Tech Problem Aggregator

malware from free gaming sites

Q: malware from free gaming sites

my kids have been going to free game sites and now i have a lot of pop upsi run kasperky and it found type_32 virus then starting quartining my exe. file now i cant even run in regular mood beacuse my desktop is blank im usins save modehere is my logLogfile of Trend Micro HijackThis v2.0.2Scan saved at 12:31:12 AM, on 18/02/09Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16791)Boot mode: Safe mode with network supportRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\HijackThis\wxyz.com.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\Program Files\ESTsoft\ALZip\ALZip.exeC:\Program Files\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com/?p=usR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dllO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXEO4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exeO4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBControllerO4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe"O4 - HKLM\..\Run: [PCLEUSBTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exeO4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exeO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hideO4 - HKLM\..\Run: [ac8f6e71] rundll32.exe "C:\WINDOWS\system32\whfeierk.dll",bO4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKCU\..\Run: [cogad] "C:\Documents and Settings\steven\Application Data\cogad\cogad.exe" 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htmO8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspxO9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLLO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dllO16 - DPF: {23B1D1AE-A29F-4AE2-B76E-CAB6E14811C4} (DHCPConfiguration Class) - http://eserv.sympatico.ca/netassistant/con...adaPortalAX.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dllO16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup152.cabO16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cabO16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cabO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dllO18 - Protocol: intu-ir2007 - {52BAEC6B-9405-46F9-A131-6D50720A3CC4} - C:\Program Files\ImpotRapide 2007\ic2007pp.dllO20 - AppInit_DLLs: efimjf.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dllO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exeO23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exeO23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exeO23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeO23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exeO23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exeO23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exeO23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\System32\WFXSVC.EXEO24 - Desktop Component 0: (no name) - http://www.allaboutpromos.com/product_images/h/346small.jpg--End of file - 9408 bytes

A: malware from free gaming sites

Please download Malwarebytes' Anti-Malware from HERE or HERENote: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Full Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.NEXTPlease download RSIT by random/random and save it to your Desktop.Double click on RSIT.exe to run RSITBefore you click "Continue", make sure you change the List files/folders created or modified in the last 3 monthsClick Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt and info.txt in your next reply.NEXTPlease download GMER and unzip it to your Desktop. <<mirror>>Open the program and click on the Rootkit tab.Make sure all the boxes on the right of the screen are checked, EXCEPT for ?Show All?.Click on Scan.When the scan has run click Copy and paste the results into a Notepad >> save it and attach in this thread.IMPORTANT: Do NOT run any program while you are doing these scans as it may interfere with the output resultsPost me these logs in your next reply.. Post each log in separate post..1. Malwarebytes'2. RSIT log.txt3. RSIT info.txt4. Attach GMER result..

40 more replies
Answer Match 60.48%

I thought it would be a good idea in keeping with the overall goal of this site to start a thread to give people a list of legal and secure sites for downloading free or dirt-cheap movies, music and software/games.
I believe this would helpful in terms of not just telling people not to visit/support pirating websites,
but to also give them other alternatives so that there wouldn't be a temptation to go there anyway
(And also for people like me that Don't want to steal, but also don't want to pay more than I have to)
 
Master list of sites for free/dirt cheap movies, music and free/free to try software:
 
Music
 
Open Music Archive
LEGAL NOTICE:
Contains music with expired copyright according to UK copyright law, which states that the copyright expires 70 years after the author's death.
As such, some of the music may be considered "pirated" in countries with longer copyright periods.
For example, The longest copyright period I know of is Mexico (100 years after the author's death).
 INCOMPETECH
This guy composes his own music and gives it away for free!
 
Movies and/or TV
Hulu 
Movies and tv free with ads, or (for cost of membership) watchable without ads.
 
http://www.epixhd.com/ 
Free for Dishnetwork users?
 
Netflix
Not completely free, but VERY low price!
 
 
Software
WARNING! As stated by Quietman, Many free Software Sites contain ads  or link to sites containing ads with misleading down... Read more

A:Good source sites for secure & legal free movies and free/free to try software?

That is a good question.
When I think about it Hulu does have movies.
I use Netflix.
I can use http://www.epixhd.com/ as I have Dishnetwork and can use that to be able to watch. Yup, just tested works good.
Many of the Movies channels can be watched that way.
 
Cheers
Roger

10 more replies
Answer Match 51.66%

Hello
This thanksgiving i was download a few files from the internet.. and wha thappened next is that .. whenever i search for something on google, it redirects to a new site that are allll maliciious sites/porn sites !! I am scared to death as this is my office laptop and i am not the kind to browse for this sort of stuff, especially on my office laptop ! I am sure there is a lot of viruses/malwares infecting my laptop . I tried running sophos antivirus , avast antivirus (which did remove a few viruses)) , followed by malware-byte antimalware and spyware doctor. The problem still remains !! I have tried this on IE , Firefox and Chrome. Problem persists on ALL of them !!
Please help me ... here is the contents of the dds.txt pasted below , and the attach.txt and ark.txt are attached. Thanks !!!!

DDS.txt ---
DDS (Ver_09-11-29.01) - NTFSx86
Run by 203017980 at 12:18:36.74 on Mon 11/30/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_10
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2038.1152 [GMT -6:00]

AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
AV: Sophos Anti-Virus *On-access scanning enabled* (Updated) {3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD}
AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
FW: Sophos Client Firewall *enabled* {0786E95E-326A-4524-969... Read more

A:Malware infected. Redirects google searches to mal-sites and porn-sites

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 50.82%

Well, I have an extra PC which I would like to fix so I can make use of it.
Well, it happened when out of no where, I received those weird progams on my PC which are those fake Virus scanners and such. i then deleted it from the source, and ran my Nortan scan and my spysweeper, and they found nothing wrong with my pc.
Now, the PC will NOT let me go to "important" sites. For example, Bank of America, Paypal, anti-virus sites, Ebay, etc. But will let me go to sites like Myspace or forums. I had my favs on my toolbar as tiles so its easier to access them, i had about 10 of them, and now only 5 remain after the whole thing happened, and the 5 that were removed were "important" sites. Almost every thing on my tool bar was removed, including File, Edit, View, Tools, and such. My search engine is still displayed though.
Also, when I go on my search engine, each link leads to a ad site. What happened to my pc?
What can I do to get it up and running like before?
 

A:My PC won't let me go to certain sites like paypal or anti-virus sites, Malware?

It sounds like something "nasty" has infected your computer. I wouldn't advise accessing bank sites and other confidential sites right now.

Go here and click the green icon to download Malwarebytes Anti-Malware 1.39. After it's installed, run its update function to insure that the latest definition files are installed. Run a "quick scan" with it. When it's finished, select and allow it to fix everything it found. Restart your computer if prompted to. Return here to your thread, then copy-and-paste the scan log here.

----------------------------------------------------------------
 

3 more replies
Answer Match 49.56%

Hi all!

What do you think I should use as a second opinion scanner?

Until now I use ESET + MBAM. I never used EMSISOFT but I always hear good things about it
 

A:EMSISOFT Anti-Malware free or MBAM Free as a second opinion scanner

Why not both using MBAM and Emsisoft Emergency Kit? On demand scanners should help you to track down potential infections as possible with various tools available.

Emsisoft AM is a full blown AV but it can be experimental on other security products as combination just use at your own risk as possible.
 

21 more replies
Answer Match 49.14%

Dell Desktop Windows Vista Home Premium

Im running AVG Free Editon as my virus protections software. I was wondering if there are any other Free virus programs that work better than my AVG Free Edition.
Im also running Windows Defender as my Spyware/Malware protection program. Are there any other spyware/malware protection programs that work better than Windows Defender?

Any suggestions appreciated,
Thank you
 

A:Best Free Anti-virus? Best free Spyware Malware protection?

The most problems that i find is with the info that cookies manage to send out.. as for the good old virus i can honestly say that i can blame that on Zone Labs. so i got me a virus checker and malware or cookie killer.all i can say is that you get nothing for nutin in this world. so do yourself a favor and spring for the few bucks, this i can honestly tell you, my internet provider supplies the big MAC for free and yet i prefer zone alarm.

have a good day
73
Murray
 

1 more replies
Answer Match 49.14%

hi to all,
not really a problem but rather some input, could you good people in the know tell of some good " free " on-line game sites that are user friendly and will i need a game pad.

thanks in advance
 

A:on-line gaming sites ???

10 more replies
Answer Match 47.88%

OK here is my problem. I am running Windows XP Pro and also have Office Pro installed. I have 2 poker gaming sites that I play on, Full Tilt Poker and Ultimate Bet, suddenly not allow connection. I have been playing on both of these sites for a number of months now and I have at least determined that it is not an accouint problem. I can still access them from my home computer.
The only difference on this computer I'm writing from now is that my company recently installed MAS 90 as our new system, this occured last Thursday 12-2-04 and I have not been able to get on these 2 sites since. I have tried uninstalling and reinstalling but to no avail. Any suggestions?

Sincerely,
dahlgren
 

A:Sudden loss of poker gaming sites!

are u trying to play or access these sites from work? Is it your company or are you an employee? could maybe the boss put a block on certain sites, or games?
 

2 more replies
Answer Match 47.88%

HI there i am looking into getting a free website that i can share some helpful health tips any recommendations on where and what type of website i should create for easy of use.

thanks
 

A:free web sites

google provides a good free system - https://sites.google.com/?pli=1
 

2 more replies
Answer Match 47.88%

Are there any free sites to fix registry errors? I also need info on a great program to recover my MP3 files which corrupted while transferring back from Mem stick to HD,(Syntax errors?) & is there another site besides DSS that you can recommend, or is DSS back up & running? Thanks for any help in these areas. Oh, My Hard drive says it has 15.9gb of info stored on it, but when I go thru all the files in explorer, it only shows that I have maybe
5gb of data stored... Where or what is the other 10gb of memory attached too?

Thanks again.

A:Any Free sites to help me??

If you have registry errors in the system registry the only way to fix them is to restore from a good backup of the registry. If you have backed up the registry then you can restore from this. Becasue of the varying registries it is impossible to get any program that will run and repair, rebuild or anything like this, there is just no way this can be done, you can make yourself the richest person alive if you can create a program that is able to do this and correctly in every way.

As for the other 15.9 Gib of info I woudl suggest removing the hard drive from this computer and installing it into another computer on the secondary IDE cable as a slave drive and see if you can access the files from their and save them to the other hard drive and then burn them to a disk.

The best thing to do in the future is to get a program like Acronis True Image

http:\\www.acronis.com

and backup everything to an external hard drive then you will not worry about this happening again.....

