Over 1 million tech questions and answers.

Help with "Fraud.Windows.ProtectionSuite" and "Microsoft.Windows.RedirectedHosts" needed for Vista PC

Q: Help with "Fraud.Windows.ProtectionSuite" and "Microsoft.Windows.RedirectedHosts" needed for Vista PC

The computer will load normally yet will use redirects when trying to use a seach engine. Ex: Google.com even said "your network has a highlevel of outbound activity, enter the catchpa so we know you're human" and I'm paraphrasing here.Thanks in advance!-----DDS (Ver_10-03-17.01) - NTFSx86 NETWORK Run by Max at 15:17:33.22 on Sat 07/17/2010Internet Explorer: 8.0.6001.18928Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.894.159 [GMT -5:00]AV: Norton 360 *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: Norton 360 *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\Explorer.EXEC:\Program Files\Malwarebytes' Anti-Malware\mbam.exeC:\Program Files\Spybot - Search & Destroy\SpybotSD.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Users\Max\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M0FB9FHZ\dds[1].scrC:\Windows\system32\wbem\wmiprvse.exe============== Pseudo HJT Report ===============uStart Page = hxxp://www.yahoo.com/mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktopmDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktopBHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dllBHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dllBHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dllBHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0983.0\msneshellx.dllBHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllTB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dllTB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0983.0\msneshellx.dllTB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dllTB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No FileTB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No FileEB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dlluRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRunuRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exeuRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startupuRun: [ehTray.exe] c:\windows\ehome\ehTray.exeuRun: [CyberDefender Early Detection Center] "c:\users\max\appdata\local\cyberdefender internet security\antispyware\cdaseef0.exe" /minimizeuRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exemRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hidemRun: [hpsysdrv] c:\hp\support\hpsysdrv.exemRun: [KBD] c:\hp\kbd\KBD.EXEmRun: [RtHDVCpl] RtHDVCpl.exemRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exemRun: [<NO NAME>] mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStartmRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartupmRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInitmRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exemRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscriptmRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logonmRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logonmRun: [IJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.exemRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpconn~1.lnk - c:\program files\hp connections\6811507\program\HP Connections.exemPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)mPolicies-system: ConsentPromptBehaviorUser = 2 (0x2)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLLIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dllDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dllAppInit_DLLs: avgrsstx.dllIFEO: image file execution options - svchost.exeHosts: 74.125.45.100 4-open-davinci.comHosts: 74.125.45.100 securitysoftwarepayments.comHosts: 74.125.45.100 privatesecuredpayments.comHosts: 74.125.45.100 secure.privatesecuredpayments.comHosts: 74.125.45.100 getantivirusplusnow.comNote: multiple HOSTS entries found. Please refer to Attach.txt============= SERVICES / DRIVERS ===============R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-5-19 242896]R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2009-8-8 552448]S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-5-19 216200]S1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-5-19 29584]S2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-5-19 308064]S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-6-20 1153368]S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-11-11 21504]S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-5-19 38224]S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-11-11 16896]S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2009-11-19 19968]=============== Created Last 30 ================2010-07-16 23:02:29 250987522 ----a-w- c:\windows\MEMORY.DMP2010-07-11 20:51:50 0 dc-h--w- c:\programdata\{65893B95-F47B-4483-B883-86BA181E9B54}2010-07-08 16:28:54 0 d-----w- c:\program files\Safe Returner2010-07-07 15:30:05 0 d---a-w- c:\programdata\TEMP2010-07-01 16:24:48 0 d-----w- c:\program files\iPod2010-07-01 16:18:33 0 d-----w- c:\program files\Bonjour2010-06-28 23:47:06 0 d-----w- c:\program files\MSECache2010-06-28 15:46:51 0 d-sh--w- C:\found.0002010-06-25 20:29:01 0 d-----w- C:\8afe85826306ce75b864d72010-06-24 16:41:19 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll2010-06-24 16:41:19 49472 ----a-w- c:\windows\system32\netfxperf.dll2010-06-24 16:41:19 297808 ----a-w- c:\windows\system32\mscoree.dll2010-06-24 16:41:19 295264 ----a-w- c:\windows\system32\PresentationHost.exe2010-06-24 16:41:18 1130824 ----a-w- c:\windows\system32\dfshim.dll2010-06-23 16:07:03 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll2010-06-23 16:07:03 28672 ----a-w- c:\windows\system32\Apphlpdm.dll2010-06-21 17:11:32 0 d-----w- c:\windows\Spybot - Search & Destroy2010-06-20 19:02:10 0 d-----w- c:\programdata\Spybot - Search & Destroy2010-06-20 19:02:10 0 d-----w- c:\program files\Spybot - Search & Destroy2010-06-20 16:34:19 0 d-----w- c:\users\max\appdata\roaming\Malwarebytes==================== Find3M ====================2010-07-11 15:58:30 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys2010-07-01 16:21:27 86016 ----a-w- c:\windows\inf\infstor.dat2010-07-01 16:21:27 51200 ----a-w- c:\windows\inf\infpub.dat2010-07-01 16:21:27 143360 ----a-w- c:\windows\inf\infstrng.dat2010-06-15 14:48:10 411368 ----a-w- c:\windows\system32\deployJava1.dll2010-06-02 14:37:16 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys2010-05-26 17:06:41 34304 ----a-w- c:\windows\system32\atmlib.dll2010-05-26 14:47:41 289792 ----a-w- c:\windows\system32\atmfd.dll2010-05-21 19:14:28 221568 ------w- c:\windows\system32\MpSigStub.exe2010-05-19 23:48:01 12464 ----a-w- c:\windows\system32\avgrsstx.dll2010-05-19 23:47:57 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys2010-05-18 21:35:16 91424 ----a-w- c:\windows\system32\dnssd.dll2010-05-18 21:35:16 107808 ----a-w- c:\windows\system32\dns-sd.exe2010-05-04 05:59:21 916480 ----a-w- c:\windows\system32\wininet.dll2010-05-04 05:55:42 71680 ----a-w- c:\windows\system32\iesetup.dll2010-05-04 05:55:42 109056 ----a-w- c:\windows\system32\iesysprep.dll2010-05-04 04:31:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe2010-05-01 14:13:48 2037248 ----a-w- c:\windows\system32\win32k.sys2010-04-23 14:13:55 2048 ----a-w- c:\windows\system32\tzres.dll2009-11-23 15:22:11 665600 ----a-w- c:\windows\inf\drvindex.dat2009-11-18 22:17:43 174 --sha-w- c:\program files\desktop.ini2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat2010-01-08 04:27:21 245760 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\ietldcache\index.dat2009-11-18 22:37:12 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat2010-02-21 21:30:01 245760 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat============= FINISH: 15:21:50.75 ===============

