Over 1 million tech questions and answers.

webbrowser hijacked by unidentifiable hijacker

Q: webbrowser hijacked by unidentifiable hijacker

please help, please tell me how to identify and remove the adaware that hijacked my webbrowser.i am not able to identify the hijacker of my browser. at first it seemed to be websearch but then at second glance it does not appear to be websearch.below you can see the hijack log.the problem appears to be: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web--search.comit sets my homepage to www.web--search.com, but in practice i am being directed to www.msn.com. I have tried several adaware removal programs (adware 6.0, scan spyware, BPS spyware adaware remover), but all don't seem to work.i have also tried the suggestions from http://www.boredguru.com/modules/articles/...php?storyid=130, but since it does not appear to be websearch.com, they are of no use.I have also attached a pic of my screen with the search bar. You can see that it is not the same as the one of www.websearch.com.Logfile of HijackThis v1.99.0Scan saved at 22:22:23, on 2005-1-4Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\Ati2evxx.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\System32\cisvc.exeC:\Program Files\Norton AntiVirus\navapsvc.exeC:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXEC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\atiptaxx.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\Java\j2re1.4.2_05\bin\jusched.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Norton AntiVirus\SAVScan.exeC:\Documents and Settings\Rudy.LCK-XWVIET0G35E\Desktop\memturbo.exeC:\WINDOWS\system32\taskmgr.exeC:\WINDOWS\system32\cidaemon.exeD:\Programs\hjthis\HijackThis.exeD:\Programs\Ad-aware 6\Ad-aware.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Messenger\msmsgs.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web--search.comR3 - URLSearchHook: StartBHO Class - {30192F8D-0958-44E6-B54D-331FD39AC959} - C:\WINDOWS\webdlg32.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocxO2 - BHO: StartBHO Class - {30192F8D-0958-44E6-B54D-331FD39AC959} - C:\WINDOWS\webdlg32.dllO2 - BHO: (no name) - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - (no file)O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dllO3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dllO3 - Toolbar: Search Bar - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\webdlg32.dllO4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNCO4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMENameO4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exeO4 - HKLM\..\Run: [AtiPTA] atiptaxx.exeO4 - HKLM\..\Run: [Bytesect] C:\PROGRA~1\OwnsBalmFork\SENDCITYSTART.exeO4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exeO4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXEO4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTARTO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - Startup: MemTurbo.lnk = C:\Documents and Settings\Rudy.LCK-XWVIET0G35E\Desktop\memturbo.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dllO9 - Extra button: Joyo - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - C:\PROGRA~1\Kingsoft\XDict\IEPlugin.dllO9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dllO9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\IEExtension.dllO9 - Extra button: ?????? - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\System32\shdocvw.dllO9 - Extra button: PowerWord - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - C:\PROGRA~1\Kingsoft\XDict\IEPlugin.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO11 - Options group: [!IESearch] !IESearchO12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dllO12 - Plugin for .ssc: C:\WINDOWS\DOWNLO~1\Ubizen\SmartStart\NPSmartStart32.dllO16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Download...bridge-c284.cabO16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{0B0D9E4F-3B9C-4AF4-96BC-B633B60DCAAA}: NameServer = 202.106.46.151 202.106.0.20O17 - HKLM\System\CS1\Services\Tcpip\..\{0B0D9E4F-3B9C-4AF4-96BC-B633B60DCAAA}: NameServer = 202.106.46.151 202.106.0.20O18 - Protocol: mp3 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - (no file)O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exeO23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeO23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exeO23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeO23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exeO23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXEO23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exeO23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exeO23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeO23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

RELEVANCY SCORE 200
Preferred Solution: webbrowser hijacked by unidentifiable hijacker

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: webbrowser hijacked by unidentifiable hijacker

Adaware 6.0 is an old version and no longer supported. Please download and install Adaware SE 1.05 from here.http://www.lavasoftusa.com/software/adaware/Install the program and launch it.First, in the main window, look in the bottom right corner and click on Check for updates now and download the latest reference files. Exit Adaware.Please make sure that you can view all hidden files. Instructions on how to do this can be found here:How to see hidden files in WindowsRun Hijackthis again, click scan, and Put a checkmark next to each of these. Then close all other windows--you should only see HijackThis on your Desktop--and click the Fix Checked button.R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web--search.comR3 - URLSearchHook: StartBHO Class - {30192F8D-0958-44E6-B54D-331FD39AC959} - C:\WINDOWS\webdlg32.dllO2 - BHO: StartBHO Class - {30192F8D-0958-44E6-B54D-331FD39AC959} - C:\WINDOWS\webdlg32.dllO2 - BHO: (no name) - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - (no file)O3 - Toolbar: Search Bar - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\webdlg32.dllO11 - Options group: [!IESearch] !IESearchO16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Download...bridge-c284.cabO16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -O18 - Protocol: mp3 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - (no file)Reboot your computer into Safe ModeRun full scan with Adaware.Then delete these files or directories (Do not be concerned if they do not exist)C:\WINDOWS\webdlg32.dllReboot your computer to go back to normal mode and post a new log.

Read other 1 answers
RELEVANCY SCORE 64.8

hen using Firefox or IE, clicking on search results from Google redirects to Btcar.com sometimes to other search engines also.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:27:12 PM, on 10/2/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.20544)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Ahead\InCD\InCDsrv.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exec:\program files\common files\mcafee\mna\mcnasvc.exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeC:\Program Files\McAfee\MPF\MPFSrv.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\UAService7.exeC:\WINDOWS\system32\svchost.exeC:\PROGRA~1\McAfee.com\Agent\mcagent.exeC:\WI... Read more

A:Webbrowser Hijacked

Hi,* Please download FixwareOut from the following site:http://download.bleepingcomputer.com/lonny/Fixwareout.exeSave it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.The fix will begin; follow the prompts. If your firewall gives an alert, (because this tool will download an additional file from the internet), please don't let your firewall block it, but allow it instead.Then you will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.Once the desktop loads please post the text that will open (report.txt) and a new Hijackthis log.

