Computer Support Forum

Browser Hijacking (IE11 and EDGE)

Question: Browser Hijacking (IE11 and EDGE)

Hi Folks
Be extra careful currently as there is STILL a problem in security with IE11 and Edge which can allow "unscrupulous" users to hijack your browser / do other nasty things - and currently NO A/V software can protect against this.

BE VERY CAREFUL if using IE11 / EDGE until Ms applies the patch. DO NOT RELY SOLEY ON YOUR A/V SOFTWARE - this won't protect you in this case. People are often lulled into a false sense of security after installing some extra A/V software -- this actually makes them MORE likely to fall into traps than people who only have the base WD stuff installed but browse carefully. !!!

Here's the article - from BBC (and Google) so it's not from some dubious journalist writing for a magazine hoping to make a few bucks.

Bad bug found in Microsoft browsing code - BBC News

I posted this note also in the Browsers section as some people don't read this part of the Forum.

Cheers - and SAFE browsing

jimbo

Relevance 100%
Preferred Solution: Browser Hijacking (IE11 and EDGE)

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Browser Hijacking (IE11 and EDGE)

Thanks for the heads up. I guess it will be patched soon (I hope it too).

4 more replies
Relevance 77.49%

I have tried both browser ie11 or edge, IE 11 is a little different from windows 10 Edge/
I would like your opinion on which will give you less trouble and is faster
 

Answer:browser ie11 or edge which is better

Firefox or Chrome for me, only use IE for one old email account i check weekly!
 

12 more replies
Relevance 61.09%

DISCLAIMER: - WE are an independent organization working as online third party technical support company for business and personal computer software,browsers,printers and email support.

Technical Support For Microsoft edge Page Issue : 1800-385-4895
Microsoft edge +1800-385-4895 Customer Support  Number,  Microsoft edge Technical Helpline Number  USA, Microsoft
edge support phone number united states +1800-385-4895
Microsoft edge +1800-385-4895 Customer Support ,
 Microsoft edge technical Support phone number USA, Microsoft edge support phone number united states +1800-385-4895
Microsoft edge +1800-385-4895 Customer Support  Number Microsoft edge technical Support phone number USA, Microsoft edge
support phone number united states +1800-385-4895
+[email protected]@@ Microsoft edge tech support number , .Microsoft edge technical support phone number Microsoft edge Toll Free
- 1800-385-4895 Microsoft edge Technical Support Number, Microsoft edge help desk phone number
 
Just Call, +1800-385-4895 for all type help related Microsoft edge Page Issue support telephone number,Microsoft edge support
phone number,Microsoft edge support phone number,Microsoft edge help phone number, Microsoft edge technical support number.Microsoft edge support number, Microsoft edge phone number, Microsoft edge tech support number, Microsoft edge customer support number,
Microsoft edge customer support phone number, Mi... Read more

More replies
Relevance 57.81%
Question: IE11 vs. Edge

Does anyone know of a good source that explains the difference between IE11 and Edge? Pretty much all I've gathered is that Edge isn't as compatible with as many web-sites as IE11. Why the introduction of a new browser? Why isn't it more compatible?

Answer:IE11 vs. Edge

Browser Microsoft Edge and Internet Explorer 11 (Windows 10)

IE has become a failure and MS is trying to start over with a new browser, Edge. This is a ground up design of a new browser and it's looking good right now for a browser that's only about a year old. I've been using it for some time and it's been a good experience for me at least.

8 more replies
Relevance 57.81%
Question: IE11 vs. Edge

Does anyone know of a good source that explains the difference between IE11 and Edge? Pretty much all I've gathered is that Edge isn't as compatible with as many web-sites as IE11. Why the introduction of a new browser? Why isn't it more compatible?

Answer:IE11 vs. Edge

Browser Microsoft Edge and Internet Explorer 11 (Windows 10)

IE has become a failure and MS is trying to start over with a new browser, Edge. This is a ground up design of a new browser and it's looking good right now for a browser that's only about a year old. I've been using it for some time and it's been a good experience for me at least.

1 more replies
Relevance 57.81%

edge seems massively dumbed down, very bare options configuration compared to IE11.

From what I can see all of the following are missing.

No options to toggle tls 1.1 1.0 1.2 etc.
No options to toggle gpu acceleration
No options to set file cache location (I like to use ram disk)
No security zones
No tracking protection lists
No addons
No advanced cookie settings
No per domain settings
No options to adjust certificate verification
No options to adjust UTF-8 and IDN
No toggle for crash protection
No tab options

Basically edge feels like a mobile orientated app, as it uses the "modern" interface.