RELEVANCY SCORE 200
Preferred Solution: Help with "Fraud.Windows.ProtectionSuite" and "Microsoft.Windows.RedirectedHosts" needed for Vista PC

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Help with "Fraud.Windows.ProtectionSuite" and "Microsoft.Windows.RedirectedHosts" needed for Vista PC

Hello, zipxam.My name is aommaster and I will be helping you with your log.I apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.If you have since resolved the original problem you were having, I would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.ThanksShould you still require assistance, please take note of the points below:Please track this topic by either adding it to your favourites or clicking the Options button at the top of this thread and then Track this topic.Please disable word-wrap before posting logs. This can be done by clicking Format and un-ticking the word-wrap feature in notepad. The logs that you post should be copied and pasted directly into the reply. Only attach them if requested or if they do not fit into the post.If you do not reply within 5 days, I will have to close your topic. Should you not be able to meet this, please notify me so that I will leave the topic open.Please do not install, update, or run any programs for the duration of the fix.If you do not understand the instructions I provide, please don't hesitate to ask. That's what I'm here for Please continue to reply to this topic until I give you the all clean. Just because there are no symptoms of infection doesn't mean that the computer is clean.If you are running Vista, please run all the fixes as an administrator. This is done by right-clicking the program and clicking "Run as Administrator".Please do the following so I can take a look at the current state of your system.We need to run DefoggerPlease download DeFogger to your desktop.Double click DeFogger to run the tool. The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OK DeFogger will now ask to reboot the machine - click OKNote: If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.Do not re-enable these drivers until the end of the fix.We need to run RSITDownload random's system information tool (RSIT) by random/random and save it to your desktop.Double click on RSIT.exe.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)NEXT:We need to run an Anti-Rootkit (ARK) scanDownload GMER and save to your desktop. Note that the file will be randomly named to prevent active malware from stopping the download.Close all other open programs as there is a slight chance your computer will crash.Double click the GMER program. Your security programs may detect GMER's driver trying to load. Allow it.You may see a warning saying "GMER has detected rootkit activity". If so, select NO.Make sure all options are checked except:IAT/EATDrives/Partition other than Systemdrive, which is typically C:\Show All (This is important, so do not miss it.)Note: If GMER crashes or hangs, please retry running a scan. Only this time, in addition to the options mentioned above, uncheck Devices as well.When the scan is complete, click Save and save the log onto your desktop.If GMER crashes, hangs or blue-screens, do the followingPlease Download Rootkit Unhooker Save it to your desktop.Now double-click on RKUnhookerLE.exe to run it.Click the Report tab, then click Scan.Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.Wait till the scanner has finished and then click File, Save Report.Save the report somewhere where you can find it. Click Close.Copy the entire contents of the report and paste it in a reply here.Note:You may get this warning. If so, please ignore it."Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?"In your next reply, please include the following:Log.txtinfo.txtgmer.log/RKUnhooker log

Read other 21 answers
RELEVANCY SCORE 123.6

Hallo, I hope I'll be able to do this in english.... My laptop has been infected with 4 different malwares or Trojans. I have run spybot three times and of course it can detect but not delete Win32.Delf.uv; Fraud.CleanUpAntivirus; Fraud.WindowsProtectionSuite and Microsoft.Windows.RedirectedHosts! I Hope I can get some help of how to get rid of those malwares without having to configurate my laptop.
Best Regards Anneke

A:Win32.Delf.uv; Fraud.CleanUpAntivirus; Fraud.WindowsProtectionSuite; Microsoft.Windows.RedirectedHosts

Hallo Anneke,What language please? As long as I can understand the dialogue between us, then I can read the information I need without a problem. Please tell me what else you've run besides Spybot so I know what we need to do. Thanks,tea

Read other 16 answers
RELEVANCY SCORE 114.4

The topic items were found with Spybot.
I have tried to remove them with the following programs:
Norman
McAfee
Malwarebytes'
Adaware
and two others since removed.

A:Fraud.windowsprotectionsuite and Microsoft windows.redirectedhosts

Hello tictx and welcome to BC.

Sorry about the delay, do you still need help?

Read other 2 answers
RELEVANCY SCORE 114.4

When I run my spybot program the results show that I have Fraud.WindowsProtectionSuite & Microsoft.Windows.RedirectedHosts & can not delete them becasue it says access is denied..First I tried http://www.bleepingcomputer.com/forums/t/317865/fraudwindowsprotectionsuite-microsoftwindowsredirectedhosts/ which brings me here.dds log:DDS (Ver_10-03-17.01) - NTFSx86 Run by mm at 19:00:47.28 on Sat 05/22/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1481 [GMT -4:00]AV: CleanUp Antivirus *On-access scanning enabled* (Outdated) {943D8AFA-D1CC-43C0-B784-0F036F2DC7DF}AV: Trend Micro PC-cillin Internet Security *On-access scanning disabled* (Outdated) {7D2296BC-32CC-4519-917E-52E652474AF5}FW: CleanUp Antivirus *enabled* {5341F26A-4314-4B42-883F-B8A1FD367251}FW: Trend Micro PC-cillin Internet Security (Firewall) *disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\brsvc01a.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\brss01a.exesvchost.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\svchost.exe -k hpdevmgmtC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Motive\McciCMService.exeC:\WINDOWS\System32\svchost.e... Read more

A:Fraud.WindowsProtectionSuite & Microsoft.Windows.RedirectedHosts

Hi phi1097!!.. Your logfile reveals that your current antivirus program: Trend Micro PC-cillin Internet Security is outdated... Could you confirm that it's not being updated anymore??.. Please do the following:Firstly,Please restore your Proxy settings as they have been modified by malware...To do this:In Internet Explorer: Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" and check to "Automatically detect settings".In Firefox in Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection.Secondly,Please visit this webpage for instructions for downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofix* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Post the log from ComboFix when you've accomplished that.

Read other 7 answers
RELEVANCY SCORE 114.4

When I run spybot I get these results but it will not fix them. How do I get rid of them?? thank you

A:Fraud.WindowsProtectionSuite & Microsoft.Windows.RedirectedHosts

Hello phi1097.. This should work here.Next run MBAM (MalwareBytes):Please download Malwarebytes Anti-Malware (v1.46) and save it to your desktop.alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete... Read more

Read other 5 answers
RELEVANCY SCORE 114.4

The malware was detected by "spybot" but could not be removed. I have tried other programs to remove but none can.

