Tech Problem Aggregator

ESET blocked IPs when visiting Google (Rootkit?)

Q: ESET blocked IPs when visiting Google (Rootkit?)

Hello.I've suddenly started receiving "Address Blocked" messages from ESET over the last 24hours. My computer has also suffered from four or five blue screens of death. I suspected it was Malware. I have Malwarebytes installed (which found nothing after searching) but also Super Anti-Spyware which produces a BSOD as soon as I try to execute it. The errors only popup when searching in Google, no other pages.I'm using a PC, Windows 7 Ultimate. I first ran TFC, rebooted, then Malwarebytes, but it found nothing.Please advise on what to do next?Many thanks,Daniel

A: ESET blocked IPs when visiting Google (Rootkit?)

Oh yes, here's an example of the error.

7 more replies
Answer Match 76.02%

Every time I search with Google I get an alert from ESET NOD32 Antivirus that says "An address has been blocked" and the IP is 213.163.89.105:80. I also get unexpected Internet Explorer windows that pop open.Please help.DDS (Ver_10-03-17.01) - NTFSx86 Run by Hatchet Jack at 7:17:28.43 on Sun 05/23/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.184 [GMT -5:00]AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exesvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Analog Devices\SoundMAX\SMTray.exeC:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exeC:\Program Files\ESET\ESET NOD32 Antivirus\egui.exeC:\WINDOWS\VM_STI.EXEC:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\WINDOWS\system32\ctfmon.exesvchost.exeC:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exeC:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Trend Micro\RUBotted ... Read more

A:Google Searches cause ESET Alert: Address Blocked - 213.163.89.105:80

Hello Hatchet JackWelcome to BleepingComputer ==========================One or more of the identified infections is a backdoor trojan or rootkit.This type of infection has the capabilities to allows hacker to remotely control your computer, steal critical system information and download and execute files.I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:How Do I Handle Possible Identity Theft, Internet Fraud and CC Fraud?When Should I Format, How Should I ReinstallWe can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.

5 more replies
Answer Match 64.26%

Hi everybody,

I have recently been affected by nasty viruses/trojans on both my pc and my laptop. I will start with my laptop since it is newer.

I have had the laptop for about a year now, running Vista with no problems and no viruses or spyware to bother me. I now have a malicious infection on the computer which has caused a number of issues:

-Internet Explorer opens, but does not load any websites
-Firefox works, but all Google links redirect to useless websites
- All antivirus websites are somehow blocked and Firefox cannot find their servers. This means I cannot run online virus scans
-My Norton Protection Center antivirus (which is also expired) freezes upon trying to run a virus scan
-AVG cannot install because when it tries to connect to the update server, the virus blocks the connection and it cannot find the server.
-my laptop had its first ever blue screen of death and restarted
- Upon restart, the computer now runs incredibly slow and Performance CPU Usage ranges from 97% to 100% while in the Processes tab of Task Manager nothing seems to be eating up any CPU at all.
-There are false instances of iexplore.exe using up memory (these come and go)
-I tried running the GMER program but it caused my computer to blue screen and crash for the second time

Please help, I don't know what to do!!

Here are my logs:
DDS (Ver_09-07-30.01) - NTFSx86
Run by Justin at 22:29:57.86 on 06/09/2009
Internet Explorer: 8.0.6001.18813 BrowserJavaVersion: 1.6.0_07
Microsof... Read more

A:Rootkit - [Computer 1] antivirus wont run - AV websites blocked - google links redirecting

Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix.. Please visit HERE if you don't know how.. Please re-enable them back after performing all steps given..Please download ComboFix by sUBs from HERE or HERE and save it to your Desktop.During the download, rename Combofix to Combo-Fix as follows:It is important you rename Combofix during the download, but not after.**NOTE: If you are using Firefox, make sure that your download settings are as follows:Tools->Options->Main tabSet to "Always ask me where to Save the files".After that, double-click and run Combo-Fix. Let it finish its job and post the log hereIf ComboFix asked you to install Recovery Console, please do so.. It will be your best interest..Note: DON'T do anything with your computer while ComboFix is running.. Let ComboFix finishes its job..

15 more replies
Answer Match 59.22%

DDS log, etc.
GMER found nothing it said
Need confirmation of how to remove anything/prevent.
Can provide eset/MBAM logs at request.
http://www.bleepingcomputer.com/forums/topic411091.html/page__gopid__2347502#entry2347502
Previous
No direct issue have been seen.it started on the 11th with a proxy being set up on firefox, and MBAM found several malware programs. my paranoia since has lead to daily scans that seem to come up with something pretty regularly

A:Not sure what this is, but There have been 43 blocked attacks and 2 infiltrations on eset

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:***************************************************First, I need to know if you still need help! To tell me this, please click on http://www.bleepingcomputer.com/logreply/411190 and follow the instructions there. If you no longer need help, this is all you need to do. If you do need help please continue below.***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
Please do this even if you have prev... Read more

2 more replies
Answer Match 59.22%

Sorry for my English. As i connect my usb-internet to my pc i get multiple notifications from Eset, (the picture is just an example) the attacks comes all from the same ip (192.168.42.129) This happened to me yesterday be hasn't happened since yesterday, no more same notifications. I searched from several ip-tracking sites, the ip information leads to Italy and some company located in USA (IANA). I don't know what this is? And why this is happening? Is this some hacker?

A:Eset blocked attack attempt

Did you click on "Learn more about this message" for additional information?If your firewall or security software provides an alert which indicates it has blocked access to a port or detected an intrusion attempt that does not necessarily mean your system has been compromised. These alert messages are typically a response to unrequested traffic from remote computers (an external host) to access a port on your computer.It is not unusual for firewalls, IP blocking software (i.e. PeerBlock) and some anti-virus programs to provide numerous alerts regarding probing and intrustion attempts to access your computer. Botnets and Zombie computers scour the net, randomly scanning a block of IP addresses, searching for vulnerable ports - commonly probed ports and make repeated attempts to access them. However, not all unrequested traffic is malevolent. Even your ISP will send out regular checks to see if your computer is still there, so you may need to investigate an attempted intrusion.Alerts are often classified by the network port they arrive on, and they allow the firewall to notify you in various ways about possible penetration and intrusion attempts on your computer. Even if the port is open, the alert message indicates that your firewall has blocked the attempt to access it.What are TCP and UDP portsTCP/UDP Ports ExplainedHackers use "port scanning", a popular reconnaissance technique, to search for vulnerable computers with open ports using IP addresses or a group of random IP ad... Read more

3 more replies
Answer Match 59.22%

Hi
I have Eset Smart security installed on my windows 7 64 bit.
It keep giving me a message that it blocked an URL and it gives me an address and IP address.
It usually pops up in every 10-15 minutes with similar url addresses.
It started 2-3 weeks ago and when it was showing this message every 5 minutes I did a windows reinstall but it seems it didn't help because after a few days it started again.
If I do a scan with the smart security it doesn't find anything.
Thank you for your help

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Makk at 9:40:16 on 2012-06-22
Microsoft Windows 7 Professional 6.1.7601.1.1250.36.1038.18.4077.2248 [GMT 2:00]
.
AV: ESET Smart Security 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Szem?lyi tűzfal *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Wi... Read more

A:Eset keep giving me a message that URL blocked

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your computer problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the ... Read more

53 more replies
Answer Match 59.22%

My eset smart security keeps blocking address like 7gafd33ja90a.com and other sites with some kind of code or something, its been my third day, is this an infection?all i can post is an hijackthis log can u help me, thanksQUOTELogfile of Trend Micro HijackThis v2.0.2Scan saved at 10:08:43 PM, on 10/3/2010Platform: Unknown Windows (WinNT 6.01.3504)MSIE: Internet Explorer v8.00 (8.00.7600.16385)Boot mode: NormalRunning processes:C:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\PowerISO\PWRISOVM.EXEC:\Program Files\Yahoo!\Search Protection\SearchProtection.exeC:\Program Files\ESET\ESET NOD32 Antivirus\egui.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Windows\System32\WTClient.exeC:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files\Java\jre6\bin\javaw.exeC:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Update... Read more

A:multiple address has been blocked by ESET

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

3 more replies
Answer Match 59.22%

SYSTEM
OS Version: Microsoft? Windows Vista? Home Premium, Service Pack 2, 64 bit
Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz, Intel64 Family 6 Model 15 Stepping 13
Processor Count: 2
RAM: 1915 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 830 Mb
Hard Drives: C: Total - 110427 MB, Free - 43484 MB;
Motherboard: TOSHIBA, Portable PC
Antivirus: Microsoft Security Essentials, Updated and Enabled

PROBLEM
On startup I opened FF to start surfing. It acted funny. Its been real slow for weeks but today it had that ghost of a smaller popup come over the screen and when I went to close the main window of FF down a second window opened and did the same thing. I unplugged from the net and I closed both FF v47.0 windows. I had to click the close button multiple times before it responded.
I tried to do an ESET online scan from the ESET smart installer on my desktop and it won?t download the updates to get started. The message says ?Cannot get update. Is proxy configured?? I have my connection setting to ?No Proxy?.
I went to options, advanced, network and there is 253KB (changing to 254KB and back again occasionally) of stored data and when I clicked on clear now it did not go away. It is there on start even if I am not connected to the internet.

I Binged ESET website and chose online scan from the results. I saved the file that came up after clicking online scan. When I opened the folder it was in there were two files both with the same na... Read more

A:ESET smart installer is being blocked

Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

ESET Online Scanner has changed versions recently. I noticed you have the older version installed, ESET Online Scanner v3.

The newer version does not install like ESET Online Scanner v3 does. It only creates a data folder.

I would uninstall ESET Online Scanner v3 from Programs and Features via your Control Panel, then restart your machine.

Your title also mentions ESET smart installer as having problems. The older version used esetsmartinstaller_enu.exe to install ESET Online Scanner.

The new version uses esetonlinescanner_enu.exe to run the online scan, and esetonlinescanner_enu.exe to install the actual ESET Smart Security 9 antivirus/firewall package.

I believe you meant to say esetonlinescanner_enu.exe instead of esetsmartinstaller_enu.exe in your title, correct?

After uninstalling ESET Online Scanner v3, delete any and all ESET installers from your desktop.

If that second file still resists deletion, try renaming then see if it will delete. If still no joy, you might try deleting it in Saf... Read more

19 more replies
Answer Match 58.8%

System Specs if needed
OS: Win 7 ultimate 32 bit
RAM: 3GB
Proci: Intel 2.2ghz E2200

Internet Connection: BayanDSL 1MBPS
Modem Model: Huawei SmartAX MT880

Eset Smart Security 5.0.94
Can't access this sites:
animefreak.tv
animeultima.tv
dramacrazy.net
epdrama.com
mail.yahoo.com
gmail.com

Pinging this sites in command prompt says
General failure

diagnosing connection in internet explorer when i open this sites it says
security settings or firewall is blocking connections or similar to that
what i did checked windows firewall if its turned off(it was off) then checked its rules and zones nothing to block all connections for chrome and sites were allowed reset the windows firewall settings to default(deletes zones and rules previously created)

tried to load and ping them again still no luck

tried to disable eset firewall and tried the sites again still no luck
browsed eset logs for firewall blocks it was blank
checked its settings if its blocking for any sites it was blank
pressed the default button in advanced setup of eset and reverted all settings to its default just to be sure

but still no avail but i found this site called tunnelmein it loaded the site but wont let me play the videos

Hijackthis generated logfile


Code:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:00:22 PM, on 10/29/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files\... Read more

A:I Cant access some of this sites (Blocked by Eset I guess)

Eset has certainly nothing to do with the problem, unless it was manually configured to block those sites. At least I use gmail on a daily basis while running Eset 5 and I never had a problem.

Now, what worries me in your set-up, you seem to be running Eset, Malwarebytes, and TuneUP utilities and there is also a reference to Kaspersky. That's too much and definitely unnecessary. You only need to run one security suit. You should not even have another anti-virus installed on your system. You should not run two firewalls (Windows and Eset) at the same time. You can have another anti-malwate (such as Malwarebytes) installed, but don't run the real-time engine, just scan your system every once in awhile if you feel you need it. TuneUp Utilities are in my opinion completely useless.

My suggestion - clean up your system, run just what's necessary, and if you decide to leave Eset, check on the configuration for blocked sites, make sure your sites are not listed there. the software itself does not block any sites on its own.

Also, check the configuration in IE - it has a blocking feature of its own. Somewhere these sites became blacklisted. You have to find where.

2 more replies
Answer Match 58.8%

Hello
 
 everytime my Pc starts Eset block skype-soft.com url. Steamhelper.exe app seems involved but I can't get rid of it.
Can you help me?
 
thanks
Christophe

A:Skype-soft.com blocked at startup by ESET

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Press the windows key + r on your keyboard at the same time. This will open the RUN BOX.Type Notepad and and click the OK key.Please copy the entire contents of the code box below to the a new file. 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [CompeGPSDev] => [X]
HKU\S-1-5-21-2427057435-407871675-1011895795-1001\...\Run: [HijackThis startup scan] => C:\Users\Christophe\Downloads\HijackThis.exe [388608 2016-01-30] (Trend Micro Inc.)
AppInit_DLLs: C:\PROGRA~2\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC64Loader.dll => Pas de fichier
Task: {030711E3-DB05-4707-B51E-51002DF3A87E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {4540803B-34F1-47AA-98D6-37FDCBA6183B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {46620C8B-C2CE-4F9C-8151-C354D541CFC9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {5896BF5B-0806-4014-8B70-812C1EFEFC8D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {8F69CB55-330C-4A86-8386-39DDDC0AA30A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== AT... Read more

4 more replies
Answer Match 58.8%

Hi I wonder if you can help?