1 more replies
Answer Match 47.46%

My PC at home has suddenly been attacked. I had been using CA Anti-trust successfully for a few years, but it appears it was overpowered. I did some research on a laptop to try to narrow the list of suspects and it looks like Conficker or Downadup are suspects, but using some online removal tools, the scans are showing up negative. I still think I'm on the right track, though. I purchased Panda Internet Security 2009, but couldn't get it to update the definitions via the update wizrd, getting an error message that I needed an open internet connection and that the server was unavailable (error msg 12007). Online Panda support attributes that to Conficker and says to go to Start/Settings/Network Connections/Properties, scroll to TCP/IP and click the "Obtain DNS settings automatically", which I've done without any success. I saw a post on this forum that a virus called DNS_Changer may impact on this. I purchased PCTools Spyware Doctor with virus protection with the intention of getting my Panda purchase refunded due to lousy support. I disable Panda, installed PCTools Spyware Doctor, updated the definitions without a problem and ran the scanner. It picked up 90 infections, mostly cookies, but 10 medium threat trojans, including DNS_Changer. I selected the remove all and re-ran the scanner (I overlooked the re-boot, accidentally) and left for work (where I remain now) and am anxious to see what progress I find on my return home.

Your forum, by far, seems... Read more

A:Malware sites redirected, no spyware/malware updates - Recycler

16 more replies
Answer Match 47.46%

Hi,

I need to restrict access or rather, block altogether if i can, access of one of the computers on my local wireless network, to online multi-player gaming sites, in particular Age of Empires and Voobly.com, which also uses a messenger type program for them to chat.

I've searched and searched online, but alas, have come up with nothing that i understand. I've tried doing the block ports thing, but am unsure if what i've been doing is right. I have blocked Voobly.com under domain and URL settings via the router admin page, but for some reason, it only seems to be denied on my computer. I even went so far as to register and download relevant programs to my computer, for Voobly, so i could see if the blocking worked. Seems it's only my computer that's blocked, i didn't specify ip or mac addresses.

I am unable to get on the other computer as it's not mine, and it's also password locked. I don't know the password.

I have a D-Link G640T Generation II.

Any advice on whether, and HOW i could do this, would be much appreciated.
The constant sound of the mouse clicking and being bashed about, as well as the sledge hammer like method of using the keyboard along with the constant swearing at other players is driving me insane! There are other reasons i have as well, but this isn't a "Partners of online gaming addicts support forum" ...

I hope i'm in the right place for posting this!
 

A:How do i Restrict access to Gaming sites via D-Link DSL G640T

Anyone?
 

1 more replies
Answer Match 47.46%

Hi are these 'free' MP3 sites Legal & safe from viruses etc? Any one used them?

http://top3mp3reviews.com/mp3downloads.htm

http://beemp3.com/

Also which are the best sites for audio books? Any legal free ones?


Thx
 

A:Are These 'Free MP3' Sites Legal?

6 more replies
Answer Match 47.46%

Can some one tell me where all the free firewall,anti virus,are for vista I have just bought my laptop and I am struggling for software.

I wish I still has my x/p

I got Microsoft 2007 will this work on vista or is there another one I need to buy
 

A:Where Are All The Free Software Sites

Look over in the right hand column for firewall, antivirus, antispyware and such:
http://www.winvistaclub.com/download.html
 

1 more replies
Answer Match 47.46%

Hello, I like to d/l and convert music mostly real audio converted to wave files.

If anyone knows or has used d/l sites would you care to provide me with the addresses.

Thanks
 

A:free dowload sites

Depends on where you want to download the RealAudio files

www.download.com - my fave choice
www.majorgeeks.com
www.tucows.com

All these sites are free. I haven't seen a .RM / .RAM coverter for a while though.
 

2 more replies
Answer Match 47.46%

Sorry if this isn't an 'urgent' problem....

but i just recently purchased my first digital camera. I loaded it (and the memory card) up with pics and would like to put them on the web somewhere. Anybody have any suggestions for a good free site to create web albums?? i heard yahoo has decent service, but the pics are small and it is difficult to navigate. i also heard webshots is ok, but it has loads of popups and spammish stuff and that you can't put descriptions under your photos.

any suggestions would be greatly appreciated, thanks!
 

A:Web album sites for free?

16 more replies
Answer Match 47.46%

Does anyone know of a safe spam download site? I want to try to get rid of spam on my my outlook express mail and my internet server told me to download a spam blocker, but I want something free if possible and safe. So anyone have some suggestions. Thanks!
 

A:Free Download Sites

6 more replies
Answer Match 47.04%

Ok this is weird. I run Ntl netguard, and Spyware Doctor. A few days ago, SpyDoc refused to auto update. Nothing strange thought I, site must be down.

Well its been four days now. Then I noticed I couldn't connect to Microsoft to do updates either. On further investigation, I found I can't connect to ANY legit malware sites. I have run Spybot, Ntl netguard, Malware Byte's anti malware, and Norton AV, none found anything wrong.

However, I tried setting up a proxy within Firefox, and CAN connect to the sites I couldn't otherwise. (albeit incredibly slowly).

As things stand, I can't update any malware software, and assume my poor PC must have caught something new and nasty.

Please help

Hi jack this follows:-

Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:10:08, on 19/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ntl\ntl Netguard\fws.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterSer... Read more

A:Help Pls! Can't update Malware Protect or Visit Any Malware Sites

sorry, bump
 

2 more replies
Answer Match 46.62%

i dont need much...

200-300mb space

bandwith, not to picky

and at least a 4mb file size upload

ftp would be nice

as for banners bottom of page, none, or text.
 

A:can anyone recomend free web space sites

6 more replies
Answer Match 46.62%

I was wondering if anyone can provide me with the best sites to watch movies on line for free. I would appreciate all and any suggestions.
 

A:Best free on line movie sites

6 more replies
Answer Match 46.62%

I have always enjoyed looking at aerial views of different locations. I guess some of them are taken from SATELLITES and from what I have heard some from airplanes.

What are some of the better sites for the most up to date aerial views? I haven't been able to access SATELLITE views within Google Maps the last few days for some reason.

Thanks in advance

DAVID
 

A:What are the best FREE sites for SATELLITE views...???

go to google earth, it works great if you have high speed internet, if you have dialup forget it
 

2 more replies
Answer Match 46.62%

I am wondering are there any Free Online Storage sites where I can store files and folders and is over 5gigs? I have X-Drive and that company is giving me crappy customer service.
 

A:Free Online Storage sites

16 more replies
Answer Match 46.62%

How can I get a site on downloading free anti virus sites without paying a fee?
 

A:free repeatitive virus sites

8 more replies
Answer Match 46.62%

I've been away from seeing if you can still download free music from sites virus free. Is that still possible? Please send me a few sites if you can.
Gusline
 

A:Are there still free music dowload sites?

YourMP3.net
 

3 more replies
Answer Match 46.62%

I'm really a rookie when it comes to building your own web pages. Iin fact I just want want to work too hard it or, right now, pay for anything. I just downloaded a program called WebEasy Pro Express, a freeware utility that suposedly will make me a nice little page. So now I need a place to build it. Any recomendations for free ones? I'm signed up with Yahoo Geocities , which lets you upload your own files but only up to 5MB and I've messed around with Lycos Tripod before. Other than that I'm open for suggestions. By the way I want one that lets you upload your own files.
 

A:Lookig for free sites for web page

Hi,
It's pretty nice .
Have you checked any free hosting providers?
Try these:
http://www.free-webhosts.com/
http://members.freewebs.com/
http://www.100best-free-web-space.com/
Good luck!
 

2 more replies
Answer Match 46.62%

Howdy,Any recommendations for free LEGAL movie sites ?I Googled free movie sites and there are a lot of them. For the most part I can't tell which ones are legal.Some are pretty obviously illegal such as those offering the movie Avatar.Thanks for your time.Dennis Hope this is the correct forum ?

A:Free Movie Sites/ Recommendations ?

Alot of those so called free sites make you go to another site to do some odd ball survey. Those second sites can be loaded with Malware,Spyware or Scareware or worse.

Your best and safest bet is to just sign up to NetFlix.

6 more replies
Answer Match 46.2%

I've been seeing here that Emsisoft Anti-Malware is free for 30 days, after 30 days of use will be able to scan and remove malware that it finds?
I do not want to use it with real-time protection, I have ESET for it, I use it as I use Malwarebytes Anti-Malware Free, only for weekly scans!
Thank you
#Translator
 

A:Emsisoft Anti-Malware Free'll be able to scan and delete the malware?

Download emsisoft emergency kit

Emsisoft Free Emergency Kit: Portable malware scanner | Free removal of Viruses, Bots, Spyware, Keyloggers and Trojans

it's scanner without real time, full free
 

3 more replies
Answer Match 46.2%

Howdy,

Just wondering if there are any free sites that allow you to download music ?
I am interested in only LEGAL sites. I am guessing that it would have to be music that is no longer copyrighted.

I did a search on Google and found some that claim to be legal but I thought I would check with Bleeping Computer for input.

Does anyone have experience in this matter ?
Thank You for your time
Dennis

A:Legal Free Music Download Sites ?

If you go to winamp.com you can download free music overthere, as wel as mp3.com

5 more replies
Answer Match 46.2%

Till now, I've been using esnips for (non bit torrent) free file sharing. Problem is:

esnips started requiring the esnips download manager for any esnips download and
The new esnips installer includes sneakware: it installs its own home page, search page, etc. unless one carefully reviews and unchecks all the installation options
So everytime i give someone a file sharing link i don't want to worry about warning them about the sneakware (and worse yet, they overlook the options and install the sneakware by mistake)
Any other good site recommendations? And would you know how they compare to ensips offer of free 5GB storage with 200MB limit per file?
 

A:Recommendations for free file sharing sites?

DropBox is pretty awesome; I use it a lot. If you upload via the desktop app, there's no limit on the file size, but you're limited to 300MB per file if you use the web browser uploader. The max for free storage is 2GB I believe.
 

6 more replies
Answer Match 46.2%

wondering what others recommend in the free price range?

A:best free windows programs for creating web sites?

  
Quote: Originally Posted by macgig


wondering what others recommend in the free price range?


Notepad++

5 more replies
Answer Match 46.2%

can anyone recommend any free to use music download sites preferably no p2p as i have previously had kazaa edonkey and morpheus and all were nothing but trouble, my laptop speed diminished adn it was awfull, i have now erased my computer of them and i'm looking for a site i can use to downlad music for personal use which is free and not p2p if such a site/software exists, thanks in advance
 

A:are there any safe free music dowload sites?

Well, obviously any truly free music will be limited, you won't find any big name artists on free websites for obvious reasons. I know that www.MP3.com used to have free downloads, but I haven't been there in several years.
 

2 more replies
Answer Match 46.2%

Say I want to upload some files on their space/site whatever for temporary and access them later online., and grab it back from their site etc. So like online hard drive.

I know itheirs FTP but thats confusing.
 

A:Any free sites on the net that allow space for temporary storage

8 more replies
Answer Match 46.2%

Guys,

My Web of Trust, a color coded website reputation rating tool that rates sites for Trustworthiness and Child Safety using community driven ratings based on personal experience has a forum that talks about this topic. Is there a way that a small amount of advertising could be used without compromising the safety and security of one's computer? Is this true that some of these sites will even bypass-secure encryption through PUP programs?

How can we be safe in using our computers in this regard?

Here is the forum topic:

https://www.mywot.com/en/forum/5580...ere-s-the-proof?comment=294182#comment-294182

Jack
 

A:The Problem With Crapware on Free Download Sites

Here's an explanation of SuperFish: http://en.wikipedia.org/wiki/Superfish
 

1 more replies
Answer Match 46.2%

Googling for 3D games, I stumbled across "*The polynomial*" on
http://dmytry.com/games/
- and fell in love with the screenshots.
So I downloaded and unzipped it.