Read other 7 answers
RELEVANCY SCORE 64.8

I have a computer that is infected. I have ran spybot s&d, combofix, and malwarebytes on it to no avail. When I try to do a type anything into the webaddress it takes me to uniquesearch8. I have a hijack this logfile. Please let me know if you would like me to post it. ThanksHere is the Hijack this logLogfile of Trend Micro HijackThis v2.0.2Scan saved at 10:46:22 AM, on 12/7/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16915)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exec:\program files\common files\protexis\license service\psiservice_2.exeC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\ACT\Act for Windows\Act.Outlook.Service.exeC:\Program Files\Windows Live\Messenger\msnmsgr.... Read more

A:Hijacked webbrowser

I have corrected this problem and removed the virus im pretty sure. However now my print spooler stops responding. I have it set to restart. It appears the virus corrupt a file in relationship to my print spooler any help would be greatly appreciated. I ran a chkdsk/f but that did not fix it. thanks

Read other 3 answers
RELEVANCY SCORE 64.8

Hi, I hope someone can help me.

I have Norton Internet Security 2003, and use As-aware on a regular basis.

Now my browser start page has been changed to: http://topotun.com/index.htm and together with that I get a bunch of unwanted bookmarks to pornsites and a few spyware commercial pop-ups.

I have used Hijack this and get the following log (I use hijack this from a folder in my documents, not on the desktop) :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\Fisch\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\Fisch\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\Fisch\LOCALS~1\Temp\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\Fisch\LOCALS~1\Temp\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\Fisch\LOCALS~1\Temp\sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\Fisch\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://topotun.com/index.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: (no name) - {2B284CB0-9E5E-4627-A4BE-FECBD5BF9F5B} - C:\WINDOWS\System32\necodd.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: ... Read more

A:Hijacked webbrowser (yes, me too)

Read other 13 answers
RELEVANCY SCORE 64.8

Good morning,

My internet explorer has been hijacked and all pages I try to visit result in a page not able to be displayed. I have my hijackthis log and definitely see a lot of bad things in it but I would like some expert advice on what I should fix. Here is my log - I appreciate any help you can provide. Thank you.

Logfile of HijackThis v1.96.1
Scan saved at 9:19:47 AM, on 8/30/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\NMSSvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\hkcmd.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Fi... Read more

Read other answers
RELEVANCY SCORE 64

Hello, recently my web browser. On google whenever I search for something I click the link and it would take me to a website called daytotals.com, I close that and try the link again and it would take me to another website. This has been happening for the past week or 2 and I have gotten quite sick of this.
I've tried spyware searches, malware, anti-virus scans and everything. They haven't found anything, even if they do it doesn't fix up my problem.


Quote:




Deckard's System Scanner v20071014.68
Run by JayJay Ciantar on 2008-01-05 21:39:41
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
31: 2008-01-04 23:08:05 UTC - RP68 - Installed Ad-Aware 2007
30: 2008-01-04 22:46:59 UTC - RP67 - Removed AdwareAlert
29: 2008-01-04 22:43:10 UTC - RP66 - Installed AdwareAlert
28: 2008-01-04 22:18:09 UTC - RP65 - Device Driver Package Install: Lexmark Inkjet Drivers Printers
27: 2008-01-04 22:16:18 UTC - RP64 - Device Driver Package Install: Lexmark Imaging devices


-- First Restore Point --
1: 2007-12-22 12:14:26 UTC - RP34 - Windows Update


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as JayJay Ciantar.exe) --------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro Hijac... Read more

A:My webbrowser has been Hijacked by daytotals! :(

Hi, sorry for the delay.

If you still need assistance, please post a fresh main.txt log

Read other 1 answers
RELEVANCY SCORE 63.2

I have started getting popups, search engine tool bars insert into my web browser, and my computer has slowed noticably. I saw a similar post by another user and I think I have a similar problem. I ran Hijackthis and removed a few references to "searchportal" (something like that). That took care of the hijacked webbrowser problem but I still have very poor performance. Also I notice that when I use alt + tab to switch between windows sometimes I notice that an icon for Java on the screen (even though I haven't opened Java). Can you help me get rid of whatever is affecting my computer?

Logfile of HijackThis v1.96.1
Scan saved at 10:17:49 PM, on 1/24/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 SP1 (5.50.4522.1800)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\WINREG.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\SYSTEM\DEVLDR16.EXE
C:\PROGRAM FILES\CREATIVE\SBLIVE\AUDIOHQ\AHQTB.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXE
C:\PROGRAM FILES\DELL\RESOLUTION ASSISTANT\COMMON\BIN\RXMON9X.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\MOTIVE\MOTMON.EXE
C:\PROGRAM FILES\DAP\DAP.EXE
C:\QUICKENW\QAGENT.EXE
C:\PROGRAM FILES\NORTON UTILITIES\NPROTECT.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:... Read more

A:hijacked webbrowser/spyware issues

Read other 11 answers
RELEVANCY SCORE 61.2

The usually innocuous ads on my browser get replaced with very explicit ones. I downloaded several free malware search programs but I can't run them because they all fail to update when I first start them. If I try to paste the update url's into a webbrowser then I find that access is blocked.
Sounds like a very cunning piece of malware if it truly prevents me from downloading something to attack it with. I also noticed that when connecting to other sites I often see a 'resolving proxy' message before it eventually connects. Sounds like I have been hijacked. I have attached my dds file.

Thanks in advance for looking in to this.

A:webbrowser ads are hijacked and access blocked to malware repair sites

I was finally able to update Malwarebytes with the latest updates by connecting my laptop to my company's network whose firewall somehow foils `the virus blocking my access to update sites. Once I downloaded the updates and did a scan the virus was removed. See attached scan log

Read other 3 answers
RELEVANCY SCORE 49.6

I'm being re-directed on google/yahoo searches to infomash.com and other sites.

Started going through the steps in topic 375151:

DeFogger - all steps were just as listed in the post - until the reboot message. I never received th message, but rebooted anyway. Wallpaper on desktop was black upon reboot.

TDSS Rootkit Removing Tool - no malicious objects found.

Eset Online Antivirus Scanner - tried with both FF & IE, runing both as administrator, but couldn't get the page to load.