I recently had some problems with IE hanging and my PC telling me I wasn't the administrator, so I downloaded ESET trial as I suspected a virus issue.

I was recently attacked by the PC anti-virus bug that tells you every file is a virus etc but resolved that issue by doing a system restore.

So, ESET keeps blocking two URLs; lkckclckli1i.com and rudolfdisney.com

I tried running Ad-Aware and Spybot, which did find some issues and removed them. I have since removed Ad-Aware as I read on this forum that it can conflict with ESET; I've left spybot in place as it seems to work better than ESET. However ESET is still blocking these attacks regularly.

Anyway, can anyone suggest how I get rid of those two URL's that are trying to connect without my knowledge?

I'm running Vista OS Home Premium SP2, 32 bit.

(Please note I am unable to do backup as the error 'back up configuration not valid appears)

Thanks.

A:rudolfdisney.com and lkckclckli1i.com URL's blocked by ESET but can't remove

Hi all, still getting this problem. Anyone got any ideas?

6 more replies
Answer Match 58.38%

Anyone else getting that old Google bar when visiting a Google site with Edge?

A:Anyone else getting that old Google bar when visiting a Google site ..

Yup..shows up here.

20 more replies
Answer Match 57.96%

Ok, I'm at wit's end. So I gotta ask for help.
I use IE7 browser and I'm getting the Sysfader error
whenever I visit Google Video, and of course the
browser goes down. This has only started happening,
I guess past six weeks or so. The Sysfader error does not
happen on any other video site, even youTube, just
Google Videos.

I've done all the troubleshooting and searched
everywhere for a solution. So I know the following
info.

- It's got nothing to do with nVidia card thingy.
I got all ATI stuff and a REAL-TEK sound card.

_ Under my system performance, all the scrolling and
fade effects are turned off (not checked) And I thought
that's what the Sysfader thing was, but that's not it.

-I've disabled all the IE7 add-ons except "cookies"
and the "Adobe Shockwave flash Active-x" cause the
videos won't play without it, but all other add-ons
have been disabled to see if that helped.
And restarted the browser and rebooted etc.

So, that's all I could find. And I'm stuck.

Okay, I just made it do it....I went
to Google Video, did a search on "Jordan Maxwell",
videos come up, I click on one, it tries to open up
in a separate window, then the error box pops up:

_____________________________________________________
SysFader: IEXPLORE.EXE - Application Error
The instruction at "0x75c54a27" referenced memory at "0x00000240".
The memory could not be "read". Click OK to terminate the program.... Read more

A:SysFader error when visiting Google Videos

Please do this:

http://blogs.msdn.com/ie/archive/2006/06/12/628499.aspx

1 more replies
Answer Match 57.96%

Ok, I'm at wit's end. So I gotta ask for help.
I use IE7 browser and I'm getting the Sysfader error
whenever I visit Google Video, and of course the
browser goes down. This has only started happening,
I guess past six weeks or so. The Sysfader error does not
happen on any other video site, even youTube, just
Google Videos.

I've done all the troubleshooting and searched
everywhere for a solution. So I know the following
info.

- It's got nothing to do with nVidia card thingy.
I got all ATI stuff and a REAL-TEK sound card.

-Under my System Performance in Control Panel,
all the scrolling and fade effects are turned off
(not checked) And I thought that's what the Sysfader
thing was, but that's not it, still happening.

-I've disabled all the IE7 Add-ons except "cookies"
and the "Adobe Shockwave flash Active-x" cause the
videos won't play without it, but all other add-ons
have been disabled to see if that helped.
And restarted the browser and rebooted etc.

So, that's all I could find. And I'm stuck.

Okay, I just made it do it....I went
to Google Video, did a search on "Jordan Maxwell",
videos come up, I click on one, it tries to open up
in a separate window, then the error box pops up:

_____________________________________________________
SysFader: IEXPLORE.EXE - Application Error
The instruction at "0x75c54a27" referenced memory at "0x00000240".
The memory could not ... Read more

More replies
Answer Match 57.54%

Hi!  Thank you so much tech warriors for your fine work on these here forums.  I mostly wanted to reference another post in which m0le helped another user with the same problem as me.  http://www.bleepingcomputer.com/forums/t/344046/google-redirect-in-firefox-ie-proxy-unfixable-after-removal-of-antimalware-doctor-others/
 
It was unclear as to whether or not this topic helped anyone and I wanted to say thank you so much, it seems to be fixed.  When I tried to download free trial of ESET I got an error message saying something about a proxy but there was no proxy to be seen.  Your instructions were spot on with nothing left out even for non-xp users.  , 
 
Everything seems better than ever after downloading from your specified links in above linked post (all files saved and extracted to DESKTOP), running MBRcheck as administrator (found the problem, stopped there as instructed), TDSSKiller ("%userprofile%\Desktop\TDSSKiller.exe" -l report.txt  <---ran TDSSKiller by copy/pasting this--quotes included to start/search), Microsoft Recovery Console to fix MBR (accessed by spamming f8 at boot-up.  Chose command prompt option and used bootrec command as specified in the link provided in m0le's above post that says "
How to fix MBR in Windows XP and Vista 
" ^Section: 

Fix MBR in Vista
"
), and ComboFix (saved to desktop as comfix) the specific way that m0le said.  Now ESET was able to download, updat... Read more

A:Antimalware Doctor + Systweak Inc. +blocked ESET installation RESOLVED?

Hello -
We are not sure of your problem (since this your first post) or even if you were infected, but each problem, and then each solution, is usually computer specific, due to installed programs and many other variables -
 
Note that the problem you link to was on an XP system, while you have posted this under Vista operating systems which is not the same related Operating System...
We know nothing of your exact problems and even the steps that you took from the post (not all related to Vista).
 
A the topic was posted in 2010, these infections do change slightly over time and require specific fixes.
 
The summary is to just be "very careful" when you follow other posted solutions for similar problems.
 
Thank You -

5 more replies
Answer Match 57.12%

Hi everyone.

I received a link to a video entitled "Russian Guy touching 1000 Breasts". While the link opened, I closed the window but was watching a YouTube video at the same time. A pop-up came up for installing a YouTube and Flash update for the YouTube player, and I didn't think twice and clicked it assuming it was legitimate. Now I highly doubt it was. Every time I visit any site with Google Chrome the same warning message is displayed concerning the site allinfree.net, no matter what site has been visited. I have attached a sample screenshot as google_warning.jpg.

I searched online and found someone complaining of the same problem: https://community.mcafee.com/message/223287 However, detailed steps were not provided as to how to solve the problem.

I ran scans using Avira Free Antivirus, McAffee Stinger, Malwarebytes Anti-Malware, and SUPERAntiSpyware Free Edition to try and clean my computer, however the message was still coming up in Chrome.

I came across this site and was following instructions for posting concerning a Malware infection. I was able to get a DDS report however in the middle of scanning using GMER, my computer froze, crashed, and re-started. Now the computer runs extremely slowly, and every time I try to get a GMER log the same events happen. I have attached my DDS log (Attach.txt) and a HijackThis! log (hijackthis_log.txt) for support.

Please let me know how to proceed. Thank you for your time, help, and input .

Phebotalus
DDS... Read more

A:Google Chrome Warns of Visiting allinfree.net for Every Website

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is normal.You can download Combofix from one of these links.Link 1Link 2Link 3 1. Close any open browsers or any other programs that are open.2. Close/disable all anti virus and anti malware programs so they do not interfere with the r... Read more

8 more replies
Answer Match 57.12%

(not sure if i put this in the correct section sorry)

Im with BT Broadband at the moment, earlier today there was a new update, im guessing for the router, so i downloaded it.

Since then i have been getting the above warning on certain sites i try to enter which i have been on before with no problems (for instance, the BBC website).

Is this just coincidence or did the update do this?
... and if so, does anyone know how i got about un-installing the update?

Thanks.

A:Google - Warning visiting this website may harm your computer.

Its not u only. Everybody is having it as google is partnering with another team to do this.

However it is gone for now

3 more replies
Answer Match 57.12%

Hi Folks,

I'm at the end of my technical capability here and need some help. Basically, the title says it all - my browser window crashes intermittantly - the commonality I've noticed between the sites it crashes on is that they have Google ads. I know some virus/spyware can latch onto specific sites, so I try all the tools I can get, with no success in either identifying the problem or correcting it. I used

-Bitdefender
-Ad-aware
-Trendmicro
-Spybot S&D
-ewido
-spysweeper
-ccleaner
-xblock
-AVG

Below is my HiJackThis logfile - can anyone tell me how to proceed?

Logfile of HijackThis v1.99.0
Scan saved at 20:59:01, on 22/08/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\misc utilities\Sygate\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\misc utilities\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\misc utilities\Spyware Doctor\sdhelp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\Syst... Read more

More replies
Answer Match 55.86%

I read through the pre-posting guidelines and attempted to download DDS, but this virus or whatever is on my computer has completely blocked my ability to download anything that could potentially help you guys help me. If there is a workaround that someone knows that I don't, please let me know. I'll do whatever I need to to get this damn thing off my computer. It started as a Google redirect virus which I seemed to have under control, and then all of a sudden my data usage spiked today and everything that I normally use to control something like this stopped working. What I can tell you is that when I saw my data go out of control, I opened my Task Manager and found dllhost.exe *32 COM Surrogate running and it will not stop. I had never seen that running before. I'm just at a complete loss. I really hope you guys can help me and if not... walk me through a complete and utter wipe, reformat, whatever you call it.

A:Google Redirect Virus, DDS download blocked, TDSSKiller.exe blocked

I was able to run DDS and TDSSKiller from a jump drive. No reaction from TDSSKiller - no threats found. Log from DDS is included below. I should probably also say that this was run in Safe Mode since I didn't know if it would even work in a regular boot. If I need to run it in a regular boot, let me know and I can post that log as well.
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 MINIMAL
Internet Explorer: 9.0.8112.16457  BrowserJavaVersion: 1.6.0_24
Run by Mamabear at 1:19:17 on 2013-12-06
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.1.1033.18.8183.7384 [GMT -5:00]
.
AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ======... Read more

21 more replies
Answer Match 55.02%

ESET Rootkit Detector is an application that will scan your Mac® OS X, for rogue kernel extensions that hook inside the OS X kernel to change the system behavior. It provides a single-click way to check your Mac for rootkits.

A rootkit is a stealthy type of malicious software designed to lie hidden on computers and remain undetected by antivirus software. It enables continued administrative access to a computer, allowing access to your personal information. Rootkits are frequently used in combination with other malware to hide them from users and security products.

Instructions for creating rootkits are readily available online these days. This increases the likelihood of finding rootkits for Mac OS X in the wild. Just in the last year we have seen rootkits targeting OS X such as OSX/Morcut (also known as OSX/Crisis). This rootkit was used to spy on users and steal information from their Mac.

ESET Rootkit Detector is a small app file. After download, it will scan your Mac running OS X for rootkits. ESET Rootkit Detector verifies that the system call will be sent to the right function and that it was not hooked by a potentially malicious third party kernel extension.

http://download.eset.com/special/erd/ESET_Rootkit_Detector.zip
 

More replies
Answer Match 54.6%

Hello. Several weeks ago, I noticed that ESET was blocking two sites that I wasn't even trying to access. The two sites are clkh71yhks66.com and zl00zxcv1.com. It seems to happen whenever I submit a form from a webpage, and also when I open a webpage in a new tab. ESET does block these sites, but a new Internet Explorer window pops up anyway (at my default page of google). Sometimes, several new windows pop up at once, even though I have my pop-up blocker turned on. Recently, I also noticed that I cannot access the Microsoft Updates page. All these symptoms seem very similar to a previous post to this forum (http://www.bleepingcomputer.com/forums/topic330759.html). I'm afraid that I have a rootkit. I have run several scans of ESET and MalwareBytes, but the problems persist.Thank you very much for any help you can provide. I've attached the DDS scan log as requested. I also tried running GMER, but I got the blue screen of death and my computer crashed while I was running it. At the crash screen, it specifically mentioned the file "iaStor.sys". The screen suggested that I disable this driver, but I have not done so yet. I have never got the blue screen of death before; upon running GMER, this is the first time I get it.Thanks again,P.D.DDS (Ver_10-03-17.01) - NTFSx86 Run by FRojas at 20:26:45.96 on Thu 08/26/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3062.247... Read more

A:Possible rootkit: ESET blocking clkh71yhks66.com and zl00zxcv1.com

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

14 more replies
Answer Match 54.6%

I ran a quick scan on memory and Windows folder today and ESET found this threat in memory; stated it cannot clean. A Google search led me to your forum post by another user w/the same problem.