And got frustrated because I couldn't see it "with depth" - which was why I had bought this PC.

Here is what to do to get it displaying stereoscopically:

Update the drivers: http://aps2.toshiba-tro.de/kb0/TSB1C038G0000R01.htm
Calibrate the display using Windows' Start button, "All Programs", "SuperD Software", "X-tune", "X-tune".

*Now to the game*:
Ensure no external displays are active (use Win+P)
Start polynomial.exe
Press ESC to get to its control panel.
Click Display, "Fullscreen" and "Side by side".
Click "Play Demo".

I get the same picture in the left and right halves of my display.
Now comes the bit I battle(d) with: using your right fore-finger, press the
"3D" button above your keyboard (2 rows above the "Backspace" key).

SuperD Face Tracking should start automatically, and the blue light beside the webcam
lights up. (May take a couple of seconds.)
Unfortunately, Polynomial has thus lost the focus and is minimized.

Does anybody know why? Or how to prevent that happening?

Use Alt-Tab to return to Polynomial. It should reappear in full-screen mode.
If you've still got the 2 similar views next to each other, prod the 3D key again. Wait a few seconds.
(Sometimes I... Read more

A:Qosmio F750-11U (glasses free 3D) - Question regarding gaming in 3D

Hi

Did you manage to get this online 3D game running in 3D?

From my knowledge depending on game, it does not work with glasses free 3D mode and work with 2D mode.

In your case I would recommend testing the glasses free 3D mode in connection with other games too.

6 more replies
Answer Match 46.2%

PROGRAMS

Droid4x (For android emulation)
VirtualBox (For Windows emulation, Ubuntu emulation, Kali Linux emulation)
AOMEI Backupper (For backups)
AOMEI Partition Assistant (For managing partitions)
EagleGet (For managing downloads)
AutoHotkey (For automation)
Pulover's Macro Creator (For automation)
Cheat Engine (For modding)
Classic Shell (For shell customization)
ShareX (For sharing basically everything)
Patch My PC (For updating)
Iobit Uninstaller Portable (For uninstalling)
Revo Uninstaller Portable (For uninstalling)
...and more

IMPORTANT NOTES:
I virtualize everything except for updating and gaming.
I might have forget my other stuff since I test software too much and busy with school.
Android OS is Cyanogen.
I have a backup schedule every month.
System is backed up by AOMEI Backupper.

WAITING FOR:
Stable release of NVT ERP free!

MY DESKTOP
I AM OPEN TO SUGGESTIONS!​
 

A:XavierGaming's Free Gaming Optimized Configuration - UPDATE 7

Forgot to mention that this configuration uses very little system resources
 

29 more replies
Answer Match 46.2%

Feel free to recommend free security softwares in the comments section!
 

A:XavierGaming's Free Gaming Optimized Configuration - UPDATE 4

Forgot to mention that this configuration uses very little system resources
 

28 more replies
Answer Match 46.2%

PROGRAMS

Droid4x (For android emulation)
VirtualBox (For Windows emulation, Ubuntu emulation, Kali Linux emulation)
AOMEI Backupper (For backups)
AOMEI Partition Assistant (For managing partitions)
EagleGet (For managing downloads)
AutoHotkey (For automation)
Pulover's Macro Creator (For automation)
Cheat Engine (For modding)
Classic Shell (For shell customization)
ShareX (For sharing basically everything)
Patch My PC (For updating)
Iobit Uninstaller Portable (For uninstalling)
Revo Uninstaller Portable (For uninstalling)
...and more

IMPORTANT NOTES:
I virtualize everything except for updating and gaming.
I might have forget my other stuff since I test software too much and busy with school.
Android OS is Cyanogen.
I have a backup schedule every month.
System is backed up by AOMEI Backupper.

WAITING FOR:
Stable release of NVT ERP free!

MY DESKTOP
I AM OPEN TO SUGGESTIONS!​
 

A:XavierGaming's Free Gaming Optimized Configuration - UPDATE 6

Forgot to mention that this configuration uses very little system resources
 

29 more replies
Answer Match 46.2%

MY GOAL

My goal is to achieve a high level of security without compromising usability and comfort.

PROGRAMS

Droid4x (For android emulation)
VirtualBox (For Windows emulation, Ubuntu emulation, Kali Linux emulation)
AOMEI Backupper (For backups)
AOMEI Partition Assistant (For managing partitions)
EagleGet (For managing downloads)
AutoHotkey (For automation)
Pulover's Macro Creator (For automation)
Cheat Engine (For modding)
Classic Shell (For shell customization)
ShareX (For sharing basically everything)
Patch My PC (For updating)
Iobit Uninstaller Portable (For uninstalling)
Revo Uninstaller Portable (For uninstalling)
...and more

IMPORTANT NOTES:
I virtualize everything except for updating and gaming.
I might have forget my other stuff since I test software too much and busy with school.
Android OS is Cyanogen.
I have a backup schedule every month.
System is backed up by AOMEI Backupper.

WAITING FOR:
Stable release of NVT ERP free!

MY DESKTOP - WINDOWS 10 HOME

MY BROWSER - SLIMJET


 

A:XavierGaming's Free Gaming Optimized Configuration - UPDATE 9

Forgot to mention that this configuration uses very little system resources
 

34 more replies
Answer Match 46.2%

WARNING

As I've test the incompatibilities, patches, and scripts on my virtual machine, I have made tweaks to this configuration both concerning system and settings. The tweaks I've made to this system are critical and will cause system instability if not configure automatically. In addition to that, I've made custom scripts made with AutoHotkey to optimize the compatibility of some of my security software. These scripts are unique to each software and are converted to an executable. If you wish to copy my configuration, PM me or do extensive research as the scripts and settings that I made for my configuration are critical to compatibility and optimization.

MY GOAL

My goal is to achieve a high level of security without compromising usability and comfort.

PROGRAMS

Droid4x (For android emulation)
VirtualBox (For Windows emulation, Ubuntu emulation, Kali Linux emulation)
AOMEI Backupper (For backups)
AOMEI Partition Assistant (For managing partitions)
EagleGet (For managing downloads)
AutoHotkey (For automation)
Pulover's Macro Creator (For automation)
Cheat Engine (For modding)
Classic Shell (For shell customization)
ShareX (For sharing basically everything)
Patch My PC (For updating)
Iobit Uninstaller Portable (For uninstalling)
Revo Uninstaller Portable (For uninstalling)
...and more

IMPORTANT NOTES:
I virtualize everything except for updating and gaming.
I might have forget my other stuff since I test software too much and busy with school.
Androi... Read more

A:XavierGaming's Free Gaming Optimized Configuration - UPDATE 10

Forgot to mention that this configuration uses very little system resources
 

35 more replies
Answer Match 46.2%

PROGRAMS

Droid4x (For android emulation)
VirtualBox (For Windows emulation, Ubuntu emulation, Kali Linux emulation)
AOMEI Backupper (For backups)
AOMEI Partition Assistant (For managing partitions)
EagleGet (For managing downloads)
AutoHotkey (For automation)
Pulover's Macro Creator (For automation)
Cheat Engine (For modding)
Classic Shell (For shell customization)
ShareX (For sharing basically everything)
Patch My PC (For updating)
Iobit Uninstaller Portable (For uninstalling)
Revo Uninstaller Portable (For uninstalling)
...and more

IMPORTANT NOTES:
I virtualize everything except for updating and gaming.
I might have forget my other stuff since I test software too much and busy with school.
Android OS is Cyanogen.
I have a backup schedule every month.
System is backed up by AOMEI Backupper.

WAITING FOR:
Stable release of NVT ERP free!

MY DESKTOP
I AM OPEN TO SUGGESTIONS!​
 

A:XavierGaming's Free Gaming Optimized Configuration - UPDATE 5

Forgot to mention that this configuration uses very little system resources
 

29 more replies
Answer Match 46.2%

PROGRAMS

Droid4x (For android emulation)
VirtualBox (For Windows emulation, Ubuntu emulation, Kali Linux emulation)
AOMEI Backupper (For backups)
AOMEI Partition Assistant (For managing partitions)
EagleGet (For managing downloads)
AutoHotkey (For automation)
Pulover's Macro Creator (For automation)
Cheat Engine (For modding)
Classic Shell (For shell customization)
ShareX (For sharing basically everything)
Patch My PC (For updating)
Iobit Uninstaller Portable (For uninstalling)
Revo Uninstaller Portable (For uninstalling)
...and more

IMPORTANT NOTES:
I virtualize everything except for updating and gaming.
I might have forget my other stuff since I test software too much and busy with school.
Android OS is Cyanogen.
I have a backup schedule every month.
System is backed up by AOMEI Backupper.

WAITING FOR:
Stable release of NVT ERP free!

MY DESKTOP
I AM OPEN TO SUGGESTIONS!​
 

A:XavierGaming's Free Gaming Optimized Configuration - UPDATE 8

Forgot to mention that this configuration uses very little system resources
 

34 more replies
Answer Match 45.78%

First indication that I had a problem was that my AVG said I had a trojan. It was called "Trojan Horse Patched_c.lxt"

It was whitelisted...appearing in services.msc. Also FF was redirecting like crazy. IE wasn't though.

I did a virus scan with AVG and it displayed the following.

Trojan Horse Patched_c.lxt
Trojan Horse backdoor.generic15.axla
Trojan Horse generic28.anic
Trojan Horse dropper.generic6.anla

I disabled my anti-virus and spyware stuff, and then ran combofix but it froze during the "deleting folders" part. I restarted and did an AVG scan...nothing showed up. Also FF is not re-directing now. Am I clean?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:31:29 PM, on 7/24/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Users\Seth\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Seth\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\PROGRA~2\AD-AWA~1\AdAware.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Softwar... Read more

A:Friend visited one of those free movie sites...now my PC is infected :(

I ran combofix, and the viruses seem to be gone because AVG is no longer catching anything, but now I get blue screen of death and I'm having problems restarting. I get the "Reboot and Select Proper boot device" error.
 

2 more replies
Answer Match 45.78%

First indication that I had a problem was that my AVG said I had a trojan. It was called "Trojan Horse Patched_c.lxt"

It was whitelisted...appearing in services.msc. Also FF was redirecting like crazy. IE wasn't though.

I did a virus scan with AVG and it displayed the following.

Trojan Horse Patched_c.lxt
Trojan Horse backdoor.generic15.axla
Trojan Horse generic28.anic
Trojan Horse dropper.generic6.anla

I ran combofix but it froze during the "deleting folders" part. ***Yes, I know I wasn't supposed to run this until being told to do so, but I read about it on a random thread on another site before seeing that on this forum*** I restarted and did an AVG scan...nothing showed up. Then I re-ran Combofix and it went all the way through. The viruses are gone but now after 20 minutes or so I get the BLUE SCREEN OF DEATH Anything I can do at this point because I'm seriously considering re-installing windows...