A:Fraud.WindowsProtectionSuite, Microsoft.Windows.RedirectedHosts

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator&#... Read more

Read other 35 answers
RELEVANCY SCORE 114.4

Please let me begin by thanking you all for providing such a wonderful service! The problem began a fews days ago when my daughter indicated that she could not access the internet from her computer. Using Malwarebytes, I was able to remove the rogue program "Internet AntiVirus 2011" as well as several hundred other unwanted malware files. After getting a clean report from Malwarebytes, I next ran Spybot and discovered Fraud.WindowsProtectionSuite and Microsoft.Windows.RedirectedHosts. Spybot was not able to remove these files, however. We are able to access the internet again, and, via Google, we fortunately found bleepingcomputer.com! I have followed your very helpful Preparation Guide. Please assist us with cleaning up this malware mess. We also welcome any advice that might prevent a similar situation in the future. Again, thanks for volunteering to help those of us who know very little about computer security and repair!

DDS (Ver_10-12-12.02) - NTFSx86
Run by Ron Rau at 23:44:50.71 on Sun 12/19/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.195 [GMT -5:00]

AV: Microsoft Security Essentials *Enabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Secur... Read more

A:Fraud.WindowsProtectionSuite/ Microsoft.Windows. RedirectedHosts

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

Read other 15 answers
RELEVANCY SCORE 114.4

For a while now I have not been able to go to any search engine sites... google, bing, yahoo... all come up saying "Internet Explorer cannot display the webpage" so I ran a Spybot S&D test and it came up Microsoft.Windows.RedirectedHosts (207 files) and Fraud.windowsprotectionsuite (12 files)... I tried to have SB S&D fix it but it couldn't... any suggestions:

some notes: I am running Vista... I can navigate the web without issue (IE7Pro and Mozzilla) but can not conduct any searches from the sites mentioned above. have run Malwarebytes... Spy Bot S&D... AVG Virus scan...

HELP!

A:Microsoft.Windows.RedirectedHosts & Fraud.WindowsProtectionSuite

Hello,There is a removal guide for Windows Protection Suite here: http://www.bleepingcomputer.com/virus-remo...rotection-suiteOrange Blossom

Read other 1 answers
RELEVANCY SCORE 113.2

DDS (Ver_10-03-17.01) - NTFSX64 Run by Kenny at 22:20:00.31 on Mon 09/13/2010Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3964.2072 [GMT -5:00]AV: My Security Shield *On-access scanning enabled* (Updated) {F7C3F046-2263-4FD9-8BDA-43E06E2A959B}SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}FW: My Security Shield *enabled* {58DCC485-515D-4741-89D4-F8CD1A51BBAD}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\SysWOW64\sv... Read more

A:Infected with Fraud.WindowsProtectionSuite & Microsoft.Windows.RedirectedHosts

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

Read other 2 answers
RELEVANCY SCORE 112

My laptop has been infected with the lovely Fraud.WindowsProtectionSuite and Microsoft.Windows.RedirectedHosts malware. I have tried using a few different spyware removal tools & also followed the removal instructions for this issue that I found posted on here, but have been unsuccessful. I last used Malware Bytes and it showed the files removed. However, just to be sure, I used Spybot Search & Destroy and it still showed these two infections but is unable to fix them. Any help with this would be greatly appreciated...crossing my fingers it's not so badly infected that I'll need to start my laptop from scratch. Ugh.DDS (Ver_10-03-17.01) - NTFSx86 Run by Janice at 16:03:43.57 on Sun 09/05/2010Internet Explorer: 6.0.2900.5512Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.489 [GMT -4:00]AV: avast! antivirus 4.8.1368 [VPS 100905-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files&... Read more

A:Laptop Infected with Fraud.WindowsProtectionSuite and Microsoft.Windows.RedirectedHosts

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

Read other 14 answers
RELEVANCY SCORE 112

I have already tried using a few different spyware removal tools but have been unsuccessful. As you are most likely already aware when I used ScanSpyware it at first detected the corrupted files and said it deleted them, (I did the scan as an administrator) and so I thought I was done, but just to be sure I checked again with Malware Bytes and it showed the files removed as well. However, just to be sure I used spybot Search & Destroy and it still showed these two infections but is unable to fix them. I also went to the original files that ScanSpyware had located these infections and they were gone. Now I am unable to place exactly where they are sitting as Spybot is unable to show me ans ScanSpyware is not registering them as a threat. Thank you for helping me.DDS (Ver_10-03-17.01) - NTFSx86 Run by Ursulla at 15:51:10.30 on 05/06/2010Internet Explorer: 8.0.6001.18882Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.2.1033.18.3000.1976 [GMT -7:00]AV: Security Master AV *On-access scanning enabled* (Updated) {C46070E7-7E79-459F-9A40-F9DF5DA575D9}AV: avast! antivirus 4.8.1229 [VPS 100111-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: avast! antivirus 4.8.1229 [VPS 100111-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}FW: Security Master AV *enabled* {F3D60297-99A6-4F9B-9630-814F359344B8}============== Running Processes =====... Read more

A:Laptop Infected with Fraud.WindowsProtectionSuite and Microsoft.Windows.RedirectedHosts

Hello Mags13 Welcome to the BC HijackThis Log and Analysis forum. I will be assisting you in cleaning up your system.I ask that you refrain from running tools other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond the your topic and facilitate the cleaning of your machine.Please keep in mind that we have a large backlog of users just like yourself waiting to be helped so try to be as timely as possible in your replies. Since we do this on a part-time voluntary basis we are limited on how many logs we can respond to and keep open due to time restraints. If you have to be away or can't answer for some other reason just let me know. Thank you for your understanding.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.Please download both RKill and ComboFix before running either one. Run Rkill right before you run ComboFix (CF). I will not need any log RKill may produce.RKill by GrinlerLink #1Link #2Link #3Link #4Download Link #1.Save it to your Desktop.Double click the RKill desktop icon.If you... Read more

Read other 8 answers
RELEVANCY SCORE 110.8

My laptop has been infected with the lovely Fraud.WindowsProtectionSuite and Microsoft.Windows.RedirectedHosts malware. I have tried using a few different spyware removal tools & following the removal instructions for this issue that I found posted on here, but have been unsuccessful. I last used Malware Bytes and it showed the files removed. However, just to be sure I used Spybot Search & Destroy and it still showed these two infections but is unable to fix them. Any help with this would be greatly appreciated...crossing my fingers it's not so badly infected that I'll need to start this laptop from scratch.