I appreciate any help you can give me. System has been very slow, and Explorer crashes a lot when I right click on a file. Also some of my system icons are gone.

Odd thing, I did a full scan on memory/boot sector and my OS drive 3 days ago and ESET found nothing. I have realtime AV and Spyware protection enabled for all files, web, and email. So, I'm surprised that this trojan 'broke thru' ESET's realtime scanning and appeared with today's scan. Do you guys know if that is common? If this type of virus is not currently running in memory, does that mean it can go undetected with a full scan? Does this type of virus run in memory sporadically, like there is some program that triggers it, and it is not always running?

Thanks.

A:rootkit ODG trojan found - ESET cannot clean

Hello ckbeme,

There is no AV out there, that can block all malware. Take a look around at how many people post for assistance and you'll find that they also have AV's they scan with daily, and keep updated. It's a cat and mouse game. New malware comes out all the time--daily, and the AV companies work tirelessly to keep up.


Kindly follow the instructions in our sticky topic New Instructions - Read This Before Posting for Malware Removal Help and post the requested logs in your next reply.

1 more replies
Answer Match 54.18%

Hi guys,Well I'm here today to ask for some help. My computer recently got the Win32/Rootkit.Agent.ODG trojan and ESET NOD32 can't get rid of it. I've also tried Malwarebytes and it doesn't even detect it. So I was wondering, is there a way to get rid of this virus. And also, what harm can it do to my computer. Thank you very much,Armando.Edit: Moved topic from XP to the more appropriate forum. ~ Animal

A:Win32/Rootkit.Agent.ODG trojan, ESET detects it, but can't get rid of it. Please help!

Please download RootRepeal Rootkit Detector and save it to your Desktop. * Close all programs and temporarily disable your anti-virus, Firewall and any anti-malware real-time protection before performing a scan. * Click this link to see a list of such programs and how to disable them. * Create a new folder on your hard drive called RootRepeal (C:\RootRepeal) and extract (unzip) RootRepeal.zip. (click here if you're not sure how to do this. Vista users refer to this link.) * Open the folder and double-click on RootRepeal.exe to launch it. If using Vista, right-click and Run as Administrator... * Click on the Files tab, then click the Scan button. * In the Select Drives, dialog Please select drives to scan: select all drives showing, then click OK. * When the scan has completed, a list of files will be generated in the RootRepeal window. * Click on the Save Report button and save it as rootrepeal.txt to your desktop or the same location where you ran the tool from. * Open rootrepeal.txt in Notepad and copy/paste its contents in your next reply. * Exit RootRepeal and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.Note: If RootRepeal cannot complete a scan and results in a crash report, try repeating the scan in "Safe Mode".

12 more replies
Answer Match 54.18%

Hello.

I noticed that ESET was working particularly hard to block a barrage of attacks two days ago, and apparently something got through. I tried to run MalwareBytes, but the screen saying "Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item" appeared. I reinstalled the software, but to no avail. I now notice that ESET is not updating.

I have posted the ESET log file here to show what all it tried to block. I apologize for the manner in which it is displaying below.

I am admittedly a novice at dealing with such issues, so any help you can give would be greatly appreciated. Thanks!

ESET log file:

9/9/2009 1:18:08 AM Startup scanner file C:\WINDOWS\TEMP\a.exe a variant of Win32/Kryptik.ADD trojan cleaned by deleting (after the next restart) - quarantined DELL\M & J
9/9/2009 1:18:03 AM Startup scanner file \\?\globalroot\systemroot\system32\SKYNETyqmepxpp.dll a variant of Win32/Kryptik.AHG trojan cleaned by deleting - quarantined DELL\M & J
9/7/2009 3:07:12 PM HTTP filter file hxxp://212.117.174.14/PC_protectvam.exe a variant of Win32/TrojanDownloader.FakeAlert.AIC trojan connection terminated - quarantined NT AUTHORITY\SYSTEM Threat was detected upon access to web by the application: C:\WINDOWS\system32\svchost.exe.
9/7/2009 3:07:10 PM HTTP filter file hxxp://212.117.174.14/139-us5.exe probably a v... Read more

A:MalwareBytes and ESET Security Disabled by Virus -- possible rootkit?

As the above log is your AV log, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.==>PLEASE DO NOT NOW POST OTHER LOGS<== unless a log is specifically requested.

6 more replies
Answer Match 53.34%

Hello All,

In the last few days, a warning window pops up every few minutes and reports: "c:\huadio.tmp as a trojan Win32/Rootkit.EIG trojan". Running several rootkit detection programs show nothing there. Enclosed please find the HijackThis resultant file. The antivirus which I am using is ESET NOD32

Please advise.

Thanks a lot for your efforts and time.

Regards,

Yossy Goldenberg

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:52:33 PM, on 7/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
C:\Cadence\PSD_14.2\bin\lmgrd.exe
c:\mentorgraphics\2004\common\win32\bin\cvssvc.exe
E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
E:\WINDOWS\System32\svchost.exe
e:\MATLAB6p1\webserver\bin\win32\matlabserver.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
E:\WINDOWS\System32\WFXSVC.EXE
E:\Program Files\Symantec\WinFax\WFXMOD32.EXE
E:\Program Files\Canon\CAL\CALMAIN.exe
C:\Cadence\PSD_14.2\bin\cdslmd.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\htpatch.exe
E:\Program Files\Microsoft Hardware\Keyboard\type32.exe
E:\Program Files\Microsoft Hardware\Mouse\point32.exe
E:\Program Files\Common Files\ACD Systems\EN\DevDet... Read more

More replies
Answer Match 50.4%

I'm here because I WAS infected by a particularly nasty bit of malware - now gone, but wanted to share because I found no references to this TDSS variant.

OS: Windows 7 Business, 32 bit. Symptoms: Google redirects, pop-up audio commercials (new to me!), IE Script error pop-ups (even when out of IE), general weirdness. Tried: Rkill (ran OK, no results), Malwarebytes (ran, found nothing), Symantec (ran, found a few Java junk files, no payload. I was pretty sure that I had TDSS on board, but TDSSKiller would not execute - quick clock then nothing. Safe Mode, no change. Combofix found a few things, no rootkit. I tried GMER - found nothing.

Finally yanked the hard drive out and mounted it in a clean system, scanned with Microsoft Security Essentials. Found Win32/Alureon.K in \Windows\System32\Drivers\Volsnap.sys. Replaced Volsnap.sys with a clean copy - Bam! All fixed!

Did a search on TDSS and Volsnap.sys and found a couple of references to it. One guy posted a video of his experience with it. He used something called Dr. Web Cure-it. Anybody tried it? Anyway, wasted many hours chasing this PITA, and a couple of minutes fixing it once I knew where it was. Hope someone finds this info useful. This site has been extremely useful to me over the years and I just wanted to give a little bit back. Thanks!

A:Tdsskiller, others blocked by rootkit

Thanks for your post. Yes we use DRWeb here. Volsnap is anew variant to the TDL... infection.

2 more replies
Answer Match 50.4%

I had the Advanced Virus Remover virus and I got rid of it through Malwarebytes, but now I am stuck with all of my google searches being redirected, many google services, like gmail, are unable to be accessed, and I am getting random pop-ups from directdr.com that show up at any time while browsing the internet. Help would be greatly appreciated.
DDS (Ver_09-12-01.01) - NTFSx86
Run by Administrator at 20:33:16.04 on Fri 12/04/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.130 [GMT -6:00]

AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceSe... Read more

A:Google Search Redirects, Pop-ups and Google Services Blocked

I fixed the problem myself through the use of your site's HiJackThis guide and Combofix. The google redirects and google services being blocked was cause by the multiple hosts, and the rest was taken care of by Combofix. You can lock this now.

2 more replies
Answer Match 49.98%

Hi,Since Friday my computer started to run slow and kept crashing. I also noticed it would redirect Google searches to various webpages and not the actual link it was meant to...I have McAfee Security Centre (updated daily), so ran a scan. It revealed some trojans, namely "Spy-Agent.bw!mem, DNSChanger!ba and Generic FakeAlert!cd". Some of it was removed/quarantined while 1 or 2 files couldnt be fixed by McAfee.I then ran MBAM which managed to clear everything. Here is the log from then (28th Aug):[/color][/color]-----------------------------------------------------------------------------------------------------------------------------------------------Malwarebytes' Anti-Malware 1.40Database version: 2709Windows 5.1.2600 Service Pack 328/08/2009 18:07:25mbam-log-2009-08-28 (18-07-25).txtScan type: Full Scan (C:\|)Objects scanned: 165024Time elapsed: 36 minute(s), 47 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 6Registry Values Infected: 1Registry Data Items Infected: 2Folders Infected: 1Files Infected: 12Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\C... Read more

A:Infected with Google redirect & Rootkit TDSS and Rootkit.Agent/Gen-Rustock[KBI]

UPDATE:Did an online scan with Eset, it reported the following: C:\Documents and Settings\Amit Sinha\Application Data\Sun\Java\Deployment\cache\6.0\56\3c28cc78-2a20046a probably a variant of Win32/Agent trojan deleted - quarantinedSo lloks like there are still some remanents...Anyone?===========Hello While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are... Read more

4 more replies
Answer Match 49.56%

A few days ago while browsing web shopping sites my ESET antivirus 3.06 popped up a message saying URL blocked:cri71ki813ck.com/9y55jTeTiq3mwAaIRJKqbAWz...78.47.248.117:80After this message pops up from ESET internet explorer closes. Then i noticed when I clicked a google search result it would not go to that site but redirect me to random search pages. I ran my antivirus and malwarebytes and they have found nothing. Here is my log and attachment from dds.scr. I have tried to run the gmer.exe and I've either gotten the has encountered a problem and has to close. I have gotten that several times and when it has run it ran all night and the computer seemed to freeze up. I'm trying to run it again right now and will post if it works.DDS (Ver_10-03-17.01) - NTFSx86 Run by Kellie B at 19:19:13.35 on Mon 08/16/2010Internet Explorer: 7.0.5730.11Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1573 [GMT -5:00]AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEsvchost.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\Explorer.EX... Read more

A:Google search redirect and ESET closes websites

Hi kellie b,Welcome to Bleeping Computer!My name is mpascal, and I will be helping you fix your problem.Before we begin, I would like give a few guidelines so that we can fix your problem as quickly and efficiently as possible:Be sure to follow all my instructions carefully! If there is anything you don't understand, don't hesitate to ask.Please do not do anything or perform other steps unless I have asked you to do so.Please make sure you post all logs I ask you to, and make sure that the entire log gets posted.Don't attach any logs unless asked. Posting them in the forums will make them easier to analyze.If you are unsure of how to reply, or need help with anything regarding the website, please look here.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will re... Read more

46 more replies
Answer Match 49.14%

Read an article in my local newspaper today (1-16-2010) by James Derk tech columnist.

He said to use AVG Free Anti-Rootkit.

Google search lead to AVG saying that Anti-Rootkit no longer free.

Found the free download at Softpedia.

Installed it on my computer and my Kaspersky Anti-Virus went wild with threat and suspicious activity alerts.

Is AVG Anti-Rootkit safe??????
 

A:Avg Anti-Rootkit free blocked by Kaspersky

8 more replies
Answer Match 49.14%

I had a Zero Access root kit that I seem to have gotten rid of however I have a Google Redirect Virus that I cant seem to get rid of after reading allot of post on this website I decided to run TDSSKiller aswMBR and ESET so I can provide you with the log to get the ball rolling on this since it would appear that this is the first thing requested.Thank youTDSSKiller Log08:39:04.0800 5980 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:4808:39:04.0815 5980 ============================================================08:39:04.0815 5980 Current date / time: 2012/09/12 08:39:04.081508:39:04.0815 5980 SystemInfo:08:39:04.0815 5980 08:39:04.0815 5980 OS Version: 6.1.7600 ServicePack: 0.008:39:04.0815 5980 Product type: Workstation08:39:04.0815 5980 ComputerName: KIRK-LAPTOP08:39:04.0815 5980 UserName: Kirk08:39:04.0815 5980 Windows directory: C:\Windows08:39:04.0815 5980 System windows directory: C:\Windows08:39:04.0815 5980 Running under WOW6408:39:04.0815 5980 Processor architecture: Intel x6408:39:04.0815 5980 Number of processors: 408:39:04.0815 5980 Page size: 0x100008:39:04.0815 5980 Boot type: Normal boot08:39:04.0815 5980 ============================================================08:39:05.0158 5980 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004008:39:05.0158 5980 ==============================... Read more

A:Google Redirect Virus (TDSSKiller, aswMBR, & ESET Logs)

Downloadhttp://www.techspot.com/downloads/4716-malwarebytes-anti-malware.htmlInstall,update and run a full scan Click on SHOW results.Select all infections and remove itReboot the PC and scan MBAM once in regular mode until you get a clean logDownloadmini toolboxCheckmark following boxes: Flush DNSReport IE Proxy Settings Reset IE Proxy Settings Report FF Proxy Settings Reset FF Proxy Settings List content of Hosts List IP configuration List Winsock Entries List last 10 Event Viewer log List Installed Programs List Users, Partitions and Memory sizeClick Go and post the result.DownloadFSS Checkmark all the boxesClick on "Scan".Please copy and paste the log to your reply.Downloadadware cleanerLaunch it click on Deletepost the generated log

10 more replies
Answer Match 49.14%

Source : ESET identifica uma das maiores campanhas de malwares na Google Play - TecMundo

a recent discovery made by ESET laboratory can bring new anything nice for a large number of Android users worldwide. According to the study released by security company, the family of Trojans called Android / Clicker masquerades as a legitimate app in the Google Play store and, when downloaded and installed on a mobile device, initiates am heavy internet traffic for porn sites without you noticing.

