Computer Support Forum

MalWare preventing Automatic Updates?

Question: MalWare preventing Automatic Updates?

Info in this thread:
http://forums.techguy.org/windows-nt-2000-xp/736643-automatic-updates-rundll32-error.html

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:55:39 PM, on 8/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\John Yasment\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} (Disney Online Games ActiveX Control) - http://disney.go.com/pirates/online/testActiveX/built/signed/DisneyOnlineGames.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712....akamai.com/6712/player/install/installer.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
O20 - AppInit_DLLs: gzevzc.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 5539 bytes
I have tried a number of things. Spybot, AntiVir, AdAware, Housecall (all in safe mode).

Relevance 100%
Preferred Solution: MalWare preventing Automatic Updates?

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: MalWare preventing Automatic Updates?

Er hm, was I suppose to post the HJT log while in non-safe mode?

1 more replies
Relevance 78.31%

Hi,
Since an automatic update on my computer, my computer will not access the internet. I have tried to resart the computer to a previous point pre-updates but now it will longer do this either. So i am a stuck. Can you help?

Thanks

Answer:Automatic updates now preventing access to internet

Quote:





Originally Posted by duncan hill


Hi,
Since an automatic update on my computer, my computer will not access the internet. I have tried to resart the computer to a previous point pre-updates but now it will longer do this either. So i am a stuck. Can you help?

Thanks




I have a similar problem. Bun not from automatic updates. I updated Adobe reader(it says "Install security update). Since then It appeared in system Tray an yellow triangle with an exclamtion mark on it. If I click on it, it disappears, but my network connection has stopped working. It connects normaly, but the computer works like it would not be connected to the Internet. I unistaled the update, but the problem reappeard after 2-3 days. Now it looks that it is all OK, but I do not know what am I suposed to do.

7 more replies
Relevance 71.34%

Hello.

I posted in the Vista section about trouble I am having with updates installing. One person replied that "[b]ecause of the large number of problems in category items that [I] posted, and the corrupted SFC store," before I do anything else, I should post in this forum to make sure my system isn't infected.

To briefly summarize what I posted over there, I can't get some updates to install, and I have some corrupted files (or corrupted something . . . I honestly don't know enough to know what the problem is).

Here is what I got when I ran the dds:


DDS (Ver_09-03-16.01) - NTFSx86
Run by admin at 16:00:03.31 on Thu 04/16/2009
Internet Explorer: 7.0.6000.16830 BrowserJavaVersion: 1.6.0_07
Microsoft? Windows Vista? Home Premium 6.0.6000.0.1252.1.1033.18.2037.1118 [GMT -5:00]

AV: ZoneAlarm Security Suite Antivirus *On-access scanning enabled* (Outdated)
FW: ZoneAlarm Security Suite Firewall *enabled*

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkS... Read more

Answer:Possible malware infection preventing updates

Hello ti2,

I'm not seeing any malware in these logs. You can run an online scan and see if it detects anything lurking about. It can take some time, so please be patient and allow it to run it's full course:

**Vista users - right click on the IE icon and run as administrator

Using Internet Explorer or Firefox, visit http://www.kaspersky.com/kos/eng/par...avwebscan.html

1. Click Accept, when prompted to download and install the program files and database of malware definitions.


2. To optimize scanning time and produce a more sensible report for review:Close any open programs
Turn off the real time scanner of any existing antivirus program while performing the online scan

3. Click Run at the Security prompt. The program will then begin downloading and installing and will also update the database. Please be patient as this can take several minutes.Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
Click View scan report at the bottom.



Click the Save as Text button to save the file to your desktop so that you may post it in your next reply

2 more replies
Relevance 71.34%

Hello guys, I hope I've posted this in the correct place. I'm only averagely tech minded so I'll try my best

I'm running Windows XP (sp3) and mostly use Chrome browser with IE occasionally.

My Avira Free has refused to net update for over 24hrs, and when I look at Internet Options I see the 'use proxy server' button is checked although I've previously un-checked it. I've managed to download manually from Avira and am currently running a scan with it & Malwarebytes.

I have some log files but I take notice of the warning against posting hijack this logs in this forum.

There are several processes & files that look decidedly fishy to me but am not sure of where/how to proceed. "ProxyServer = http=127.0.0.1:49717" for example!

I also use Malwarebytes free version & update & scan regularly with this & Avira free AV.

I usually scan any potentially fishy files with AV & MWB before downloading but something's gotten through (could be another user when I've not been here is responsible) or can hardware like a cheap chinese USB hub be responsible?

Answer:malware &/or virus (I think) is preventing AV updates

Welcome joolzLet's run these as I feel you have a rootkit.Many malwares like to change the proxy setting on you.Please click Start > Run, type inetcpl.cpl in the runbox and press enter.Click the Connections tab and click the LAN settings option.Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.Now check if the internet is working again.Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.... Read more

10 more replies
Relevance 70.52%

Hi Guys,

I could use some help getting rid of some malware that has been vexxing me for quite a while now. Looking back at my windows update history, I have been unable to install Vista Security Update KB979683 since 16 Apr 10 with it attempting to install everyday since then and always getting the same error 'FFFFFFFF'

I was unable to get a RootRepeal log as the program would use up all my RAM (2GB) and then just exit itself after about 20 mins.

My logs are attached. Thank You!
 

Answer:Malware preventing Vista security updates

Welcome to Major Geeks!

You ran steps in safe boot mode not normal boot mode. You should be running in normal boot mode to get proper logs unless that is not possible.

Also you skipped running step 6 of the READ & RUN ME so we cannot tell whether you have a Master Boot Record rootkit infection or it is just the disk emulation software you did not disable. To properly continue, you will have to run this step and then rerun MGtools and attach a new log; however, based on the sum of all logs, I don't think you are having malware problems.

While problems with Windows Updates can sometimes becaused by malware, it is quite frequently not malware. It could just issues with Windows itself or it could be your own protection sofware. You could try shutting down Symantec and Windows Defender and see if you can update.
 

3 more replies
Relevance 68.88%

Hi, my computer somehow picked up some nasty little programs that caused a lot of problems. This is my first time posting on a tech help forum so I hope I followed the rules correctly. If I've done anything wrong or you need some information I didn't supply, please let me know and I'll try to correct it ASAP.

Thanks in advance for your help :]
Okay, here's an outline of my problem:

Initially the desktop of my computer was changed into a screen that read "Warning! Spyware has been detected on your computer!" in Blue and Yellow text.

I downloaded and ran a few different antispyware programs:
SUPERAntiSpyware Free Edition
Dr. Web Cure It!
and Malwarebyte's Anti-Malware

Each of these programs detected some things and I had them remove them.

The desktop issue is no longer present now, however two issues that I know of remain.

I use Mozilla Firefox 3 and it works normal, same homepage and everything, except when I do a search in google, I can not follow the links. If I click on a link it'll divert me to some other things.
At first the links (under properties) all lead to some weird website that started with an "a" sorry I don't remember what it was...

Now all the links are to a go.google.com/? followed by a ridiculously long string of characters.

Some of the redirects try to get me to download some pseudo antivirus program antivirus 2009? I think it was called.

Other issues I have is I can't access any help sit... Read more

More replies
Relevance 68.88%

This topic is tied to the following post: http://www.bleepingcomputer.com/forums/t/304226/unable-to-update-mbam-spybots-d-or-avg/I have malware on my machine that prevents me from updating any of my security apps (MBAM, SpybotS&D, AVG). If I do scans with them in both regular and safe mode I receive no results.Steps i've already taken with the help of a moderator includes: - running fixexe.reg - running TFC - running rkill - running SuperAntiSpyware - re-running MBAM (to no avail)Now I have run Defogger, DDS, and GMER and will post the results per the guidelines and attach the appropriate files:DDS.txtDDS (Ver_10-03-17.01) - NTFSx86 Run by Duong at 20:43:34.07 on Mon 03/22/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_05Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1270 [GMT -8:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) coloro:#E567177FW: ZoneAlarm Firewall *enabled* coloro:#E567176FW: NVIDIA Firewall *disabled* coloro:#E567175============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exesvchost.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\AVG\AVG9\avgwdsvc.exeC:\WINDOWS\system32\CTsvcCDA.exeC:\Program Files\Juniper Networks\Common Files\dsNcService.exeC:\Program Files\NVIDIA Corporation\... Read more

Answer:Malware preventing security apps updates (i.e. MBAM, Spybot, AVG)

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

27 more replies
Relevance 64.37%

Hello, I'm a newbie to the site and have been doing some reading and trying to orient myself. I'll start with the basics. I most likely have the Trojan Vundo and or malware, and am having a bear of a time removing. - I've installed the following: Eusing registry cleaner Ad-Aware Spybot S & D - but I am unable to install, notice comes up and says "not able to connect" McAfee Stinger HijackThis Main problems are: Not able to enable Automatic Updates in Windows XP, not matter what avenue I use, i.e. control panel and manually change settings or services.msc and try to enable from there. Also, access to most websites is either SLOW or nonexistant - especially if it has anything to do with security. I'm doing most everything in SAFE MODE WITH NETWORKING, and have no problems, but I've noticed that after I do several scans with the various progams, my online capabilities become slow and limited. My regular McAfee will find several trojans and quarentine all but one, a BrowserHelper that I can't find. On a side note, while in services.msc, I noticed several other applications that were disabled. Thinking that if I changed these it would effect the Automatic updates, to no avail. Can changing these settings effect whether or not I can install Spybot S & D? Items changed were NetDDE etc... Read more

Answer:Trojan Vundo, Malware, And No Automatic Updates - Help!

Hello Strohs14 and welcome to BleepingComputer,1. * Clean your Cache and Cookies in IE:Close all instances of Outlook Express and Internet Explorer Go to Control Panel > Internet Options > General tabUnder Browsing History, click Delete. Click Delete Files, Delete cookies and Delete historyClick Close below.* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):Go to Tools > Options.Click Privacy in the menu..Click the Clear now button below.. A new window will popup what to clear.Select all and click the Clear button again.Click OK to close the Options window* Clean other Temporary files + Recycle bin Go to start > run and type: cleanmgr and click ok. Let it scan your system for files to remove. Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.Press OK to remove them.2. Please download Malwarebytes' Anti-Malware from Here or HereDoubleclick mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is complete... Read more

3 more replies
Relevance 64.37%

Problems:1) automatic updates unable to turn on (can't even manually start using services list)2) On Avant Browser, new windows with content related to open tabs pop up randomly3) Can't use gmail or google on Firefox (this may be application problem)4) Frequent pop-ups in Internet 7 browserPrograms:Used to have Ahnlab V3 Security Center (along with Adaware, Spybot, and Spydoctor (disabled) ), but switched to AVG upon review of this thread with similar problem (located here: http://www.bleepingcomputer.com/forums/t/36589/automatic-update-not-working/ ). Enabled Spydoctor and added C-Cleaner and did several online scans with programs on said thread. Computer started getting slow after installing V3Malware may have found it's way in after installation of the game Peggle. (See AVG log)I did an AVG scan and spybot scan in Safemode, log is as follows:AVG 8.0 Anti-Virus command line scannerCopyright ? 1992 - 2008 AVG TechnologiesProgram version 8.0.134, engine 8.0.0Virus Database: Version 270.4.7/1546 2008-07-11HKLM\SOFTWARE\Classes\MayaAsciiFile Found Adware.CommonName C:\Documents and Settings\Bienna Song\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Locked file. Not tested. C:\Documents and Settings\Bienna Song\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Locked file. Not tested. C:\Documents and Settings\Bienna Song\NTUSER.DAT Locked file. Not tested. C:\Documents and Settings\Bienna Song\ntuser.dat.LOG Locked file. Not tested. C:\Document... Read more

Answer:Automatic Updates Not Working/malware Removal

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on Download_mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.... Read more

14 more replies
Relevance 63.14%

Hi There

I was on a website yesterday and it wanted to install an Active X control and I stupidly allowed it. I turned off Windows Automatic Updates and I started getting popups. It wont allow me to turn this back on. I have run Ad-Aware and Spybot but it still isn't allowing me to get anywhere.