Started a new topic (393404) to get some help. Have been following those instructions:

FixIt - ran this. Still couldn't get to Eset Oneline Scanner. Other pages would load, but was still being re-directed.

TFC by OT - this ran just fine. Although I didn't catch all the numbers while it was running, I did notice over 429,000 of something (!) was cleaned up in c:\[user name]appldata folder.

Change DNS Servers - I ran ipconfig/flushdns. Was successful. I didn't start the next steps because I wasn't sure how to find out if my ISP requires specific DNS settings. When I posted the question in topic 393404, I was told that my "router is hijacked by DNS-hijacker". I was instructed to do the following:

discoonect from the internet; scan with MBAM; and then reset the router. Completed this and discovered I already had a custom user name and password on the modem. Asked Qwest if I could change to a different custom name/pw, but was told no. So ... Read more

A:Hijacked by trojan DNS-hijacker

I apologize if this is not the correct method to notify you, but I am no longer in need of help. I've re-built the computer, installing Windwos 7. No problems so far!

Thank you so much for all the help - you're like a lifeline to all of us "out here". Thanks, again!

Read other 2 answers
RELEVANCY SCORE 49.2

Have run hijackthis and it keeps coming back... tried resetting TCP/IP and other settings but nothing helps. I can't stay dialed up. Someone from another board has been trying to help me.

Logfile of HijackThis v1.95.1
Scan saved at 12:29:11 AM, on 7/20/2003
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CallWave\IAM.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Jeanie\Local Settings\Temp\Temporary Directory 16 for hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://amazingtechs.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System32\blank.htm
R... Read more

A:I've been hijacked by a domain hijacker (dialsprint.net).

hi jeanie.......try it with this one one as well.

R3 - Default URLSearchHook is missing
 

Read other 3 answers
RELEVANCY SCORE 43.6

The computer is at another location, the symptoms are, cannot update Windows xp, allowed this programs Adaware, Spybot, Malwarebyte and McAfee Internet Security to be installed from a Flash drive but will not permit them to scan and the only way that I have access to this computer is remotely through Windows messenger, so is there a way to run any of these programs from a flash drive.
Any help is greatly appreciated

A:Unidentifiable infection

Hello,I am moving this from XP to Am I Infected..Disable Spybot and do these steps please.Please download Rkill by Grinler and save it to your desktop.Link 2Link 3Link 4Double-click on the Rkill desktop icon to run the tool.If using Vista, right-click on it and Run As Administrator.A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.If not, delete the file, then download and use the one provided in Link 2.If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.If the tool does not run from any of the links provided, please let me know.Rerun MBAM (MalwareBytes) like this:Open MBAM in normal mode and click Update tab, select Check for Updates,when doneclick Scanner tab,select Quick scan and scan (normal mode).After scan click Remove Selected, Post new scan log and Reboot into normal mode.Next run ATF and SAS:Note.. SAS doesn't open the registry hives for other user accounts on the system, so scans should be done from each user account.Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".From your regular user account..Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..DO NOT run yet.Open SUPER from icon and install and Update itUnder Scanner Options make sure the following are checked (leave all others unchecked):Close bro... Read more

Read other 1 answers
RELEVANCY SCORE 43.6

Hi! So I had this Toshiba Satellite for at least 1 month or less, its a 64 bit with windows 7 and a core i7. Not until today did I have this unidentifiable network problem. I have try everything, reset winsock and everything else that comes along those lines on the cmd ( I think ipv6 and ipv4) also today I noticed this norton thing that had never showed up before, I instantly uninstalled it and I think that's what caused the problem. I proceed to use the removal tool, no luck. I have uninstalled the wifi drives many time and re-installed it and no luck, I have try to update the drivers and no luck, I have run out of options and I still have this problem, help!
 

A:Unidentifiable Network

If I'm understanding you, you have removed a trial Norton product and ran Symantec's Norton Removal Tool. You have also performed the stack/WINSOCK repairs, but you did them before banishing Norton. You should run them after the Norton Removal. Just to make sure we are talking about the same thing, do these:

TCP/IP stack repair options for use with Vista or 7.

Start - All Programs - Accessories and right click on Command Prompt, select "Run as Administrator" to open a command prompt.

Reset WINSOCK entries to installation defaults: netsh winsock reset catalog

Reset IPv4 TCP/IP stack to installation defaults. netsh int ipv4 reset reset.log

Reset IPv6 TCP/IP stack to installation defaults. netsh int ipv6 reset reset.log

Reboot the machine.
If still a problem shut down the machine. Connect an ethernet cable. Boot the machine, make sure the wireless is switched on, try to connect by wireless and show ...

Start, Run, CMD, OK to open a command prompt:
(For Vista or 7 type CMD in the Search box after Start)

Type the following command:

IPCONFIG /ALL

[Note that there is no space between the slash and ALL.]

Right click in the command window and choose Select All, then hit Enter.
Paste the results in a message here.

If necessary use a text file and removable media to copy the results to a computer with internet access.
 

Read other 1 answers
RELEVANCY SCORE 43.6

Hello and thank you,

So it all started when i updated my bios, i then had the issue of unidentifiable network. Then i tried to do a clean install of Windows. Didn't help. I then connected the usb wireless adapter we have and had no problem. Then some how the network got connected and my LAN had the name of the wireless but worked. Then i was being retarded and tried to update the driver and it got messed up again. We got a new router from att so i know its not the router. When i go on the router page it shows my pc connected fine and when i go into details of the connection on my comp it shows all the correct information (ie. IP, default gateway, ect.). So i don't know what to do. Please help me figure this bugger out.

Thanks a million,
Forrest

A:Unidentifiable Network LAN

Hi Forrest,

I would suggest you to try the below mentioned steps one by one.


STEP 1:Update the network driver.
Steps to update network driver:
1. Click on start button.
2. in the search box type “devmgmt.msc” and then press enter.
3. Select the network card device and right click on it
4. Now select properties.
5. In the properties window, under “Driver tab”, click on “Update Driver button”.
6. After installing the updates restart the computer.

STEP 2:Try resetting the TCP/IP stack.
To reset the TCP/IP stack go to this article and either click on "Fix it for me" or follow the instructions to fix it yourself:http://support.microsoft.com/kb/299357

If still the same problem persists then try the next method.