A:Friend visited one of those free movie sites...now my PC is infected :(

DownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan resultsDownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

17 more replies
Answer Match 45.78%

Hi, i just started looking into online TV.
Long story short theres tons of stuff to dig through, and i have no idea as to whats sites and or software are even worth the while.

I went through a handful of sites after a few search queries only to be disappointed.
Some are free but offer junk channels, and others are simply pay sites...which i know theres got to be good sites that offer it for free.
And others need a client to be downloaded and installed...hmmmm....
Anyways, any and all suggestions would be greatly appreciated.

Currently im no too picky about the channel selection, as i dont really know whats offered just yet. Im in the USA so channels in the states is a must...at least in English.
However, i would love to watch and listen to foreign channels...if in English.

Thanks all
 

A:Suggestions for online TV - sites / free clean software?

Hi,
Useful reviews & links here at Tech Support Alert. All free, legal etc:
http://www.techsupportalert.com/best-free-online-tv-viewer.htm

Richard
 

3 more replies
Answer Match 45.36%

I am using Win 8.1 and I run Avast free version, and malwarebytes on a regular basis.  Lately, I have had issues with both chrome and firefox flash player crashing and a problem with scripts on firefox.  Also, Avast keeps blocking sites that I have not opened.  Please help.  A run of both Avast and Malwarebytes shows nothing...

A:avast free continually blocks getfilenow.co.il and other sites I have not opened

resulsts of dds
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17416  BrowserJavaVersion: 11.25.2
Run by asus at 11:54:50 on 2014-12-09
Microsoft Windows 8.1  6.3.9600.0.1252.1.1033.18.3982.1710 [GMT -6:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files ... Read more

7 more replies
Answer Match 42.84%

Is there a list of current malware sites to be avoided? Can entering sites in the Restricted Site list of your Browser, prevent these sites from downloading to your computer? Can wild cards help prevent hijackers from changing their addresses to get around Restricted Sites lists?Mod Edit: This will be moved to a more appropriate Forum.

A:Malware sites

Even if there were a reliable list of such sites, the list would be too long to consider entering each instance into your restricted zone. Moreover, many of these sites come and go on a weekly basis, so keeping current would be a full time job.I would think the best approach would be to turn IE to a very high setting for ALL websites, or to use an alternative browser. See section 13 of the tutorial linked below for recommended IE settings:http://www.bleepingcomputer.com/forums/Sim...rnet-tut82.htmlRegards,John

1 more replies
Answer Match 42.42%

Hello,

My computer has recently become infected with some kind of virus/malware. I have went through the steps outlined and have posted my log below. As for what is going on, my computer a few days ago started acting very strange. My search clicks would get redirected and at one point a fake anti-virus system icon became installed on my taskbar. I had great difficulty getting anything to work at first, but after running SpyBot I was able to identify that this was a CoolWebSearch spyware problem. The anti-virus icon is gone, but Spybot and CWSshredder keep coming back with positive results for cws.alfasearch and cws.olesearch. My searches are still getting redirected and my computer performance is slower than usual.

What steps should I take now? I would truly really appreciate feedback on this issue.

SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k L... Read more

A:Malware redirecting sites

Hello, and welcome to TSF.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Also, I'd be grateful if you would note the following: The fixes are specific to your problem and should only be used for the issues on this machine.
Do not install/uninstall anything on your computer unless advised.
Do not run any other scanning tools other than those instructed for you to use.
Follow the instructions on the order they are given.
Stay with this thread until advised when your computer is clean. Absence of symptoms does not necessarily mean a clean computer.
If you are being helped regarding this problem on another forum please advice us so that we can close this thread.
And lastly, if you have any questions, please ask before proceeding with any of the advised fixes.
_________________________________________________

If you are using Vista/Win 7, you will need to right click and choose "Run as Administrator" to run the tools we will use.
Also, please note to post the entire contents of the logs as the first DDS log has been cut off.

5 more replies
Answer Match 42.42%

Hello,

I believe I have gotten some form of malware from a friends USB drive. Since then I have not been able to access sites for Windows Update or any virus removal sites including Symantec. All of my browsers tell me they cannot find the server. I discovered the problem when I tried to download some updates from the Windows Update server. It does not appear to hamper any other aspects of the computers functionality.

I am running:
Microsoft Windows XP
Professional
Version 2002
Service Pack 2

Requested logs below:
Thanks in advance for any help.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_31
Run by User1 at 10:50:18 on 2012-03-14
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2559.1462 [GMT -8:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Hexamail Vault\hexamailvault.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\deepinvent\MailStore Server\MailStoreServer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec\Ghost\ngserver.exe
C:\... Read more

A:Malware Blocking Sites

Hi and welcome to TSF.

My name is Iain and I will be helping you clean your system.

You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix. You should not have any open browsers or live internet connections when you are following the procedures below.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your logs are clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.

If there is anything you don't understand, please ask BEFORE proceeding with the fixes.

Please ensure that you follow the instructions in the order I have them listed. Note that if you do not respond within 5 days I shall no longer check this thread for replies.

Please do not install or uninstall any programmes, or run any other scanners or software, unless I specifically ask you to do so. Also please copy and paste logs into the thread, rather than add them as attachments.
IMPORTANT - for Windows Vista and Windows 7 start all tools by using right click > Run as Administrator.


Combofix
We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

A guide and tutorial on using ComboFix

Please read all the informatio... Read more

14 more replies
Answer Match 42.42%

70 Of Top 100 Web Sites Spread Malware http://www.techweb.com/article/showArticle...cleID=212901775Internet users are often encouraged to visit only legitimate Web sites to reduce the risk of malware infections, but distinguishing between legitimate and illegitimate Web sites increasingly appears to be meaningless.Seventy percent of the top 100 Web sites either hosted malicious content or contained a link designed to redirect site visitors to a malicious Web site during the second half of 2008, claims Websense's report State of Internet Security, Q3-Q4, 2008. Alexa Top 500 Siteshttp://www.alexa.com/site/ds/top_sites?ts_...l&lang=none

More replies
Answer Match 42.42%

When my machine became infected last week, I suspected that it came through a legitimate site, and that it exploited Adobe. According to the following article, it looks like my hunch was correct:http://www.wired.com/threatlevel/2009/10/gawker/

A:Malware via Legitimate Sites

yep. I got hit by one back in July. Posted to a local papers comments section before they knew enough to lock it down. But it made me go through all my puters and update the reader bho's and flash blockers and all my old versions of acrobat.

7 more replies
Answer Match 42.42%

I recently got infected with AntiSpyware Master on my Laptop (WinXP) and went through hours of getting it to a somewhat useable state by running AdAware, searching based on time when infection occured, and deleting about 30 or so obviously malicious .exe's. However, I still have the following issues that I can't seem to get rid of:

-Internet Explorer opens sites such as BiteFight.us (most common), findstuff.com, etc.
-These are opened whenever I take some sort of action (click on link, etc.) in Internet Explorer, but also at random about every 10 minutes or so even if I wasn't initially using internet explorer.
-When I try to browse other sites, some that normally work fine (ex. gmail) hang and will not load.

Here's my HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 3:40:00 PM, on 6/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\sys... Read more

A:Malware Opens Sites on IE

7 more replies
Answer Match 42%

Hi All.

We have just installed an appliance on our network at work for monitoring Internet usage and blocking access to selected sites. The appliance is iPrism by St. Bernard.

One of the categories of sites that can be blocked is Malware sites - those known for spyware, adware and other nasties. We, of course, set the appliance to block those sites.

I would like to test the appliance to see how effective it is at blocking malware sites. So, my question, does anyone know of any sites notorious for adware or spyware? I'd like to see if the appliance actually blocks me if I try to go to those sites.

It seems like no matter how tightly we lock down the end users' desk-tops, spyware and adware gets on the machines. It is becoming a real support headache.

Thanks.
 

A:Test for blocking malware sites???

9 more replies
Answer Match 42%

Hi guys. I'm new here. I've been battling a set of trojans and viruses on my parents computer for a while now. At least I have brought the computer to functionality for the most part. I just need to figure out what is running.I have WinXP Media Center EditionProgram I have been usingMBAM (malwayre bytes)S&D (Spybot)AVG Free 9.0Ad-AwarePanda Free Activescan (internet)Spybot will not update to the safer-networking.org site and registers no problems when running a search with current parameters.MBAM found some 43 files that it fixed (I had turned off System Restore to prevent continuous issues)Ad-Aware will not update.AVG finds nothing when doing a full search but just so happened to find a few files during the MBAM scan.Attached is the file from the hijackthis scanI removed the O15 trusted website files that were not supposed to be there. It appears that there are still some remnants of past mailcious files but I dont know what is redirecting the websites and blocking others.Please HELP!!!thanksJohnEdit: Moved topic from XP to the more appropriate forum. ~ Animal

A:Malware Issues - Redirecting, no .ORG sites

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 42%

Recently I uninstalled Avira and started to use Avast because Avira became worthless to me. Right after I had switched, Avast had been constantly blocking malware URLs and are usually the same name over and over again. From what I can remember sites called supergroupon, findyourex, webest and such keep recurring after every start up. I'm beginning to get annoyed because I've done scans with Malwarebytes and Avast that would not completely fix my problem. Also Avast says that the malware urls are coming from a folder with chrome.exe in it. I'm not computer literate so please someone help me fix this problem.
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2015
Ran by RedxWing14 (administrator) on REDXWING14-PC on 03-03-2015 00:00:47
Running from C:\Users\RedxWing14\Desktop
Loaded Profiles: RedxWing14 (Available profiles: RedxWing14 & Account)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AuthenTec, Inc) C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(... Read more

A:Keep seeing malware sites blocked by Avast

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.start

CloseProcesses:

HKLM\...\Run: [] => [X]
HKLM\...\Run: [pcreg] => C:\Program Files\pcreg\service.exe
HKU\S-1-5-21-1538061077-1757749813-1683611041-1001\...\Run: [Ichuhc] => C:\Users\RedxWing14\AppData\Roaming\Ichuhc.exe
HKU\S-1-5-21-1538061077-1757749813-1683611041-1001\...\Run: [AdobeBridge] => [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1538061077-1757749813-1683611041-1002\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> ... Read more

6 more replies
Answer Match 42%

http://threatpost.com/en_us/blogs/bbc-sites-serving-malware-021611
 

A:So you think big name sites are safe: BBC pushing malware

Thanks for the head up.!!!
 

2 more replies
Answer Match 42%

I have a major problem my computer got infected and currently wont install software for the most part. the second problem is when i am using the internet it redirects me to malware sites i believe this is part of the problem http://www.daniweb.com/forums/thread145363.html i am not sure. I am currently running windows xp home. What should i do i need my computer back.
 

More replies
Answer Match 42%

running XP SP2
on mozilla, everytime i google, it takes ages, going thru ecata.info (if i find out who they are, il hunt them down)
when results do come up, when clicked on they redirect me to adware sites.
only solution is to copy adrs to adr bar in new tab.
have followd a thread on your site....
used combofix, it came up with several things that looked correct, but no change.
also created the fix reg file, dbl clicked it etc and uninstalled combofix.
really pulling my hair out with this!
iv previously used ccleaner & avast which keeps comin up with the same infections, deleting them, but to no avail!
an opinion would be greatly recieved!
my thanks in advance!
nic.