Any Suggestions? Thanks
 

Answer:Solved: Malware/Spyware Stopping Windows Automatic Updates

I ran the two mentioned programs after posting here but problems still occuring. Spybot says with one of them that I should restart the computer and disconnect from the internet and allow it to run again.
 

3 more replies
Relevance 62.73%

Hi,I'm new to BC and i'm here because i desperately need help. Have been trolling around Google and other forums but to no avail. Hopefully i might receive some help that might fix the problems that i'm encountering. Thanks to all in advance.I believe i have been infected some sort of virus. The first thing that i encountered was that my Windows Automatic Updates was turned off. The red symbol with an 'X' appeared in the taskbar and when i tried to go to Security Centre to turn it back on, it just doesn't register. It remains off. I ran services.msc to switch on BITS and AU (according to the Microsoft site). While i managed to turn on BITS, AU could not be started (Error 1058: The service cannot be started, Either because it is disabled or because it has no enabled devices associated with it.).And throughout all this while, a separate web browser tab keeps opening up randomly prompting me to install 'Antivirus 2009' and warning me about detecting malicious malware and trojans on my computer. I closed all the associated windows and did not install any of the software that they prompted me to. I proceeded to use Spybot Search & Destroy to attempt to remove the virus. It did detect some viruses (a total of 26 problems on the first run and 9 on the second). I remembered that one of the viruses was Virtumonde or something along those lines and another Smith-something (sorry i did not take down the results). BitDefender Antivirus did not detect any viruses on its full system sc... Read more

Answer:Antivirus 2009 Popup/Automatic Updates can't be enabled/Other malware infection

Please download Malwarebytes' Anti-Malware from HERE or HERENote: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Full Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.NEXTPlease download RSIT by random/random and save it to your Desktop.Double click on RSIT.exe to run RSITBefore you click "Continue", make sure you change the List files/folders created or modified in the last 3 monthsClick Continue at the disclaimer screen.Once it has finished, two lo... Read more

15 more replies
Relevance 62.73%

Think I've been infected with the AntiVirus 360 Malware, I have various pop ups (AntiVirus 360, reg cleaners etc) when trying to browse, also in conjuntion with this my Windows Automatic updates have been disabled and I cant switch them back on ???HiJackThis Log :Logfile of Trend Micro HijackThis v2.0.2Scan saved at 20:17:54, on 11/02/2009Platform: Windows XP SP3, v.5657 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5730.0013)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Citrix\GoToMyPC\g2svc.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Citrix\GoToMyPC\g2comm.exeC:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\Program Files\Common Files... Read more

Answer:Infected with Malware Which Has Hijacked Browser & Disabled Automatic Updates (AntiVirus 360?)

<<blank>>

14 more replies
Relevance 58.22%

Hi

I have Windows 7 SP1 and
have the icon "Get Windows"
in the system tray of all users.

Which method should I use to eliminate
this icon in each account and
to prevent the automatic upgrade to Windows 10
when it will be available?

Thanks

Bye

Balubeto

Answer:Preventing the automatic upgrade to Windows 10

Hi Balubeto,

Thank you for your question.

I agree with Zigzag.

If the icon still display, we could refer to the following step to hidden it:

1. Run regedit in RUN 
2. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Gwx
3. Then create a new 32-bit DWORD value on the right-hand side named DisableGwx, and give it a value of 1

Notice: we must backup register before we modify it, we could refer to the following steps to backup register
https://support.microsoft.com/en-us/kb/322756 

If there are any questions regarding this issue, please be free to let me know.

Best Regard,

Jim

6 more replies
Relevance 58.22%

Hi,

I had a (known) problem affecting the use of Enterprise Wifi networks. Long story short, the solution is to downgrade drivers to a lower OS level. I manually installed Vista drivers for my WiFi, problem solved.

Enter Win8 x64 automatic driver updates. After reboot or after some time, my Vista driver is automagicallly replaced with the default driver for my card (Atheros AR 9285), and my connection can no longer be authenticated and is dropped.

I tried disabling automatic driver search through windows update, but the newer driver is already bundled on my system. Thus the new driver is still installed. I can't easily delete the driver, as the filenames in c:\windows\system32\drivers are the same for both versions and they overwrite each other; I don't know where the newer copy is stored as well, a copy of it must live in some additional path as well, as does some inf file that comes with Win8.

Does anyone know of a way to lock a particular driver version in place? I don't mind automatic driver updates in general, but I'd like Win8 not to touch my WiFi drivers, at least not until the root cause in the latest drivers has been fixed.

Thanks,

Martijn

Answer:Preventing automatic driver update

Hello Martijn, and welcome to Eight Forums.

You might see if doing this may help:

Turn off automatic driver updates in "Devices and Printers"Completely uninstall the WiFi drivers in Device Manager (step 9 in OPTION TWO)Reinstall the Vista driver
Hope this helps,
Shawn

2 more replies
Relevance 57.81%

I'm using Publisher 2003. Need to stop the program automatically changing hyphens to dashes. Did it once before but had to reinstall program so it has started happening againTIAKeith

Answer:Preventing automatic change characters Office

This may help you - click here

1 more replies
Relevance 57.4%

Hi, all:

1) Does setting Windows Updates to "notify for download and notify for install" via GP edit also disable Device Driver automatic installation?
2) Or does disabling automatic device driver installation need to be configured separately?
3) If the latter (separate setting), is it advisable to do so, despite the ominous warning from M$ that "your device may not work as expected"?

I followed Brink's characteristically excellent tutorial for GP edit here: Windows Update Automatic Updates - Enable or Disable in Windows 10 to "notify for download and notify for install" (Thanks for that!).

So my questions center on whether doing so will also prevent automatic device driver installation, or whether I need to and/or should configure that setting separately?

M$'s ominous warning seems to be strongly discouraging users from disabling automatic device driver updates and "realistic icons"().
For my OEM XP, Vista and 7 systems, I have always gotten drivers -- WHEN NEEDED -- from the OEM, not via Windows Update, as the OEMs historically have done a better job than M$ in offering the needed drivers for their computers.

Is that still true under Win10?
Assuming that disabling automatic Windows Updates does NOT also disable automatic device driver updates, should I disable automatic device driver installation on this OEM Win10 box?

TIA,

MM

Answer:Does disabling automatic Win Updates include automatic Device Driver?

Hello MM,

That will stop drivers from automatically being installed in Windows Update, but won't stop drivers from being available in Windows Update.

If you don't want drivers to be available in Windows Update, then you can disable this using the tutorial below. If disabled, you'll have to manually update (download and install) your drivers from the manufacturer.

https://www.tenforums.com/tutorials/48277-driver-updates-windows-update-enable-disable-windows-10-a.html

The first tutorial below you posted will turn on/off automatic installation of drivers for devices. However, I would recommend to also disable automatic updates in the second tutorial below to be safe.

https://www.tenforums.com/tutorials/1...dows-10-a.html

https://www.tenforums.com/tutorials/8...dows-10-a.html

8 more replies
Relevance 57.4%

Hi, all:

1) Does setting Windows Updates to "notify for download and notify for install" via GP edit also disable Device Driver automatic installation?
2) Or does disabling automatic device driver installation need to be configured separately?
3) If the latter (separate setting), is it advisable to do so, despite the ominous warning from M$ that "your device may not work as expected"?

I followed Brink's characteristically excellent tutorial for GP edit here: Windows Update Automatic Updates - Enable or Disable in Windows 10 to "notify for download and notify for install" (Thanks for that!).

So my questions center on whether doing so will also prevent automatic device driver installation, or whether I need to and/or should configure that setting separately?

M$'s ominous warning seems to be strongly discouraging users from disabling automatic device driver updates and "realistic icons"().
For my OEM XP, Vista and 7 systems, I have always gotten drivers -- WHEN NEEDED -- from the OEM, not via Windows Update, as the OEMs historically have done a better job than M$ in offering the needed drivers for their computers.

Is that still true under Win10?
Assuming that disabling automatic Windows Updates does NOT also disable automatic device driver updates, should I disable automatic device driver installation on this OEM Win10 box?

TIA,

MM

Answer:Does disabling automatic Win Updates include automatic Device Driver?

Hello MM,

That will stop drivers from automatically being installed in Windows Update, but won't stop drivers from being available in Windows Update.

If you don't want drivers to be available in Windows Update, then you can disable this using the tutorial below. If disabled, you'll have to manually update (download and install) your drivers from the manufacturer.

Driver Updates in Windows Update - Enable or Disable in Windows 10driver-updates-windows-update-enable-disable-windows-10-a.html

The first tutorial below you posted will turn on/off automatic installation of drivers for devices. However, I would recommend to also disable automatic updates in the second tutorial below to be safe.

Device Driver Automatic Installation - Turn On or Off in Windows 10

Windows Update Automatic Updates - Enable or Disable in Windows 10

1 more replies
Relevance 56.99%

I have two external harddrives which I'm using for archiving purposes, because of that they are turned off most of the time. I have some shortcuts on the desktop to some directories on these external harddisks.

Windows occasionally removes these desktop shortcuts. It happens when the harddisks are turned off. I think it thinks that the shortcuts are broken and no longer needed, and tries to clean the desktop up.

How do I prevent this behavior?

(OS Version: Windows 7 Ultimate x64 SP1)

Answer:Preventing automatic removal of broken desktop shortcuts

Hello hkBattousai,

This sounds like the work of the System Maintenance Troubleshooter. If you like, you can turn it off using the tutorial below to stop this.

System Maintenance Troubleshooter - Turn On or Off

Hope this helps,
Shawn

3 more replies
Relevance 56.99%

9 times out of 10 my laptop will not shut down automatically and I have to do a 'Forced Shutdown'.  Sometimes a message will flash up 'Task Host Manager preventing shutdown'. How can I resolve this issue?

More replies
Relevance 55.76%

How do I prevent Automatic restarts after important updates? I want my computer to be updated when theres an important update. I want to be told my computer was updated and needs to be restarted.

I was in the middle of something important tonight before I passed out on the couch. I woke up and my computer restarted without saving

Answer:Automatic Updates & Stopping Automatic Restarts

Just go into the Windows update control panel and turn off Automatic updates then set it so you control when the updates are installed which gives you the reboot option instead of doing it for you.

4 more replies
Relevance 55.76%

Greetings,

I have Windows 10 Home Edition, like millions of others. Like millions of others, I prefer to hibernate my computer rather than shut it down outright most nights. And like millions of others, I am getting awakened IN THE MIDDLE OF THE NIGHT because Windows 10 is trying to notify me about updates! Repeatedly.

