzilla***
127.0.0.1 on-search.com # ***Inserted By STOPzilla***
127.0.0.1 picshunter.us # ***Inserted By STOPzilla***

It doesnt look good to me but ive read that it is to stop certain ads from appearing, in other places ive read tht these need to be deleted asap.
 

3 more replies
Answer Match 55.86%

I picked up what looks like a Google re-direct virus late last week. Whenever I try to go to a web site through Goodle I am redirected to a completely unrelated page. My computer is running impossibly slow now on all other tasks either on- line or off and I?m getting a load of pop-ups and error messages. AVG and Spybot have been no help. I?m using Windows XP Pro and I have a DSL internet connection. Can anyone help me get rid of this bug (bugs)?

A:Google redirect virus problem

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined below. Use a USB flash drive to download and transfer the tools to the affected machine, if necessary. You might like to run the Flash_Disinfector.exe on the clean machine and the flash drive first to protect against any possible transfer of infection via USB.


NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

PS. Please use normal font in your posts.

1 more replies
Answer Match 55.86%

Hi- A couple days ago I started having the Google Redirect problem with Internet Explorer (and later Firefox as well). I did a MalwareBytes Scan that found a couple files that I deleted, but the problem did not go away. Neither Avast or Oupost Security Suite seemed to register it. I did a scan with UnHackMe that only located a few legitimate files. I also did a TDSSKiller scan which didn't locate anything.
The problem happened right after a manual Java Upgrade, so I deleted the Java cache in case it may have been hiding in there (to no avail). The odd thing with the virus is that it is not consistent- it seems to come back after a reboot and then it is gone again, until it just starts up again randomly.

I downloaded Hitman Pro and did a single scan last night that found and removed one file- a devifmon.dll from my AppData temp file, but the first time I tried to use Google today I was redirected again (although now Google works fine!). I also checked the Hosts Driver file as suggested on a few sites and it had no abnormal additions.

I appreciate your help- having got a few viruses in the past, I know better than to just assume that it is gone (especially after I was redirected once today and haven't changed anything since).

Karl
DDS (Ver_10-12-05.01) - NTFSx86
Run by Karl at 16:03:02.66 on Wed 12/08/2010
Internet Explorer: 8.0.6001.18975 BrowserJavaVersion: 1.6.0_22
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.2037.726 [GMT -8:00]
... Read more

A:Problem with Google Redirect Virus, Perhaps Others...

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

3 more replies
Answer Match 55.86%

Okay. I've had a bit of trouble for about a week. First I noticed that my google searches kept redirecting to different sites. And then I noticed my browser was running entirely too slow. I tried pulling up the Task Manager to see what was going on but I kept getting an error message upon a black screen saying that Task Manager failed to boot up or something. At this point I was very aware that I had something on my computer and phoned a friend who said to download Malwarebytes and use it.

I did just that. Took care of the Task Manager problem. I decided to run an AVG scan. Full scan waited for 3 hours and came back with nothing. I use Google Chrome as my browser and hopped back on but was still experiencing the same problem. So I searched around and find a Youtube video demonstrating Malwarebytes, Hitman Pro and ComboFix. I downloaded/ran Hitman Pro and was shown a "possible TDSS/Alureon/variant" message across the top of the scan and something about hidden drivers. I was still convinced that the problem was present but I had read the warnings about ComboFix and how it was to be used only by pros. I googled ComboFix and after some browsing came across a forum post of the Admin Gringo helping someone get rid of a problem that seemed very similar to mine. So this is me giving it a shot.

Since I found out I was infected I've been operating in Safe mode with Networking support fairly often so i dont get slowed down too much. Hope that is a good thing. My OS ... Read more

A:Google redirect malware/Trojan/Rootkit/problem slowing down computer!

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

16 more replies
Answer Match 55.86%

Ok, first, I want to warn you, I'm not a computer savy, quite the opposite !!!My computer started to act funny when I used search engine directing me towards spam websites. So, after a little bit of research I found some advice on a website to 'fix' it.So I have followed a couple of steps. I was advised to use 'Malwarebytes' Anti-Malware', which I did. It found and removed 15 problems, and I saved the log. Then I used "HijackThis" - I didn't deete anything, just scanned and saved the log. I was advised to use SDFix.exe but it's a little bit out of my comfort zone. I want somebody to look at my logs bafore I tried this last step.So here are the logs :Malwarebytes' Anti-Malware 1.31Database version: 1488Windows 5.1.2600 Service Pack 312/11/2008 12:37:54 PMmbam-log-2008-12-11 (12-37-54).txtScan type: Full Scan (C:\|D:\|)Objects scanned: 167083Time elapsed: 1 hour(s), 30 minute(s), 36 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 10Registry Values Infected: 0Registry Data Items Infected: 1Folders Infected: 0Files Infected: 3Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a3fdd654-a057-4971-9844-4ed8e67dbbb8} (Trojan.BHO) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows&... Read more

A:Google redirect/Sinowal Trojan problem for computer challenged girl

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable a... Read more

1 more replies