A:malware; google redirecting to ad sites

This new Google redirect is a PITA. so far none of our regular non-invasive tools will catch it.I recommend you go ahead and post a HJT log in the proper forum------------------------------------------Please read the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". If you cannot complete a step, then skip it and continue with the next. In Step 6 there are instructions for downloading and running DDS which will create a Pseudo HJT Report as part of its log.When you have done that, post your log in the HijackThis Logs and Malware Removal forum, NOT here, for assistance by the HJT Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the HJT Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day. Start a new topic, give it a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. An expert will analyze your log and reply with instructions advising you what to fix. After doing this, we would appreciate if you post a link to your log back here so we know that your getting help from the HJT Team.Please be patient. It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. The... Read more

1 more replies
Answer Match 42%

Hi folks, I believe my computer was infected this past Sunday while visiting the official (!) website of the Moscow subway system. I was running ESET and Spybot at the time and I got warnings from both of them all of a sudden. A question from spybot about a persistent registry change led me to reboot, after which the issue seemed to go away. However that evening ESET stopped automatically updating, and when I uninstalled a few days later, thinking that it would be a simple matter of re-installing my antivirus, I realized I couldn't access a number of major antivirus sites, including ESET, Norton, Kaspersky, etc. I searched for files created at the time I visited the Russian website and boom, I found a cluster of obvious malware, including two programs under the names G4P5P0M and qg6cXDm. I deleted them and rebooted, but my access is still blocked. Likewise I've run full scans of Panda Cloud AV, Spybot, and Malwarebytes, but I still can't access ESET and the other antivirus sites. I would really appreciate any help you can provide. My DDS and RootRepeal logs are attached. Finally, to the administrator: I originally posted this issue on another forum earlier today before I decided I would prefer to seek an answer on this board. I asked the administrators of the other forum to disregard and delete the post, because I couldn't delete it myself. Please don't think that I am trying to double-post! :-)Thank you!AndrewDDS (Ver_09-12... Read more

A:Malware Blocking Antivirus Sites

Hi atp4849,Welcome to Virus/Trojan/Spyware/Malware Removal (VTSMR) forum. I am going to assist you with your problem.Please refrain from making any changes to your system (scanning or running other tools, updating Windows, installing applications, removing files, etc.) from now on as it might interfere with our fixes. Please let me know in your next reply if you agree with this.Download the GMER Rootkit Scanner exe file from here and save it to your desktop.Temporarily disable any real-time active protection so your security program drivers will not conflict with gmer's driver.Click on this link to see a list of programs that should be disabled.Disconnect from the Internet and close all running programs.Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.In the right panel, you will see several boxes that have been checked. Make sure the following are unchecked:SectionsIAT/EATDrives/Partition other than C:\ drive (C:\ drive should remain checked)Show All (this one also should be unchecked)Then click the Scan button & wait for it to begin. (Please be patient as it can take some time to complete).When the scan is finished, you will see the scan button appears again. Click Save to save the scan results to your Desktop.Save the file as gmer.log and copy/paste the contents in your next reply.

5 more replies
Answer Match 42%

helloi was having a problem with google redirecting me to different sites, but that seems to be fixed as i just ran combofix.exeit now has given me this, and i am not sure what to do now. i can see in the log it says explorer.exe and userinit.exe is infected. here is the log:ComboFix 10-09-14.05 - Gary 09/15/2010 12:29:28.1.2 - x86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1355 [GMT -7:00]Running from: c:\documents and settings\Gary\My Documents\Downloads\Combo-Fix.exeAV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).c:\documents and settings\Gary\Local Settings\Application Data\{DA204453-0A0D-46DF-AA8B-976E208C0B30}c:\documents and settings\Gary\Local Settings\Application Data\{DA204453-0A0D-46DF-AA8B-976E208C0B30}\chrome.manifestc:\documents and settings\Gary\Local Settings\Application Data\{DA204453-0A0D-46DF-AA8B-976E208C0B30}\chrome\content\_cfg.jsc:\documents and settings\Gary\Local Settings\Application Data\{DA204453-0A0D-46DF-AA8B-976E20... Read more

A:google redirecting me to malware sites

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

30 more replies
Answer Match 42%

I am posting this in the favor for a friend, who owns a Windows XP service pack 3, which she shares. The machine suddenly appears to be infected with some sort of malware. The infection causes occasional redirects to occur on links that she clicks on. This forces her browser (firefox 3) to, instead of displaying the correct website, show another, clearly suspicious and incorrect, site. She originally noticed this problem whilst doing a websearch with yahoo, where clicking on a link to a legitimate website led instead to another, seemingly innocuous but clearly incorrect website. The problem seemed to get worse, and now frequently occurs, with redirects linking to more obscene sites.

I'm not sure if this would be too much help, but here is a hijackthis log for your consideration, thanks for your help:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at ?U?? 08:20:44, on 2009/4/29
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti... Read more

A:Redirect Malware, Sites being redirected

Hello and welcome to TSF.

HijackThis is no longer the preferred initial analysis tool in this forum,

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

1 more replies
Answer Match 42%

Hi,I think i have got a infection on my pc and I can't get rid of it. I have been running Eset for some time now and haven't had any problems so far.I logged on to the computer yesterday and started getting messages saying eset had blocked access to webpages and ip address very similar to a previous post (http://www.bleepingcomputer.com/forums/topic330759.html) except its blocking websites like lkolha71gg.cc 213.163.89.106:80 and a74232357.cn 213.1163.89.107:80eset found 8 files on a full system scan that have been moved to quarantine that were found in documents and settings\dean\application data\sun\java\deployment\cache\6.0\ (invarious folders)I have run malwarebytes anti-malware and eset again and no threats have been found despite the computer still blocking various web sites.I have put the dds log on here, but when i run the GMER file after about a hour and a half the compter crashes and boots back tot he windows welcome log on screen so i can't attach that log. I feel like I'm stuck.any help would be great and really appreciated.thanks in advanceDDS (Ver_10-03-17.01) - NTFSx86 Run by Dean at 17:45:18.00 on 23/07/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1983.1434 [GMT 1:00]AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}===... Read more

A:Eset blocking web sites possible malware?

Hello !Potter!Welcome to BleepingComputer ==========================Download the following GMER Rootkit Scanner from HereDownload the randomly named EXE file to your Desktop. Remember what its name is since it is randomly named.Double click on the new random named exe file you downloaded and run it. If prompted about the Security Warning and Unknown Publisher go ahead and click on RunIt may take a minute to load and become available.If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan..In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKEDIAT/EATDrives/Partition other than Systemdrive (typically only C:\ should be checked)Show All (don't miss this one)Then click the Scan button & wait for it to finish.Once done click on the [Save..] button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.Save it where you can easily find it, such as your desktop**Caution** Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entriesClick OK and quit the GMER program.Note: On Firefox you need to go to Tools/Options/Main then under the Downloads section, click on Always ask me where to save files so that you can choose the name and where to save to, in this case your Desktop.Post that log i... Read more

21 more replies
Answer Match 42%

I'm sure this is a question that has popped up before on these forums, and I'm sure I could conduct a little more on line research myself as to finding the answer. But then I thought I'd start a topic here because it might just be that there are several ways of doing it.
 
So after discovering a malware-infested site (on the surface web) and becoming infected as I just have with a browser hijacker (quickly eliminated thanks to Zemana!), what do I do now if I want to report the site in the hope that the page can be eliminated from the web as a whole?
 
Many thanks.
 
 

More replies
Answer Match 42%

This is the main server for the house and was wondering if perhaps my problems with other computers could have been router related.I apologize for notbeing able to follow the posting methods you prefer. When I tried to do a full gmer scan my pc would shut down after about 45 minutes and the scan was not complete. I tried to scan in safe mode but after 5 hours and the scan had completed, the window could not be resized to be able to click the save button (that was fun). So I tried to scan each section individually and the file scan would also shut down the pc after about 45 minutes.I'm hoping this is enough information to begin to remove items so a full scan may be performed if needed.DDS (Ver_10-03-17.01) - NTFSx86 Run by Owner at 17:56:34.64 on Fri 05/21/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1406.912 [GMT -4:00]AV: Data Protection *On-access scanning enabled* (Outdated) {28e00e3b-806e-4533-925c-f4c3d79514b9}============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exec:\windows\system32\svchost -k dcomlaunchsvchost.exec:\windows\system32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\WINDOWS\system32\LEXPPS.EXEC:\Program Files\Common Files\Apple\Mobile Device Support\bin\A... Read more

A:Malware, porn sites and shut down

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Fo... Read more

7 more replies
Answer Match 42%

Hello, I am new to these forums, but I have seen great things from the various posts here and was hoping someone could help me. Recently (2 days ago) I got a virus which redirects me to various random sites (non-adult ones just random ones). I ran all kinds of anti virus software but this problem persists. I followed the suggestions by this site and have uninstalled all of these programs. I unfortunately do not have any of the windows install cds on me (as I would have reformatted). Please help! Here is the log requested:

DDS (Ver_10-03-17.01) - NTFSx86
Run by Admin at 1:03:32.75 on Sun 03/21/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.347 [GMT -4:00]

AV: Symantec Endpoint Protection *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Symantec AntiVirus\Smc.exe
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files... Read more

A:Virus/Malware Redirecting Me to Various Sites

Quote:





Originally Posted by jackbauerpwrhr


I ran all kinds of anti virus software but this problem persists





Please advise what tools you have run and if you have any log(s) please post them, it would be very helpful to me to be able to diagnose your problem properly.

10 more replies
Answer Match 42%

Hi
I am Using Windows XP service pack 3,. The infection causes redirects to occur on links that I click on. forcing browser (firefox 3) to, instead of displaying the correct website, show other, clearly suspicious and incorrect, sites. I can only copy and paste site link into the address bar to get to the proper sites, after which pressing the 'back' button does not direct to correct page but redirects more.
I have run, in safe mode, the following:
spybot
Malwarebytes Anti Malware
Spy hunter
Combo fix (though told me I had AVG still running (which I could not find running- though files do exist -I thought they had been disabled--- so I did nothing with combofix
My antivirus program is Avast
I have run multiple scans in safe mode and this Hijack seems to get worse.

DDS (Ver_09-05-14.01) - NTFSx86
Run by Leo at 19:45:00.40 on Sat 05/16/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.540 [GMT -7:00]

AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: avast! antivirus 4.8.1335 [VPS 090516-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system3... Read more

A:Redirect malware-sites being redirected

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.Please download GooredFix and save it to your Desktop. Double-click Goored.exe to run it. Select 1. Find Goored (no fix) by typing 1 and pressing Enter. A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called Goored.txt). Note: Do not run Option #2 yet.