When I want information about updates, I'll ask. I've turned off the Update Service on the Services tab of the Task Manager. After some hours or some days, it turns itself back on. A cat-and-mouse game with Microsoft. I have stopped the automatic updates themselves but I can't stop the stop the aggressive notifications. Should I be happy? At least the computer is no longer shutting down without warning IN THE MIDDLE OF A PROJECT THAT I'M WORKING ON to update. But it stills turns on at various hours of the night, cooking with its lid closed, to provide me unbidden notifications of updates. THIS IS MAKING ME CRAZY!

I need to stop this NOW, otherwise Microsoft can shove Windows 10 where the sun don't shine. I own this computer, not Microsoft. Can it be done? Or do I go back to Linux?

Thanks for any help anyone can offer.

Answer:Must Stop Both Automatic Updates and Automatic Notifications!

Try those commands, run it as admin in CMD and restart. Not sure, if they are working on Home anymore:

reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "AUOptions" /t REG_DWORD /d 2 /f
reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d 0 /f

4 more replies
Relevance 54.53%

Dell m1330 Vista home premium. I have malware isses, frequent memory dumps, google redirection and something is preventing me from running or installing anti-malware programs. I had to install malwarebytes using the rename method, but the program will not run in safe mode or normal. I had spybot previously installed but I was also prevented from opening, so I tried reinstalling, but before it can complete the installation I get the blue screen of death memory dump! Before reading the procedure I ran coolweb, kill2me, windows defender and windows malicious software tool. None of the programs found anything. I also perfomed a couple system restores, but both failed.

Should I continue with the cleaning procedure (combofix), or does anyone know how I can get malwarebytes and spybot to run?
 

Answer:Trying to follow malware removal procedure, but malware is preventing me?

Here's my MGtools log, it was the only program that worked.
 

4 more replies
Relevance 54.53%

Hi. I am trying to diagnose a problematic laptop for a friend. I don't know the details of what happened to cause the problems. The main problem I can detect is that the laptop is EXTREMELY slow. It seems like anything I try has a delayed response (even a simple mouse click). I followed the Malware Removal Guide, but was only able to run two of the five suggested tools as follows:

1) SUPERAntiSpyware - I ran this after manually updating the definition files on the version already installed and the scan found nothing.

2) Malwarebytes Anti-Malware - I was not able to update the definition files for the current version installed. After several attempts to uninstall this (via the Control Panel), I was able to do it via CCleaner. However, I was not able to re-install a more recent version due to problems with the Windows Installer service. After uninstalling an outdated version of Java (Update 14) via the Control Panel, I have not been able to install/uninstall any more programs.

2) combofix.exe - not compatible with 64-bit OS

3) RootRepeal - did not run on 64-bit OS

4) MGtools - did run; kept getting errors, but continued to completion

Attached are the SUPERAntiSpyware and MGTools logs:
 

Answer:Possible Malware preventing me from running malware removal tools

I am not seeing any malware in those logs. I do not know why MalwareBytes would not run, are you able to run it in safe mode? How does the PC behave when you use safe mode?

More than likely I think I will be sending you off to the software forum.

We can do this:

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:



O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - (no file)
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - (no file)
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsM... Read more

5 more replies
Relevance 54.12%

I found a unique way to do it on Windows 10 HOME and as far as I searched internet I didn't find any similar instructions:
http://www.smartestcomputing.us.com...e-automatic-updates-enable-updates-on-demand/
 

Answer:Windows 10 Home disable automatic updates, enable updates on demand

I got some updates last night and unfortunately my fix didn't work so I'll unpin this topic.
 

2 more replies
Relevance 54.12%

I found a unique way to do it on Windows 10 HOME and as far as I searched internet I didn't find any similar instructions:
http://www.smartestcomputing.us.com/topic/81980-windows-10-home-disable-automatic-updates-enable-updates-on-demand/

 

Answer:Windows 10 Home disable automatic updates, enable updates on demand

Those are good instructions. Clear and concise.

3 more replies
Relevance 54.12%

W=2000XP.IE6,, About 2 months ago, I { && many, many others } had problems with MS automatic updates.Seems a couple of the updates did more damage than anything else. I had to go into Safe Mode to restore my computer to an earlier date. All is running very well, now, with automatic updates turned off. I do get the pop-up at the bottom telling me this alert, but I ignore. ONLY thing is, I am NOT updating anything right now !! I am unsure of what I need & what I don't need, or what may damage my computer. I am fairly computer experienced & don't know the best way to custom install a few updates, here & there, as are best for my system. What is the BEST way for me to keep the system safe , as far as updates go ??
 

Answer:Solved: Microsoft updates= disconnected automatic updates & am leary, now !

7 more replies
Relevance 53.71%

I'm having startup issues with a Windows 10 Build:
Cumulative update for Windows 10 ver. 1511
KB3192444. (I hope I copied it correctly).

Before this update is installed the problem doesn't exist, after it's installed it does.
I posted this issue here but have not gotten any help.
Because windows 10 automatically installs updates I needed to go into Group Policy Editor-Computer Configuration-Windows Components-Windows Update and set it to
"Notify for download and notify for install"

But, when I go back into settings for windows update advanced settings, the choose how updates are installed has remained with the same 2 options.

How can I be sure that Windows 10 does not install this update????
Does changing this setting in GPE work ok?

Any help will be appreciated,
James

Answer:Preventing Auto Updates

Hi, to hide (stop) a particular update see:
Windows Updates - Hide or Show in Windows 10 - Windows 10 Forums

3 more replies
Relevance 53.71%

I'm having startup issues with a Windows 10 Build:
Cumulative update for Windows 10 ver. 1511
KB3192444. (I hope I copied it correctly).

Before this update is installed the problem doesn't exist, after it's installed it does.
I posted this issue here but have not gotten any help.
Because windows 10 automatically installs updates I needed to go into Group Policy Editor-Computer Configuration-Windows Components-Windows Update and set it to
"Notify for download and notify for install"

But, when I go back into settings for windows update advanced settings, the choose how updates are installed has remained with the same 2 options.

How can I be sure that Windows 10 does not install this update????
Does changing this setting in GPE work ok?

Any help will be appreciated,
James

Answer:Preventing Auto Updates

Hi, to hide (stop) a particular update see:
Windows Updates - Hide or Show in Windows 10 - Windows 10 Forums

1 more replies
Relevance 53.71%

I've somehow got some malware/ trojans/ viruses, whatever you may call them, and I'm unable to update my spyware/ anti-virus software. I currently have Spybot, Zonealarm pro, ad-aware pro and a recent download of the free avg anti virus...all of which are outdated. Can anybody please assist in the removal of these things causing the problems?

Thank you!
 

Answer:virus preventing updates

Welcome! to MajorGeeks.com!

Please follow the instructions in the READ & RUN ME FIRST link given further down and attach the requested logs when you finish these instructions.

If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First.
TDSSserv Non-Plug & Play Driver Disable

If something does not run, write down the info to explain to us later but keep on going.
Do not assume that because one step does not work that they all will not.
READ & RUN ME FIRST. Malware Removal Guide


Helpful Notes:


If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in Safe Mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware, Malwarebytes and Spybot ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
To avoid additional delay i... Read more

3 more replies
Relevance 53.71%

Hi,
Right now i have about 56 updates pending, most of them office updates, and a couple of Windows updates.
I've discovered that a update is preventing my PC from sleeping, as when i do a system restore back to before i updated my PC will sleep, and then instaill them again my PC wont sleep.

I'm assuming its a windows update rather than an office update causing this problem.
Is there a better way to see which update is causing the problem rather than instailling each update, one by one?

More replies
Relevance 53.71%

Hello
 
I recently did a fresh install of Windows 7 on my PC. I guess I forgot to install any AV until I was prompted to by Windows Update, which if I remember correctly, did install OK originally. Normally I would have installed AVG and MB, but I've had quite a few PC problems recently and so was a little haphazard, I can't remember whether I actually got MB installed prior to these problems or after. Anyhow, recently I started up my PC and upon starting got a message that MSE couldn't start because of error occurring during initialization, Error 0x80073b01.
 
I found a similar topic here and have run a few of the programs, most optimistically Hitman Pro, which found a couple trojans and malware items and deleted them. But I still have this issue with MSE that it can't load, can't be reinstalled and can't be uninstalled.
 
Other symptoms: Malware Bytes icon on my desktop went from being their logo to a generic .lnk/shortcut image and wouldn't load. I managed to reinstall it after using safe mode and using mbam clean to get rid of the mbamext.dll that wouldn't delete normally. I now have MBAM on my desktop and I can run it, but it won't get the latest updates (it appears to download them, but then says the db is missing or corrupt) and it won't let me do a scan.
 
I have been trying to copy some files to an external HD, but the ones with Security in their name can't be moved.
 
It seems like something is definitely running in the background ... Read more

Answer:Malware preventing MSE and Malware Bytes running?

Try running in Safe Mode and doing a full system scan with your antivirus.  You could also try a System Restore.  

2 more replies
Relevance 53.71%

Hi,

Contrarily to previous Windows versions, the user can no longer decide when and how to update Windows, but the OS does it all by itself - at any time, and unasked for. This occasions unexpected and unwanted machine slowdowns - sometimes at startup, sometimes at closing down, sometimes in the middle of a session. In my view a most annoying and disturbing interference in my normal workflow.

So, is there any way or tweak to take Windows Updates in hands again on that level?

This is not the only occurrence where Windows takes things in hands. Indeed, despite countless telephones to Microsoft, there is no way to prevent it from associating everyday graphic files (like for example jpg, gif, png and more) with its own clunky "Photos" utility, or send pdf files to its own and even more clunky "Edge" - instead of opening these files to the programs or utilities one has decided to associate them with. Trying to associate these via Settings helps nothing at all, or just for a moment or, if one is in luck, for a whole session. But invariably Windows 10 reverts to its own "choices".

The only solution Microsoft could offer was to do a clean re-install of Windows 10. I don't call this a solution, but just plain amateurism.

So, if anyone knows how to get rid of these - with the update annoyance in the first place, because for the other ones I can still workaround via "open with", whereas my hands are tied with those updates.

Thanks,

haku

Answer:How to get rid of automatic updates and other automatic annoyances

Hello haku,

Since you have Windows 10 Home, OPTION FOUR in the tutorial below may be your best option to disable automatic updates in Windows Update.

https://www.tenforums.com/tutorials/8...dows-10-a.html

4 more replies
Relevance 53.71%

I'm a system admin full of users that don't bother to install the windows patches and updates. Well I've setup the desktops to automatically check, download, and install the updates.

Does this only check at the time specified?

Does it only download critical updates? windows updates? drivers?

Does it prompt the user when it's downloading and installing? Does it force them to restart their machines?
 

Answer:windows automatic updates isn't so automatic

If you're talking about Auto Updates in XP, then you can specify an exact time for the updater to check and download and install the updates. RIGHT click My Computer/Auto Update Tab. Otherwise, depending on the internet connection, update looks only once a day I believe. ONLY critical updates are brought down, you must visit the site for driver and other updates.
 

1 more replies
Relevance 53.71%

Hi,

Contrarily to previous Windows versions, the user can no longer decide when and how to update Windows, but the OS does it all by itself - at any time, and unasked for. This occasions unexpected and unwanted machine slowdowns - sometimes at startup, sometimes at closing down, sometimes in the middle of a session. In my view a most annoying and disturbing interference in my normal workflow.

So, is there any way or tweak to take Windows Updates in hands again on that level?