Is there a reason to use edge instead of IE11? aside from future proofing as I am assuming IE11 at some point will be obsoleted by Microsoft.

Answer:is it me or is ie11 better than edge?

Edge is still very early in it's development cycle.. give it time and it will get much better.

Oh and I'm using it right now to post here and I like it.. very fast and clean.

24 more replies
Relevance 57.81%
Question: Edge Hijacking?

Is this a highjacking?
Did scans with Defender, Mbam, Adwcleaner and Hitman Pro, which none detected.
Could not open Edge without it appearing.
Finally solved with a backdated recovery.

Answer:Edge Hijacking?

Hi!
Looks like a scammers managed to infect your computer with malware. There is no point in calling the number. They would take control of the computer, steal data and extort money.

Start the infected computer in SAFE MODE and install Malwarebytes. It should be able to detect and remove this infection.

Regular antivirus programs may not be very effective against adware.

You can also try Eset Online Scanner.

10 more replies
Relevance 57.4%

I just updated to Win10 and Edge and the Store are not working but I can get access to the web via internet explorer. How do I fix this?

More replies
Relevance 56.58%

I can't keep seem to keep games working with EDGE or Internet 10 as they don't take chrome or google. IE11 not working right for everything. Updates very often especially for flash etc.

More replies
Relevance 56.58%

ok, so I upgraded??? to win 10, now my ie11 is not to be found. how do I remove this edge and put back my ie 11?

Answer:how to remove edge and put back ie11

Its still there,
Go
Controlpanel>programmesfeatures>Turnfeatures On/Off tick Ie11,
Then go to Control panel>defaultprogrammes> select Ie11.

You>> might <<also be able dissable Edge from Tiles .(not sure thou)

Roy

4 more replies
Relevance 56.58%

Hi
I've been passed on to this forum from the office365 support team as they consider the issue I'm having to be a fault with Internet Explorer.
For a while now Edge closes itself as soon as I try to open it event log says...

Faulting application name: MicrosoftEdge.exe, version: 11.0.10240.16771, time stamp: 0x56fa27b5
Faulting module name: eModel.dll, version: 11.0.10240.16771, time stamp: 0x56fa234c
Exception code: 0xc0000409
Fault offset: 0x00000000001122d3
Faulting process id: 0x1580
Faulting application start time: 0x01d19bc11c2364d6
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Faulting module path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\eModel.dll
Report Id: 29bd26ae-51c6-4c0b-9f23-20491f3eef73
Faulting package full name: Microsoft.MicrosoftEdge_20.10240.16384.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge
My Initial problem I had with Office365 was that I didn't have the option to pin apps.  If I reset IE it works ok, if I restart the PC it stops working again.  Pin apps works if I use inprivate browsing. I have disabled all add-ons and that made
no difference.
I have tried with a different user and all works ok for that user, including edge.
If I delete my local profile, it creates a new one for me when I log on and all is fine for a few days until Edge stops working again and all the faults come back.
Any ideas on how to f... Read more

More replies
Relevance 56.58%

Really don't like Edge, and I know my old IE11 is still there, so how can I get rid of Edge and go back to IE?

Answer:Can I go back to IE11 once Edge is installed?

Use the search bar to search for "Internet Explorer" and you will see it there. Just pin to your start-screen/task bar as appropriate.

2 more replies
Relevance 56.58%

We want to have a pdf file download on our website for IE11. PDF's seems to act differently on the various operating systems in the various browsers. Also how it is made has an effect: Microsoft 2010 vs Adobe DC on a Windows 7 OS. (we are also trying W10
os & MSWord10 to pdf) Most of our users are in IE. where how it is made makes no difference on a W10 machine. It just puts up blank pages for a long time. Any suggestions?

Microsoft 2010 doc W7 OS used to create a pdf loaded to a W2008 server:

Windows 7- downloaded quickly in IE11, Chrome, FirefoxWindows 8 - downloaded quickly in IE11, Chrome, FirefoxWindows 10 - blank page loaded with no text for many minutes in Edge, fast in Chrome and Firefox
Note - this is with Acrobat DC Reader installed - the Word version worked before the update
In Design to Adobe DC created pdf W7OS  loaded to a W2008 server:

Windows 7- takes many minutes in IE11 (seems to hang midway), fast in Chrome, fast in FirefoxWindows 8 - downloaded quickly in IE11, Chrome, FirefoxWindows 10 - blank page loaded with no text for many minutes in Edge, many minutes in Chrome, fast in Firefox

More replies
Relevance 56.58%

I have disabled the tab preview for IE11 (through IE Options) so that I can minimize my IE from the taskbar icon even with multiple tabs open. So... can I enable tab previews by hovering over the tab, such as is the case in Edge? Thanks in advance.