Scholars say the malware group already infiltrated the official store of the system at least 343 times in the past seven months, becoming one of the greatest advances ever recorded in Google Play. "We found many cases of malware campaigns on Android, but none showed so long or had such a large number of successful infiltrations like this," says Camillo Di Jorge, president of ESET Brazil.

According to the executive, the fact that these Trojans are constantly changing causes able to fool Google's security barriers, hiding their true purpose and returning to the same store after sending alerts to users. During the campaign period, on average 10 new family of malware passed by controlling the giant of searches each week.

Great extent

ESET's report indicates that the Trojan Android / Clicker group also infiltrated other app stores geared to operating system users green little robot. Each of malicious applications had an average of 3,600 downloads in Google Play Store, but t... Read more

A:ESET identifies one of the largest malware campaigns on Google Play

In English, on ESET.com: Porn Clicker Trojans Continue to Flood Google Play.
References to detailed articles on WeLiveSecurity, also belonging to ESET:

Porn clicker trojans at Google Play: An analysis
ESET expert: Google Play porn clicker ?is a truly large-scale campaign?

 

0 more replies
Answer Match 49.14%

Just wondering if this is a false positive? the two items are in quarantine in eset online scanner
 
Google chrome did have an error popup; will keep updated if it shows up again

More replies
Answer Match 48.72%

Symptoms include google search results being redirected, audio ads being played through the speakers, homepage hijacked, dramatic drop in internet connection quality, all files being hidden on the computer, and "Smart HDD" scareware. I managed to fix the last symptom on my own, but I'm at the end of my abilities to troubleshoot, and now I require assistance. I've tried a multitude of malware scanners, rootkit scanners and general antivirus scanners all to no avail. I'd appreciate any help given.
Also, my computer keeps trying to access a particular IP address: 206.161.121.3

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Melissa at 20:47:54 on 2012-08-29
Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.4056.2002 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows&#... Read more

A:Stubborn Rootkit-- Most Antirootkit programs are Blocked, and Ignored by Those That Aren't.

Hello guardian4600 , Welcome to Bleeping Computer.
My name is fireman4it and I will be helping you with your Malware problem.

Please take note of some guidelines for this fix:
Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

Finally, please reply using the ADD REPLY button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
I will be analyzing your log. I will get back to you with instructions.Do you have a USB Flash Drive you can use?

16 more replies
Answer Match 48.72%

I've been wrestling with whatever it is that's on my computer for a little over a week now. I first noticed something was wrong when my internet access seemed very limited. I was getting connection errors to many different sites, primarily anti-virus, tech support, etc. BleepingComputer.com was one of them. I began researching what might be wrong and downloaded a couple highly recommended programs (Malwarebytes, Spybot SD, Avast, AVG, etc.) None of these have been able to find much of anything, and i believe largely it has to do with the fact that i can't update any of them. I get an error that typically goes something like "you are either not connected to the internet or your firewall is blocking this program" I am connected to the internet, and even after specifically granting access to the internet for the programs in the firewall, I continued to get the same error. I was using the trial version of McAfee at the time (still am... kind of) and i turned on my computer the other day and it directed for my attention. It appears that whatever is on my computer has crippled my one complete protection program. McAfee cannot fix itself and recommends a reinstall, but because the installer downloads, it too it blocked. After a few days of frustration with trying to scan, fix, scan, clean, etc. I was ready to give up, back up my media and file, and reformat. Here's the next problem. Even with my boot order set, or commanding it to boot directly from the CD driv... Read more

A:Probable Rootkit, Blocked Websites, Can't boot from Disk

Hi 3xplicit,Welcome to BC HijackThis forum. I am farbar. I am going to assist you with your problem.Please refrain from making any changes to your system (updating Windows, installing applications, removing files, etc.) from now on as it might prolong handling your log and make the job for both of us more difficult.I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due the products attempting to access the same file at the same time.

Therefore please decide on which of the following antiviruses you are going to keep and remove the rest:

AV: AVG Anti-Virus Free
AV: avast!
AV: McAfee
AV: Norton 360

* You can remove AVG or Avast by going to Add/Remove Programs in Control Pannel and uninstall them.

* If you decide to remove McAfee, I recommend you to use McAfee Consumer Product Removal tool (MCPR.exe).

For download ... Read more

43 more replies
Answer Match 48.72%

I have been fighting a nasty virus on this custom built computer for months now. I'm pretty sure at this point that it's one or more Rootkit infections. I have run many programs, and found many infections, but they just keep coming back immediately. The computer will be fine for a part of the day, and then the browsers (both IE and Firefox) won't open, or they open and constantly redirect. Every couple of minutes a new mhsta.exe process starts. At times, there will be 50 or more mhsta.exe processes running in the task manager. There are also multiple (usually almost 10) svchost.exe processes running. In addition, I'm not sure if it's related, but the DVD drive only works sporadically, even after replacing it. Finally, although I have no idea what it means, I did notice a file named VolSnap.sys in an RKU scan that carried a WARNING. I have the scan if you would like to see it.

I run MBAM and SAS on the system daily, and they almost always find more infections every time they scan, including trojans. The names of the files are different every time, so I cannot pin down exactly what the infection is, but I have definitely removed TDSS files more than once. I also use RKill constantly. This is my employee's computer, so it is imperative that I get it cleaned as soon as possible. I really appreciate your assistance with this.

Thanks so much,

~Lady

P.S. - The ark.txt file was too big to upload, so I had to zip it first.
Following is the DDS log:
DDS ... Read more

A:Infected with a Rootkit (Redirects - Shutdowns - Blocked Programs)

Hello LadyNakedneSSWelcome to BleepingComputer ==========================Download OTL to your desktop.Double click on OTL to run it.Check the boxes beside LOP Check and Purity Check.Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.====================Download This file. Note its name and save it to your root folder, such as C:\.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.Click on this link to see a list of programs that should be disabled.Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")Allow the driver to load if asked.You may be prompted to scan immediately if it detects rootkit activity.If you are prompted to scan your system click "Yes" to begin the scan.If not prompted, click the "Rootkit/Malware" tab.On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.Select all drives that are connected to your system to be scanned.Click the Scan button... Read more

23 more replies
Answer Match 48.3%

Hi all, i am working in the ESET as a Global Digital PR. I don't want to spam this forum with advertising messages. Everything i want is to inform the community, which can help us with our beta tests that you can join.

We have recently opened public beta program for our security solution ESET Smart Security 6 and ESET NOD32 Antivirus 6 with some new interesting features like for example anti-theft.

You can participate by following this link: http://www.eset.com/beta/v6/

We also pick every week one 100 beta testers, who will win one year license and we prepared one little surprise

Please, if you have any questions, just ask, i am here for that

A:ESET Smart Security 6 and ESET NOD32 Antivirus 6 opened for public BETA

Please note that this program is a pre-release beta version of a product and not completely tested to ensure its stability or reliability.What is beta software?After an initial round of in-house testing, software publishers often release new programs to be tested by the public. These pre-release versions are called beta software, usually denoted by a "b" in the version number, e.g., Netscape Navigator 2.0b5. Since the publisher couldn't possibly test the software under all possible conditions, it is reasonable to expect that wider use of the software may uncover problems that were not discovered during in-house testing. The publisher expects to be notified when users find such problems so that the program can be fixed before its official release.In general, you should expect to run into bugs whenever using any piece of beta software. These bugs may range in severity from minor features that don't work to problems that cause your computer to crash. You should decide whether the benefit of new features in a beta program outweighs the risk of program instability before choosing to use a piece of beta software. You should also be aware that UITS will not have thoroughly tested beta software, nor will the software be guaranteed by its maker, so you should not expect the same level of support as you would receive for an official release version of the program.The goal of a beta program is to collect information regarding the performance, quality, stability, and fu... Read more

1 more replies
Answer Match 48.3%





ESET Internet Security 2017 - BETA Edition​
 

A:ESET Internet Security 10 and ESET NOD32 Antivirus 10 - 2017 Edition BETA

Worth testing in a VM , the new features look tempting Thanks for sharing this.
 

8 more replies
Answer Match 48.3%

Mod Edit:  Merged posts, moved from Gen Security to AV/AM Software - Hamluis. Hi, I am interested to purchase one of these: ESET NOD32 AntivirusorESET® Multi-Device Security Pack Please answer to the next 5 questions: 1. Tell me please, after receiving the CD-KEY from ESET can I activate and start the 365 days license after 3 weeks or 1 month of receiving? I've done my best(in my available time for it) to find the answer in here: Software End User License Agreement | ESET but I couldn't resolve it. 2. For the ESET® Multi-Device Security Pack, after activating for example one of the 3 license, which is the maximum time to activate the other 2, for their 365 days availability please? 3. Is it possible to start the license after 3 weeks or 1 month after receiving it for ESET NOD32 Antivirus or ESET® Multi-Device Security Pack if I buy them from any worldwide official ESET shop from ESET :: Select your country please? 4. Tell me please, if I will decide to buy ESET® Multi-Device Security Pack after installing one of the licenses on a Windows device, can I cancel it and install it on a Linux or Android device, or vice versa? 5. Are there any official ESET phone numbers/live chat/e-mail support(answer within a few hours) anywhere in the world speaking English, which are open on Saturday and Sunday too, or 24/7 and can answer to the above 4 questions, or any other technical queri... Read more

A:Buy ESET NOD32 Antivirus OR ESET® Multi-Device Security Pack

xspeed,
 
Just a thought. You indicate there are no support reps presently available. Could this be why ....
 
ESET North America Support Hours
 
Last Revised: December 30, 2015
 
ESET North America will operate on a holiday schedule Thursday, December 31, 2015. Please note our revised hours of operation for this particular date: 5:00 a.m. to 4:00 p.m. PST.In addition, ESET North America will be closed in observance of the New Year holiday Friday, January 1, 2016. Normal business hours will resume on Monday, January 4, 2016, from 5:00 a.m. to 7:00 p.m. PST.
 
http://support.eset.com/alert5767/
 
Best of luck ..
Carol

8 more replies
Answer Match 48.3%

Hi,

I am interested to purchase one of these:

ESET NOD32 Antivirus
or
ESET® Multi-Device Security Pack

Please answer to the next 5 questions:

1. Tell me please, after receiving the CD-KEY from ESET can I activate and start the 365 days license after 3 weeks or 1 month of receiving?

2. For the ESET® Multi-Device Security Pack, after activating for example one of the 3 license, which is the maximum time to activate the other 2, for their 365 days availability please?

3. Is it possible to start the license after 3 weeks or 1 month after receiving it for ESET NOD32 Antivirus or ESET® Multi-Device Security Pack if I but them from any official ESET shop from ESET :: Select your country please?

4. Tell me please, if I will decide to buy ESET® Multi-Device Security Pack after installing one of the licenses on a Windows device, can I cancel it and install it on a Linux or Android device, or vice versa?

5. Are there any official ESET phone numbers/live chat/e-mail support(answer within a few hours) anywhere in the world speaking English, which are open on Saturday and Sunday too, or 24/7 and can answer to the above 4 questions, or any other technical queries please?

Thank you very much.
Warm regards and a happy new year !
 

A:Buy ESET NOD32 Antivirus OR ESET Multi-Device Security Pack ?

1) Not sure on this, but I believe you can activate it few mths later. Best is refer to their terms and conditions before making purchase. Sometimes they mention when is the due date for activation.

2) Upon purchase, you only have a single key that activate 3 device. There is no separate license key for each device. Activation would mean the same start date applied to all 3 devices.

3) Same as Q1.

4) As long as you do not exceed more than 3 devices using the same license key (in this case is ESET pack 3 User), there is no need to uninstall.

5) ESET Customer Care

Hope that helps.
Cheers!
 

1 more replies
Answer Match 48.3%

ESET Internet Security? 10 and ESET? NOD32? Antivirus 10 - 2017 Edition Beta










Known Issues

? Upgrade from previous versions is not supported - clean installation is required
? Reset settings to default doesn?t work



? Webcam protection is not yet fully implemented
? Webcam protection is not able to detect all applications requesting access to the camera, for example Vidyo
? Home Network protection feature is not fully functional yet
? Email Client integration settings are missing in Advanced setup of ESET NOD32 Antivirus
? ESET service is not marked as protected after OS upgrade (from Windows 7/8 to Windows 10)



Source and Beta download: http://www.eset.com/int/beta/edition2017/

More replies
Answer Match 48.3%

This computer had problems with infections and virus issues in the past. It was given to me. Just installed ESET Smart Security 8.0 today. Problems with Group Policy controlling windows firewall so I disabled it and use Eset personal firewall. I cannot access my Eset scan logs or Eset at all now. When I try to I get a pop-up message "Error communicating with kernel"  I don't know how to fix this, other than to ask you guys for some help. I wanted to post the scan results for you. I tried to repair/reinstall Eset and it tells me that it is already installed but I cannot open it up. I know that it found 3 Trojans, I also ran R-kill before downloading Eset and I saved the results of the scan. I seem to have another problen with Hosts, here is a copy of the scan.
 