This is not the only occurrence where Windows takes things in hands. Indeed, despite countless telephones to Microsoft, there is no way to prevent it from associating everyday graphic files (like for example jpg, gif, png and more) with its own clunky "Photos" utility, or send pdf files to its own and even more clunky "Edge" - instead of opening these files to the programs or utilities one has decided to associate them with. Trying to associate these via Settings helps nothing at all, or just for a moment or, if one is in luck, for a whole session. But invariably Windows 10 reverts to its own "choices".

The only solution Microsoft could offer was to do a clean re-install of Windows 10. I don't call this a solution, but just plain amateurism.

So, if anyone knows how to get rid of these - with the update annoyance in the first place, because for the other ones I can still workaround via "open with", whereas my hands are tied with those updates.

Thanks,

haku

Answer:How to get rid of automatic updates and other automatic annoyances

Hello haku,

Since you have Windows 10 Home, OPTION FOUR in the tutorial below may be your best option to disable automatic updates in Windows Update.

Windows Update Automatic Updates - Enable or Disable in Windows 10

more replies
Relevance 53.71%

Hi,

Contrarily to previous Windows versions, the user can no longer decide when and how to update Windows, but the OS does it all by itself - at any time, and unasked for. This occasions unexpected and unwanted machine slowdowns - sometimes at startup, sometimes at closing down, sometimes in the middle of a session. In my view a most annoying and disturbing interference in my normal workflow.

So, is there any way or tweak to take Windows Updates in hands again on that level?

This is not the only occurrence where Windows takes things in hands. Indeed, despite countless telephones to Microsoft, there is no way to prevent it from associating everyday graphic files (like for example jpg, gif, png and more) with its own clunky "Photos" utility, or send pdf files to its own and even more clunky "Edge" - instead of opening these files to the programs or utilities one has decided to associate them with. Trying to associate these via Settings helps nothing at all, or just for a moment or, if one is in luck, for a whole session. But invariably Windows 10 reverts to its own "choices".

The only solution Microsoft could offer was to do a clean re-install of Windows 10. I don't call this a solution, but just plain amateurism.

So, if anyone knows how to get rid of these - with the update annoyance in the first place, because for the other ones I can still workaround via "open with", whereas my hands are tied with those updates.

Thanks,

haku

Answer:How to get rid of automatic updates and other automatic annoyances

Hello haku,

Since you have Windows 10 Home, OPTION FOUR in the tutorial below may be your best option to disable automatic updates in Windows Update.

Windows Update Automatic Updates - Enable or Disable in Windows 10

0 more replies
Relevance 53.71%

I could use some serious help right about now.  I have a Compaq laptop running Windows XP Service Pack 3 and have been having some serious problems with svchost.  It's been plaguing my system for over a month now.First, I notice that the svchost spikes whenever I start the automatic updates.  I have to keep it disabled whenever I want the computer to run normally.  Then, I noticed that whenever I try and remove old software from my computer it spikes.  The same is true whenever I try and install new software.To combat this, I tried to scan the system first with Malwarebytes, but the cpu spikes whenever I start the scan, and the scan does not start - it simply sits there for hours and doesn't do anything.  I tried using superantispyware, and the same is true.  I had AVG on here, and it happened again, as well as when I had Avira.  I have had no luck with scanning the computer to find out any solution.- My HijackThis logLogfile of Trend Micro HijackThis v2.0.2Scan saved at 4:54:48 PM, on 10/25/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16850)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobile... Read more

Answer:svchost.exe to 100% cpu if on automatic updates, software updates, scanning...

Wrong forum...Read here: http://www.computerhope.com/forum/index.php/topic,46313.0.htmlStart new topic here: http://www.computerhope.com/forum/index.php/board,7.0.htmlDo NOT post any logs in THIS thread.

1 more replies
Relevance 53.71%

Sorry if my post title is a little longwinded - but these three problems seem to be related. After installing and running MSE I have been unable to update definitions either manually or automatically. At the same time I noticed that microsoft automatic updates are getting to around 28 percent and then stopping - not fully downloading or installing. I cannot get through to any microsoft websites now - but all other sites are fine. wuauserv and bits are missing from services also. Have I been sneakily virused by something which MSE hasnt picked up. I tried to run malicious software removal tool - it downloads alright but wont install - says its not a valid win32 application. I correctly downloaded the 32bit app. Can anyone shed some light on any of this. I dont want to rebuild again - again. Thanks.

Answer:Automatic updates not functioning - MSE updates kaput - cant get through to microsoft

Hello cyberartist

Yes, this could be due to malware.
We cannot help you with malware removal in this forum.
Please read ?Virus/Trojan/Spyware Removal Help ? and follow the instructions very carefully; then, post all the requested logs and information in the Virus Help Forum
If you cannot complete any step, just miss it out and do what you can, but be sure to include this information in your post.
Please ensure that you create a new thread in the Virus Help Forum; not back here in this one.

Please be patient, as the Security Team Analysts are usually very busy; one of them will answer your request as soon as they can.

Also try running this fixit tool from MS

.

3 more replies
Relevance 53.3%

i keep getting this message. i have already disabled automatic updates through group policy editor.

Answer:updates preventing my computer from shutting down

With this batch script you can automatically close apps not responding at shutdown in windows. Please execute the batch script as a administrator.

1 more replies
Relevance 53.3%

hello everyone,
my sons laptop has acquired a virus. (an acer aspire 5100 on xp)basically it is preventing any windows updates & any security scans. It is clever; for example if i attempt trend micro house call i get blue screen & the pc shuts down immediately. When i reboot it refers to fat32 as follows:
checking file system on c the type of the file system is fat32.

i have current subscription to trend micro internet security for three pc's but can't download due to the virus.
i am not a "power user" but i am capable of starting the the laptop in safe mode & carrying out basic tasks.(but it appears to be stopping that unless i'm doing something wrong with the "f8" key)

how serious is this & is there the idiots guide to a resolution?
thanks for looking bob (uk)
 

More replies
Relevance 53.3%

I have a Compaq desktop at home running Windows 7 Home Premium. My girlfriend has a user account on it that she uses from time to time. She sometimes needs to restart the computer. When she tries to do that, many times the shut down screen shows "Install updates and Restart" as the default action. Is there a way to eliminate that option for her account or at least make Restart or Shutdown, without installing updates, the default choice? She is careful about changing the option, but I am concerned she might slip up one time.

I have no desire to upgrade to Windows 10 at this time (Yes, I know the free upgrade offer is supposed to end at the end of June). On my account, I manually go through the list of new available updates and remove any that are related to preparing the computer for Windows 10 or actually downloading and installing it.
 

More replies
Relevance 53.3%

What can I do to prevent updates from preventing me from using my computer?
Apparently whoever designed Windows update never considered the possibility of people using small SSD drives that only have a fraction of the space required to run applications. Everything worked under Windows 7, although I did have to do some tweaking to get it to install apps directly to drive E: (my multi-terabyte hard drive). After installing Windows Update, I had to do the same registry tweak to make it install programs on drive E:, and it worked fine the first six weeks or so, but then it started routinely breaking one or two of my applications with each update. The problem was initially tedious to fix, but I eventually got everything working. However, I was not successful at getting Windows to comply with running my Chrome browser from E: I finally relented, and moved as many of the commonly used apps to drive C: (the SSD) and consequently had to set the cache size smaller. Everything was fine for another month or so.
However, beginning sometime in November, Windows updates started failing. It schedules an update, runs the update, reboots my computer, says the update failed, and reboots the computer again, uninstalled the update, and then it works. This was an annoyance, but since it only happened once a month, I put up with it.
Recently however, Windows has started retrying updates every few days, and doesn't bother warning me in advance or asking my permission. It just unceremoniously shuts... Read more

Answer:What can I do to prevent updates from preventing me from using my computer?

In updates, there is a setting to schedule restart, usually 3am. Can you check that setting is enabled?

2 more replies
Relevance 52.48%

I was going to download Norton 2009 antivirus, but the setup said that the computer needed and upgrade. I proceeded to the windows update to check. Sure enough I needed windows service pack 2. I tried to download this but got the error 80072efd. Its not the firewall, but i also realized that I cannot download it directly from the windows update website. I am really confused and need this antivirus cause my computer is infected at this time. All help will be appreciated.

Answer:error 80072efd is preventing me fom downloading updates

hi and welcome to TSF the first thing you should do is go here
http://www.techsupportforum.com/f50/...lp-305963.html and get help for your infection and then see about antivirus i would not choose norton or mcafee as they can cause issues with vista

3 more replies
Relevance 52.48%

I have a paid version of AVG Internet Security 2012 which commenced in August 2012. I've had paid versions in the previous two years and until the last two months have had no problems.
In the past few days when I switch on my PC (Windows XP with Mozilla Firefox browser, wired connection with BT) the automatic AVG update will not proceed, nor will a manual attempt.
Within a few minutes of switching on the following Windows warning box appears on the screen:
'The software you are installing for this hardware - Non-Plug and Plug Drivers - has not passed the Windows Logo testing to verify its compatibility with Windows XP. Continuation of installation of this software may impair or destabilise the correct operation of of your system either immediately or in the future.'
Two options are then given: Continue anyway or Stop installation.
The updates waiting to be downloaded are all version 2238 of the the following: Alert Manager; Anti Rootkit Driver; Anti Spam Component; Scanning Engine; Set Up Component; Kernel components; E-mail Scanner; Firewall Component; User Interface Component; Identity Protection; Language Files (English); Online Shield (Settings); Resident Shield Scanner; Link Scanner HTTP Redirector; Systems Tools Component; TDI Component; Pc Analyzer; Update Component.
If I click on 'Continue anyway' the system attempts to download the updates again but aborts very quickly and the same warning notice appears. If I do nothing the warning notice remains but my AVG page sa... Read more

Answer:Windows preventing paid AVG updates download

I'd recommend putting this to AVG in the form of an email. Even copy and paste what you posted here.

2 more replies
Relevance 52.48%

Right now I have automatic windows updates disabled for privacy issues. Because of this, I have to manually download and install the daily updates for Windows Defender. Is there a way to exclude Windows Defender from the disabled updates?
 

Answer:Automatic Updates with Windows updates disabled

@Falloutman

You should make a task scheduler operation in order to update automatically based on the time and day it should execute.

Link on the tutorial (Go on Update package information)
 

2 more replies
Relevance 52.48%

I was having problems with Windows Update. The dialog box would just sit there and present no status as to how much was downloaded. Download progress would stay at 0%. I turned on automatic updates and I started getting old updates in the list, some of them years old. I'm sure I would have already installed these updates so I hid them from view. Just went to check for updates again and 2 other years old updates appear. I have since set updates back to notify me when available. Why are old updates showing up with recent updates? I never had this issue before. I never used automatic updates, I always did updates after notification only. Now, because I switched on automatic updates and then switched it off again, these old updates are showing up. Any suggestions?

Answer:Switching to automatic updates presents old updates?

MS doesn't usually offer updates if you have them already. Are you quite certain you have them? If you haven't then it is likely to offer them when you turn Auto Updates back on.Always pop back and let us know the outcome - thanks

7 more replies
Relevance 52.48%

WinXP

I ignore the pop-up window from the notifications area telling me Windows updates are ready to install, I'm busy. Then I'm ready to do it, but there's no icon in the notification area to click to do the install.

I've even gone as far as to do a manual install, just to make sure I've got the latest update. I know I'm fully updated, and then the pop-up window comes up telling me it has that update ready to install again!