STEP 3: You need to troubleshootusing the Network troubleshooter inWindows 7and check for the issue. To do that click the below mentioned link:
http://windows.microsoft.com/en-US/windows7/Using-the-Network-troubleshooter-in-Windows-7

Kindly let me know for further clarifications.

Read other 9 answers
RELEVANCY SCORE 43.6

I recently came into 2 servers and was wondering if I could get some feed back from some real pro's on how best to use them at home, and also learn from them. One is a RAQ 3 slim server, and the other is one I can not seem to get much info on as far as model or type. Is there a way or a place to get this info? I also own a membership with Microsofts Power Packs so I have a lot of server Programs to practice with and implement. I am thinking SBC 2003 will be the OS I go with. Any Info would be of some help..
These are the specs I get from the Bios screen.
Bio's screen.
CPU : Pentium II x 2
Math Processor: Built in
Floppy Drive A: 1.44MB 3 1/2
Floppy Drive B: None
Ambios Date: 7/15/95
Processor Clock: 350MHZ
Base Memory: 640KB
Extended Memory: 130048KB
Display Type: VGA/EGA
Serial Ports: 378
External Cache: 512KB, Enabled
PCI Devices:
PCI Onboard PCI Bridge
PCI Onboard USB Controller, IRQ9
PCI Slot 1 Ethernet, IRQ10
PCI Slot 4 SCSI, IRQ10
PCI Onboard bridge Device
PCI Onboard IDE
PCI Slot 2 VGA, IRQ11
PCI Slot 5 Scsi IRQ9
SDRAM 64MB.
AMI 0813981600 PENTIUM II DBE MOTHERBOARD R1.3
This is what I get just before the boot screen. I have Server software I can load just not clear on how to do so (YET). My objective is to learn administration and perhaps site hosting and maybe extra cash if I can get good at it. I don't know for sure.
 

Read other answers
RELEVANCY SCORE 43.6

I'm currently trying to repair a HP sprout, which has a number of problems that I'm trying to fix one problem at a time, and the first one that I think can be addressed is that there is a USB driver that appears to be missing.  To start off with, all availible drivers that HP has I've already installed from the driver support portion of the site. Under device manager I get "unknown USB Device (Device Descriptor Request failed)" and under properties the location is : Port_#0006.Hub_#0009. Does anyone know what usb device is in that location? Any help would be greatly appreciated.Thanks!

A:Unidentifiable USB Driver

Hi there @Dynames?Welcome to the HP Support Forums! It is a great place to find the help you need, from other users, HP experts and other support personnel. I understand that you have been trying to work through some issues with an HP Sprout, the current one being related to the USB ports. I am happy to assist you with this. Has the original hard drive been replaced as part of the repairs you have been doing? If this is still the original hard drive, is the Recovery Partition still present? If so, you can use the Recovery Manager to install the drivers from the factory image.  see the following for how to do that:HP PCs - Using Recovery Manager to Restore Software and Drivers (Windows 8) If that is not possible, do you have a set of recovery disks previously made from the original hard drive? Let me know, if this helps at all.

Read other 2 answers
RELEVANCY SCORE 43.6

Hello all,

I trying to monitor my network traffic, I using a DSL modem to a 4 port hub (non switch) connecting a Linksys wrt54g wireless switch, and a remote computer. This remote computer has a fixed ip address in which I remote log in too, from a wireless xp computer. If this remote computer is connected to the Linksys wireless switch Win 7 states Home network, if connected to 4 port hub, Win 7 states Unidentifiable and I can't remote connect. Background the DSL modem is 192.168.1.254 were the Linksys switch is 192.168.0.1, set the remote computer to a 192.168.0.X address.

A:Unidentifiable network

It sounds like you have the hub between the DSL modem and the Linksys. In a basic network, the Linksys wireless router is the "dividing line" between the local network and the rest of the world. Everything on the output side of the router is the "Home network". Normally you would not put anything between the DSL modem and the router.

Read other 1 answers
RELEVANCY SCORE 43.6

I have this spyware that I can't get rid of, it doesn't show up in any spyware or virus program either. I've also ran HJT and everything.

Here's an image of the problem. It's the little question mark in the tray. When clicked the error message shows up, and it takes me to the shown website.

 

A:Unidentifiable Spyware

Read other 9 answers
RELEVANCY SCORE 43.2

Opening task manager's startup, I see something just called "Program" with no unique icon. I can't open the location of it.
What can I do to see what this is?

A:Unidentifiable "program" in my startup?

You might try looking in MSCONFIG to see if it's listed there - with a location.
If you feel confident that it isn't something that has been there all along and you need it you could disable it.
 
Dick

Read other 6 answers
RELEVANCY SCORE 43.2

Hello Tech Wizards

I have had my desktop a while, however it continues to frequently shutdown randomly for an unknown reason. Initially I suspected it was a bad PSU, so had it RMAd, however same problem exists. It should be providing plenty of power to the mobo and other devices being a 500W, however I read on other forums the particular model has tendancies to automatically shutdown at PEAK LOAD. Its a OCZ ModXStream Pro 500W. This is darn annoying if it is and may still be the problem.

It might be another software or hardware issue though. I have fresh installed it before suspecting it was drivers, with default recognised drivers for GPU etc. However problem remains.

All hard ware is compatible. Below is the Minidump file, would you guys be kind enough to help me wit this.

I would really appreciate it.

091012-26317-01.dmp 10/09/2012 06:58:32 DRIVER_POWER_STATE_FAILURE 0x0000009f 00000000`00000003 fffffa80`0a21aa10 fffff800`00b9c518 fffffa80`09fd0e10 ntoskrnl.exe ntoskrnl.exe+7f1c0 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.1.7601.17944 (win7sp1_gdr.120830-0333) x64 ntoskrnl.exe+7f1c0 C:\Windows\Minidump\091012-26317-01.dmp 4 15 7601 801,328
 

A:PC Unidentifiable BSODs when in normal use

Update drivers.
 