 
 
 
 
Rkill 2.7.0 by Lawrence Abrams (Grinler)http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 05/16/2015 10:18:34 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3
Checking for Windows services to stop:
 * No malware services found to stop.
Checking for processes to terminate:
 * No malware processes found to kill.
Checking Registry for malware related settings:
 * No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous c... Read more

A:Trojan, infected 3, ESET found these.Now cannot open ESET to re- scan

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/576663 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

14 more replies
Answer Match 48.3%

Key features available in version 8: ESS
Botnet protection: Brand new technology that protects against infiltration by botnet malware to prevent spam and network attacks detected in outbound traffic from your computer. Botnet protection searches outgoing network communications for known malicious patterns, and matches the remote site against a blacklist of malicious ones. Any detected malicious communication is blocked and reported to the user. Click to view a screenshot.
Enhanced Exploit Blocker: Protects against attacks on web browsers, PDF readers, Office documents, as well as Java communications and Java-based software that provides the ability to eliminate lockscreens and ransomware.
ESET SysRescue Live: The next generation of the ESET SysRescue utility, ESET SysRescue Live allows you to create a bootable disk, in the form of a USB flash drive or CD/DVD, with the ability to scan and clean your system even when you cannot boot into Windows. ESET SysRescue Live is a Linux-based malware cleaning tool that runs independent of the operating system from the ESET Smart Security retail CD.
HIPS Smart mode: Only suspicious system events trigger a notification beyond the set of pre-defined rules in Automatic mode (operations such as system registry, active processes and programs).
ESET Cybersecurity Education (North America only): New Cybersecurity Education introduces a more interactive and game-like approach to training. This replaces the previously named ESET Cybersecurity Tr... Read more

A:ESET Smart Security and ESET NOD32 AV Version 8 Have Been Released

Source:
https://forum.eset.com/topic/3327-eset-smart-security-version-8-has-been-released/
https://forum.eset.com/topic/3328-eset-nod32-antivirus-version-8-has-been-released/
 

33 more replies
Answer Match 48.3%

Computer is Vista 32 bit.
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Basic 
Boot Device: \Device\HarddiskVolume3
Install Date: 6/8/2009 7:15:52 PM
System Uptime: 1/9/2014 8:44:22 PM (0 hours ago)
.
Motherboard: Dell Inc. |  | 0U880P
Processor: Pentium® Dual-Core  CPU      E5200  @ 2.50GHz | CPU 1 | 2003/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 283 GiB total, 220.128 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 10.336 GiB free.
E: is CDROM (CDFS)
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
3600_Help
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.1
Adobe Shockwave Player 11.5
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Software Update
Backyard Basketball
Banctec Service Agreement
BPD_Scan
BPDSoftware
BPDSoftware_Ini
BrowserSafeguard
BufferChm
CapJax MathFax
Choice Guard
Compatibility Pack for the 2007 Office system
Conexant D850 PCI V.92 Modem
CustomerResearchQFolder
Dell Edoc Viewer
Dell Getting Started Guide
Dell Remote Access
Destinations
DeviceManagementQFolder
Digital Line Detect
DocProc
DocProcQFolde... Read more

A:Suspected ZeroAccess rootkit. MSE won't open - blocked by group policy

Hello! Welcome to BleepingComputer Forums!
My name is Georgi and and I will be helping you with your computer problems.
Before we begin, please note the following:
I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
The logs can take some time to research, so please be patient with me.
Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
Instructions that I give are for your system only!
Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.
 
 
Please download Farbar Recovery Scan Tool and save it to your desktop.Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your re... Read more

17 more replies
Answer Match 48.3%

I am hoping for some help with my husband's computer. We had Microsoft Security Essentials installed but at some point it disappeared from the tray and the computer is now thoroughly infected. When I try to open MSE I get a message saying it is blocked by group policy. When I try to uninstall MSE (to reinstall it) I get a message saying that I don't have access to uninstall the program. The computer is a personal pc and was never used for business.
 
I did run Malwarebytes and it found several trojans, 
 
I also downloaded several fixes to a thumb drive because I would get the same error message when I tried to download these fixes to the infected computer. I ran these fixes including FixZeroAccess, ESETSirefefCleaner, ComboFix and the McAfee removal tool for ZeroAccess rootkit. 
 
I can open MSE in safe mode but cannot update definitions or uninstall it.
 
If anyone has any ideas I would be very grateful.
 
rkwittig

A:MSE won't start Group Policy blocked. Potential ZeroAccess rootkit?

Hello,Please follow the instructions in ==>This Guide<== starting at step 6.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<==  Since you have run ComboFix, please include the ComboFix log in the new topic.  Please be sure to include a description of your computer issues and what you have done to try to resolve them.If you cannot produce any of the other logs, then please create the new topic anyway, include the information that you were unable to produce the other logs and why and include the ComboFix log along with a description of your computer issues.Orange Blossom

2 more replies
Answer Match 48.3%

While browsing a messageboard using Firefox I received a supposed AVG Antivirus pop-up about "exploit rogue scanner (type 922)". I think it only said threat detected so I wasn't sure it it had been blocked or if I had been infected with anything. From what I have read, this was probably not a genuine AVG notice, but a faked one.
I didn't notice any problem until a couple of days later when I was unable to access some websites. This problem is worse for Firefox, but there are some websites I cannot access on either Firefox or AOL/Internet Explorer.

I usually run AVG and Malwarebytes Anti-Malware, and was unable to find anything with these. In addition I have tried Trend Micro, Bit Defender, Lavasoft Adaware, Kaspersky, Panda Active Scan, F secure, Spybot S&D, SuperAntiSpyware, Hijack This and found nothing significant (only false positives as far as I can tell, Panda giving a Virtumonde in Viewpoint media player, Kaspersky saying I had a virus in my hosts file when in fact it was entries previously inserted by Spybot to block "bad sites").
I had some problem running rootkit detectors, although for Gmer I believe that was because I didn't have AVG disabled. With AVG disabled I was able to run a full Gmer scan although this took a long time and slowed down towards the end - I was able to save a log file before the CPU usage went to 100% and I had to manually switch the computer off.
I still have problems running some of the sections of Root... Read more

A:exploit rogue scanner (type 922), websites blocked, possible rootkit?

I think I have fixed the problem on AOL (which may have been due to a recent AOL security update) by going herehttp://help.aol.co.uk/why-cant-i-access-a-...802091909990001and applying step no 5. I seem to be able to get to any site on AOL now though access is a bit intermittent on Paypal for example.The problem on Firefox remains. I wondered if it could be due to a corrupt profile but anything I try - creating a new profile, clearing cache and cookies - doesn't fix it. It sounds very much as though I have a Vundo trojan as described herehttp://support.mozilla.com/en-US/kb/Firefo...ertain+websitesAny clue as to how to find and get rid of it?And now unfortunately my stand alone Internet Explorer is exhibiting the same problems as Firefox which I'm sure it wasn't before

2 more replies
Answer Match 48.3%

Hi this is my first post on here, I've been battling the worst rootkit I've seen in a long time and need some help. It's a work system with *alot* of programs installed. Originally this came up as a Vundo infection and of course all its friends. Some of the programs I've run to try to fix this.- Bitdefender (uninstalled now due to horrible corruption from rootkit, useless anyway, did not detect anything wrong even though files submitted to their db came back postitive)- MBAM (cleaned some things up, now I get clean scans)- Vundofix (cleaned off most vundo crap, Combofix got more)- GMER (originally detected rootkit activity, managed to disable the file causing it)- HijackThis (looked at logs, I'm no pro but didn't see anything off in here after cleanups with the above and below, will include a log if asked)- ComboFix (read explanation below)I have attached a Combofix log (I know, not supposed to run unless asked, but I had tried just about everything and Combofix was the only one that seemed to remove anything, though problems persist after reboot). If needed I can provide logs as needed.The file that's the biggest pain has been C:\Windows\System32\magnstat.dll, it is definitely an executable virus that likes to grab hold of many programs that are run, especially Combofix, which it will only let run once renamed and will cause it to run *very* slow.Thanks in advance** EDIT: I also disabled all programs from starting at startup, to... Read more

A:Rootkit issue, sites blocked, various removers/scanners failed

Bump for delete. Problem solved. Thank you.

2 more replies
Answer Match 48.3%

I opened an exe file I really should not have....Then AVG wouldn't scan, and certain antivirus programs wouldn't open, like Anti-Malware.I assume I have a rootkit. What do I do next?am including my HijackThis log.Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\Program Files\DellTPad\Apoint.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\WINDOWS\OEM13Mon.exeC:\WINDOWS\system32\igfxsrvc.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Intel\Wireless\bin\ZCfgSvc.exeC:\Program Files\Intel\Wireless\Bin\ifrmewrk.exeC:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exeC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exeC:\P... Read more

A:Lots of Anti Virus software blocked, suspect rootkit

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 48.3%

So, I checked my friend's computer a couple of weeks ago and **** it was it bad condition. I tried doing the basics (Malwarebytes, CCleaner, SuperSpyware, virus scan) but those were blocked off. I went to safe mode and still nothing. I also noticed that when I tried to do a Google search, the results redirected me to malicious websites.


DDS (Ver_09-05-14.01) - NTFSx86
Run by Maria at 1727.66 on Sun 05/17/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.275 [GMT -7:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: avast! antivirus 4.8.1335 [VPS 090516-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe... Read more

A:Friend's computer in turmoil (rootkit, blocked security apps, etc.)

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------


Quote:




and yes, she was running two anti-virus programs at the same time.




Please uninstall one of them.

------------------------------------------------------

While Spybot's TeaTimer is an excellent tool for the prevention of spyware, it can sometimes prevent tools from fixing certain things.
Please disable TeaTimer for now until you are clean. TeaTimer can be re-activated once your logs are clean.Open Spybot Search & Destroy.
In the Mode menu click "Advanced mode" if not already selected.
Choose "Yes" at the Warning prompt.
Expand the "Tools" menu.
Click "... Read more

4 more replies
Answer Match 47.88%

The 8.0.304 build is the same as .301 but has the latest modules already installed (e.g., the modules are listed in the "Installed components" window of the About ESET ... screen).Click to expand...

Source



http://www.eset.com/us/download/home/

ESET Smart Security 8 Live Installer
http://download.eset.com/special/live-installer/us/eset_smart_security_live_installer.exe
ESET NOD32 Antivirus 8 Live Installer
http://download.eset.com/special/live-installer/us/eset_nod32_antivirus_live_installer.exe
 

A:ESET Smart Security and ESET NOD32 AV Version 8.0.304

I'm running 8.0.304.1 since 2 weeks lol.
 

4 more replies
Answer Match 47.88%

ESET Smart Security
ESET Smart Security keeps your computer or laptop safe with intelligent multi-layered protection combining proven antivirus, antispyware, firewall, anti-rootkit and antispam capabilities. Based on ESET NOD32 Antivirus, it protects you from viruses, worms, spyware, and all Internet threats. It conserves resources and improves computer speed. You are protected at the highest level while you work, social network, play online games or plug in removable media.

ESET NOD32 Antivirus
Your best defense against viruses, trojans and other forms of malware?and the top choice for IT professionals. Powered by the ThreatSense® engine with advanced heuristics, which blocks far more unknown threats than the competition. The latest generation of the legendary ESET NOD32 Antivirus takes your security to a whole new level. Built for a low footprint, fast scanning, it packs security features and customization options for consistent and personalized security online or off.

Changes in ESET NOD32 Antivirus 9.0.375:
Fixed: Activation issues
Fixed: Vulnerability fixes (ESET Customer Advisory: Mitigations for vulnerabilities in ESET?s EXE installers?ESET Knowledgebase)
Other: SHA-2 signature updated
Changes in ESET Smart Security 9.0.375:
Fixed: Activation issues
Fixed: Stability fixes in Banking and Payment Protection module
Fixed: Vulnerability fixes (ESET Customer Advisory: Mitigations for vulnerabilities in ESET?s EXE installers?ESET Knowledgebase)
Other: SHA-2 ... Read more

More replies
Answer Match 47.88%

NOD32 for Windows is the best choice for protection of your personal computer. Almost 20 years of technological development enabled ESET to create state-of-the-art antivirus system able to protect you from all sorts of Internet threats. ESET Smart Security boasts a large array of security features, usability enhancements and scanning technology improvements in defense of your your online life.

ESET Smart Security
ESET Smart Security keeps your computer or laptop safe with intelligent multi-layered protection combining proven antivirus, antispyware, firewall, anti-rootkit and antispam capabilities. Based on ESET NOD32 Antivirus, it protects you from viruses, worms, spyware, and all Internet threats. It conserves resources and improves computer speed. You are protected at the highest level while you work, social network, play online games or plug in removable media.