Is there a way to retrieve the updates Automatic Updates has ready to install? Reboot?!

Will manually updating confuse Automatic Updates?

TIA, Dan
 

More replies
Relevance 52.48%

winXPsp2: I stopped seeing the windows automatic update icon appearing in my system tray even though anther system on my LAN has been getting updates.

I changed the automatic updates option from notify me to download but do not install and now when I shut down my computer it offers to install updates. Trouble is I don't want to install updates blindly - I want to pick and choose and that option is not available during shutdown.

Any idea what may be wrong or what to try? one possibility is that zonealarm or spysweeper may be getting in the way. what process should be running? Installing updates via the Windows update web page isn't an option since I refuse to install the Windows Genuine Advantage spyware.

thanks.

More replies
Relevance 52.07%

For some reason, whenever windows 8.1 updates, internet explorer stops working. Every time I try to get on the internet, I just keep getting a message that 'this page cannot be displayed'. Skype still works, so the problem seems to be internet explorer itself.

I have decided to switch to google chrome to fix the problem, but I can't do so without getting on the internet.

I would like to restore the computer to a point in which it worked, and I have one restore point which I'm certain will work, but the problem is, immediately after restoring, windows automatically updates, which kind of undermines the entire purpose of the restore. I have tried changing the update settings so it will restore without updating, but as soon as the system restores, my changes are undone and windows then proceeds with the stupid updates.

I just want to get on the internet somehow to install google chrome! (and no, I can't just copy and paste from the computer I'm currently on because this one has windows 7).

Any ideas?

Thanks,
smile puppy

Answer:Windows Updates Preventing Internet Explorer from Running!

Unplug your router, then do your system restore. You then have as much time as you need to configure Windows Update not to auto check.

2 more replies
Relevance 52.07%

I have 93 updates for XP & Office 2003 which I cannot install. I have stopped and re-started the update service & tried everything else I can find on the web.

I would be very grateful for any help anyone can provide!

Answer:A problem on your computer is preventing updates from being downloaded or installed

Is your windows update allowed to install updates automatically? Check your settings in the security center. I hope you are updating via a broad band connection. Also does windows download the updates and stalls have way thru the installation? During the install of the downloads, Windows will ask you to accept certain agreements. You may not be seeing these and think Windows has stopped installing. Windows will not move forward unless you respond to these agreement. When downloading be sure all the downloads are complete and upon the installation part, Minimize your screen to see these agreements. IE7 download and install is one of the biggest culprites. It hides behind your Download and install screen.
Hope this helps.

5 more replies
Relevance 52.07%

Hi

With Windows 8.1 Update, how do I prevent all users that the notification of any updates to the apps by Microsoft Store will never be displayed?

Thanks

Bye

Answer:Preventing the notification of any updates to the apps by Microsoft Store

This should cover it: Tech Blog :: Enable/Disable App Notifications In Windows 8

1 more replies
Relevance 52.07%

I am not able to install the windows updates>>used Express and got like 72 updates required. dloaded all but NONE installed.. got this message>>

A problem on your computer is preventing updates from being downloaded or installed

any help on this? this is after a windows XP install/repair

thanks, bo bo bolinski
 

Answer:A problem on your computer is preventing updates from being downloaded or installed

Re: A problem on your computer is preventing updates from being downloaded or install

no help on this? I am suprised! do I have to do the HJT routine or does someone have an easier solution??

thnx, bo bo bolinski
 

3 more replies
Relevance 51.66%
Question: Preventing Malware

I am not sure the best place to post this. I am trying to find a secure method of moving files from home to office. Our office has a rule stating that you should not bring a thumb drive into the office from home without going through IT. This is to prevent infecting the work network. IT can run a Symantec scan on the USB device but is still not in favor of using the USB due to what might not be caught on a scan.

Any ideas of methods that IT might be willing to implement that allows the convenience of USB drives and the security that IT needs. I am in the position of greatly influencing this research if I had a direction to suggest. Of course IT would be researching in order to feel confortable. Thanks in advance. If there is a better forum for this question please advise.
 

Answer:Preventing Malware

There is not a lot that you can do to insure that any USB device is clean without running scans on them. Your IT department would have to insist that all employees install programs such as AutoEater on their home computers and scan them with something like USB Vaccine. But that would require faith that all employees took these measures.
 

2 more replies
Relevance 51.25%

Hello all!Firstly, thank you so much for running such a magnificent site with such detailed and easily understandable instructions. I direct everyone I know to this site once they become infected--you offer such useful tools and great suggestions. Anyway, onto my problem. I'm working on a friend's laptop that was infected with System Check. (Boo!) The computer is unable to connect to my wireless, nor his wireless at home and the Windows diagnostic tool is of no help in that area. So everything I'm downloading to run on his computer, (rkill, gmer.zip, etc.) is being downloaded on my computer and transferred via flashdrive. Everything is being run on this computer while it's in Safe Mode with Networking. After going through the steps per the removal guide for System Check, I discovered that the infection was a lot tougher to remove than previously thought. It has kept MalwareBytes from being able to update, and I had to initially rename both TDSSKiller and MalwareBytes installer with single word names so that the malware wouldn't stop the process from running. When trying to run MalwareBytes after going through the guide with Rkill and TDSSKiller (which found no infection,) I receive an error from MalwareBytes that states: Program_Error_updating(11004,0,No address found)I am unsure if this is related to the rootkit, or if the rootkit is preventing the update due to the wireless connectivity issue. So I suppose my questions are thus:1.) Is the rootkit... Read more

Answer:TDSS infection preventing updates to MalwareBytes/Internet connection

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me Agent ST for short), it's a pleasure to meet you. I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated f... Read more

18 more replies
Relevance 50.84%

Hello,

It seems that my computer as been infected by a nasty virus/malware since yesterday. I have tried to eradicate it with ComboFix but it keeps resuming its activities.

The initial symptoms was no access to Web in Chrome: Error 102 (net::ERR_CONNECTION_REFUSED): Unknown error

However I had web access via IE and Firefox.

Also HTML content was not anymore displayed in Outlook (images displaying red cross).

Then I could not install any new software, seems like the access to Registry was blocked somehow.

I managed to install MBAM but it won't update it's 68 days old signature file.

Even to start the GMER I had to go back to safe mode because it would not start.

Below are the following logs:
1. The last instance of ComboFix (Sorry I did not know about this website and the rules when I ran ComboFix, so I thought I would post the log for info)
2. The defogger log
3. The HIJACK THIS log
4. The DDS log (plus the Attach)
5. The GMER log (I had to run it in safe mode because in normal mode I have the error: LoadDriver ("C:\Document and Settings\Alex\Locals~1\Temp\kwlorpod.sys" ) error 0xC0000034: The system cannot find the file specified.

Thanks in advance for your help.

Alex

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:57:15, on 26/02/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\... Read more

More replies
Relevance 50.84%

I've heard mention on other forums that for XP Pro there is stuff like EMET, Software Restristion Policy, Hosts File, etc., that will prevent installation of malware like OpenCandy, YellowMoxie Redirect, and so on. If true, I'd like to know more (a lot more) about this! Advice? Links? Anything at all appreciated!

Answer:Preventing malware installation

 There are supported antivirus and antimalware programs for XP if that's what you're looking for.  They're pretty much the same ones you can get for later versions of Windows.
 Of course MS pulled the plug on the last of the Windows updates for XP back on 4/8, so it's going to become more and more vulnerable to attacks over time.  My recommendation is to either upgrade to Windows 7 or 8 or go with Linux.  The Mint and Ubuntu versions of Linux run very well on computers that run XP, and they just boot up, find your devices, connect to the Internet, have a Windows like user interface, and come with Firefox and LibreOffice.  AND they're supported.
 
Good luck.

8 more replies
Relevance 50.84%

Seems I have a nasty virus/malware which is preventing just about everything I try to do to exterminate it, even in safe mode. Progress has been made, but it has been extremely slow and has hit a wall. It started with over half of the sites I tried to visit getting redirected to various sites claiming to be able to disinfect my computer and such, as well as several virus warnings from Symantec. After noticing this, I tried running Spybot, but it wouldn't open. After I renamed the executable file, it ran, but would not connect to the internet for updates. The same problem occurred with Malwarebytes' Anti-Malware and HijackThis. Also, the website for Spybot would always get redirected to another one of the above-mentioned fake sites.

I ran the scans without updates in safe mode hoping they would still be up to date enough to handle the problem. They did held to fix the problem of website redirection and updating Spybot and Anti-Malware, but they and HijackThis are still unable to run as their native (non-renamed) executables. I don't know if the more annoying problems will resurface later, but I want to be sure that the malware is off of my computer.

EDIT: This appears similar to be the Google hijacker that others on this forum are experiencing

ANOTHER EDIT: The main annoyance is back. Google search results are being redirected again. :-(
DDS (Ver_09-06-26.01) - NTFSx86
Run by Aaron at 20:52:13.84 on Sat 06/27/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.... Read more

Answer:Malware preventing countermeasures

Hello AlfaWolf04,Delete these old version of Java, as they are malware magnets.Java™ 6 Update 2Java™ 6 Update 3Java™ 6 Update 5Java™ 6 Update 7 Please post the last Malwarebytes log so I can see what it is finding. The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire MBAM report in your next reply

7 more replies
Relevance 50.84%

I have some form of malware that is preventing me from installing and running Super anti spyware, spy-bot and malware bytes. I keep getting an error window with the following message. " The instructions at "0x7c8841ee" referenced memory at "0x00000000", the memory could not be written" then an end program button.
Ad-Aware seems to be the only program that I can run and it finds "win32trojant.dss"
Attached is my HJT file
any help or direction would be appreciated, thanks
 

Answer:Malware preventing me from installing

Please at least attach logs from running Combofix and MGTools. You didn't mention whether you had problems running those so I assume you have logs from them.

Thanks
kes
 

14 more replies
Relevance 50.43%

I accidentally interrupted the installation of two deferred updates. Is there any way I can get them? Or have I lost them forever? Thanks cfcaec 

Answer:Automatic Updates via ThinkCentre Updates

Hello Cfcaec, welcome to our forum! If you go to support page, there will be all drivers and applications youŽll need.See direct suport link on top of this page.If you start System Updater, there youŽll find a list with recently installed programs. But you donŽt need to update, if your system runs satisfactionally. RegardsAndreas   

1 more replies
Relevance 50.43%

I've reinstalled my OS 3 times this week. The first time there was an Error in the install. The second time I accidentally downloaded some updates that I specifically did not want, and they could not be uninstalled, so had to go back and do it again.

This third time, everything was working fine until Automatic Updates suddenly turned it's self on without my being asked, or even notified. This was around when I installed the Google pack.

Then, loe and behold, windows Automatic Update declared that it had finished downloading and installing updates, and that if I wanted the instalation finished, all I had to do was reboot.

"Crap" I thought, "I don't want to reinstall my OS a 4th time!"

So here I am, looking for some help in keeping those updates from finishing.

Such updates include:
Windows Messenger security update (I don't want windows messenger, and uninstall it and use tools to wipe it from the face of my computer, so why would I want this?)
Windows Genuine Advantage tool (All it is is yet another piece of windows Malware that continually uses up precious system resources)

There was another one or two, but I can't check the list of things I don't want to install or update as all the automatic update tool and windows update will let me check is if I've rebooted or not.

Can anyone help me avoid yet another OS install?

Answer:Automatic Updates Turned It's Self On. I Don't Want The Updates.