I'm getting constant errors when trying to create a Hijack This log, so if you could guide me in which direction to go so that I may post the appropriate logs for you to analyze for helping with this problem.

Thanks

A:Laptop Infected with Fraud.WindowsProtectionSuite and Microsoft.Windows.RedirectedHosts, unable to get rid of

Have you tried the preparation guide? Please try and at least obtain a DDS log, rather than a HijackThis log.Please follow the instructions in ==>This Guide<==.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<==If you can produce at least some of the logs, then please create the new topic. If you cannot produce any of the logs, then post back here and we will provide you with further instructions.

Read other 3 answers
RELEVANCY SCORE 110.8

This computer (XP) was infected w/ Security Antivirus, fraud.windowsprotectionsuite & microsoft.windows.redirectedhosts (same as the problem posted here: http://forums.spybot.info/showthread.php?t=53464). Security Antivirus persists though I followed the removal instructions here: http://www.bleepingcomputer.com/virus-remo...urity-antivirus ....Below is the DDS log, and attached is "Attach.txt" - but I am not having success with the GMER - the first time it froze after scanning for a long time; was probably almost finished. The second time, the whole computer screen froze and required rebooting by the power button. Again, it had scanned for a long time and was probably near the end of the scan. Should I try to do the GMER scan in Safe Mode?Thanks.Here's the DDS:DDS (Ver_09-12-01.01) - NTFSx86 Run by Julie at 13:27:45.10 on Fri 02/12/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1080 [GMT -5:00]AV: Security Antivirus *On-access scanning enabled* (Updated) {1913B679-BBD3-454F-A7F8-ECBEA6AF9CC7}AV: PC-cillin Internet Security - Virus Protection *On-access scanning enabled* (Outdated) {7D2296BC-32CC-4519-917E-52E652474AF5}FW: Security Antivirus *enabled* {C531EFFC-44A4-48BE-9D44-DC10C6B8D7D4}FW: PC-cillin Internet Security - Firewall *enabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.e... Read more

A:Infected w/ Security Antivirus, fraud.windowsprotectionsuite & microsoft.windows.redirectedhosts

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I'll ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.We need to create an OTL ReportPlease download OTL from hereSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Under the Custom Scan box paste this innetsvcs%SYSTEMDRIVE%\*.exe/md5starteventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dlliaStor.sysnvstor.sysatapi.sysIdeChnDr.sysviasraid.sysAGP440.sysvaxscsi.sysnvatabus.sysviamraid.sysnvata.sysnvgts.sysiastorv.sysViPrt.syseNetHook.dllahcix86.sysKR10N.sys/md5stop%systemroot%\*. /mp /s%systemroot%\system32\*.dll /lockedfilesCREATERESTOREPOINTClick the "Run Scan" button.The scan should take just a few minutes.Please copy and paste both logs back here in your next reply.

Read other 17 answers
RELEVANCY SCORE 110.8

I cannot remove these from my system. Each time I clear Win32.Delf.uv from my system via Spybot, it returns after rebooting. When I try to remove Fraud.WindowsProtectionSuite and Microsoft.Windows.RedirectedHosts using Spybot I recieve an error message saying Cannot create File C:\WINDOWS\System32\drivers\etc\Hosts Access is denied. I have tried using Malwarebytes, Housecall, and Spybot but nothing has worked thus far. Please help. I am using Windows Xp Professional Service Pack 3.

A:Cannot Remove Fraud.WindowsProtectionSuit, Microsoft.Windows.RedirectedHosts And Win32.Delf.uv

Hello,I suggest that you follow the instructions in ==>This Guide<==.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<==If you can produce some of the logs, please create the new topic. If you cannot produce any of the logs, then post back here and we will provide you with further instructions.Orange Blossom

Read other 1 answers
RELEVANCY SCORE 81.6

Hi, ive noticed recently that the performance of my pc drops sometimes. On each occassion i run spybot and it always returns a Microsoft.Windows.RedirectedHosts entry along with the other usual Tracking Cookie entries.

Im not sure if i have a virus of some sort thats responsible for the recurrance. Im hoping i can get some help to determine whats the issue.

These are the results of my last scan (if that helps at all).

Microsoft.Windows.RedirectedHosts: [SBI $2CF31C11] Redirected host (Redirected host, nothing done)
www.symantec.com=127.0.0.22

Microsoft.Windows.RedirectedHosts: [SBI $B867A104] Redirected host (Redirected host, nothing done)
securityresponse.symantec.com=127.0.0.22

Microsoft.Windows.RedirectedHosts: [SBI $00E29A62] Redirected host (Redirected host, nothing done)
symantec.com=127.0.0.22

Microsoft.Windows.RedirectedHosts: [SBI $55ED8A07] Redirected host (Redirected host, nothing done)
virustotal.com=127.0.0.22

Microsoft.Windows.RedirectedHosts: [SBI $5524AA36] Redirected host (Redirected host, nothing done)
www.virustotal.com=127.0.0.22

Microsoft.Windows.RedirectedHosts: [SBI $C2490DE6] Redirected host (Redirected host, nothing done)
grisoft.com=127.0.0.22

Microsoft.Windows.RedirectedHosts: [SBI $DAA94792] Redirected host (Redirected host, nothing done)
pandasoftware.com=127.0.0.22

Microsoft.Windows.RedirectedHosts: [SBI $883C9683] Redirected host (Redirected host, nothing done)
www.pandasoftware.com=127.0.0.2... Read more

A:Microsoft.Windows.RedirectedHosts

Hello and Welcome.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed. I currently have as many open topics as I can effectively handle; this will have you back in queue with the proper logs so an available helper would be able to assist.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers
RELEVANCY SCORE 81.6

I have been getting an error from McAfee about this redirectedhosts message. I believe its also what has been been shutting down my firewall upon startup. I need help clearing it out. On SpyBot the name of it reads: Microsoft.Windows.RedirectedHostsm [1-$63cdfa57] [cannot open file "c:\\windows\system32\drivers\etc\hosts..

any help would be appreciated. especially since my computer is extremely slow and almost unable to use. thanks.