6 more replies
Answer Match 41.58%

I wanted to play a very old game but i knew my copy of it didn't work so i thought i could download a copy from a torrent side, bad mistake. I had downloaded some horrible malware onto my PC.
It wouldn't let me do much luckily we have 2 PCs so i check on the other how i could get rid of this one because it had even blocked my windows defender, i had to download a program called HitmanPro onto a USB stick and move it to my infected PC. This seems do have done a pretty good job removing all malware after two five minute scans and two restarts.
So then i go into add/remove programs and i remove all the things that have been install on this day alone (17/01/2016). One more scan just in case and no more ads or home page redirects or anything. Yay!
But now my PC seems to be wounded. I play a lot of games and most now seem to have similar problems that weren't there the day before. A few examples:
Sins of a solar empire (generic space 4x Steam game): Has absolutely so in game sound and now crashes whenever i Alt+Tab. Well it doesn't crash but once i get onto my desktop from the game it no longer lets me back into the game but it's still there on my task bar.
City Skylines (also steam game): Also has no in game sound but no problems with tabbing out. It does however have this weird kind of overlay issue with the task bar, when i'm in the game and i click 1/5 clicks will cause the task bar to flash up for a millisecond or two also even though i'm in ... Read more

More replies
Answer Match 41.58%

I was surfing the net when I got a warning from my antivirus software about a trojan trying to get into my computer, and it gave me the option to deny access, which I did. A short while later I noticed that my computer was acting very slowly, and then shortly after that I noticed that whenever I clicked on one link or another I kept getting redirected to another site completely unrelated to the site I was initially trying to get to.

I ran all of my antispyware programs and my antivirus program again, but they didn't find anything. I still figured there was something on my computer, though, so I attempted to do a Kaspersky online scan and got some error message about the site being unavailable. So I tried again with Panda security and sure enough the same thing happened.

Then I attempted to come here to post about my problem, and I get a message saying that the browser couldn't connect to the site. Same thing happened for every computer help forum I attempted to get into. I managed to get around this by using a proxy, but it only goes so far.

I ran a hijackthis log, then rebooted my computer in Safe Mode to run my anti-virus program from there. It finally found something -- "GEN/PwdZIP". I had the thing quarantined, but my computer is still behaving slowly and I still have to use a proxy to get around on my browsers. I've already checked My Computer for any files out of the ordinary, but I haven't found anything.

Can someone please help me with this?
... Read more

A:Malware, sites blocked and browser keeps getting redirected.

I guess the virus detected my not-so-subtle attack and it started to reboot my computer after it was turned on for only a few minutes. The only time I could prevent this was in Safe Mode.

So I downloaded Malwarebytes' Anti-Malware and ran it while in Safe Mode, and it found 17 more malware infections, most of them in my registry! D:<

And now my computer is working normally, although I did get another "trojan" warning from AntiVir after I rebooted and had Firefox up and running for a couple minutes. I quarantined the bugger instead of just denying it access this time.

I suspect that a few pieces of malware are still skulking around in my computer, but so far it isn't interfering with my activities. Would appreciate any help from here.


Deckard's System Scanner v20071014.68
Run by Michele on 2008-09-28 02:22:50
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Michele.exe) ---------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:24:09 AM, on 9/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Pr... Read more

1 more replies
Answer Match 41.58%

I had 3 computers hooked up on a wireless router, unsecured for a while (i know...), I got something (virus/worm/malware) whatever it is ..on all 3 computers. I've reformatted 2 of them but it did not go away. I am using my direct router from road runner instead of my wireless to try to fix the problem. I'm taking an online course, and this is very important that I get this fixed asap! PLEASE HELP..._________________________________________________________dds__________________________________________________________DDS (Ver_10-03-17.01) - NTFSx86 Run by Mom at 20:45:52.80 on Tue 08/17/2010Internet Explorer: 8.0.7600.16385Microsoft Windows 7 Starter 6.1.7600.0.1252.1.1033.18.1014.412 [GMT -4:00]============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Windows\system32\conhost.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k... Read more

A:Malware? Browser redirecting to other advertising sites

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Do not Attach logs unless I ask you to.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.Note** If you are having problems posting the complete log into this thread upload them here http://www.rapidshare.com/ and post the links in this thread Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Resetting RouterLet?s try to reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually ab... Read more

3 more replies
Answer Match 41.58%

Hey there! When i boot up my computer at random times it will start lagging hard. I check the processes tab and see internet explorer running random websites such as emls.domads.net, xaxis.com, wineverygame.com, pixel.cpm2track.com, etc. I end the process but it always comes back later. I've scanned with malwarebytes, mse, combofix and hijackthis. I was wondering if I could get some help. Here the hijackthis log;
 
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:55:12 PM, on 27/11/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
FIREFOX: 33.1 (x86 en-GB)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Users\Barbie\Downloads\HijackThis.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Ja... Read more

A:Iexplorer.exe running malware sites in the background

Hello and welcome.  Please follow these guidelines while we work on your PC:Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I’ve given you the “All clear.”  Absence of symptoms does not mean your machine is clean!Please do not run any scans or install/uninstall any applications without being directed to do so.Please note that the forum is very busy and if I don't hear from you within five days this thread will be closed.   Please download Farbar Recovery Scan Tool and save it to your desktop.Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

16 more replies
Answer Match 41.58%

Hello,
while addressing a problem which is a side issue to the current I downloaded (from what I thought was avira.com) and ended up with a Trojan. Strangely, Emsisoft found the carrier file and delete it but did not find the "Trojan DNS Changer." Malwarebytes, using the chameleon feature, found and deleted the Trojan from my registery. Part of the Trojan package put all of the security sites (avast, avg, etc) on an email blacklist. Either nothing happens, it starts and stops, unable to connect, and even worse any site such as rollback RX or Copernic which periodically checks your serial number gets closed

One exception is my primary security emsisoft which continues to update multiple times a day and shows normal reports.

I am guessing there is a file with a email directory somewhere in a firewall, or a system file, which maintains a list of acceptable addresses.

Is there a tool for changing these or can someone tell me the name of the file and where it is located? I am really a computer nerd but if I found a file created three days ago showing nothing but security websites I would be well on my way.

Please help and thank you in advance.

Bob
 

A:Trojan blacklisted anti-malware sites

lease download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to download and run the Appropriate version for your system version
Right click to run as administrator. When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

 

9 more replies
Answer Match 41.58%

I have got a computer with Vista on it from a friend because the browsers were being hijacked and being redirected to other pages.
Her Norton 360 was expired, so I uninstalled it and installed Avast Free and purchased Malwarebytes Anti Malware software for her computer.
Malwarebytes Anti Malware found a bunch of stuff and removed it.  The computer re-installed some of the bad stuff all over again.
Internetupdater.exe and something called conduit.
I kept running Malwarebytes Anti Malware and it seems to have removed most of the nasty stuff but Malwarebytes Anti Malware keeps popping up
that it is blocking outgoing attempts to the following.

Detection, 04/01/2015 8:00:34 AM, SYSTEM, JULIE-PC, Protection, Malicious Website Protection, IP, 119.145.147.181, mama.cn, 0, Outbound,
Detection, 04/01/2015 8:00:37 AM, SYSTEM, JULIE-PC, Protection, Malicious Website Protection, IP, 91.202.63.7, cy-pr.com, 0, Outbound,
 
Internet explorer also will stall displaying certain pages even from the Bleepingcomputer website, but any of these websites will work perfectly fine on any other browser.
 
Please can someone assist me...
Thanks
Stimpsonthecat

A:Malwarebytes Anti Malware blocks several sites

Hello,We will be helping you with your problems. Please be patient while we assist you.Some points for you to keep in mind while we are helping you to make things go easier and faster for both of us:Please do NOT run, install or uninstall any programs, unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, a... Read more

19 more replies
Answer Match 41.58%

Hello,
while addressing a problem which is a side issue to the current I downloaded (from what I thought was avira.com) and ended up with a Trojan. Strangely, Emsisoft found the carrier file and delete it but did not find the "Trojan DNS Changer." Malwarebytes, using the chameleon feature, found and deleted the Trojan from my registery. Part of the Trojan package put all of the security sites (avast, avg, etc) on an email blacklist. Either nothing happens, it starts and stops, unable to connect, and even worse any site such as rollback RX or Copernic which periodically checks your serial number gets closed
One exception is my primary security emsisoft which continues to update multiple times a day and shows normal reports.
I am guessing there is a file with a email directory somewhere in a firewall, or a system file, which maintains a list of acceptable addresses.
Is there a tool for changing these or can someone tell me the name of the file and where it is located? I am really a computer nerd but if I found a file created three days ago showing nothing but security websites I would be well on my way.
Please help and thank you in advance.
Bob

A:Trojan blacklisted anti-malware sites

Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully.First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.     HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.    Scan with FRST in normal modePlease download Farbar's Recovery Scan Tool to you... Read more

2 more replies
Answer Match 41.58%

I want to infect me. This thing seems strange or crazy, but I would like to see how some malware behaves and also so that I can try to remove them. I need tips to infect me and sites that I can collect malware to analyze them (or rather, try to analyze them). 
 
In the study of malware, need to keep me motivated and I do not infect me, I will not be motivated to learn how to remove infections. 
 
I appreciate any help, and if they can not post links malware here, for obvious reasons, send me MP.
 
Note: Excuse me for the bad english, I used Google translator.
 
 

A:Suggested sites database to analyze malware

One of the primary goals of Bleeping Computer is to assist victims of infection with removal and to prevent the spread of malicious programs, not encourage them. Therefore, we will not provide links to malware or malicious sites where infections have been contracted and spread. Others reading this topic may use the information for nefarious purposes or an unwitting novice user may accidentally click a link and end up infecting their computer.For those and other obvious reasons, we are not going to provide specific information in a public forum and by policy, we don't provide assistance via PM. However, you can perform a Google search on "how to infect your computer on purpose" which will provide information such as this article.You can also read this topic which explains the most common ways malware is contracted and identifies the types of sites where you can easily get infected by not following the advice provided to protect yourself.If your intention is to infect a VM for the purposes of testing, be aware that not all malware will work in that environment. Malware writers have been able to create malicious files which can detect if it is running in a VM. When that detection is made, the malware is able to change its behavior by not running any malicious code which can infect the operating system. This is a deliberate technique to make analysis/detection more difficult for security researchers who use VMs to study infections in order to understand the methodology used and f... Read more

1 more replies
Answer Match 41.58%

Tried to download old unavailable game via bit torrent software. Started getting Vimax bleep enlargement ads on virtually every website, and certain websites couldn't be reached from this computer (mostly malware software removal). Also, when I google "Vimax Virus Removal", all the sites on google are bogus and re-direct me to sites selling Vimax.I have removed bit torrent software and downloaded files. Problem persists. See below for DDS logs.I am at the computer on and off. please be patient with my response time. Thanks for any help you can give.DDS (Ver_09-01-07.01) - NTFSx86 Run by compusa at 17:44:40.81 on Sat 01/10/2009Internet Explorer: 6.0.2900.2180Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.502.53 [GMT -6:00]AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated)AV: Norton 360 *On-access scanning enabled* (Updated)FW: Norton 360 *enabled*============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchC:\WINDOWS\system32\svchost -k rpcssC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupC:\WINDOWS\Explorer.EXEC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\P... Read more

A:Vimax ads everywhere, issues with access to malware sites

Howdy, my name is Hoov, and I will be helping you with your dilemma. I appologize for the delay in getting you help.Please make sure you watch this thread for responses. If you click the options tab at the top of your first post, you can select to track this thread. Here is what I am asking you to do during the repair of your computer*Tell me everything that you have done, if anything, to try and fix this problem.*Please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.*Follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go. Don't install anything, even other programs that have nothing to do with security or malware, it could cause things to change, and I would never know it. *Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try. *Stick with me to the end. My aim is to fix your problems, and give you the tools and knowledge to keep this from happening again.Now onto trying to fix your computer.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, f... Read more

2 more replies
Answer Match 41.58%

Recently I've been having a bit of trouble on my computer- it started with my little brother, and long story short, we got a virus. It's been cleaned off, but the malware that came with it is getting really annoying- I'm getting random popups to 1 site, as follows:

//pantomi.com/r_cmtp?u=http%3A%2F%2Fpremium-web-space.com%2Fsoft.php%3Faid%3D0522170802%26d%3D0%26product%3DXPA%26refer%3D8c3c8035f&c=soft-tc&b=6&o=6&cuid=2f21beb42dd6ef4eaabd1ad8e95b7562&suid=1d486678c5b711ddae9100304890471a&affid=170802&tid=inf014&rid=825211

Which forwards to:

//antivirus-pro-scanner.com/360/1/en/freescan.php?sid=770522170802]

I've run Superantispyware several times in safe mode, as well as all of my virus scans and registry fixers- and every time I run Superantispyware, I keep finding at least 20 more of these things, even if I run the scans back-to-back. System
restore refuses to work as well; every time I try to do a system restore it says 'Your system could not be restored to (date and checkpoint time), etc etc.