ESET NOD32 Antivirus
Your best defense against viruses, trojans and other forms of malware?and the top choice for IT professionals. Powered by the ThreatSense® engine with advanced heuristics, which blocks far more unknown threats than the competition. The latest generation of the legendary ESET NOD32 Antivirus takes your security to a whole new level. Built for a low footprint, fast scanning, it packs security features and customization options for consistent and personalized security online or off.

Key features available ESET NOD32 Antivirus version 8:

Enhanced Exploit Blocker: Protects against attacks on w... Read more

A:ESET NOD32 Antivirus and ESET Smart Security 8.0.312.0

8.0.312.0

Updated: EULA, Country list, DetectAV engine
Fixed: Localization bugs
Fixed: Egui doesn't remember the size of window
Fixed: Scheduled tasks "on computer startup" don't work on Windows 8+
Fixed: First scan cannot be stopped from popup

 

5 more replies
Answer Match 47.46%

Hi:

My colleague brought me his computer. Apparently, he uninstalled AVG and at some point installed Malware Defense. I've deleted all traces of Malware Defense from the registry and unregistered the associated dlls but I cannot successfully install AVG9--the installation always fails due to not responding in a timely fashion. I can install Spybot 1.62 but it won't launch in either regular nor safe mode. Likewise I can install Malwarebytes Anti-Malware but it won't respond.

Any ideas?

Thanks,

Tom

More replies
Answer Match 47.46%

Let me start by saying that I have spent the last two weeks trying to solve the bugs in my daughter's laptop. When other PCs in the house got infected in the past, I was always able to solve the problem within a couple of days. Well, no matter how hard I tried or how many anti-virus or spyware or malware removal tools I downloaded, nothing has worked. My faith has taken a fall and I hope you guys can help. Thankfully, you are here to help the rest of us who cannot do it alone. Thank you! Okay, now to the nitty-gritty:

Not sure what techy information you need about the laptop and it's all gobbledygook to me so I will just put what I can find:

Sony Vaio laptop, Vista Ultimate os, service pack 2, 32-bit, Intel Core2 Duo CPU, T9300 @2.50 Ghz, RAM 4.00 GB. Did use Microsoft Security Essentials, but it did not find a problem, like most of the other things I tried. So right now we are using Vipre. Also, we use mostly IE but, also Firefox.

Two weeks ago, my daughter went to a website and, immediately, a fake anti-virus thing popped up, 'Windows Repair'. Then, I removed it myself and we immediately got another one, 'System Security Anti-virus'. I am pretty sure I got rid of that one, too, but since then, our browsers, Google, Yahoo, and Bing, get re-directed and attempting rkill re-starts the computer. In the last two weeks, I have probably downloaded, attempted, and removed at least 17 removal tools. The closest I got to success was with Emsisoft, S... Read more

A:Browser redirect, Alureon trojan, possible rootkit infection, GMER blocked

to BC!Are you're still being redirected?Step 1.Rootkit Unhooker:Please Download Rootkit Unhooker Save it to your desktop.Now double-click on RKUnhookerLE.exe to run it.Click the Report tab, then click Scan.Check (Tick) Drivers, Stealth. Uncheck the rest. then Click OK.Wait till the scanner has finished and then click File, Save Report.Save the report somewhere where you can find it. Click Close.Copy the entire contents of the report and paste it in a reply here.Note** you may get the following warning, just click OK and continue."Rootkit Unhooker has detected a parasite inside itself!It is recommended to remove parasite, okay?" Step 2.aswMBR:Download aswMBR.exe ( 511KB ) to your desktop.Double click the aswMBR.exe to run itClick the "Scan" button to start scanOn completion of the scan click save log, save it to your desktop and post in your next replyStep 3.MBRcheck:Please download MBRCheck.exe to your Desktop. Run the application.If no infection is found, it will produce a report on the desktop. Post that report in your next reply.If an infection is found, you will be presented with the following dialog:Enter 'Y' and hit ENTER for more options, or 'N' to exit:Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.Step 4.Things I would like to see in your reply:The content of the log from RKU in step 1.The content of the log from aswMBR in step 2.The content of the log from MBRCheck... Read more

14 more replies
Answer Match 46.62%

So I won Eset in a giveaway, really excited, and trying to decide what computer to install on. On my main laptop, I am using CIS (proactive config, firewall-custom, small tweaks) and really like it. I am trying to decide whether to try Eset on main PC or on my brother's gaming PC (more advanced user than I am, so probably would be fine with Eset, but also more interested in games than AV toys )

If anyone is familiar with both- what are the key differences between Eset and Comodo? For example, It seems that Eset has built in exploit protection...but not sure on other key differences. Anything I would be giving up with Comodo (virtual kiosk, auto-sandbox, etc.)? Also, any experience with Eset and gaming?

Thanks everyone!
 

A:Differences Eset vs. CIS & how to get Eset license activated?

When you look closely at Comodo and ESET they have only slight differences... of which you are already aware.

ESET's real advantage is better surf protections and signatures whereas Comodo has the integrated auto-sandboxing feature.

Both have an anti-bot exploit feature... not really a complete anti-exploit capability like MBAE or HMPA.

Both have a gaming mode which suppresses alerts and notifications.

Performance-wise I see little difference between Comodo and ESET; both have acceptable system impact.

It is highly likely that if you enjoy using Comodo you will also enjoy ESET.
 

10 more replies
Answer Match 46.62%

Does the Anti Thief System, Firewall and Anti-Spam make Smart Security a better way to go than the base NOD32? Alternatively, are there free Firewall and Anti-Spam programs one can add to their computer if purchasing NOD32? I don't have a laptop so would the Anti Thief component of the Smart Security really be of much use?
 

A:ESET NOD32 or ESET Smart Security?

I use ESET NOD32 along with Comodo Firewall, and rely on Gmail's spam filter. Works great so far.
 

3 more replies
Answer Match 46.2%

i cannot access google & gmail at all. it says their security certificate is invalid and may not be going to the real deal. other sites like yahoo, i can access but if i try to search, it just sits there and times out. oh, and before google was completely blocked i had to click on the "cached" version of any search results or i would be redirected to some generic site. i just got rid of, or i thought i got rid of a trojan that used windows security as a cover. i just downloaded and ran "hijack this", so i have a log if it helps.

More replies
Answer Match 46.2%

Hi I am trying to help a friend solve an internet access problem and think its actually malware/virus.

- Cannot access Google, Yahoo and other search engines from IE or Firefox. Get a standard IE DNS/Connection probelm error
- Cannot ping these sites
- Can access other URLs OK
- Cannot view the task manager, the option is on the right click but nothing happens
- AV looks to be disabled
- Windows updates do not work
- Microsoft Security Essentials & Spybot S&D will not install so I cannot run spyware checks

HijackThis log showed about 20 entries for Google/Yahoo URLs but I cannot find these in Hosts or LMHosts.

Shall I post a log?

Thanks

A:Google blocked

Hello,Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

3 more replies
Answer Match 46.2%

I'm trying to clean up a friend's Windows 7 laptop PC. He had a variety of toolbars and "fix it" programs installed that I don't trust, including DropBox, Juniper Networks, Uniblue Registry Booster, ARO 2011, PC Pitstop, RadioRage, Ask Toolbar, WebSearch, etc...; the PC was locking up and barely usable. I uninstalled everything I could - had to use Revo Uninstaller to force uninstall of Uniblue. Was unable to uninstall Ask Toolbar even with that because of a missing .msi file; I know that one is relatively harmless so I just disabled it.

I downloaded MBAM, SUPERAntispyware, Spybot S & D, & CCleaner on my PC and transferred with flash drive and installed on this. Scanned with each in Safe Mode and removed a variety of Trojan Horses, etc.. and registry errors you will see in logs. The only thing that keeps returning on the scans is "svchost.exe", which MBAM identifies as a Trojan and Spybot idetnitifes as "Smitfraud-C.generic". The only remaining visible problem is that in IE, I cannot go to Google; it doesn't redirect, I just get the "Internet Explorer cannot display the webpage" and 'Diagnose Connection Problems' doesn't find anything.

He has Safari installed and I can go to Google on that. I plan to install Firefox w/ ABP once this issue is resolved and will encourage him not to use IE when he doesn't have to, but this still needs addressed. I checked Internet Options and under LAN set... Read more

A:Google Blocked in IE

OK, I ran DeFogger, DDS, and GMER. GMER came up with nothing, then I noticed that was for 32 bit-versions only! I realize "svchost.exe" is a generic name for a variety of processes, so hopefully this will help you see what I still have. Here is the DDS log:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by aaron at 11:20:31 on 2012-02-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3032.1615 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Outdated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Outdated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:&... Read more

20 more replies
Answer Match 46.2%

I've done full scan's with MBAM, SAS, Vipre, NPE, Combofix... Reset Firewall with UVK. Checked the hosts file. I don't get it. It's only google.com. Gmail.com works fine. I can't even ping google.com. Same thing happens in Safe Mode w/Networking.

Any ideas ?

**EDIT**

Ran TDSSKiller and it returned with Forged File

Service Name: ACPI
Service Type: Kernal driver (0x1)
Service Start: Boot(0x0)
File: C:\Windows\system32\DRIVERS\ACPI.sys
**EDIT 2**

If anyone else has this same problem. I used Falcon4's UBCD and replace ACPI.sys with one from another computer. Works perfect now!!!!! WOOOOOT!

A:Google.com Blocked

Since you ran Combofix...Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

1 more replies
Answer Match 46.2%

I don't know what is going on but something fishy, for sure. I can't get to Google regardless how I try. Yahoo was my home page. Can't get that to open now. Had to change to msn.com.

Even typing in google maps into the msn search bar won't get me to google. It appears to be blocked but I can't find where it is blocked.

I ran HiJack This and did a log. Can you see if there is anything in the log that is preventing these sites from showing up? I do not even know how I could have possibly accidently blocked either of these sites but I do not have any explanation how this happened.

Here is the HiJack This log:

Logfile of HijackThis v1.99.1
Scan saved at 10:31:21 PM, on 2/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedul... Read more

A:Google seems to be blocked...

Edit your thread title to include: "HiJack This log".
 

1 more replies
Answer Match 46.2%

Hi

Please help! I'm having problems accessing Google sites, other search engines and Youtube. Previously, search results were directed to random sites but now I cannot access Google at all! I have tried accessing Google and these sites on different web browsers including Internet Explorer, Firefox and Google Chrome. Malwarebytes hasn't found anything. This is what comes up when attempting to access Google:

Oops! Google Chrome could not connect to google.com
Try reloading: google.?com
Additional suggestions:
Access a cached copy of google.?com
Go to google.?co.?uk
Search on Google:

Please see below for my DDS report:
DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by mshrestha at 16:37:44.56 on 01/01/2011
Internet Explorer: 9.0.7930.16406
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.4061.2189 [GMT 0:00]

AV: Microsoft Security Essentials *Disabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
SP: Microsoft Security Essentials *Disabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k L... Read more

A:Please help, google is blocked!

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

3 more replies
Answer Match 45.78%

Hi...

I was attempting to do a google search on a site and this is the message I received: We're sorry...but your computer or network may be sending automated queries. To protect our users, we can't process your request right now.

So I did a scan with hijackthis. But I don't know what the source is from the log, or what is safe to delete...I've attached the log, can anyone help with this?

Thanks so much!!

A:Google search blocked

Hi,Please do the following:Open HiJackThisClick on Do a system scan onlyCheck the boxes next to ONLY the entries listed below (if still present):O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLLO2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLLO3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLLO15 - Trusted Zone: http://www.dreamtemplate.comO15 - Trusted Zone: http://www.ediblog.comO23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwssvc.exeClose all windows except Hijackthis and click Fix CheckedClick Yes when promptedClose HijackThis.NEXTPlease download DDS from either of these linksLINK 1 LINK 2and save it to your desktop.Disable any script blocking protection Double click dds to run the tool. When done, two DDS.txt's will open. Save both reports to your desktop.---------------------------------------------------Please include the contents of the following in your next reply:DDS.txtAttach.txt. NEXTPlease download aswMBR ( 511KB ) to your desktop.Double click the aswMBR.exe icon to run itClick the Scan button to start the scanOn completion of the scan, click the save log button, save it to your de... Read more

2 more replies
Answer Match 45.78%

Here is My Info
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz, Intel64 Family 6 Model 69 Stepping 1
Processor Count: 4
RAM: 8096 Mb
Graphics Card: Intel(R) HD Graphics Family, -2016 Mb
Hard Drives: C: Total - 939414 MB, Free - 750436 MB;
Motherboard: Dell Inc., 00871V
Antivirus: Windows Defender, Disabled
This is my sons computer. I we can no longer access any google sites including youtube but other sites are accessible. He was using google chrome but uninstalled that and starting using IE but had the same result of no google sites. I have avg antivirus-no problem found. I also tried to use a restore point, but it wouldn't work.
Thanks in advance for any help.
 