Read other 3 answers
RELEVANCY SCORE 43.2

Hello!
For the past few weeks or so, I've had an annoying pop-up whenever I start my laptop. Problem is, the pop-up stays for half a second, then disappears - it's usually just blank and because it's gone so quickly I can't really do anything with it. When I turn off all start-up applications in msconfig, the pop-up seems to be gone as well, but I can't identify the source, which bothers me.
 
In this topic: http://www.bleepingcomputer.com/forums/t/534159/bothersome-start-up-thing/#entry3367704 it was suggested that it could be caused by a serial number not matching my legitimate Sims games, yet the problem has only started since a few weeks and those games have been on my laptop for ages.
 
Another problem: every time I scan for malware using MBAM, I get MySearchDial in the results. All the symptoms are already gone (browser redirecting/apps etc. were removed a long time ago), I thought it was clean but now this keeps popping up in my scans despite removing it with MBAM every time. 
 
Moreover, my laptop has some other strange problems lately. I can't open MalwareBytes Anti-Exploit, I can't open 'Change bluetooth settings', and recently it randomly tried to open Mail (or a similar app, I didn't really pay too much attention to it) and it froze to a blue screen (with cursor) for about 10-15 seconds before trying to open something again. This may just be bad luck, of course, but combined with the other things it becomes a bit suspicious. 
 
T... Read more

A:Unidentifiable pop-up and mysearchdial remains

Hello DDS will not run on a Win 8 System.Please repost here and state you are running Win8.Virus, Trojan, Spyware, and Malware Removal Logs

Read other 3 answers
RELEVANCY SCORE 43.2

I have a persistent problem that rears it's head several times/year, especially with Microsoft updates, and causes me to have to restore my drive from an image. An update in the past month crashed my machine that was widely viewed as a sign of a trojan (I don't recall the details). But I tried every which way to identify if my machine was infected and drew a blank..

I have scanned my machine with everything I can think of. I purchased a copy of Webroot Spy Sweeper 2010 which crashed my machine after the post-install reboot. Process explorer identifies two generic processes that I can't find identify: HIDDAEMON.EXE and THIDPATCH.EXE. Mumbodog replied to this post saying it was possible malware and sent me here.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:41:47 PM, on 3/19/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\Program Files\USB Safely Remove\USBSRService.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\windows\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\windows\system32\svchost.exe
C:\Program Files\Juniper\NetScreen-Remote\IPSecMon.exe
C:... Read more

Read other answers
RELEVANCY SCORE 43.2

I am running Windows XP SP2 on a HP computer, 110 GB free hard disk space. 2.20 GHz; 512 MB SDRAM.The computer is a few years old, but it was only until a few months ago we've began noticing major slowdown problems. I have run through the FAQs and made sure of all the possibilities before posting this.The anti-virus scan we use is BitDefender Internet Security 2008 Build 11.0.16.Running Spybot S&D, Ad-Aware 2007.We run a virus check every Friday night, and the only viruses it ever finds are in an archive file which cannot be deleted by Bit Defender. We continue updating the antivirus definitions daily.Primarily, our problems are extreme slowdowns both in operations and internet (DSL). We also experience rapid shortage of Virtual Memory, when the only things we use are small-time card games (Arachnid) that date back to the 80s, Microsoft Excel, Microsoft Outlook, and Internet Explorer. To my knowledge, anyway.My parents, I beleive, may have downloaded something; a game, or a fake spyware remover; that may have infiltrated or infected this computer. It's undetected by our virus scanners and our spyware removers, and I doubt it's an issue of the processor.I have gone through all the steps of the Preparation guide, and unfortunately still run into terrible slowdown problems, loss of virtual memory, and even random crashes.Below is a logfile from Hijackthis 2.0.2. Please help in anyway possible.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:35:00 PM, on 3/9/2008Platf... Read more

A:Unidentifiable Computer Slowdown

Hello Dante4212 and welcome to the BC HijackThis forum. The only thing I see in the log is that the java version is extremely out out date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.Updating Java:Note: If there is an Update XX in the name then the "XX" in the version will be whatever the latest version is.Download the latest version of Java Runtime Environment (JRE) 6.0 Update XX (if present).Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".Click the "Download" button to the right.Check the box that says: "Accept License Agreement".The page will refresh.Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.Close any programs you may have running - especially your web browser.Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.Check any item with Java Runtime Environment (JRE or J2SE) in the name.Click the Remove or Change/Remove button.Repeat as many times as necessary to remove each Java versions.Reboot your computer once all Java components are removed.Then from your desktop double-click on jre-1_6_0_XX-windowsi586-p.exe to install the newest version.Once that is done, let's see if anything else shows up. Before running a new scan let's clean out... Read more

Read other 7 answers
RELEVANCY SCORE 43.2

Last week my laptop began to become REALLY slow. I'm talking 10-15 minutes to boot. Then when I want to watch a video of any sort it's extremely choppy. I defragged my harddrive, reinstalled adobe and windows media player but still the same problem. I thought it might be a hardware problem, but I don't think so for the following reason: It all started after I downloaded a rar file. It had some type of error and then my entire screen turned a weird color..since then the problems persist. When I ran virus scans (Symantec and Avast and malwarebytes) the Symantec said I had a trojan in my java applications file called vload.class. It said it quarantined it, but one was left. Problem is none of the other scans came up with anything. Is the virus too new? Whatcan I do. i'm not a computer novice, nor am I an expert either though.

A:I'm infected with unidentifiable trojan

Hello. I think it's best for your computer, to search for an infection. Just follow the steps on http://www.bleepingcomputer.com/forums/topic34773.html (Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help). When post your DDS Log (+Gmer log): Do not post it at this topic or this forum but on http://www.bleepingcomputer.com/forums/forum22.htmlBe patient, it's very busy at this forum. A professional expert will view your logs and will help you with that problem. Do not use tools (like ComoFix) without professional experience/helper.Good luck.

Read other 1 answers
RELEVANCY SCORE 43.2

Hi. I am running Windows XP SP3 on a Dell D620 laptop. Generally speaking, the laptop runs fine. I have always had top of the line firewalls and av software that is automatically updated (now running NIS 2010). And I always use Firefox and Chrome as browsers. I'm pretty careful about my clicks.