A:microsoft.windows.redirectedhosts

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 81.6

For the past few weeks my pc has been really slow. This has on occasion led my pc to lock up completely. Most recently whenever I access google.ca I am being redirected to some other sites. I ran a spybot and cannot remove the following two problems:

Microsoft.Windows.RedirectedHosts
Fraud.WIndowsProtectionSuite

Downloaded HJT. Here is my log file:

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 6:48:30 PM, on 3/10/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\1.2.183.17\GoogleCrashHandler.exe
C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.e... Read more

Read other answers
RELEVANCY SCORE 81.6

I'm not sure what I should do,
yesterday I tryed to get DDS but was redirected by the virus, today was looking through someone else post that look like he have the same problam and there was another link to DDS and I was able to get it to run on my comp.
should I post this DDS file or just seat and wait ??
please let me know.
and thank you guys for the great affort in helping us dumb bells
Avi.

A:microsoft.windows.redirectedhosts

Please wait for a response to your topic here: http://www.bleepingcomputer.com/forums/t/240487/microsoftwindowsredirectedhosts-virus/As I stated before, Please refrain from making changes to the computer as this will complicate things for your helper. You can inform your helper of anything new once you receive a response which may take some days.This topic is now closed.Orange Blossom

Read other 1 answers
RELEVANCY SCORE 81.6

I have been getting an error from McAfee about this redirectedhosts message. I believe its also what has been been shutting down my firewall upon startup. I need help clearing it out. On SpyBot the name of it reads: Microsoft.Windows.RedirectedHostsm [1-$63cdfa57] [cannot open file "c:\\windows\system32\drivers\etc\hosts..

any help would be appreciated.

A:Microsoft.Windows.RedirectedHosts NEED HELP!

bump.

please help me.

thanks.

Read other 4 answers
RELEVANCY SCORE 81.6

Hello There,
I have a customer that was infected by some spyware, ran SpyBot S&D, after finishing, shows Microsoft.WIndows.RedirectedHosts host file not found and several similar, ran AVG Anti-Virus found and removed 5 viruses.
Restartd in safe mode and ran SmithFraud removal tool keep getting this message about infected with spyware, any ideas!

A:Microsoft.windows.redirectedhosts

"False Positive? - Redirected Host File"Are you using the latest version of Spybot? See Changes & Improvements in v1.5As for smitfraudfix, are you following the generic instructions for using SmitfraudFix in BC's self-help tutorial "How to remove the Smitfraud/Generic Zlob".

Read other 1 answers
RELEVANCY SCORE 81.6

HijackThis Log:

Logfile of HijackThis v1.99.1
Scan saved at 21:47:56, on 16/06/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\DOCUME~1\SBIZZY~1\LOCALS~1\Temp\suad.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\devldr32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\SNDVOL32.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Real\RealPlayer\realplay.exe
C:\WINDOWS\system32\calc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\S Bizzy\My Documents\Downloads\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 202.109.114.142 survey88.allyes.com
O1 - Hosts: 202.109.114.142 adtaobao.allyes.com
O1 - Hosts... Read more

A:Microsoft.Windows.RedirectedHosts

1. Download this file -> http://download.bleepingcomputer.com...a/ComboFix.exe

2. Double click on combofix.exe & follow the prompts.

3. When finished, it shall produce a log for you. Post that log & a fresh HJT log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Read other 19 answers
RELEVANCY SCORE 80.8

Hi

My kids ahve downlaoded 2 spyware programs that is detected by SPYBOT but whcih it cannot get rid of.

I have a DELL computer running Windows XP Service Pack 2. SPYBOT keeps finding FakeMSN8Beta. This has changed my home page in IE and when I click on results of the FakeMSN8Beta it comes up with C\windows\system32\taskkill.com

Second problem
Microsoft.Windows.RedirectedHosts: When I click on thsi I find a log of 36 entries that seem to go to all sorts fo antivirus prgram sites like this:

Microsoft.Windows.RedirectedHost: RedirectedHost (Redirected Host, nothing done)
updates.symantec.com

I an desperate as I use the computer for internet banking and would welcome any assistance
Many thanks
GMcP
 

A:Can't get rid of FakeMSN8Beta & Microsoft.Windows.RedirectedHosts

hi, welcome to TSG.

Download hijack this from the link below.Please do this. Click here:

http://www.thespykiller.co.uk/files/hijackthis_sfx.exe

to download HijackThis. Click scan and save a logfile, then post it here so
we can take a look at it for you. Don't click fix on anything in hijack this
as most of the files are legitimate.
 

Read other 1 answers
RELEVANCY SCORE 80.8

Hello... spybot S&B keeps finding the same 30+ redirectedhosts .... I got a virus I am sure from something I downloaded from my sister via msn. I've been having problems since. though AVG did not find anything and I've run a full scan 5 times since the problems started..
I can no longer access Trendmicro's website, Amazon, Ebay, Paypal or Microsoft .. no idea why.. though I'm fairly sure it's probably a good idea that I can't at the moment.. all things considered..
bitdefender online scan also freezes up on me as well.. and though i was able to get into housecall.trendmicro.com shortly after starting the scan both IE and Firefox will just shutdown.
Adaware finds the redirectedhosts but cannot do anything for them??

Here's my HJT logfile..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:31:25 PM, on 2/10/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\System32\kxmixer.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\ACNielsen\Ho... Read more

A:microsoft.windows.redirectedhosts problem

Deckard's System Scanner v20071014.68
Run by Administrator on 2008-02-10 14:43:13
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2008-02-10 22:43:57 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Administrator.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:48:55 PM, on 2/10/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\System32\kxmixer.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\ACNielsen\Homescan Internet Transporter\HSTrans.exe
C:\Program Files\Topro\tppoll.exe
C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
C:\Program Files\Mattel\Barbie Girls\Mattel.... Read more

Read other 1 answers
RELEVANCY SCORE 80.8

Referred here from: http://www.bleepingcomputer.com/forums/t/240288/i-need-help-please-please-redirectedhost/ ~ OBhello i have tryed to get the prep guide but were unable to get dds to run becose I was redirected from it time and time again.so i was told to run RSIT.exe and post the log file here for help, here it is >>>Logfile of random's system information tool 1.06 (written by random/random)Run by Owner at 2009-07-10 20:11:41Microsoft Windows XP Professional Service Pack 2System drive C: has 149 GB (63%) free of 234 GBTotal RAM: 1014 MB (47% free)HijackThis download failed======Scheduled tasks folder======C:\WINDOWS\tasks\AppleSoftwareUpdate.jobC:\WINDOWS\tasks\Google Software Updater.jobC:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.jobC:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}][HKEY_LOCAL_MACHINE\SOFTWARE\Micro... Read more