I'm running Windows XP Media Center Service Pack 3.

A:Popups to sites, and malware that refuses to be removed

Do another scan with SAS.
BE sure to update SAS in regular mode and then reboot into "safe mode" and run the scan.
The latest SAS update is Core 3671, Trace 1650

After you run the scan, reboot into regular mode and post the SAS log.

To retrieve the removal information after reboot, launch SUPERAntispyware again.
o Click Preferences, then click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
o Please copy and paste the Scan Log results in your next reply.

15 more replies
Answer Match 41.58%

Just an idea that I had...

Let's make a list of popular websites that try to be sneaky and download spyware/malware to your computer, just to help those newbies who are trying to figure out where they got their problems from, they can check this list and see if they've visited any of these sites with Internet Explorer. Doesn't mean that they HAD TO HAVE gotten the scumware from, but just a possible source.

I'll start.

hxxp://www.slotch.com
hxxp://www.thebugs.ws
hxxp://www.hotmail.com
hxxp://www.bluemountain.com
hxxp://www.blahblahblahblahblah.com
 

A:list of sites that download malware/spyware

11 more replies
Answer Match 41.58%

I have run into a problem that I need assistance with. My computer has become infected with a virus or bug that I can?t figure out how to repair. For the most part my computer seems to be functioning fine other then the ability to update any anti-virus software or view web pages containing such. After using another computer I downloaded and transferred Malwarebytes to the infected computer to run a scan. The scan revealed a couple issues that I allowed the program to correct. Unfortunately this did not fix my problems.Avast home edition was in use when this started 2 days ago which I have been using for the past few years. I uninstalled this program due to the possibility of it being corrupted and attempted to install MS Security Essentials in hopes that this could resolve my problem. The MSE installation process attempts a connection to install the update but something is preventing the updating process. This is what pops up every time I try to update. Microsoft Security Essentials ? virus and spyware definitions update failedMicrosoft Security Essentials wasn?t able to check for virus and spyware definition updates.Make sure your computer is connected to the Internet and try again.Error code: 0x80072efdError description: Microsoft Security Essentials couldn?t detect an Internet connection. Check your internet connection and try again. Besides this I am still unable to access Microsoft, Malwarebytes and many other webpage?s through MS Internet Explorer or Firefox ... Read more

A:Updates and anti-malware sites blocked

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

21 more replies
Answer Match 41.58%

I originally posted this in the wrong section as my browsing had lead me away, so reposting here in the proper forum.  I seem to have a file called problem.exe and some other tasks running that are causing advertisements to run without any popups, just as background noise coming through the speakers.  Additionally , it is preventing me from accessing any website related to anti-virus or malware information.  When I attempt to go on this website to download the Farbar recovery scan tool it says "The page cannot be displayed because an internal server error has occurred.  Thanks in advance for any help and support.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2016
Ran by T B (administrator) on TB-PC (20-07-2016 01:35:04)
Running from C:\Users\T B\Desktop
Loaded Profiles: T B & postgres (Available Profiles: T B & postgres)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Tech... Read more

A:Getting background ads and internet blocked from AV/malware sites

Additionally...I know the link I clicked which had the .exe download that caused this issue, if that helps

4 more replies
Answer Match 41.58%

Running Win XP Pro SP3
Having similiar problems to
http://forums.techguy.org/malware-r...18-virus-blocks-acess-antivirus-websites.html
To expound on this problem:
I was able to download AVG free. Like Adaware, any attempt to update ends in a message stating no internet connection is available. Both programs give the all clear in their non-updated state.
SpyBot SD, ComboFix and MalwareBytes will not run. I run the .exe of each and nothing happens at all. RootKitUnhooker tries to load then "02 error loading data file" and closes. Kaspersky.com gives the unable to connect browser error (like 404). Google searches are OK
(albeit slower than before) until I try a malware or virus search, then just produce another search page. Clicking any resulting link gives more search pages. HJT runs but seems clean, I'm still trying to copy a log to this post (via my laptop). My homepage (www.yahoo.com) is always redirected to m.yahoo.com.

Perhaps something of concern - I have a svchost.exe in my C:\WINDOWS\System32\drivers folder which regenerates on reboot if moved or deleted. Is this normal? AVG and AdAware don't
complain about it at all. This looks very suspicious to me. It seems it was created at the exact time I knew I hit a bad link.
I got this "thing" while trying to download a manual (snowblower). A page resembling a system warning came up and warned me about firewall settings, but I know it was a fake because no links on the page were active. It was ... Read more

A:Malware? Blocks scans, redirects sites

First I'd like to thank all the people here working to rid the computer world of garbage. You guys rock. I realize it takes time to respond to all these requests so I figured I could spend some hours (days) reading through past threads and I'm glad I did. It has helped a ton so far.

In the post:
http://forums.techguy.org/malware-removal-hijackthis-logs/771211-your-computer-infected.html

eddie5659 gave some advice that helped me out a ton. Perhaps I'm not done yet, but thanks to him I'm back on my desktop computer writing this.

I'm up and running OK but I fear I'm not out of the mess yet so I'm posting my ComboFix and HJT logs hoping someone can review them. I also ran Malwarebytes' and it came up clean so I'm excluding that log. Please let me know if I'm still dirty. Thanks a million!

ComboFix 08-12-01.03 - MohZ 2008-12-03 0:37:29.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535 [GMT -6:00]
Running from: c:\documents and settings\MohZ\Desktop\MALWARE\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2008-11-03 to 2008-12-03 )))))))))))))))))))))))))))))))
.
2008-12-02 23:40 . 2008-12-02 23:40 <DIR> d---s---- c:\windows\Cookies
2008-12-02 23:39 . 2008-12-02 23:39 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-02 23:39 . 2008-12-02 23:39 <DIR> d-------- c:\documents and settings\MohZ\Application Data\Malwarebytes
2008-12-02 23:39 . 2008-12-02 ... Read more

2 more replies
Answer Match 41.58%

Hi, my computer seems to be redirecting my firefox to other search sites making it unusable. It doesn't seem to be effecting Explorer as much. I have Kaspersky, but it isn't picking up anything. Please help!

A:Possible Malware Redirecting Firefox to Other Search Sites

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

1 more replies
Answer Match 41.58%

Hello,

My computer got some malware from Internet - problably from soulseek, - and now I can't access search websites as Google or Yahoo and I can't downloaded or update antivirus (AVG, Norton) or Spyware software or something else.

I have AVG 2009 in my PC but it couldn't identify the malware. AVG just found two infected files but they weren't malware which disabled Resident Protection AVG. And the malware don't permit me to update AVG.

I just had backed up my main files but system files, because I dont't know where is the malware. I runned DDS program too and below I pasted results; Attach.txt is attached in this post.

I have Windows XP on a HP Pavilion Entertainment PC. I have a complete recovery disc from original system too. I created the disc before my computer to be infected.

Please, somebody can help me to go through this problem?

Thank you very much.
DDS.txt
---------
DDS (Ver_09-02-01.01) - NTFSx86
Run by Mayer at 23:19:12.05 on Wed 03/04/2009
Internet Explorer: 7.0.6001.18000
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.1013.170 [GMT -3:00]

AV: Norton Internet Security *On-access scanning enabled* (Outdated)
FW: Norton Internet Security *enabled*

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System... Read more

A:Malware blocks antivirus and search sites

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. Please download Trend Micro - HijackThis. Do a new scan with Trend Micro - HijackThis and post it in your next reply.] Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until instructed to do so! Let me know if any of the links do not work or if any of the tools do not work. Tell me about problems or symptoms that occur during the fix. Do not run any other programs or open any other windows while doing a fix. Ask any questions that yo... Read more

2 more replies
Answer Match 41.58%

Hi Guys,

During Google searhes their links are redirecting me to ad/malware sites.
The links them selves seem fine but something is launching new ie windows or taking me to ad/malware sites.
I run sophos av, but also now housecall, defender, kapersky, hijack this. I've even run ComboFix which quarentined a few files.
Registry_backups\AddRemove-KB913433.reg.dat
Registry_backups\AddRemove-HijackThis.reg.dat
Registry_backups\AddRemove-Adobe Flash Player ActiveX.reg.dat
Registry_backups\tcpip.reg
C:\Qoobox\Quarantine\catchme.log
C\WINDOWS\system32\~.inf.vir
Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat.vir
Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat.vir

After reboot Sophos jumped back in and interferred with ComboFix's reboot operations. (I'd forgot to disable auto startup)
Re-Running Combofix scans Ok but does not re-repair on reboot.

The issue is still there - any ideas?

Many thanks,
Stuart

More replies
Answer Match 41.58%

Hi
For some reason (despite using Safari), my internet explorer is opening intermitently to strange sites ... eg medical advice sites... each site having a clearly fake google link on it.

I have run Hijack This and here is the log, can anyone help?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:17:10, on 26/10/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\... Read more

A:Malware HJT log - IE randomly opening to strange sites

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.We need to create an OTL report,Please downloa... Read more

2 more replies
Answer Match 41.58%

 
About 100,000 or more websites running the WordPress content management system have been compromised by mysterious malware that turns the infected sites into attack platforms that can target visitors, security researchers said.
The campaign has prompted Google to flag more than 11,000 domains as malicious, but many more sites have been detected as compromised, according to a blog post published Sunday by Sucuri, a firm that helps website operators secure their servers. Researchers have yet to confirm the cause of the infection, but they suspect it's related to a vulnerability in Slider Revolution, a WordPress plugin, that was disclosed in early September. Update: In a new blog post published after Ars went live with this brief, Sucuri says it has confirmed the so-called "RevSlider" vulnerability is the culprit.

 
Some 100,000 or more WordPress sites infected by mysterious malware

 
.