But I do have a persistent problem that rears it's head several times/year, especially with Microsoft updates, and causes me to have to restore my drive from an image (which I do nightly and always immediately before an MS update). An update in the past month crashed my machine that was widely viewed as a sign of a trojan (I don't recall the details). But I tried every which way to identify if my machine was infected and drew a blank. So I simply turned off that specific update..

I have scanned my machine with everything I can think of. I even purchased a copy of Webroot Spy Sweeper 2010 (which crashed my machine after the post-install reboot). Nothing has ever turned up malware, but there are clear signs that something is amiss. Process explorer identifies two generic processes that are running that I can't find information about anywhere. They are HIDDAEMON.EXE and THIDPATCH.EXE. Does anyone know what they are and what other information can I provide that will enable someone to help me hunt down this mystery.
 

A:Unidentifiable generic processes

http://www.file.net/process/hiddaemon.exe.html

http://www.liutilities.com/products/wintaskspro/processlibrary/thidpatch/

Sounds like a possible Malware infection

Go to this board, read the first "Sticky" at the top very carefully, then post your log on the Hijack board for expert help.

http://forums.techguy.org/54-malware...jackthis-log.

.
 

Read other 2 answers
RELEVANCY SCORE 43.2

The laptop doesn't turn on. Upon an attempted startup i get 10 blinks (White) from the power plug LED. I've yet to find any decend documentation about this light code. I suspect a bad charging port - which is easy enough to repalce - just want to make sure im not waisting my time. 

Read other answers
RELEVANCY SCORE 43.2

Hello!
For the past few weeks or so, I've had an annoying pop-up whenever I start my laptop. Problem is, the pop-up stays for half a second, then disappears - it's usually just blank and because it's gone so quickly I can't really do anything with it. When I turn off all start-up applications in msconfig, the pop-up seems to be gone as well, but I can't identify the source, which bothers me.
 
In this topic: http://www.bleepingcomputer.com/forums/t/534159/bothersome-start-up-thing/#entry3367704 it was suggested that it could be caused by a serial number not matching my legitimate Sims games, yet the problem has only started since a few weeks and those games have been on my laptop for ages.
 
Another problem: every time I scan for malware using MBAM, I get MySearchDial in the results. All the symptoms are already gone (browser redirecting/apps etc. were removed a long time ago), I thought it was clean but now this keeps popping up in my scans despite removing it with MBAM every time. 
 
Moreover, my laptop has some other strange problems lately. I can't open MalwareBytes Anti-Exploit, I can't open 'Change bluetooth settings', and recently it randomly tried to open Mail (or a similar app, I didn't really pay too much attention to it) and it froze to a blue screen (with cursor) for about 10-15 seconds before trying to open something again. This may just be bad luck, of course, but combined with the other things it becomes a bit suspicious. 
... Read more

A:Unidentifiable pop-up and mysearchdial remains

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).===Download the correct version of this tool for your operating system.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)and save it to a folder on your computer's Desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The... Read more

Read other 28 answers
RELEVANCY SCORE 43.2

Hey all. I'm currently using IE 6 and wanted to try out some other browsers since I heard IE has a bunch of security holes, slower, etc. What I wanted to know is, which browser do you like the best? I'm thinking about buying Opera 7 but I don't know yet. And I don't mind buying. Well, I gotta sleep and I'll check this tomorrow. Thanks in Advance.
 

A:Which WebBrowser?

Read other 10 answers
RELEVANCY SCORE 42.8

I managed to run Keyfinder on a computer before doing a clean install of XP.

There were several versions of office apps installed, Word 2002, Excel 2003, and a Unidentifiable Office 2010 installation.

I want to skip the previous versions and go ahead and install the 2010 installation, but which is it? Not sure if its a complete Office install or just Word, etc.

I have the product ID and the product key, but how can I use the product ID to find what it is? I looked online but all I can find is how to find the product ID which I already have :SMH:
 

A:Unidentifiable Office 2010 installation?

Read other 9 answers
RELEVANCY SCORE 42.8

I have a Dell tower with an i7, R9 280x Graphics, 8gb ram. ex.

My motherboard holds a half mini wireless adapter and a ethernet port (attached to motherboard). After moving to a new apt my wireless connection speed went from 45 Mbps (at previous home) to now 5.5 Mbps. Also my ipv6 is now showing me 'no internet access'. My ipv4 connection showed the same thing until I change my DNS server to (8.8.8.8). This gave me internet access. but still 5.5 Mbps. Note: My roommates gaming computers have great connect at about 50 Mbps (what we pay for), I also used to get this with the same computer parts. So I tried a wired connection and absolutely nothing is showing up on my computer. I thought this would be as easy as plugging it in. Although the ethernet port on the back of my computer has a green light flashing.

Things I've tried.
Every CMD command I could find. All dns flush and renew, among some other commands that supposedly reset all IP information.
-Uninstalling (and deleting) my network devices and drivers in device manager (running as admin). Letting my computer reinstall the drivers, nothing. Manually installing the drivers from online downloads, no improvement.
When trying a wired connection. I took out my wireless adapter and turned off wireless. Nothing came up for a wired connection.
Tried establishing a new connection for wired. Very confusing and I may have screwed something here but not sure.

I believe I need to restore all my network and conne... Read more

A:Wired internet connection unidentifiable.

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>ipconfig/all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Connor-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : 94-39-E5-6E-E3-80
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5015:8d8d:3e21:41ea%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, September 18, 2015 6:46:07 PM
Lease Expires . . . . . . . . . . : Saturday, September 19, 2015 6:46:08 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 227817957
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-5D-88-0E-94-39-E5-6E-E3-80

DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

AS YOU CAN SEE THERE IS NOTHING REFERRING TO ETHERNET!
 