A:microsoft.windows.redirectedhosts virus

it has been 6 days, please let me know if you can help,
thank you

Read other 4 answers
RELEVANCY SCORE 70.8

Hi, I've been infected by the above-mentioned malware and am having the hardest time getting rid of it. In fact, I can usually clear my own viruses and spyware when infected, but this one's got me beat.I'm running Windows Vista as my OS, McAfee Security Center and Spybot Search & Destroy. Spybot identified the two programs above but can't clear them.The problem manifests whenever I search for something using the Google search bar to the right of the nav bar in Firefox. I get redirected to a page of results from Google.nl even though I am in the U.S.I was also being redirected to Gala-Search for a while but I have since cleared that problem. I have deleted the malicious entries in my registry and deleted the malicious program files, but the Google redirects are still happening.I have followed all of the steps listed in this thread, including running ComboFix as I was having the exact same problem (I know, I know, but I know what I'm doing...lol):http://forums.spybot.info/showthread.php?p=349499The heart of my problem is that I cannot overwrite my "hosts" file. The program seems to have blocked access to this file. I have tried opening with Notepad, by right-clicking on Notepad and running it as Admin. Didn't work.I have tried several other methods of clearing my "hosts" file but it keeps telling me I do not have permission to do so. I even tried the fix mentioned at the bottom of the above thread, but it didn't work.To get things started, here i... Read more

A:Microsoft.Windows.RedirectedHost and Fraud.WindowsProtectionSuite Removal Help Please

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No inp... Read more

Read other 3 answers
RELEVANCY SCORE 70

My computer has been infected with Fraud.WindowsProtectionSuite and Microsoft.Windows.Redirected Hosts. I can find it with SpyBot, but I am unable to access it to remove it. Google is largely useless. Any available help would be greatly appreciated. Thank youDDS (Ver_09-12-01.01) - NTFSx86 Run by Carrie at 20:03:21.90 on Fri 01/29/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2037.841 [GMT -5:00]AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\dldfcoms.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exec:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeC:\Program Files\McAfee\MPF&... Read more

A:Infected with Fraud.WindowsProtectionSuite and Microsoft.Windows.Redirected Hosts

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

Read other 3 answers
RELEVANCY SCORE 70

Hello TSG!

Need some help with this nasty little bugger. Ive run Spybot S&D and among other little infections these two came up:

Fraud.WindowsProtectionSuite
Microsoft.Windows.RedirectedHosts

Now, Spybot was not able to clean these infections due to an error in the filesystem that blocked Spybot from creating a file in the system32 folder under the hosts subfolder. I do not have the actual error up at this moment, but could recreate it if needed. Also, I have downloaded and run HJT and it came up with this messege while scanning:

For some reason your system denied write access to the Hosts file.

I will not post the entire error as you all probably know what I am talking about.

Here is the log file from HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:30:54 PM, on 10/5/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Window... Read more

A:Laptop infected with Fraud.WindowsProtectionSuite and Microsoft.Windows.RedirectedHos

Read other 7 answers
RELEVANCY SCORE 69.2

I was running windows essentials as my anti virus software but suspected that I had been infected as my serch engines would not connect. I purchased Kaspersky Internet Security 2011 which seemed to find 2 trojan infections which I hoped woudl solve the problem but unfortunatley it didi not. I then scanned with Spybot - search and destroy whoich identified the Fraud window protection suite and microsoft windows redirected host but it could not remove them.

I am now at a loss as what to do. I'm not very experience with computers and most of teh posting around the subject just manage to confuse me further.

Please help.

Sesh

A:Fraud window protection suite and Microsoft windows redirected host

Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Read other 1 answers
RELEVANCY SCORE 68.4

Hi, so recently my C-gate hard drive went down the drain (go figure) and I had to get Windows Vista back because I had no disc of it. So, I decided to take it to the local computer guy. He said he would install it for free even though a monkey could do that. So I said sure and I would pick it up tomarrow because he was about to close. When I did pick it up I received no copy of Vista even though that is what I paid for. No matter how much I argued with him he would avoid it and did not give the physical copy. I was pretty ticked off.

Now, I'm this copy of Windows Vista is not genuine and can't even get to my desktop. How should I go about dealing with this guy..?

A:Windows Vista Invalid key - fraud?

Report him to MS> http://www.microsoft.com/piracy/reporting/default.aspx

Do you have the windows sticker on the PC with the original Windows Key on it?

Read other 19 answers
RELEVANCY SCORE 66

Hay guys. Was just using my laptop in the morning and i was working on some work. Suddenly all of my desktop icons disspeared. Then i had a windowsRestorer program come up which told me i had hard drive problems yata yata yata. Its preventing from installing some programs and it wont allow me to use just about any program on my computer that is if i can find them. All my dekstop icons are gone besides my recycle bin. Some kind of rogue im guessing. Spybot found ... fraud defence center and fraud windows restorer. It also found a taskmanager disabler. some other stuff as well. I think Active desktop was one. I need some help getting rid of this stupid malware or virus.

Read other answers
RELEVANCY SCORE 61.2

The above 2 updates keep coming to my Windows Update but when I install the (2) KB's it says download not installed "Try again" and in History "Install Fail". Please help me, sooo frustrated at this point, usually don't have
issues

Ruth M. Stauffer

Read other answers
RELEVANCY SCORE 58

Hi guys,

I've got such a problem, I wanted to run HP update on my laptop, and I got a message that I have to instal Microsoft .NET framework, I am trying to do it, but ges what, I get another message, saying that Microsoft Windows installer 3.0 is not installed...

A:Microsoft Windows installer 3.0 needed

Have you got SP2 installed because Windows Installer 3.0 should be part of that?

Read other 4 answers
RELEVANCY SCORE 57.2

Dear sirs,
I have a Microsoft Sidewinder Precision Pro Joystick, and I am attempting to install it through the adapter of my laptop Toshiba, and along with that I intended to plug the USB chord into the VMWare application where I have Windows Vista where I play old
games on it, I desire to use the Joystick for ease of playing some old CD-ROM games that I have installed on Windows Vista under VMWare for ease, however, I have had the trouble of trying to get the software to recognize the Joystick. It should have recognized
the device that I was installing, but it did not, niether does Windows 8 (the current software that I am using) recognize the joystick when I plug it in through USB. Can you give me the steps on how to successfully get both Windows Vista, and Windows 8 to
recognize the Microsoft Sidewinder Joystick in order to trouble shoot this problem, I would appreciate it very well.
The Part no. X03-57540 , and the Product ID: 85791-579-7678597-00000
Thanks for looking into this.
cordially,
Robert Gutierrez

Read other answers
RELEVANCY SCORE 56.8

MICROSOFT HAS CONFIRMED that being a Windows 10 Insider does not guarantee a free copy of the operating system.
 