More replies
Relevance 56.58%

I am having problems on my laptop using things like Cortana across user accounts. The wheel spins and spins when I click on Cortana. I think the problem stems from the fact edge and IE11 cannot load outlook.com or go into things like account settings. It's only this causing the issue, all other sites work apart from these critical MS sites. I've tried changing DNS settings to alternates like google but nothing works to fix this. Any advice would be greatly appreciated? On my other desktop PC I have no issues. All language settings and packs are correctly set as UK. Am at a total loss. I tried a restore point but that was no better. I've had this issue crop up intermittently ever since getting the laptop. Sometimes it works ok but after a while the issue will re-occur without rhyme or reason. I notice under family setitngs 'Can't connect to family settings, your user data may not be upto date' sometimes comes up too. It's as if the laptop is having trouble connecting to MS server some of the time

Answer:Outlook.com unreachable via edge and IE11

The machine seems to be having real problems signing into MS. For example if I launch films and TV I see lower left 'Can't sign in'. I think there is something amiss logging into the MS account causing all the issues. Store is slow and unable to update apps, always an error message after ages of acquiring license. I don't really want to have to try and create a new user acc given everything I have setup/installed

Is there a way of signing out of the MS account and signing back in because something is seriously screwed up

Cheers
Wayne

2 more replies
Relevance 56.58%

To enable the new engine, just type ?about:flags? in IE11?s address bar, select ?Enabled? under ?Enable Experimental Web Platform Features,? and restart the browser. Enabling the "Custom User Agent" option will trick sites that nerf IE specifically into using the Spartan Edge rendering engine.



Internet Explorer Edge Mode - Enable or Disable - Windows 10 Forums

Two words: IT'S FAST

Answer:Using EDGE in IE11 on build 10041

Can't access MajorGeeks through it.

3 more replies
Relevance 56.58%

I have disabled the tab preview for IE11 (through IE Options) so that I can minimize my IE from the taskbar icon even with multiple tabs open. So... can I enable tab previews by hovering over the tab, such as is the case in Edge? Thanks in advance.

Answer:IE11 Tab Preview (Similar to Edge)... Possible?

nobody?

1 more replies
Relevance 56.58%

I am having problems on my laptop using things like Cortana across user accounts. The wheel spins and spins when I click on Cortana. I think the problem stems from the fact edge and IE11 cannot load outlook.com or go into things like account settings. It's only this causing the issue, all other sites work apart from these critical MS sites. I've tried changing DNS settings to alternates like google but nothing works to fix this. Any advice would be greatly appreciated? On my other desktop PC I have no issues. All language settings and packs are correctly set as UK. Am at a total loss. I tried a restore point but that was no better. I've had this issue crop up intermittently ever since getting the laptop. Sometimes it works ok but after a while the issue will re-occur without rhyme or reason. I notice under family setitngs 'Can't connect to family settings, your user data may not be upto date' sometimes comes up too. It's as if the laptop is having trouble connecting to MS server some of the time

Answer:Outlook.com unreachable via edge and IE11

The machine seems to be having real problems signing into MS. For example if I launch films and TV I see lower left 'Can't sign in'. I think there is something amiss logging into the MS account causing all the issues. Store is slow and unable to update apps, always an error message after ages of acquiring license. I don't really want to have to try and create a new user acc given everything I have setup/installed

Is there a way of signing out of the MS account and signing back in because something is seriously screwed up

Cheers
Wayne

1 more replies
Relevance 56.58%

Has anyone figured a way to turn this crap off?

Yes, I know that Edge is Microsoft's "preferred" browser. No, I'm not interested. I need IE for work purposes because of legacy ActiveX components, so that annoying icon does no good.

I'm trying to get the new build ready for work on our domain, but considering all our employees heavily use IE every day, this is going to get on everybody's nerves and fast!

I tried copying the iexplore.exe from Anniversary Update (1607) to 1703 VM, and got an error about a missing ordinal in the EXE. So I'm thinking they added it that way - not seeing any settings, GPOs, or any other way to turn it off.

Even better when you're logged in as the local Administrator account which cannot run Edge or any other Modern apps but the stupid icon still shows up and is completely useless

Answer:That annoying Edge icon in IE11 on CU

Hello drfsupercomputer,

The tutorial below can help show you how to remove the "Open Microsoft Edge" tab in Internet Explorer.