Read other 3 answers
RELEVANCY SCORE 42.8

Hello, thank you for your help.I have a Dell laptop that's infected. It normally runs on a wireless connection but currently unable to access internet so my communication will be a direct connected desktop. Everything has to be downloaded to a flash drive and then transfered (run) from the flash drive on the laptop. Symptoms started with a couple of chkdsk running whenever windows started, always found no errors. Then cntrl-alt-del wouldn't work, norton and malwarebytes icons disappered and internet had no access. Found another path to norton, ran it and after a while it disappeared. Malwarebytes came up with an error (I think it said it couldn't find a dll). I tried rkill in all of it's different naming conventions and they all error with "system cannot find the path specified" and "process terminated by rkill or while it was running". I was able to download malwarebytes on desktop onto flash drive and then was able to run it on the laptop (full scan) and it found nothing. I was also able to run norton in the same manner and it found nothing. The link for gmer in the Preperation Guide doc didn't work so I went to gmer website, downloaded gmer to flash drive, ran it on laptop and after a long period of time searching files the system hangs, can only hard reboot. I did this twice and same results. Following is copied dds.txt and attached attach.txt. Any help is greatly appreciated. One additional question, if I was to r... Read more

A:Unidentifiable Infection, Can't run rkill or gmer, Please Help

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEmsconfigsafebootminimalactivexdrivers32netsvcs%SYSTEMDRIVE%\*.exe/md5st... Read more

Read other 18 answers
RELEVANCY SCORE 42.8

In my registry under CLSID, there are what looks like hundreds of unidentifiable strings ,some repeats: trouble is, from time to time there are these myriads of files and other times only a handful: it also looks as if someone is regularly getting on my computer (I have Win 8), because the entry image screen before my login screen shows the default Win 8 screen instead of my custom pre login screen. I am including an image of part of what I see:

Can you suggest what may be going on?
 

A:multiple unidentifiable strings in registry & other

I've removed the link. Please upload your screenshot here rather than using a third party site so we can easily see it.
 

Read other 1 answers
RELEVANCY SCORE 42.8

Hi there! After fighting to recover my sister's computer from severe virus and spyware infestation, I need your help to ensure I've now got a clean computer. It was suffering from severe wireless network connectivity issues and error messages, MANY spyware popups and webpage redirects, no hibernate/standby/screensavers regardless of automatic settings, and of course, the dreaded blue screen.Actions I've taken include running full spyware sweeps in safe-mode with Spybot S&D and Ad-Aware 2007 and allowing them to fix anything they found. I had to run them several times to get it all off. I initially saved logs, but on subsequent runs, I stupidly saved over the logs with the new ones, so I've got no idea what was removed. Kicking myself for that.I've also run Kaspersky, Housecall, Panda, and BitDefender online virus scanners (only Kaspersky found anything, which it was able to remove) and reinstalled, updated, and run AVG Free Edition virus scanner. I then ran McAfee Stinger, which found nothing. Finally, I reinstalled and updated the wireless card driver utility, installed ZoneAlarm Free, and updated Windows through Microsoft's Windows Update. Most of the issues *appear* to be fixed now, with the exception of the auto-hibernate issue.I've posted the hijackthis log below. Can you help me finish cleaning this PC?Thanks a million!!Tr?-----------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:44:19 AM, on 8/2... Read more

A:Unidentifiable Virus And Spyware Infection. Help!

Hello and welcome to BC. Scan with HijackThis and put a checkmark against the following entries:R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/...rch/search.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.comO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)Close all browsers/windows/applications, except HijackThis, and click on "fix checked".=================================Restart the computer for the changes to take effect.=================================Go to Start>Control Panel>Add/Remove Programs and remove if Kaspersky online scanner is present prior to downloading the most up-to-date one.Now run this online scan using Internet Explorer:Kaspersky Online Scanner from http://www.kaspersky.com/virusscannerNext Click on Launch Kaspersky Online ScannerYou will be prompted to install an ActiveX component from Kaspersky, Click Yes.The program will launch and then begin downloading the latest definition files: Once the files have been downloaded click on NEXT Now click on Scan Settings In the scan settings make that the following are selected: Scan using the following Anti-Virus database: Standard Scan Options: Scan ArchivesScan Mail BasesClick OK Now under select a target to scan: Select My Computer This will program will start and scan your system. The s... Read more

Read other 10 answers
RELEVANCY SCORE 42.8

I have an Elements external drive which has been giving me problems ( regularly collapsing ) from which I have been transferring data to a new Seagate drive . The Elements drive is now empty but the properties record shows that 6 gb is still utilised ( out of 495 capacity ) . There are seemingly no hidden files . Is there any way that I can check to see what is there , or is this simply likely to be a recording of usage glitch which I should simply ignore ?
 

A:Solved: unidentifiable disc usage

Soroti said:


I have an Elements external drive which has been giving me problems ( regularly collapsing ) from which I have been transferring data to a new Seagate drive . The Elements drive is now empty but the properties record shows that 6 gb is still utilised ( out of 495 capacity ) . There are seemingly no hidden files . Is there any way that I can check to see what is there , or is this simply likely to be a recording of usage glitch which I should simply ignore ?Click to expand...
You may find if you go into Control Panel>Folder Options>View menu, and tick to "Show all Hiden Files and Folders" then untick "Hide Protected System Folders" you'll then see System Volume Information and possibly Recycler foldes which account foer the msissing space. You'll want to delete Recycler if you're looking to send this drive to the tip in case it contains remnants of personal data.
 

Read other 2 answers
RELEVANCY SCORE 42.8

I recently attempted to install Steam on my computer, only to have a strange program request my user ID and login information - this has never happened before when I installed Steam. When I went to the control panel, and clicked "uninstall a program", the list of programs closed itself after a few seconds, and still kept closing after multiple attempts. Firefox and IE browser windows also close after opening them. Attached is a screenshot of the program icon in the taskbar, and its login prompt - is this malware?

A:Unidentifiable program blocking installations?

Sure acts like it. What type of security programs do you have that you could run?

Read other 6 answers
RELEVANCY SCORE 42.8

Computer system will not let me connect with my new PCand iI'm getting this problem

Read other answers
RELEVANCY SCORE 42.8

I have several browsers loaded into my system, the most compatable one to use with my computer is the internet explorer. There is a problem of a pornographic add informing me that I have been infected and prompting me to buy their spyware equipment, this happens each time I try to use this home site page. I have spyware protection, spyware bot, and AOL McA.,and sweep the system upon each internet return. This page still remains. I need access to run certain files that are a part of my main system, It's not the best, just needed. I keep this site blocked by default, to keep my family from prompting this site and encountering porn related strong-armed sales tatics. Does anyone have any suggestions?
 