The company is using the Windows Insider programme as its biggest ever beta test for what is being billed as the final or definitive version of Windows, or Windows-as-a-service.
 
But Microsoft has made it clear that its generosity stretches only so far, and that being a beta tester is an honour in itself.
 
Windows 10 will be offered as a free upgrade to Windows 7 and Windows 8.1 users when it launches later this year.
 
Windows 8 has reached end of life, and customers will need to take the free upgrade to Windows 8.1 first, which is still subject to holdouts totalling 5.88 percent of the OS market, according to this month's Netmarketshare figures.
 

 
Article

A:Microsoft: Insiders using Windows XP or Vista won't get free Windows 10 upgrade

It has been announced months ago, and it took another declaration to confirm it? Some people really lives on their own little cloud don't they?

Read other 50 answers
RELEVANCY SCORE 56.8

Im unsure as to whether or not its safe to uninstall old update/security/hotfix updates for windows(theres hundreds of them)...
Thought it really best to ask now,rather than posting-system error later.
Can anyone help me out here please?

Read other answers
RELEVANCY SCORE 55.2

If anyone could help that would be much appreciated. The network seems to be infected, by this Fraud.Antivirus2008. I have ran Kaspersky and come back with the following....
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, May 28, 2008 4:34:45 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 28/05/2008
Kaspersky Anti-Virus database records: 808891
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
G:\
H:\
I:\
J:\
M:\
N:\

Scan Statistics:
Total number of scanned objects: 80134
Number of viruses found: 5
Number of infected objects: 9
Number of suspicious objects: 0
Duration of the scan process: 01:17:11

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\$$ Roberta $$\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\$$ Roberta $$\NtUser.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator.RT66HOTEL\Application Data\Symantec\NPMDataStore\CIMStore.xml Object is locked skipped
C:\Documents and Settings\Administrator.RT66HOTEL\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrator.RT66HOTEL\Local Settings\Application Data\Microsoft\W... Read more

Read other answers
RELEVANCY SCORE 55.2

Windows Vista was the last Microsoft OS designed with power-users in mind, and I think that it is the best OS Microsoft has made to-date. And I think that looking at the system's design free of its release challenges shows that off clearly.

The criticisms of Vista at its launch were poor performance for budget hardware, and incompatibility. Windows 7 didn't perform any better when it released, but 2 years had passed, and people had already gotten over the shock that they needed to upgrade their 3+ year old machines thanks to Vista, and Windows 7 thus performed better relative to its release market than Vista did relative to its release market.

That said, latest-version Windows Vista (SP2) is reportedly better performing than latest-version Windows 7 (SP1), and Windows Vista also boots up faster than Windows 7. So, while Vista is better-performing than Windows 7, Windows 7's release environment enabled a better performance for the average machine that it was installed to.

And regarding compatibility issue on Vista's release, that's just the nature of a big kernel change between the systems of Windows XP -> Vista. Windows 7 was basically a reskinned Vista, with features removed, and some streamlined, so drivers for the Windows Vista / 7 system design were already prevalent at the time of Windows 7's release:

Under the Hood, Windows 7 Is Vista's Twin | TechHive

Here's a list of some of the things that Windows Vista does better than Windows 7:

-- Personalization - for... Read more

A:Is Windows Vista the best Windows Microsoft has ever made?

I had Vista on one desktop and W7 on the other. The only thing I missed in Vista was the Superbar. It is handy to pin stuff to the taskbar with jumplists etc.. Aero Snap I disabled. If I could have somehow added the W7 Taskbar to Vista I would feel no need to upgrade.

Read other 1 answers
RELEVANCY SCORE 55.2

Everytime I log on it says there is a problem with my windows defender. When i open it it says it is turned off. So I click on turn on now but a pop up says 'The Security Service Center can't be started'. How do I sort out this problem. Thanks.

By the way my anti-virus and firewall is now Windows live one call. Just soo I know this would proberly be the best one to use because it is made by microsft, same as my pc, am I right??
 

A:Windows defender on Microsoft Windows Vista help??

james.taylor said:


Everytime I log on it says there is a problem with my windows defender. When i open it it says it is turned off. So I click on turn on now but a pop up says 'The Security Service Center can't be started'. How do I sort out this problem. Thanks.

By the way my anti-virus and firewall is now Windows live one call. Just soo I know this would proberly be the best one to use because it is made by microsft, same as my pc, am I right??Click to expand...

Sounds to me like you have a corrupted Vista install. Have you tried doing a repair on Vista? I'm not currently using Vista, but did for about 3 weeks and went back to XP, but if you go to Start, Programs, Add/Remove and pick Vista (I'm saying this from memory, so the path to 'Add/Remove' might be slightly different, but I assume you can find it), it should give you a 'Repair' option, which will, BTW, require that you have a Vista install disk or a recovery disk if a full Vista disk didn't come with your computer.
 

Read other 2 answers
RELEVANCY SCORE 54.8

My mother has the smith virus or whatever it is called. We ran the smithfraud fix and it did not work.we also did another removal tool that said it would fix it and it did not either. it is not showing up in add remove program list.
We ran Hijjack this, here is the log.
Please note we know very little of how things work, so be very simple and clear if you have any ideas.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:27:55, on 8/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bell\Security Manager\Fws.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe
C:\Program Files\Bell\Security Manager\Rps.exe
C:\WINDOWS\system32\... Read more

A:Urgent help needed- Hijack this/smith fraud virus

Welcome to TSG

Download Combofix from this webpage: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.
Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall
 

Read other 3 answers
RELEVANCY SCORE 54.8

Hey guys :)

i was just wondering when i built my new computer for like 2 days ago, i tried installing vista ultimate 64bit on it, and everything went smooth until the graphics cards drivers, i know.. i know that many of u will Sigh at this but, still..atis drivers aint cool, now when i booted up my system it gave me the popualr bsod with atikmdag.sys, now i just wonder that what is the situation nowadays with the problem. ?

been thorugh many options about the Aero, msconfig boot , and stuff, the only thing that worked for me was to go with only one ram stick .. so, i hope u can keep me up to date with the problem, would be appreciated !

i now run my computer with windows xp 64bit and im not sure of its performance in games and so on ..