A:Google Sites are being blocked,

Solution was to remove all antivirus programs and ran windows defender, which i assume reset the host file. all sites are available now.
 

1 more replies
Answer Match 45.78%

I can't pull up google search or if do search in anything other than Yahoo...doesn't work!  Any thoughts on how to fix?

A:Anything google related is blocked?

Hello -Download Screen317Security Check from Here and save it to your Desktop.* Double-click SecurityCheck.exe* Follow the onscreen instructions inside of the black box.* A Notepad document should open automatically called checkup.txt;* Please Copy / Paste the contents of that document back here.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE (or a similar file) access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me. List your normal browser and if this is the only one that is causing problems. Try the Live Google ink at the end of my Signature below. It works for me Thank You -

5 more replies
Answer Match 45.78%

Hi,
Today I started having a problem, and it seems to be getting worse. The problem is that I can't get to www.google.com via my browsers, both IE and Firefox. I can get to other web sites. From the command prompt, I could PING www.google.com, and got back 216.239.37.104.

Seems weird, I looked every I could think but not really sure where this kind of thing is controled. I ran Spybot, Windows Defender, and Adaware all today after this started. Spybot and Windows Defender reported everything was fine. However, while I was poking around, I opened the Windows Firewall progaram and was looking at it, while I was doing that Windows Defender popped up and reported something was doing something it wasn't supposed to be doing : BrowserModifier:Win32/Matcash and WD offered to remove it. I clicked OK.

Then I noticed that a program named chuck.exe in a temporary directory had an exclusion in the firewall, so I removed the exclusion. I looked in the directory where the firewall said the program lived, nothing was there.

Then I downloaded, installed, and ran Adaware. It found all kinds of things and removed them all, one of which it could not remove until I rebooted. I think it was named virtualdns.dll, but I failed to write the name down.

Anyway, Adaware reports everything is ok now, but still I can't get to www.google.com, and also now not my gmail account (it appears my login has expired and gmail is trying to get to google.com to verify my information). ... Read more

A:Certain Sites, Such As Google.com Are Blocked

Hello, octavius, to bleeping computer. The return that you are getting on your ping does not resolve to www.google.com. It should be 72.14.253.147. Please download LSP Fix, here: http://www.bleepingcomputer.com/files/lspfix.phprun the program, please post of the files listed in the left hand pane. If you can I would also like to look at a copy of your hosts file. It can be found on you computer here: C:\windows\system32\etc\hosts . It should be hidden

11 more replies
Answer Match 45.78%

Hi everyone
At Apr 2010, a member of forum told that his system faced with a virus that cause to access blocked for google site. To solve his problem, he was replied to use the HijackThis Installer. I did the same,but it not answered. Plz help me
 

A:Access to Google blocked

I don't know why you focus on a post from 2010 when in fact there must be thousands of posts where HijackThis logs has been requested. However, if you think you are infected then this is not the correct forum. Please start a new thread in the Virus & Other Malware Removal forum and provide the logs requested in the sticky post at the top of that forum.

Closing thread.
 

1 more replies
Answer Match 45.78%

I just installed broadband internet on my HP Pavilion tx2000 notebook PC loaded with Windows Vista Home Premium 32 bit. I have not been able to access any site other than Google and its allies. I have turned off the windows firewall to avoid and conflict with the Norton Antivirus 2009 firewall. I have tried by disabling phising filters. But nothing working...please suggest

A:All Sites other than Google are blocked

How do you connect to the Internet, do you have a router and if so are you wired to it by Ethernet cable or do you connect via wireless ?

7 more replies
Answer Match 45.78%

My pc currently is infected with something, and I have no idea what to do. Google comes up when I enter the address, but it does not allow me to type anything into the search bar.

Would a run of MBAM do anything helpful?

A:Google completely blocked

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

1 more replies
Answer Match 45.78%

I am having issues getting google, yahoo and bing to load. I keep getting a error message that says server not found and I get that message with Internet Explorer, Firefox and Chrome. I have scanned my computer and found a few Trojan viruses and cleaned them up so that there are no viruses detected anymore. Does anyone have any advise as to what would fix this problem?

More replies
Answer Match 45.78%

Okay, so this is fairly strange problem I am having. Yesterday I downloaded a file that contained a virus, fortunately Windows 7 picked up on it and was able to quarantine it. However, ever since I got the virus I am strangely unable to get access to any of the Google websites. For example, www.gmail.com just times out. I can make it to www.google.com but not everything on the page loads and you cannot do any searches whatsoever. Absolutely EVERY other website I have attempted to access works just fine with no problems at all. I thought perhaps it was a firewall issue or something but as far as I can tell nothing is being blocked. I am certain it has something to do with the virus but I was able to remove it. I also downloaded some scanner programs like AVG and Spybot and they haven't helped any.

Any recommendations? Thanks
 

A:Access to Google blocked

9 more replies
Answer Match 45.78%

Hi.

I just began to experience a new problem which is universal to firefox, explorer, and opera. Whenever I use the google search bar or attempt to access google.com through the actual address bar, my browser is redirected to a search site called www.results-page.net. Even clicking on this site's link to google.com does not allow me to access it, but instead directs me back to the phony search engine. I am still able to access other websites by using the address bar. Disturbingly, even though almost all searches using the search bar are redirected to results-page.net, if I type in anti-virus companies' names or major shopping websites such as amazon, I am directed to those websites after passing through an intermediate website whose address briefly flashes on the address bar. An example of this intermediate is as follows:

http://92.242.140.21/?nxdomain=http%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dbbb%26ie%3Dutf-8%26oe%3Dutf-8%26aq%3Dt%26rls%3Dorg.mozilla%3Aen-US%3Aofficial%26client%3Dfirefox-a&AddInType=2&PlatformInfo=pbrgen

The IP address is always the same.

I am running the 32-bit version of Windows 7 Professional.

Any help would be greatly appreciated. Thanks in advance!

A:Google access blocked

DownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Please download GMER from here(doesnot work on 64 bit OS)http://www2.gmer.net/download.phpTemporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply. DownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results here

9 more replies
Answer Match 45.78%

Hey everyone,

Im trying to help a friend fix her laptop. Its a sony vaio running vista home basic without sp1. She recently tried downloading adobe reader from some random site on the Internet and upon restart she can no longer visit specific sites such as the entire google directory. She also has yahoo blocked off according to her. she tried downloading firefox but it was the same trouble. She said she gets redirected to random sites when she tries visiting gmail for example. I tried looking in ie addons but didnt see anything suspicious.

I ran a hijack this scan and have attached the log file below. Any help would be really appreciated!

Thanks
 

A:All google sites blocked!

hey everyone. Thanks to those you who took the time to go through my message so far. I was hoping someone could help my friend out as she continues to have the same problem.

One thing i did not mention in the previous post is that she has up to date norton and spysweeper installed from legitimate sources for a while now.

Any help please ?
 

1 more replies
Answer Match 45.36%

I tried to get onto IE ...google is my homepage and this is the message I get:

Malware activity warning

Your ip is blocked because malware activity from you.
Suggestions:
Check your PC for any maleware/spyware activity
If you are still having problems, please install any antispyware/antivirus/antimalware software!

I can't even log into my gmail because of this. It says:
Your IP seems to belong to malware/spyware botnet.

Please check your PC with antimalware/antivirus software
I do have another problem that when my computer starts up I get a little warning about services and controller app....once that's done, I get an error that says "NT authority system shutdown" or something like that and a countdown. I've managed to get rid of that window without it shutting down by typing "shutdown -a" in the command window, but I can't open ANYTHING on my computer. No internet, no files, NOTHING. I can't even shut it when it gets like that. After about 9 -12 time of me getting mad and disconnecting the power, it eventually doesn't come on and things run normally until the next time the computer is shut down again.

Anyway, I'm not sure if the two are related, but here's a logfile from Hijack this....any help is greatly appreciated!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:40:39 PM, on 3/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal... Read more

More replies
Answer Match 45.36%

After typing www.google.com in the address line, I am getting this message in red:
Content Alert: www.google.com is blocked
And " www.childsafebrowse.com/google4.php?site=www.google.com" appears in the address line. I have tried all three browsers and tried to access different sites same results except the google.com gets replaced with the website I type in. Perhaps my kids tried to access some site which must have caused this. Please help.
 

A:Content Alert: www.google.com is blocked

7 more replies
Answer Match 45.36%

Hello all
I have a windows 7 computer that was infected by the Internet essentials virus. I used rkill and malwarebytes and got rid of the virus. But now I can't get to google or gmail, I can get to any other site I want even google maps. It doesn't redirect - it just says "IE cannot display the webpage" I've read so many posts and tried a variey of things--I've check LAn settings "automatically detect" is checked; I checked driver lmhosts - nothing there; I used ccleaner??

Thanks for any advice

A:Google blocked after malware removal

Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

2 more replies
Answer Match 45.36%

Hello,
 
Sometimes I am unable to access yahoo, google, any of the email systems of the two or any associated sites (yahoo answers, google news, etc). It does not matter the search engine -- IE, Chrome, Firefox -- but once or twice a day, I will get a page cannot be displayed message if trying to get to one of those pages. Briefly, my IE homepage was changed to Bing. And, while I could not get to yahoo and google, I could get to Bing, Ask, Blekko, etc.I have no toolbars or anything like that installed. No add-ons (that I know of) either, except for the Avast site checker.
 
I have Avast, which has detected nothing. Ran Malabytes and uncovered a few crossrider files. Quarantined them. Problem persisted. Ran SuperAntiSpyware and uncovered a fake-doc trojan. Quuarantined and removed it. Problem less frequent but still there. Did ADWCleaner and it uncovered another crossrider file and a few corrupted files. Took them out. Problem better but not gone. Ran RKill and found corrupted Hosts file. Repaired that.
 
Much better than when I started but still having some spots when google and yahoo sites will spin their wheels, as do some other sites (including this one) while Bing pops up immediately if I type that in the browser. I'm no where near my data limit with my ISP, so ...
 
Here's my last RKill log. There are perhaps a couple of issues there, but I can't figure out how to handle them. If anyone can tell me what my next move is to finish off this, I'd apprecia... Read more

A:Blocked from yahoo, google sites sometimes

Can you post the logs from adwcleaner and super anti-spyware?

31 more replies
Answer Match 45.36%

Google and Yahoo are redirecting to random other search engines or useless sites; Bing seems to be working. Google and Yahoo home pages come up but links redirect to sites other than intended and login to my gmail and Google acounts goes to a page saying that the security certificate cannot be verified. This occurs in Firefox and IE7. I have tried malwarebytes, Avast normal scan and Avast boot scan and combofix to no avail. I'm running XP Pro.I have an HJT log below:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:02:40 PM, on 12/5/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16915)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\stsystra.exeC:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program... Read more

A:Google and Yahoo redirect and blocked

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 45.36%

Hello,Here's my issue: I'm helping my sister clean up her laptop. I have a feeling she has a virus, but I'm not very computer savvy. She uses Firefox and for some reason it will not connect with any Google services (i.e. Gmail, Blogger, Google, etc) nor will it allow her on search engines like Bing. It specifically says: "Firefox cannot establish a connection to the server." It'll only let her access Yahoo. Then once she tries to search on Yahoo and click on a link it'll redirect her to some random page that has nothing to do with what she clicked on.Actions I took: I told her to run Spybot and she said it removed one thing (she forgot to write the name of it) and it seemed to take care of the redirect issues for now, however the Google issue remains and the audio seems to have stopped working, not sure if that's related.I then received help from Broni who redirected here after looking at some of my previous logs which can be found here: Previous Forum PostI ran DDS and GMER, however when I used GMER the laptop would flash to a blue screen that said: "Page_Fault_In_Nonpage_area" and then the laptop would restart. I did get a DDS Log though, here it is:.DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.19120 BrowserJavaVersion: 1.6.0_29Run by Rosie at 10:45:19 on 2012-01-14Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.893.167 [GMT -8:00].SP: McAfee VirusScan *Disabled/Updated* {91492D4B-0869-000E-92... Read more

A:Blocked from using Google and other search engines

Hello and Welcome to the forums!My name is Gringo and I'll be glad to help you with your computer problems.Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is normal.You can download Combofix from one of these links.Link 1Link 2Link 31. Close any open browsers or any other programs that are open.2. Close/disable all anti virus and anti malware programs so they do not interfere with the runn... Read more

15 more replies
Answer Match 45.36%

Hello,

Here's my issue: I'm helping my sister clean up her laptop. I have a feeling she has a virus, but I'm not very computer savvy. She uses Firefox and for some reason it will not connect with any Google services (i.e. Gmail, Blogger, Google, etc) nor will it allow her on search engines like Bing. It specifically says: "Firefox cannot establish a connection to the server." It'll only let her access Yahoo. Then once she tries to search on Yahoo and click on a link it'll redirect her to some random page that has nothing to do with what she clicked on.

Actions I took: I told her to run Spybot and she said it removed one thing (she forgot to write the name of it) and it seemed to take care of the redirect issues for now, however the Google issue remains and the audio seems to have stopped working, not sure if that's related.