A:webbrowser adware

Read other 7 answers
RELEVANCY SCORE 42.8

When i got to some sites i get this error message "Unable to locate 'SHDocVwCtl.WebBrowser' make shure the internet path was typed in correct" something like that and i dont know how to get rid of it help would be apriciated.
 

A:'SHDocVwCtl.WebBrowser'

I have the same problem whats the fix ??
 

Read other 1 answers
RELEVANCY SCORE 42.8

Hello

I'm running:
a)Vista 64BIT and UAC is turned off with IE8 and
b)Win XP 32 bit with IE 6

Under b) I can display a specific webpage (which includes som JS and Ajax) without any problems
Under a) I can't display the page

Are there any known security issues? Do I enable some security settings within Vista or IE8?

Thanks!

A:Webbrowser- Changes between Vista and XP

IE8 is still buggy, i would recommend that you use IE7. However, what page won't it load? What security software is installed?

Read other 4 answers
RELEVANCY SCORE 42.8

Hi Everyone

I am trying to fix a friend's computer. He had 4 trojans on his pc that he found in January and didn't tell anyone. He is running OS: xp pro 1a.......RAM: 512......cant remember the information about his hard drive except it's an AMD.

The error message he is getting is this:

"cannot open web browser, error message "Downloading from site:res//C\WINDOWS\System32\shdolc.dll/offcancl.htm"

I have tried system restore, it will dont work for him, also tried a reinstall of windows, still no go. I tried to run hijack but it will not read from his floppy disk. I will try to save hijack to a cdrom and run it when I go there on Tuesday.

I would appreciate any suggestions that you can give me. You guys are always so helpful. Thank you.

Susi
 

A:Webbrowser Won't Load

Install avast home edition on your friends pc from a cd rom or jump drive and then run avast antivirus. Get rid of the Trojans then go to firefox and get rid of his IE or Netscape.

This worked for me, but someone else may have a better idea.
www.avast.com

www.firefox.com
 

Read other 3 answers
RELEVANCY SCORE 42.8

This webhijacker was caused from a megaupload toolbar that I downloaded a month back. I uninstalled it because It was causing problems such as pop ups and redirects. Now every time I try and go to a web page it redirects me to http://www.megaclick.com/404. Help is appreciated. Here is my hijackthis log if it helps.

(Windows XP Home)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:55:42 PM, on 12/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOW... Read more

A:WebBrowser Hijack

Read other 7 answers
RELEVANCY SCORE 42.8

Hi!!

I need some help in clearing this hijack that have been affecting my web browser and setting to some weird page everytime I on Internet explorer.

Below is the logfile created using Hijackthis. I am posting the whole logfile for a complete view on my system, however I have narrowed the problem to these 2 processes:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lastchaos.in.th/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Hacked by MOOzilla

I have tried deleting these 2 files but it will reoccurred once I on IE again, is there a way to remove them completely??

Thanks in advance for the help!!

The logfile is attached as below:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:29:21 AM, on 1/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\Program Files\National Instruments\MAX\nimxs.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\RTProxy.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
... Read more

Read other answers
RELEVANCY SCORE 42.8

Hey, I am having trouble with some ad-ware and I can't for the life of me figure out what exactly it is or how to get rid of it.

Basically, I get this progam called NULL WebBrowser open (can be seen in attachment) and about 10 minutes later, it floods my screen with popups from adultfriendfinder. I'll close all of them including this "NULL" program, however, it will reappear in some time.

I've run Lavasoft ad-aware, Spybot and the online Trend-Micro scanner - nothing has removed this. Searching on google, I cannot seem to find information about it. Any help?

Thanks in advance
 

A:NULL WebBrowser

Still having the problem...any advice?
 

Read other 1 answers
RELEVANCY SCORE 42.8

some one please tell me how to get my
Shdocvwctl.webbrowser working again i can not for the life of me
figure it out
it pops up on me all the time saying its not working or something
what do i do
 

Read other answers
RELEVANCY SCORE 42.8

I use the following Code to find string in A HTMl in WebBrowser control, but
if HTML support Frame then I get the error (run-time error "438"). any idea
how to fix this error.
Thanks,
Harry
Code:

Public myfindFirst As Boolean
Public oRange

Private Sub cmdFind_Click()
Dim sSearch As String
If myfindFirst Then
Set oRange = WebBrowser1.Document.body.createTextRange
sSearch = txtFind.Text
If oRange.FindText(sSearch) Then
oRange.Select
oRange.scrollIntoView
cmdFind.Caption = "Find Next"

myfindFirst = False
Else
MsgBox ("Search string " & txtFind.Text & " not found.")
End If
Else
Call oRange.Move("character")
sSearch = txtFind.Text
If oRange.FindText(sSearch) Then
oRange.Select
oRange.scrollIntoView
Else
MsgBox ("Finished searching Document for string " &
txtFind.Text)
cmdFind.Caption = "Find"
myfindFirst = True
Exit Sub
End If
End If

End Sub

 

A:vb6 WebBrowser control

Read other 7 answers
RELEVANCY SCORE 42.8

I sometimes get an "error message" when attempting to access various websites.

The message is:

"SHdocVwCtl.WebBrowser" "Make sure the path or internet address is correct"

Does this need to be "fixed" and of so how?

Sam
 

A:SHdocVwctl.WebBrowser

I searched Google to find a cure for you but there is not much mentioned There is a reference to vb Accellerator Would this apply ?
 

Read other 1 answers
RELEVANCY SCORE 42.8

When I get to some sites I get this error message "Unable to locate 'SHDocVwCtl.WebBrowser' make sure the internet path is correct"
I cannot find the answer to this, does anyone know the problem and/or how to solve it? Thanks
 

A:SHDocVxCtl.WEbBrowser

If you use the "search" feature of this forum you will find this question has been asked before. I went to Google and typed in "SHDocVwCH" without the quote marks and I found where this happens if you are using a browser other than IE. If you use IE to access the site you are looking for it should work just fine. Are you using AOL or Netscape?
 

Read other 3 answers