My system:

AMD Athlon 7750 X2 Stock Clocks
Ati Radeon 3870HD OC edition
4gb RAM 2x2gb DDR2 800MHz CL5
550w PSU
Asrock AlivexFire-eSata2 MB

Havent tried the aero thing nor the msconfig and update to W7, tried the Patch for Vista and so on but still BSOD:s me .

Thanks guys, hope u can update me :)

A:Windows Vista 64 Help needed !

Did you install the drivers from the CD that came with the card, or from the ATI website? I'd use the one's from the ATI website first, and if they didn't work, then I'd try the one's from the manufacturer of the video card, then I'd try the one's from the CD. Uninstall the old drivers from the system before installing the next one's.

Read other 4 answers
RELEVANCY SCORE 54

I have a Vista Business 32bit OS and am hving trouble solving the famous 'no-sound' mystery.
I tried the simplest way of solving it:

1. Downloaded the Realtek AC'97 driver (as guided by some other forum: No sound with Windows Vista)

2. Tried installing by running up 'setup.exe'.

3. All was well till Vista came up with this message:
'Windows can't verify the publisher of this driver software' and had two options:-
-> Don't install this driver software
-> install this driver anyway

I tried using the 2nd option - nothing happened and the same message popped up.
The 1st option obviously quit the installation process.

What do I do? Can anyone please help me on this?? It is frustrating to have a computer without sound and nothing to be done about it..

Thanks!

A:No sound in Windows Vista HELP NEEDED!!!

right click on the program and run as administrator see if that works

Read other 9 answers
RELEVANCY SCORE 54

Helo.... i had Vista on a 500gb drive and i bought a 1tb+ widows 7 +extra ram. But i forgot to buy a splitter to power the new drive I really wanted to install windows7 the day i bought it so i removed the drive with vista and installed windows7 on the new 1tb. The pc now boots at warp speed and sees all the ram
I now have the splitter so i can put the drive with vista back in but i dont know what to expect when i first boot and how to delete vista. Will the pc boot windows 7 even tho the slave has vista installed? or can i just put the drive with vista in then try deleting vista? if you can delete vista easily?? I have various applications on the vista drive which i would like to keep without having to reinstall them but its not the end of the world if i have to.Also would i benefit from partitioning the 1tb that has windows7 and can that be done with win7 already installed?
Any advice you can give me would be really appreciated

A:Windows 7 + Vista Advice needed please

You can install the old drive. Since you are currently booting from the new drive the machine will still boot from that drive as long as you don't change the boot order in the BIOS.

The best way to remove Vista from that drive would be to format it. It's not practical to recover the installed applications, especially since they've been installed to work with Vista. If you have any data (pics, vids, docs, etc...) you should copy it to the new drive before formatting the old. You will want to reinstall your apps in Win 7.

Another possibility is to use both drives to boot either Win 7 or Vista by changing the boot order in the BIOS.

Read other 9 answers
RELEVANCY SCORE 54

Hello, I'm having a problem with my computer. I have Windows Vista. I start It up and it starts up until the Microsoft Corporation green bar then I get a black screen without any cursor. I have tried all the safe modes ?but all come up to this one file and stays there. I have tried Repair Your Computer, I used System Restore but it tells me that I have corrupt files on C: that need to be fixed I try to fix them but the window goes gray and nothing happens. I try to use System Repair I left it on for four hours and nothing happened. I only have the vista reinstallation disk which does not seem to work. I believe I have a problem with my OS which I think Its due to my pressing and holding the power button repeatedly due to the fact that my WLM (Windows Live Messenger) was freezing my computer and all other programs on it which led me to immediately switch off the computer. After I did this for the 20th supposedly I couldn't get back on to my Vista. Before this I kept getting a message on startup which I repeatedly ignored: Windows will check for corruption on file C: I always skipped this. I also haven't backed up my files so I can't do anything that will erase my data.?
I need help please with a guide on how to fix this problem. I am also on my iPod Touch which is the only thing giving me access to the Internet and strange enough I somehow got my iPod to charge through my computer.?

A:Windows Vista assistance needed.

Hello and welcome to Bleepingcomputer.

If you can get to a command prompt, you try typing SFC /SCANNOW this should check your Windows folder for corrupted files.

If you can not get to the command prompt, please let me know.

Bruce.

Read other 2 answers
RELEVANCY SCORE 54

Hello, I'm having a problem with my computer. I have Windows Vista. I start It up and it starts up until the Microsoft Corporation green bar then I get a black screen without any cursor. I have tried all the safe modes *but all come up to this one file and stays there. I have tried Repair Your Computer, I used System Restore but it tells me that I have corrupt files on C: that need to be fixed I try to fix them but the window goes gray and nothing happens. I try to use System Repair I left it on for four hours and nothing happened. I only have the vista reinstallation disk which does not seem to work. I believe I have a problem with my OS which I think Its due to my pressing and holding the power button repeatedly due to the fact that my WLM (Windows Live Messenger) was freezing my computer and all other programs on it which led me to immediately switch off the computer. After I did this for the 20th supposedly I couldn't get back on to my Vista. Before this I kept getting a message on startup which I repeatedly ignored: Windows will check for corruption on file C: I always skipped this. I also haven't backed up my files so I can't do anything that will erase my data.*
I need help please with a guide on how to fix this problem. I am also on my iPod Touch which is the only thing giving me access to the Internet and strange enough I somehow got my iPod to charge through my computer.*

A:Windows Vista assistance needed.

Hi -

It sounds like the HDD may be bad.

Run HDD diagnostics --> http://www.tacktech.com/display.cfm?ttid=287

Regards. . .

jcgriff2

`

Read other 1 answers
RELEVANCY SCORE 53.6

Can someone HELP I have(Fraud Windows Restore)on my pc,as a result I can't get to some of my files it comes up saying folders empty but when I run reg or antivirus scan it reads these files. Ive tried all I know but with no luck have I lost these for good or can they be found.
Bob

A:Fraud Windows Restore

Hello,Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

Read other 1 answers
RELEVANCY SCORE 53.6

Microsoft is investigating possible fraud on its Xbox Live online gaming service...The investigation comes after gamers reported having their Xbox Live accounts hijacked and their credit cards used to buy "Microsoft Points," the virtual currency on Xbox Live...While some users believe the security of Xbox Live was breached, others suggest that users were tricked into giving up enough information while in a game so fraudsters could call Microsoft to change the account information....news.com

A:Microsoft Probes Possible Xbox Live Fraud

Microsoft owns up to Xbox Live pretextingMonths after Xbox Live users began complaining of hacked accounts, Microsoft yesterday admitted that the service's support staff is at fault...

Read other 2 answers