The laptop runs Windows Vista Home Premium

A:Blocked from using Google and other search engines

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download Farbar Service Scanner and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity CenterWindows UpdatePress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply.====================================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware,... Read more

11 more replies
Answer Match 45.36%

Hello, I seem to have a browser hijack problem that redirects the browser when I click on the search results from Google and other search engines. If I click BACK on the browser, I (usually) get to the page I was expecting. The redirect is to a different, apparently random and innocuous site each time. Another symptom that may or may not have the same cause: The browsers are also blocked from access to www.bleepingcomputer.com - I am writing this from a second computer. I figure if the malware didn't want me to go to this site, that it is a good place to start. A third symptom that may or may not be related is that Windows updates do not seem to install themselves now. For the past week when Windows shuts down it attempts to install an 'important update' (I have automatic updates activated). The computer shuts down normally, but the next time I start up, a few minutes after start up there is another (or the same) update ready to be installed. The hijack problem occurs with IE, Firefox, Google Chrome and Safari. I uninstalled and reinstalled Firefox and Google Chrome, but that did not help. I installed Safari AFTER the infection, and the same problem exists. I ran CCleaner, but that fixed nothing. If I run Firefox in SAFE mode or IE in high security mode, then I do NOT see the hijacks from the search pages. However, access to www.bleepingcompter.com is still blocked in all browsers, whether in regular mode or safe mode. I am running Windows XP with SP3.... Read more

A:google hijacked; bleepingcomputer.com blocked

Hi,Please download DaonolFix from the link below and save it to your DesktopDownload Mirror #1Double-click DaonolFix.exe to run it. Select 1. Find Daonol (no fix) by typing 1 and pressing Enter. You will see a lot of files being listed - don't worry, they are just being scanned.A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called DaonolFix.txt).Download ComboFix by sUBs from here or hereNote: If you already have a copy of ComboFix on your system it is essential that you delete it before downloading this copy.**Save it to your desktop**We need to disable one or more of your security programs so that they do not interfere with ComboFix.Right click on the icon in the taskbar notification area & select "Disable Symantec EndPoint Protection".Double click on ComboFix.exe & follow the prompts. If you are prompted to install the Recovery Console I recommend you go ahead and hit yes.When finished, it shall produce a log for you. Please save that log to post in your next reply along with a fresh HJT logNotes:Do not mouseclick combofix's window whilst it's running. That may cause it to stall.ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you - please let me know. ComboFix disconnects your... Read more

1 more replies
Answer Match 45.36%

Sorry too many characters to post
 

A:Google and youtube blocked (ARK.txt as attachment)

Bump
 

2 more replies
Answer Match 45.36%

My computer seems to have suddenly stopped being able to load certain websites. I have tried multiple browsers [chrome, i.e., firefox], uninstalled them all, re-installed, etc. but the problems remain, no matter the browser.

I have deleted all caches and browsing history/cookies. I have run numerous Anti Virus/Malware progs [e.g. AVG, malwarebytes, superantispyware, Ccleaner.. even paid for Registry Mechanic, and ran that] No joy.

Most sites are ok, but sites that i frequently use e.g. maps.google.com and http://fantasy.premierleague.com either don't load or dont load properly. It now seems that Facebook is not loading either.

I am pretty sure it is unrelated, but I have an old Sony Vaio, and in the last week or so have been getting a blue screen on startup with the following message:

"STOP: (000021A FATAL SYSTEM ERROR) THE WINDOWS LOGON SYSTEM PROCESS TERMINATED UNEXPECTEDLY...."

I think the above is Hardware related, and nothing to do with blocked sites. Just as an aside, I have no firewalls, all security settings are set to low, etc. etc. All sites were running fine until about 4/5days ago.

Please help! I am usually competent at fixing these things, but this one was got me stumped - thanks!

DDS.txt below [also see attachment]:


DDS (Ver_09-03-16.01) - NTFSx86
Run by General at 12:19:12.92 on Wed 06/05/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.502.36 [GMT 1:00]


=========... Read more

A:Certain sites blocked e.g. Google Maps

sorted, it was my landlord's router. not my comp at all. cheers.

1 more replies
Answer Match 45.36%

My problems began around midnight, March 31/April 1. My system is Windows XP SP3.Symptom No. 1: Like Phytoman, I have been having a problem with Google search results redirected to other sites. Usually, hitting the back button gets me to the intended search result. This happens in Firefox, Internet Explorer, Google Chrome and Safari. I don't think I have tested for it in Opera, though.Symptom No. 2: Like Phytoman, when I try to access bleepingcomputer.com for help, all I get is a blank page. The problem occurs in several browsers.Symptom No. 3: I cannot run regedit or cmd from the Start|Run line -- not in normal mode, nor in Safe mode. Windows Explorer crashes, then recovers when I try. I can run a renamed version of regedit. I haven't tried doing so with cmd.Symptom No. 4: I can get to the Windows Update site, but get an error when it begins to analyze my computer.Symptom No. 5: I have run the following without luck:a) Norton AntiVirus complete scan Windows Malicious Software Removal Toolc) MalwareBytes Anti-Malwared) SpyBot Search & Destroye) Ad-AwareI use Norton AntiVirus and ZoneAlarm firewall. In a state of exhaustion later on April 1, ZoneAlarm asked if I wanted to allow "~.exe" access to the Internet. I reflexively granted access before I realized what I was doing. The program was allegedly located at "c:/windows/system32/~.exe," but I cannot find any file of that name.Below is my HijackThis log:Logfile of Trend Micro HijackThis v2.0.... Read more

A:Google Hijacked; BleepingComputer.com blocked (2)

Hi,Please download DaonolFix from the link below and save it to your DesktopDownload Mirror #1Double-click DaonolFix.exe to run it. Select 1. Find Daonol (no fix) by typing 1 and pressing Enter. You will see a lot of files being listed - don't worry, they are just being scanned.A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called DaonolFix.txt).Download ComboFix by sUBs from here or hereNote: If you already have a copy of ComboFix on your system it is essential that you delete it before downloading this copy.**Save it to your desktop**We need to disable one or more of your security programs so that they do not interfere with ComboFix.Right click on the icon in the taskbar notification area & select "Disable Symantec EndPoint Protection".Double click on ComboFix.exe & follow the prompts. If you are prompted to install the Recovery Console I recommend you go ahead and hit yes.When finished, it shall produce a log for you. Please save that log to post in your next reply along with a fresh HJT logNotes:Do not mouseclick combofix's window whilst it's running. That may cause it to stall.ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you - please let me know. ComboFix disconnects your... Read more

3 more replies
Answer Match 45.36%

hello,My compaq presario 2100 is running normaly except for the fact that I cannot access anything related to Google.comonthe internet. I have Run Sophos anti virus,Sophos ant rootkit, Zonealarm security suite, and Malware bytes. I have also used ATF cleaner and Hijack this. It sounds to me like I have a version of a Qhost1 virus but i have not been able to find it. Here is my hijack this log,Any help would be greatly apprecited . thanksDDS (Ver_09-02-01.01) - NTFSx86 Run by bruce at 17:49:26.11 on Sun 03/01/2009Internet Explorer: 8.0.6001.18372Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.50 [GMT -5:00]AV: Sophos Anti-Virus *On-access scanning enabled* (Updated)AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated)============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\HPConfig.exeC:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exeC:\Program Files\HPQ\One-Touch\OneTouch.EXEC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Roxio&... Read more

A:all sites related to google are blocked

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for p... Read more

2 more replies
Answer Match 45.36%

Hello, my parents have been having several problems with their computer. It started with google.com not loading, but google.ca would work so they used that instead. Yesterday many of the links in google were redirecting to FilmAnnex. I ran malwarebytes and removed 26 trojans (I have the log too if that would be useful) but today no google sites will load.

I got this message when I started hijackthis: "System denied access to hosts file"

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:19:41 PM, on 5/28/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17108)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Updater.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\DrvMon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C... Read more

A:google blocked and other reccuring problems

16 more replies
Answer Match 45.36%

I started with these posts here, which may give you a general idea of my issue before I was redirected to this forum:http://www.bleepingcomputer.com/forums/topic421638.htmlMajor issue, however. It took forever for my DDS .txt file to open, my CTRL+ALT+DEL doesn't activate anything, and I cannot open anything on my desktop without an incredible delay. I am currently getting a critical error (keeps telling me I have extremely low to non existent RAM and disk space, and saying that it may cause a system failure), and my computer is running incredibly slowly. I have also attached the GMER scan.Side note: I don't know if it makes a difference, but when my computer restarted, it made all of the programs I had pinned in my start menu disappear - if that helps at all.Please help! This is freaking me out ><MyqHere is my DDS log:.DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_22Run by Mikey at 22:44:18 on 2011-10-02Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8183.5745 [GMT -4:00].AV: Norton Internet Security *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}.============== Running Processes ===============.C:\Windows\system32\... Read more

A:Google redirecting, internet being blocked.

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/421645 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

18 more replies
Answer Match 45.36%

Windows XP
Firefox
Trend Micro Internet Security

When I click on a Google link, the link is hijacked about 80% of the time; and after 2-3 minutes, I am taken to a different site from the one I had tried. When I go back to the original Google search and try a second time, it’s usually okay. I was using Trend Micro PC-cillin as security software until today, when it expired. I have now upgraded to Trend Micro Internet Security; and when I try to follow a Google link, Trend Micro blocks the webpage as malicious. (I am also unable to update Trend Micro software. The error message reads, "An error prevented your security software from contacting Trend Micro." I don't know if this problem is related to the hijacking?)

I have downloaded Hijackthis and created two log files. The first is the following:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:37:31 AM, on 5/17/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files... Read more

A:Google hijack OR website blocked

16 more replies
Answer Match 45.36%

I have three machines on our network. All three exhibit the same problem. When you try to navigate to Google or use the Google search toobar, it fails with "Cannot display the webpage" (similar behavior with Firefox). When I scan with Malwarebytes, it doesn't seem to find anything, but for a short period of time, you can use Google. But then the problem returns. It doesn't redirect to ad pages, it just deadends. I'm running the diagnostic tools on the cleanest machine (least amount of of software installed). The DDS results are below with Attach.txt and ark.txt attached. Thanks in advance!DDS (Ver_09-12-01.01) - NTFSx86 Run by Administrator at 21:13:40.17 on Mon 02/22/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.617 [GMT -6:00]FW: Norton AntiVirus *enabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Common Files\Acronis\Schedule2\schedul2.exeC:\Program Files\AVG\AVG9\avgwdsvc.exeC:\WINDOWS\System32\f23hse... Read more

A:Google blocked "Cannot display the webpage"

It seems when I first fire up my router and computer, I am able to access Google just fine. If the machine is up for awhile (being used or not), Google access is hosed again. I see one there was one download on ark.txt so maybe someone took a look at this, but I haven't heard anything back. Is it because there isn't much revealed in the logs? Or did I post something incorrectly? I'm also wondering if it's something in my HughesNet modem. Is that possible? That it might not even be my computers?Thank you for *any* help you can provide....===========Hello While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated ... Read more

14 more replies
Answer Match 45.36%

When I try to bring up google search or youtube i get:
Dom?nio www.youtube.com BLOQUEADO.

Contate imediatamente seu provedor de hospedagem de sites.

I have no idea why it's all in spanish, avast and malwarebytes show no viruses or malware, and my computer whiz uncle has no idea what's going on. I've tried it in both Google Chrome and IE.

Any ideas in "for dummy's" speak would be greatly appreciated. What I don't know about computers could fill an encyclopedia.

A:Google/Youtube blocked on Chrome and IE

It's Portuguese. Can you think of anything that you or the computer did right before this started happening? Hardware or software install, uninstall, update, malware, etc?Are you using any sort of chrome extension that has site-blocking ability?Type 'internet options' into the start menu and then click on it when it shows up in the results. In the security tab, click 'restricted sites' and then the 'sites' button underneath it. Do you have any sites listed there?If possible, I'd like to see a screenshot of this error as well. Instructions

13 more replies
Answer Match 45.36%

Hello,

A few weeks ago my system was infected with a virus that rendered every program useless. A friend recommended someone they know to come take a look at what was going on. They ran a virus scan using AVG and found a few hundred instances of a Win32/Virut.BM virus on my system (along with several other viruses and trojans). After using AVG to remove what was found, he reformatted my C drive and reinstalled Windows. Before that was done, though, I had purchased an external hard drive and copied the files I wanted saved (pics, music and a few programs that I cannot replace as the original software was destroyed in a basement flood). It seems the virus Win32/Virut.BM kept itself alive in my partitian drive D (which he did not reformat for some reason) and was also likely kept alive via programs I wanted to save (he didn't know what the virus was). I have since read up a bit on that virus and deleted any .exe files I had saved, though I wonder about programs that were a part of the external drive to begin with.

Since I found the virus Win32/Virut.BM appeared to be alive and well in my newly formatted system (though it hadn't spread as badly yet), I managed to get an AVG program called rmvirut.exe downloaded and run that seems (I hope) to have removed that virus. However, other damage has been done. I am unable to connect to any technical website via my main PC - everything comes up as a "The connection was reset" and "unable to connect" on bo... Read more

A:Blocked websites and google redirects

BUMP, please.

10 more replies