My sincere apologies. I'm running a copy of windows XP home that had service pack 1 included on the disk. I already upgraded to service pack 2.

22 more replies
Relevance 50.43%

My automatic updates keeps reloading same updates.

Answer:Automatic Updates keeps reloading same updates.

Hi Retire2012,

Do you know which specific updates? Try this link and see if this will help resolve you issues: How do I reset Windows Update components?

1 more replies
Relevance 50.43%

Let me start by saying I already started in the "Am I infected" forum and they told me to start a new post in here. The link to my thread over there is: Internet access shuts down right after loginI sure would appreciate your help!Here is my DDS.txt:.DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_21Run by Alan at 20:44:04 on 2011-09-23Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.3325.2251 [GMT -7:00].AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalSe... Read more

Answer:Malware preventing internet connection

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/420238 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

30 more replies
Relevance 50.43%

Hello!  Yesterday I was having some problems with some spyware.  It would randomly create a fake windows firewall error saying that my computer is infected and prompt me to visit a web page to download a full version of a virus scanner.  The malware was causing lots of pop ups and whatnot.  I downloaded MBAM and superantispyware.  I ran both of them and the popups are gone(wohoo!).  However... This morning I got on my computer and I am unable to use any web browser (IE, Firefox) to navigate to websites.  I am connected to my router just fine, and I am able to connect to Steam and AIM with no problems, so I know I am connected to the internet.  I am unable to ping any websites or anything.  When I try to navigate to a website, I get the "address not found" error.  Please help!

Answer:Malware preventing web browser usage!

Go to...http://www.computerhope.com/forum/index.php/topic,46313.0.htmlFollow the guidelines, post the three logs and a specialist will review them in turn.

5 more replies
Relevance 50.43%

Hello,
I have recently developed a problem when I play games on the Pogo & Slingo websites as I have done for many years. I recently started getting a popup to download some antivirus software called 'winsuperantispyware' which I knew was bogus, so I did my best to ignore & get rid of it. Anyway, shortly afterward I began having problems with java on both sites & on Pogo, it said my java was not working or I had a 'bug' in my cache. I decided to run all my clean up programs including Smitfraudfix & Superanitispyware & I am still getting an error message when I try to play my beloved games.
I spent time reading through some of the related forums on this subject at your site yesterday & so I even tried to download Mozilla Firefox & when I did that, I got the 'winsuperantispyware' popup at the time when my selected game is downloading which I believe tells me that this malware is preventing me to play games with java on any browser. I have tried relentlessly to solve this problem on my own & I am having no luck , so I hope you guys can help me get rid of this nasty little pest!
Here is my Hijackthis file:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:37:59 AM, on 9/30/2007
Platform: Windows Vista (WinNT 6.00.1904)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\s3trayp.exe
C:\Program Files\CyberLink\Powe... Read more

More replies
Relevance 50.43%

Hi, recently i've been having problems with "XP Security 2010" and other pop ups that it appeared to install. I tried several times to remove them with Malwarebytes and Spybot Search and Destroy and I was sure they had fixed the problem, but i am still having problems! Whenever i start up my computer I.E and FF run fine for the first few minutes then suddenly they start redirecting me to "search.avg.com" or they "cannot display the web page as i am not connected to the internet".

Also whenever i try to connect to the net with my laptop at the same time as my PC, my laptop does the same as the PC and the same is said for my PS3 when trying to play online but when i disconnect my PC from my router, my laptop and ps3 work fine.

Thanks

Steven

EDIT: also i have just noticed when i connect my laptop at the same time it appears to be turning my windows firewall off on the laptop.

Answer:Malware preventing internet access?

Hi,Please download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)In the Main Menu, click the Preferences... button.Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program.Do not run a scan just yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several op... Read more

5 more replies
Relevance 50.43%

My computer has been acting strange for a while, but I couldn't ever pin it on malware.  My clock doesn't sync even when I change the server.  I got really suspicions when I connected to a new wireless network and got the following error message:
 
Cannot connect to the real www.google.com
Something is currently interfering with your secure connection to www.google.com.
Try to reload this page in a few minutes or after switching to a new network. If you have recently connected to a new Wi-Fi network, finish logging in before reloading.
If you were to visit www.google.com right now, you might share private information with an attacker. To protect your privacy, Chrome will not load the page until it can establish a secure connection to the real www.google.com.
 
I tried enabling my firewall but got:
 
Windows Firewall can't change some of your settings
Error code 0x80070424
 
I have a backup.  I ran CC cleaner and Junkware Removal Tool.  I'm currently running a full scan of Malware Bytes.
 
I've attached the results from dds.  Thanks for any help!

Answer:Malware Preventing Enabling Firewall

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Download Malwarebytes' Anti-Malware from HereDouble-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).The scan may take some time to finish,so please be patient.If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Log... Read more

2 more replies
Relevance 50.43%

Hi,
I have formatted my computer a few days ago and now I'm reinstalling my adobe programs. in order to do so I must close firefox, but after I do it, it reappears in the processes window. I terminate it, and a second later appears a process named CuNew.exe which immidiately changes to firefox. it just keeps happening every time I try to terminate it.

this cunew sits in C:\WINDOWS\system32\install, and it's something by indetectables.net. I guess it's a malware but my antivirus doesn't recognize it.

in addition, every time I restart now. I get error messages from programs such as skype, "the program failed to initialize", each time more and more programs.

here's my hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:13:54 PM, on 9/19/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\Extensis\Exte... Read more

Answer:malware preventing firefox from closing

I ran Malwarebytes' Anti-Malware and it detected the file. It said that it deleted it, but it just pops up again in the same directory.
Also, I noticed that this process disguises itself as Firefox all the time, e.g. when Firefox is closed I see "Firefox" running in the processes window, when it's open, there are two "Firefox" there.

Help will be so much appreciated!

Here's the MAM log:

Malwarebytes' Anti-Malware 1.41
Database version: 2833
Windows 5.1.2600 Service Pack 2

9/21/2009 1:59:11 AM
mbam-log-2009-09-21 (01-59-11).txt

Scan type: Full Scan (C:\|D:\|F:\|)
Objects scanned: 194426
Time elapsed: 35 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0014hv01-o13r-jqfl-rq46-27ap31np34lx} (Generic.Bot.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c20ee2d6-81c3-6a08-79c5-1989da43bc19} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\poprock (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UI... Read more

2 more replies
Relevance 50.43%

I posted previously in another section about lagging issues: How to make speed improvements

satrow: "The security processor loader driver (spldr.sys) isn't related to any 3rd party drivers, it's installed by MS as part of Windows. If it's not loading in at all, it could be a malware issue"

As instructed there, I'm asking for a malware review. Thank you!

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17689 BrowserJavaVersion: 11.31.2
Run by Tony at 7:19:24 on 2015-04-01
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.7630.4546 [GMT -4:00]
.
AV: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2015 *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe ... Read more

Answer:Malware possibly preventing spldr.sys?

Hello revelry,

My name is Tolga and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.
First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
My native language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your und... Read more

7 more replies
Relevance 50.43%

Hi guys,

Here's my System info:
Windows 7 Home Premium 64bit
Intel i5-2500k cpu
8gig DDR3 RAM
OCD VertexII SSD 60GB running OS
2TB HDD and 1TB HDD
ASRock Z68 Pro3 Mainboard

I went through the clean up process step by step and my logs are attached over this and the next post
 

Answer:Possible Malware preventing drag and drop etc

And here's the last of the attachments
 

7 more replies
Relevance 50.43%

I think I may have picked up some malware that is preventing executable files from running.
Windows 10
avast free anti virus
Sony VAIO VPCEB2C5E

I first noted that i couldn't get FireFox to open. I removed the program & re-installed it but no joy. I eventually downloaded Chrome and this is working.
Now however I've discovered that the majority of the programs on my laptop will not run.
Symptoms:
The program will initially load, blue flashing disc, but then nothing.
The list of affected apps are below:
Outlook
Word
DIVX player
MalwareBytes
VLC media player
Any app updater is blocked.

Working Apps
Chrome
CCCleaner but no update
Excel
Spybot
iTunes but no updates

Any help much appreciated
 

Answer:Malware Preventing Executable Files

The fact that some programs run and some do not, makes this sound like it is not one of the typical executable program blocking malware problems. In fact, it may not be malware. Let's see if we can get anywhere with our cleaning process in the link below. Try all the tools. Don't assume that they all will not run just because one or more does not. Also if you run into major problems trying to run the tools, try running them in safe boot mode.

Read & Run Me First Malware Removal Guide (incl. Spyware, Virus, Trojan, Hijacker)

There is a chance that you may have to uninstall Avast temporarily. We have seen antivirus program cause problems like you are describing. But let's first see where we get with the Read & Run Me First.
 

3 more replies
Relevance 50.43%

I've tried everything I know how to do (which admittedly isn't much) and I'm hoping someone can help. I've run Spybot, Malwarebytes, and AVG. They all say they detected something called Astromedia and removed it, but now my computer is running worse than when I started. Every time I open my browser or a new tab it acts like it's not connected to the Internet until I reload multiple times. Can someone please help? My system info is below.
Thank you!
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD A10-4600M APU with Radeon(tm) HD Graphics, AMD64 Family 21 Model 16 Stepping 1
Processor Count: 4
RAM: 5609 Mb
Graphics Card: AMD Radeon HD 7660G, 512 Mb
Hard Drives: C: Total - 590202 MB, Free - 403986 MB; D: Total - 19972 MB, Free - 2166 MB;
Motherboard: Hewlett-Packard, 18A6
Antivirus: AVG AntiVirus Free Edition 2015, Updated and Enabled
 

More replies
Relevance 50.43%

I am running Windows XP SP3, with the latest version of Firefox. I am using Bellsouth Fastaccess DSL. My antivirus is Norton, and could not find any issues. My computer is connected to the wireless network, with excellent signal strength. I have tried repairing the connection and using IE, but neither have worked. My laptop and other computer can both connect to the Internet. Other things that I have noticed: SUPERAntispyware and Spybot Search and Destroy have both stopped working. I have also posted this on the Web Browsing forum. Thank you for your help!

Answer:Malware preventing connection to Internet?

Please just keep it to one forum for nowIf we can't fix you here then you can post thereSee if you can access Safe mode w/networkingorYou can burn to a CD or download to a thumb drive the tools I am going to have you useDouble-check that Spybot's Teatimer function is disabled----------------------------------The process of cleaning your computer may require you to temporarily disable some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all th... Read more

11 more replies
Relevance 50.43%

OS - Windows XP Home

I've been trying for a couple of weeks now to install Comodo Firewall, but it just wouldn't install. I made a thread over at the Comodo forums regarding this, which ended up being 2-3 pages long, and finally a Comodo technician replied to me.

He said the following:


Quote:




I am sorry, but your PC is seriously infected with at least four dangerous viruses. They blocks your registry and fully controls your Windows.
For example:
C:\windows\fonts\fonts.exe - see http://www.auditmypc.com/process/fonts.asp
System32\appmgmts.dll - see http://www.greatis.com/appdata/d/a/appmgmts.dll.htm
si.exe - see http://www.processlibrary.com/directory/files/si/ - most dangerous, it loads under explorer (maybe even replaces it)
Also I've found few suspicious and unknown drivers in your system.





Therefore, I've decided to come on here for help, in the hopes that I can clean my PC of this malware. I've followed all the instructions in the "Read This Before Posting For Malware Removal Help" thread.