More replies
Answer Match 41.58%

i was directed here by garmanma who analysed the problem and insisted me to post a dds log here Topic referenced is here: http://www.bleepingcomputer.com/forums/t/265375/malwareunable-to-open-some-sites-on-browsers/ ~ OB . below is my problem description and the dds log i seem to be having a problem with the browsers here.i am unable to open sites such as youtube,beemp3 and many other video or other media sites.i have chrome ,mozilla firefox and ie8 as my browsers.however somesites that don't open in chrome or ie8 do open in firefox.i suppose it has something to do with a malware attack coz my recent visit to certain movie site led to some threat alerts from my antivirus (eset nod32).i have vista basic.this has left me paralysed with no access to sites that i frequently visit.hope someone comes forward and put me out of this misery..........................................<>...............................DDS (Ver_09-10-13.01) - NTFSx86 Run by KATALYST at 10:40:34.99 on 22-10-2009Internet Explorer: 7.0.6001.18000Microsoft? Windows Vista? Home Basic 6.0.6001.1.1252.91.1033.18.3069.1536 [GMT 5.5:30]AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}SP: ESET NOD32 Antivirus 3.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k ... Read more

A:malware:unable to open some sites on browsers

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner ... Read more

6 more replies
Answer Match 41.58%

This started a few days ago.

I'll type in an URL in the address bar, like www.amazon.com. I'll get re-directed. Many common URLs, i.e., www.microsoft.com, www.msnbc.msn.com - all getting redirected. Sometimes a message screen will appear stating that I need to contact "service provider". I've attached a copy of the page I was re-directed to just now, when typing in "www.amazon.com".

I even was re-directed when clicking on a bookmark I made after joining this site. If I click on the "X" (stop) button I can sometimes prevent the full redirection. After I logged in here, I haven't been re-directed.

I've run Spybot S & D, Adaware (full version) to no avail.

I'm attaching the files I created as per the instructions from "First Steps".
I'm also attaching a HijackThis log.

Ad-Aware did detect a worm called "Win32.Worm.KdCrypt", which it supposedly removed. I Googled this and only found that the sites that popped up in Google were not sites I could trust to click into. Although with the current problems I'm having I am not sure I'm getting full and true Google search results

Further puzzling is the fact that my bf was browing tonight, and he also started getting re-directed (different laptop). And in case the question comes up, he and I haven't passed any files back and forth in recent weeks.

Any help is appreciated. I am stumped.

Gonna add my compliments to this site as well - glad you are he... Read more

A:Malware? URLs being re-directed to strange sites.

I had posted that this problem was fixed but I am typing this over that post because I spoke too soon. Just got re-directed.


Arrrrghhhhhh....Didn't mean to bump up my post (realizing the rules request waiting 72 hours), but thought I had the problem resolved.

My bad, sorry. Still need the assistance - thank you!

Gonna add this:
When I typed the URL "wxx.amazon.com" in the address bar just now, I was re-directed to a page that was blank except for the words "Error. Page cannot be displayed. Please contact service provider for more details" which happens sometimes, in addition to being re-directed to a site similar to the image I posted above.

I was curious, so I looked at the page source, and here's the code (red font indicates what I replaced so the code doesn't act like code - not sure that it's necessary, but wanna be safe):

(!--
top.location="h xxp://www.amazon.com/";
/*
-- )
(script type="text/javascript")
!--
function applyFrameKiller()
{
if(window.top != self)
{
window.top.location = "http://www.amazon.com/exec/obidos/redirect?link_code=ur2&camp=1789&tag=connorswebguidec&creative=9325&path=http://www.amazon.com/";
}
}
applyFrameKiller();
// -- )
... Read more

7 more replies
Answer Match 41.58%

Whenever I perform searches on google and click on links I get redirected to malwaresites such as kepko.net.

Eset shows 0 infections.

Maybe you can help me out

A:Google searches are redirected to malware sites

MBAM log:Malwarebytes' Anti-Malware 1.39Database version: 2465Windows 5.1.2600 Service Pack 320.07.2009 14:57:49mbam-log-2009-07-20 (14-57-49).txtScan type: Full Scan (C:\|)Objects scanned: 185165Time elapsed: 53 minute(s), 3 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 1Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Userinit.exe (Security.Hijack) -> Quarantined and deleted successfully.Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)Edit: I deleted the registry entry, but the problem of redirecting still persists.I also tried running Dr. Web CureIt in SafeMode and regular operation and always get 8j68m.exe has encountered a problem and needs to close. We are sorry for the inconvenience. errors. And the eset log: Scan LogVersion of virus signature database: 4236 (20090712)Date: 19.07.2009 Time: 13:32:48Scanned disks, folders and files: C:\...Scan LogVersion of virus signature database: 4236 (20090712)Date: 19.07.2009 Time: 13:32:48Scanned disks, folders and files: C:&#... Read more

10 more replies
Answer Match 41.58%

When Windows starts I get a notice that "commandservice.exe" had to terminate. Then I get an alarm from my firewall that "\??\c:\system32\winlogon.exe" is trying to access the net. When I try to open IE7 it just closes immediately. I can get to the web via Firefox, but I can not go to certain sites (anything that has to do with spyware, malware, trojan). This has made it near impossible to update certain virus/malwware scanning apps.

I have tried numerous virus scans and have come up with different viruses that have been removed according to the scans, yet the problems still continue to exist. I tried to run ComboFix but it said that it is corrupt and that I may Virut (I hope not).

Some of the applications I have tried are Spybot S&D, StopZILLA, Malbytes Anti-Malware, Norton AntiVirus Corp Ed, Malware Sweeper, and Avanquest SystemSuite. They all found something different, if they found anything.

Some of the things that these apps have told me I have (and claimed to have cleaned)" Haxdoor trojan, UACD trojan, MALPAK.D virus, Win32.DELF.UC virus, BKDR_TIDIES.XS threat

Thanks in advance. Here is my log:
DDS (Ver_09-05-14.01) - NTFSx86 MINIMAL
Run by Carrie at 9:27:23.09 on Sat 06/20/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.367 [GMT -7:00]

AV: Avanquest VirusScanner Pro *On-access scanning disabled* (Updated) {6A383D4C-7657-408f-BD0D... Read more

A:Cant go to malware/spyware/microsoft sites possible VIRUT

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 41.58%

Whenever I perform a search from Google or Yahoo and click on a result, i'm initially redirected to another site that's NOT in the search result. Some sites are:

hxxp://search14.info.com/Jsp?cmp=2705&affiliate=71229
hxxp://www.ononeweb.com/?mkt=us&keywords=jsp%20tutorial&referrer=lsm2&category=ron&kwid=jsp%20tutorial&lpid=60750-2693&veri=explorerweb.net

However, this only happens the first time i click on the link in the search result. If i click back on the browser and then click the same link, it then goes to the correct webpage. It happens in both IE and FF, but not in Chrome. I've already ran McAfee and removed several Trojans. I've also ran SpyBot but it still has not solved my problem. Thanks in advance

Here is my DDS.txt


DDS (Ver_09-12-01.01) - NTFSx86
Run by Owner at 20:28:06.10 on Tue 12/22/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.994 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Program Files\Intel\... Read more

A:Malware, Please HELP! Search results go to unknown sites

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

One or more of the identified infections is a backdoor trojan.

This type of infection allows hackers to remotely control your computer, log keystrokes, steal critical system information, and download and execute files without your knowledge.

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Please refer to Microsoft's Online Safety article for tips on creating a strong password.

Do not change passwords or do any transactions from the infected computer until it has been cleaned.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my ins... Read more

7 more replies
Answer Match 41.58%

i seem to be having a problem with the browsers here.i am unable to open sites such as youtube,beemp3 and many other video or other media sites.i have chrome ,mozilla firefox and ie8 as my browsers.however somesites that don't open in chrome or ie8 do open in firefox.i suppose it has something to do with a malware attack coz my recent visit to certain movie site led to some threat alerts from my antivirus (eset nod32).i have vista basic.this has left me paralysed with no access to sites that i frequently visit.hope someone comes forward and put me out of this misery.

have a great day
''\gggg hhhh/''

A:malware:unable to open some sites on browsers

Let's see what we can findSome types of malware will disable Malwarebytes Anti-Malware and other security tools. If MBAM will not install, try renaming it first.Right-click on the mbam-setup.exe file file and rename it to mysetup.exe.Double-click on mysetup.exe to start the installation.If that did not work, then try renaming and changing the file extension. click this link if you do not see the file extensionRight-click on the mbam-setup.exe file, rename it to mysetup and change the .exe extension to .scr, .com, .pif, or .bat.Then double-click on mysetup.scr (or whatever extension you renamed it) to begin installation.If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files.Right-click on mbam.exe, rename it to myscan.exe.Double-click on myscan.exe to launch the program.If that did not work, then try renaming and change the .exe extension in the same way as noted above.Double-click on myscan.scr (or whatever extension you renamed it) to launch the program.If using Windows Vista, refer to How to Change a File Extension in Windows Vista.Be sure to update MBAM through the program's interface (preferable method) or manually download the definition updates and just double-click on mbam-rules.exe to install. Then perform a Quick Scan in normal mode and check all items found for removal. Don't forgot to reboot afterwards. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. When done, clic... Read more

8 more replies
Answer Match 41.58%

Hello there, Seija here, my toshiba laptop using windows 7 service pack 1 32 bits has been infected with malware that redirects google chrome into various malicious sites, like utrack.pw and reimageplus while using google chrome or open new tabs, i tried using programs like ccleaner, malwarebytes or hitmanpro and installing avast free to get rid of this but the problem persisted, i made a new topic on this link : http://www.bleepingcomputer.com/forums/t/594904/being-redirected-to-utrackpw-reimageplus-and-other-sites-in-chrome/ . I was told to run various scans and after that i was told to make a new topic here because MBAR detected some malicious item. I generated the required logs using FRST, the FRST.txt log file is too big to be pasted in the topic so i attached  FRST.txt and Addition.txt.  
 Addition.txt   60.8KB
  1 downloads
 FRST.txt   63.6KB
  7 downloads

A:Being redirected by malware to utrack.pw and other sites in Chrome

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Press the windows key + r on your keyboard at the same time. This will open the RUN BOX.Type Notepad and and click the OK key.Please copy the entire contents of the code box below to the a new file. 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKU\S-1-5-21-2069420895-2628185817-1826839548-1000\...\Winlogon: [Shell] C:\windows\Explorer.exe [2133504 2011-02-25] (Microsoft Corporation) <==== ATTENTION
ShellIconOverlayIdentifiers: [4SyncOverlay1] -> {2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} => No File
ShellIconOverlayIdentifiers: [4SyncOverlay2] -> {C72C6188-BEF2-46E5-A89A-52F0ED75219E} => No File
ShellIconOverlayIdentifiers: [4SyncOverlay3] -> {C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-2069420895-2628185817-1826839548-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com/?fr=avantsearch6
URLSearchHook: HKLM -> Default = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
SearchScopes: HKLM -> DefaultScope value is missing
Toolbar: HKU\S-1-5-21-2069420895-2628185817-1826839548-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-2069420895-2628185817-18... Read more

18 more replies