I did everything except for the Gmer scan. I ran the Gmer scan and it was running for around 3 hours. I went and did something else for a while, and when I came back it was still running. It had caused the whole PC to basically freeze up, with the only thing NOT freezing up being Gmer itself. Then all of a sudden the PC blue screened and rebooted, therefore I'm left without the "ark.txt" file unfortunatel... Read more

Answer:Malware Preventing Installation Of Firewall!

Bump, please.

19 more replies
Relevance 50.43%

I hope I'm posting this to the right spot... this website is pretty confusing...

McAfee will not update and I cannot access the McAfee site. Instead, I get redirected to a pseudo site. I had something similar happen on another computer using Kaspersky. I am running Combofix now. Is there someone who could help me read the log?

Answer:Malware preventing McAfee from updating

DO NOT EVER run Combofix on your own and without supervision of an expert. It can seriously damage your system and make it unbootable. DO NOT post the log here.Some types of malware will disable MBAM and other security tools. If MBAM will not install, try renaming it.Before saving any of your security programs, rename them first. For example, before you save Malwarebytes', rename it to something like MBblah.exe and then click on Save and save it to your desktop. Same thing after you install it. Before running it, rename the main executable file first

Right-click on the mbam-setup.exe file and change the .exe extension to .bat, .com, .pif, or .scr and then double-click on it to run.

If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files, right-click on mbam.exe and change the .exe as noted above. Then double-click on it to run..Another work around is by not using the mouse to install it, Just use the arrow keys, tab, and enter keys. ~ Courtesy of boopmePlease download Malwarebytes Anti-Malware and save it to your desktop.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and y... Read more

1 more replies
Relevance 50.43%

Attempting to follow the XP cleaning procedure, and none of the tools will run except MGTOOLS, which did run to completion and generated the zipped file.

Symptoms are: both IE and Firefox either redirect or deny finding websites. For example, cannot get to windowsupdate.microsoft.com--instead, browser is redirected to findstuff.com when I attempt to click on Google search result which points to windowsupdate.microsoft.com. Attempting to go directly there results in a 'page not found' error. Same is true for symantec.com or Mcafee,com.

Spybot did install, but when I run it, it loads a 3MB process I can see in task manager, but never opens.

Superantispyware will not install. Even after renaming the executable, it crashes with the "SUPERAntiSpyware Free Edition has encountered a problem and needs to close. We are sorry for the inconvenience" error, which pops up and asks if I want to send the error report to Microsoft.

Combofix opens the "do you want to run" window, but never continues when I tell it to.

Malwarebytes' Anti-Malware -- same thing: when I click to run it, nothing happens.

One detail: Netscape Navigator appears unphased by the malware. So, I do have a working browser for some web access (Microsoft insists on IE, so I cannot use windowsupdates via this browser) on that computer.

I am attaching the mglogs.zip file.

One other note: I am actually conversing from a clean machine. I am running logmein to access t... Read more

Answer:Malware's preventing most tools from running

Let's start with this:

Click Start > Control Panel > System > Hardware > Device Manager > View > Show Hidden Devices.

* Scroll down to ?Non-plug and Play Drivers? and click the plus icon to open those drivers.
* Then search for TDSSserv.sys
* Let me know if you find this or not.
* If you do find it, right click on it, and select Disable. Do not try to uninstall it.
* Also if this is found and you disable it, then reboot and see if you can run the other scans that would not run.

Use add/remove programs to uninstall:
J2SE Runtime Environment 5.0 Update 10"
J2SE Runtime Environment 5.0 Update 11"
J2SE Runtime Environment 5.0 Update 9"
Java 2 Runtime Environment, SE v1.4.1_02"
Java(TM) 6 Update 2"
Java(TM) 6 Update 3"
Java(TM) 6 Update 5"
Java(TM) 6 Update 7"
Java(TM) SE Runtime Environment 6 Update 1
Viewpoint Media Player

Now use windows explorer to find and delete:
C:\Documents and Settings\Julia\Application Data\MJUSBSP
C:\Documents and Settings\Julia\Local Settings\Application Data\tjnet

Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file and any other logs you can run ( remember to try the in safe mode).
 

3 more replies
Relevance 50.43%

What do you think about anonymous software, and firefox add-ons like switchproxy and stealther? Do they prevent malware? Do you have any Firefox add-on recommendations for effective internet security?
 

Answer:Question about Firefox Add-ons and Preventing Malware

You can not be anonymous on the internet.
In order for the post office to deliver mail to you, they need to know the address where you accept mail.
In order for the internet to deliver web pages to your computer, a server somewhere needs to know the address of your computer so you can view the pages. Some server (or more than one) knows exactly where you computer is located and what web pages you want to view. If this information wasn't known, you get a 404 error for every page that you tried to load.
The perception that you are anonymous is just that, a perception.

You do not protect the browser; you protect the computer so that things delivered to your computer don't come with nasties you don't want.

The computer needs: a firewall, one antivirus (monitoring in real time), one malware detector (monitoring in real time). You might be able to get two of these things in one program.

To lessen your chance of clicking on something you don't want and installing something not healthy for your computer, you can run noscript in Firefox. This turns off javascript and you are able to turn it on for certain sites either permanently or temporarily. I also run something called WOT (web of trust) which shows me when I use google to search, sites to avoid or to approach with caution.
 

2 more replies
Relevance 50.43%

Greetings! I have recently been infected with some sort of malware. It is preventing me from visiting several websites I used to visit often. A few examples:Google, Yahoo search engine, Gmail, Hotmail, Facebook... Just to name a few. When I try to visit any of these sites I receive a browser message "Unable To Connect". I use Firefox.

I run Windows 7 64 bit.
_____________________________________________________________
.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Tyrantius at 21:05:02 on 2011-08-22
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4030.2591 [GMT -4:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common File... Read more

Answer:Malware Preventing Me From Opening Many Websites

Hello, Welcome to TSF.
I'm nasdaq and will be helping you.

You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your logs are clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.

If there is anything you don't understand, please ask BEFORE proceeding with the fixes.

Please ensure that you follow the instructions in the order I have them listed.

Please do not install or uninstall any programs, or run any other scanners or software, unless I specifically ask you to do so. Also please copy and paste logs into the thread, rather than add them as attachments.
===

If you did not modify your HOSTS file it has been compromised.


Quote:




Hosts: 184.107.64.187 Google
Hosts: 209.172.56.118 search.yahoo.com
Hosts: 209.172.56.118 Bing




Go to: HostsXpert v4.4
Download the program HostsXpert to restore the default hosts file back onto your machine.
Unzip the program and execute it.
Select
"Restore MS Hosts File".
Close the application.

Restart the computer normally.
===

When the hosts file has been restored.

Please download C... Read more

7 more replies
Relevance 50.43%

I seem to have a particularly pernicious bit of malware that I can't shift.

"Live Security Platinum 3.6.1" is showing in my taskbar, and keeps feeding me fake alerts.

I foolishly googled a "fix", which i suspect is just yet more malware.

I can't follow any of the general fixes because it's blocking almost every .exe from running.

Judging by the lost keystrokes as i type, i suspect there is some kind of keylogging afoot here too.

Help please!

I have older versions of some of the recommended tools installed if that helps - although can't find a way to update or run them... any ideas?

I'm on Windows Vista.
 

Answer:Malware preventing .exe files from running

OK I managed to find a rogue .dll... deleting it let me run .exes again.

I've had a bit of a mixed bag with the recommended utils though.

Hitman blue-screened for me twice in a row, and MBAM crashed during fixes the first time.

I've attached a transcript of what was in the window when MBAM crashed (although some of it's not very helpful because the full filepath wasn't displayed in the window when it became unresponsive) - and a log from when it ran OK the second time.

Any advice?
 

8 more replies
Relevance 50.43%

I am infected by a Trojan/Virus that prevents me from updating my antivirus software as well as redirects any clicked links from a Google search. I've run Ad-Aware and it removed a trojan but apparently did not completely fix the problem. I have run online scans (Kaspersky and Panda) but the scan either didn't finish or my computer rebooted when the infections were trying to be removed. I've installed MalwareBytes but it will not execute. I've pasted the dds.txt log below and attached the attach.txt and hijackthis.txt logs.

I appreciate any help that can be given.

Thanks,
Brian

DDS (Ver_09-05-14.01) - NTFSx86
Run by brian at 20:38:36.45 on Wed 05/13/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_13
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.3069.1563 [GMT -4:00]

AV: AVG 7.5.557 *On-access scanning enabled* (Outdated) {41564737-3200-1071-989B-0000E87B4FB1}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalS... Read more

Answer:Infected with an unknown trojan preventing updates to antivirus and causing google redirects

Just bumping this up. I'm still interested in getting some help if anyone is available.

I appreciate your time. Thanks.
Brian

4 more replies
Relevance 50.02%

Hi everyone,

I got a virus/malware of some sort the other day after downloading what i thought was a book.. -.-

Basically, this virus/malware (not sure what it is..) prevents some antiviruse programs from running, I had Microsoft Security Essentials at first, but this got disabled and I couldnt use it so i downloaded AVG which installed fine, but wouldn't lauch, Windows Defender was also prevented from functioning.

But Antimalware bytes and Kaspersky seem to work fine and i removed several viruses/malware with them, though the problem still persists and Windows Defender/Microsoft Security Essentials still won't run!

Spybot search and destroy can scan, but when it gives me the option to remove the infections, an error occurs and says i need admin rights to do this (even though i am on an admin account..)

I would try to remove the virus through safe mode, but i cant get onto it! A message pops us saying something about the screen not being compatible or something

I was thinking of using ComboFix since it worked for me last time i had a serious virus, but im not sure i should use it since they say yo only use it with supervision from a PC pro..

Any help would be much appreciated!

Edit: Rkill didnt work, it just said "The system could not find the path specified"

Answer:Virus/Malware preventing my antivirus from working! Help please!

Hello,Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

2 more replies
Relevance 50.02%

It appears that my desktop PC is infected with some malware/virus which is preventing my malware diagnostic/cleaning tools from running. When I try to run MBAM or Spybot, I get the Windows message "Windows cannot access the specified device, path of file. You may not have the appropriate permission to access the item". When I run Avira, it goes all the way through a full system scan, identifies about 13 infections (including ZLOB etc), then just crashes.

I've tried booting in safe mode then running the tools, but I get the same result.

I've also been getting inconsistent boot-up, the occasional blue/black screen and sometimes the PC won't boot at all unless I power off and on again (sometimes twice!!).

I followed the Preparation Guide, downloaded DDS, but when I tried to run it, it just sat there, cursor blinking but no reports, even after 15 minutes. I also downloaded RootRepeal and tried to run it, but it also crashed immediately.

I would greatly appreciate your expert help with this.
Hazmat99

Answer:Infection preventing malware tools from running

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.

3 more replies
Relevance 50.02%

Hello,

I believe my laptop is infected with malware, preventing it from performing any tasks, such as accessing the internet, or opening programs. It is a shared laptop used primarily for web browsing (google, facebook, etc.) iTunes, and paying bills online. I am able to boot the computer, logon (although noticeably slower), and then I receive two error messages. The first is:

rundll32.exe - Bad Image

"The application or DLL C:\WINDOWS\oparexurivikiki.dll is not a valid Windows image. Please check this against your installation diskette."

I click ok, then another error message immediately pops up:

RUNDLL

"Error loading C:\WINDOWS\oparexurivikiki.dll

%1 is not a valid Win32 application."

I then click ok, and now my desktop appears normal, although 9/10 times I notice that on the bottom right in my taskbar, my network icons do not appear (both LAN and wireless).

From trial and error, I've learned that sometimes I can open up 'my computer', text files, but once I try and open internet explorer or any exe files, my computer freezes. The computer will eventually lock up at some point even if I avoid opening exe files.

I've tried system restore to earlier points, and the problems have not gone away. I've been able to download programs like Malwarebytes' Anti-Malware, AVG 2011, and SUPERAntiSpyware Free Edition, and run them (without updating them; can't connect to internet) and although they have detected and quaranti... Read more

Answer:Suspected malware preventing operation of any programs

16 more replies
Relevance 50.02%

we are in a small corporate environment.we have one user that needs administrator permissions to run some softwarethe problem is, this user regularly accidentally installs viruses and malware from her browsing habits.we have spent countless hours cleaning up the system from various attacks, malware and viruses.is there a way to give the user admin permissions to run the software, but block things from being installed.it is an active directory systemthanks

Answer:preventing virus and malware from admin user

mmm... Bit of rum situation when a user with admin rights is part of a problem re' malware/viruses etc...Perhaps restrict the profile (for that user only) so as to NOT allow actual online presence; able to browse access local network etc but thing outside of it?

5 more replies
Relevance 50.02%

Please help to solove the problem. Google chrome when opens https://google.com tels that it can not open real google.com. But it opens https://www.yahoo.comDDS (Ver_2012-11-20.01) - NTFS_x86Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.65.2Run by U135428 at 18:08:26 on 2014-07-28Microsoft Windows 7 Enterprise 6.1.7601.1.1254.90.1033.18.3014.1552 [GMT 3:00].AV: McAfee VirusScan Enterprise *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\Hpservice.exeC:\Windows\system32\WUDFHost.exeC:\Windows\System32\spoolsv.exeC:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exeC:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exeC:\Program Files\Cisco Systems\VPN Client\cvpnd.exeC:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exeC:\Program Files\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exeC:\Program Files\McAfee\Common Framework\FrameworkService.exeC:\Windows\system32\mfevtps.exeC:\Program Files\Common Files\McAfee\SystemCore\mcshield.exeC:\Program Files\... Read more

Answer:Malware preventing https work on chrome

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/542521 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

4 more replies
Relevance 50.02%

Hi there,

I've had my attention drawn to my sister in laws computer that appears to be causing major problems. it won't open IE or FF but will run Chrome. when trying to place the computer into safe mode the power cuts and it reverts back to booting up. this happens at all versions of safe mode.

I've run an avast boot scan and found several files infected with Win32:rootkit-gen. I've also run malware antibytes with no luck. i'm out of ideas :S


DDS (Ver_2011-07-14.01) - NTFS_x86
Internet Explorer: 7.0.5730.13
Run by Kathrin Wallace at 20:24:21 on 2011-07-17
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.2039.1212 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenge... Read more

Answer:Unknown Malware preventing safe mode?

Hello and welcome to TSF Virus & Malware support. My name is Taylor and I'll be helping you with your fix.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem as soon as possible.

You may wish to subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please be patient with me during this time.

9 more replies
Relevance 50.02%

Sup hoes, I'll jump right into it.Workstation at a clinic is infected with a piece of malware that disables antivirus as soon as it's accessed. So far I've tried to run AVG's scan and MalwareBytes' scan. Running malware bytes once after installing will start the scan and the search is stopped seconds after initializing, program is terminated. At this point then the program can not be opened. Attempting to open mbam.exe delivers error "Windows can not access the specified device, path or file. You may not have the appropriate permissions to access the item." Identical results if repeating this entire process in safe mode.Installing AVG; AVG Active Anti-Virus (the real-time scan) disables and can not be enabled. An attempt at a scan with AVG results in an immediate conclusion stating no threats were found (nothing scanned). Safe mode is similar, the AVG scan will run for about 15 seconds then just simply close.The only active process I found out of the ordinary was this entry: "3517402925:3534772270.exe" - 464K. Ending the process does not seem to have any effect; it remains there. It is an active process in Safe Mode as well. Found registry entry inLOCAL_MACHINE > System > Services > 2d4fa7d1 >name: imagepathdata: \systemroot\3517402925:3534772270.exeAlso appears inLOCAL_MACHINE > System > CurrentControlSet > Services > 2d4fa7d1LOCAL_MACHINE > System > ControlSet003 > Services > 2d... Read more

Answer:Malware preventing Anti-Virus from scanning

Hi Putrid, I know it looks like a lot, but it's really just a lot of text asking for only 4 scans. Once you've done these and posted the results in your next post, let me know how the computer is running.Note: You may have to perform some or all of the following in Safe Mode With Networking, depending on if you have internet access while in the normal Windows environment.========================================================================================================================================================Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.========================================================================================================================================================Please download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the update... Read more

3 more replies
Relevance 50.02%

I get svchost.exe errors on bootup with references to 0x85993a44 and 0x01c8284.

I get Google redirects.

I cannot do a Windows update. I get Error number: 0x80072EFF

I've attached the logs.

It looks like the limit for attachments is 4, but the 5th is short and is here:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/25/2008 at 04:17 AM

Application Version : 4.22.1012

Core Rules Database Version : 3685
Trace Rules Database Version: 1662

Scan type : Complete Scan
Total Scan Time : 01:39:58

Memory items scanned : 918
Memory threats detected : 0
Registry items scanned : 9108
Registry threats detected : 0
File items scanned : 47848
File threats detected : 0

Any help???
 

Answer:Malware preventing Update and causing redirects

Welcome to Major Geeks!

We need some additional info. Please run this: GMER - running with a random name and attach the log from GMER.
 

10 more replies
Relevance 50.02%

Hi.  I am helping a friend remove malware.  She is using Windows 10, 64 bit.  The symptoms were the inability to connect to the internet.  I booted into safe mode with networking and was still unable to connect to the internet.  I tried troubleshooting the connection using Windows built in troubleshooter.  The "unidentified Network" message persists.  I ran a program called "CleanUp!" to clear temp files, history, etc.  I ran Malwarebytes, Spybot, and Hitman Pro.  A slew of files and reg entries were found and removed.  There are some entries that keep returning when scanning with Spybot and rebooting.  I am now able to connect to the internet in Safe Mode with Networking.  Though, still unable to connect in normal mode.  I have ran FRST as directed.  I will include the following in the post: Spybot report, FRST.txt, and Addition.txt.  Thank you in advance for the assistance.
 
***Search results from Spybot - Search & Destroy***
 
1/20/2018 2:20:53 PM
Scan took 01:16:39.
7 items found.
 
MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-612429805-3072876167-3422260051-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54
 
MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, noth... Read more

Answer:Unknown Malware preventing internet connection

Greetings davsnotn and to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.If you would allow me to call you by your first name I would prefer to do that.===================================================Ground Rules:First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems... Read more

8 more replies
Relevance 50.02%

Just occured to me to try using IE 64 on this Win7 64 machine as I've been reading this site from an alternate machine. It seems to work fine, but Firefox, Chrome or IE 32 won't work. I've checked the hosts file as well.

Microsoft Security Essentials Detected the following since this all occurred:

Trojan:Win32/Ertfor.A
Trojan:Win32/Hiloti.gen!D
Trojan:Win32/Wimpixo.E
VirTool:Win32/Obfuscator.KG
Rogue:Win32/Winwebsec
Trojan:Java/Mesdeh.C
Trojan:Java/Mesdeh.A
Trojan:Java/Mesdeh.D
VirTool:Win32/Obfuscator.KG
Trojan:Java/Mesdeh

Norman Malware Cleaner from 11/13 detected/removed 5 things but unfortunately I didn't log them.

I can't remember if ESET picked up anything- the history logs aren't showing anything, and it's not able to update itself (presumably the same protocol used as 32-bit browsing?)

GMER also has many of the options listed in the preparation guide greyed out:
 gmer.png   68.07KB
  1 downloads

---

DDS (Ver_10-11-10.01) - NTFS_AMD64
Run by John Doe at 8:53:01.79 on Sun 11/14/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
Microsoft Windows 7 Enterprise 6.1.7600.0.1252.1.1033.18.4060.2493 [GMT -8:00]
============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files�... Read more

Answer:Possible Malware Remnants Preventing Any 32-bit Browser From Working

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

10 more replies
Relevance 50.02%

Hey guys, I apologize in advance, but I want to let you guys know I am not tech-savvy whatsoever; I fell upon this forum by google searching repeatedly on issues my computer is having; Anyway, I think I have cornered down the problem;
 
 
I am unable to connect to the internet with my desktop (all other devices in my house are able to connect)
 
chrome, IE, etc etc are all giving me the error that they "could not connect to the proxy"
I go into my browser settings to disable the proxy which I never set up, and, it is automatically re-enabled; Obviously I have malware of some kind;
 
I have ran hitman 64bit, malwarebytes, and neither of them succeeded; I was reading multiple threads on this forum from people who were having the same issue and noticed that the mods/"consultants" here were asking them to have some kind of scanner run and create a log for them to see; I also noticed the solutions they offered were specific to the OP's computer, and thus, could not be used by others reading.
 
So, I have created this thread in hopes that someone can help me. Just tell me what to do and ill get right on it!
Thanks guys, I really appreciate the help;

Answer:Malware setting up a proxy and preventing me from disabling it

Also, I have a dell desktop with a preinstalled version of windows;
 
The F**** joke of a "reset/recovery" disc made in windows 8 doesnt work; I have created a repair disc using the program in windows 8, and, when I try to use it, it tells me the "media is not valid"
 

I have also looked up my product key using belclair or something like that, and went to microsoft's website, only for them to reject the product key in a new installation of windows;
 
therefore, I can not do a clean install of windows 8; I am bleep out of luck here with dell and microsoft and it seems my only option is getting rid of this malware myself;

2 more replies
Relevance 50.02%

Hello.

For about two weeks now I have been battling several trojans/worms that have attacked my computer. I have managed to remove the majority but I'm still having one problem; I cannot update, run in real time or reinstall my Symantec Antivirus program. Every time I attempt to reinstall my antivirus program I have a window pop up saying my computer will shut down in 60 seconds; it also says I initiated this shutdown sequence. I usually use to Mozilla Firefox but I did use Internet Explorer about two weeks ago to view some sports videos on Yahoo Sports (the videos could not be opened with Firefox). Ever since I used IE my computer started acting weird; pop up ads all over the place, additional browser windows opening and my task bar disappearing. All those problems have been fixed except the problem of my antivirus.

Thanks ahead of time for your help!

Best,
Erika
 

Answer:Malware Preventing the Reinstallation of Antivirus Program

Attached is my MG log....
 

4 more replies
Relevance 49.2%

I've followed the Prep Guide but have been unable to get DDS to run despite repeated attempts. I've also tried to run Root Repeal several times without success. I then downloaded RSIT. Here's the log file:
"Logfile of random's system information tool 1.06 (written by random/random)
Run by GREG GOODFELLOW at 2010-01-04 15:32:45
Microsoft Windows XP Professional Service Pack 3
System drive C: has 52 GB (34%) free of 153 GB
Total RAM: 1015 MB (28% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\OGADaily.job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\... Read more

Answer:Infection Preventing Malware Removal Tools from Running

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner ... Read more

15 more replies