Add or Remove Open Microsoft Edge Tab Button in Internet Explorer - Windows 10 Browsers Email Tutorials

3 more replies
Relevance 56.58%

Hi all,
Requesting your votes to get the WebRTC in IE11/Edge:https://windowsphone.uservoice.com/f...port-of-webrtcWebRTC - Wikipedia, the free encyclopedia
All of Skypes biggest competitors are moving towards plugin-free browser calling features, and Redmond is finally admitting it has no choice but to do the same. In Microsofts own words: Its all about convenience imagine youll be able to simply open IE and make a Skype call to friends, family, or get real-time support for that new device right from your browser.
Both Google and Mozilla are way ahead of Microsoft in this area, both in terms of adding WebRTC features to their respective browsers and in terms of building plugin-free calling services that rely on the technology. In short, Skype is under threat, and Microsoft has finally decided to opt for an If you cant beat em, join em strategy.http://venturebeat.com/2014/10/27/mi...rnet-explorer/

Answer:Please vote for WebRTC for IE11/Edge

Originally Posted by Pacific16 Hi all,
Requesting your votes to get the WebRTC in IE11/Edge:https://windowsphone.uservoice.com/f...port-of-webrtcWebRTC - Wikipedia, the free encyclopedia Won't happen yet as it's only a draft spec, Microsoft don't implement things until they are a standard.

2 more replies
Relevance 56.58%

Windows 10, HP 6520 Printer
I use IE 11 for most of my work and when I access Print I have the print options as designated by my printer – one of them being to print in Booklet form.
If I use Edge, the print options do not include the ability to print in Booklet form.
How can I obtain the Full print options offered by my printer when using Edge?

More replies
Relevance 56.58%

I have lumia 920 and I install WM 10 preview build 10536 on it ,but unfortunately for some reason I lost the Edge browser apps . could somebody help me on how to install it again.

Answer:Install Edge Browser on WM 10-how can I get the Edge browser apps?

Swipe right to get to your apps list and scroll down to 'Microsoft Edge'.
Pin and win.
If it's not in your apps list, that's a different problem and will require a hard reset.

6 more replies
Relevance 56.58%

Recently installed the latest version of Avant browser. I have set it not to be my default browser or to check if it is default on start up. I have Firefox set as my default browser and to check if it is on start up. The problem is every time I launch Avant and use it it makes itself the default browser. I know this because when I launch Firefox it says it's not the default and also if I wan to set it as the default. I do and when I use Avant again it steals the default browser setting again. I asked about this on the Avant forum and nobody has a solution. Most people on the Avant forum use that browser as their default so they don't care if it makes itself default. Any suggestions on how to stop this? I find this behaviour from a browser to be malware like.

Answer:Avant Browser Hijacking Default Browser Setting.

Welcome to Bleeping Computer Anthony A This is a good article on how to set Firefox as your Default Browser: Default Browser.If all else fails, the third-party utilities offered should work for you.

4 more replies
Relevance 56.17%

I have posted this question/complaint on another thread, but I have been locked out. So I'll try again. Why can't Microsoft fix the Edge import process to reliably import all favorites from IE 11? I have tried all the workarounds including copying the IE 11 favorites to the <username>/appdata/local...directory and the editing the Registry. Nothing works. Why should it be so difficult for MS to implement a reliable Favorites transfer? What is the point of using Edge, when IE 11 is more friendly?

Any thoughts/suggestions? I have been using Windows 10 for over a year and the problem persists.

More replies
Relevance 56.17%

Hi there

While Silverlight is as everybody knows RUBBISH it IS a requirement for watching SKY GO on Windows. Sky GO on Android doesn't use it so It must be possible for Ms to have some other method of protecting DRM material.

So (and SKY GO is used by loads of SKY customers --particularly for Sport and Movies) as EDGE which (intentionally) doesn't support Silverlight people will have to keep IE11 for the foreseeable future - unless one wants to use CHROME - which I don't really like --YMMV on this one of course.

If Ms wants people to switch as quick as possible to EDGE they need to get current applications to work with it.

At least though SKY GO works on W10 !!.

(For those who don't know what SKY GO is - it's the service from the U.K Satellite Broadcaster SKY that people can use to stream programs on to their tablets, computers and phones - quite a good service BTW if you have SKY TV.

Good on some Rail services too in UK where trains have fast Wi-Fi available !!!

Cheers
jimbo

More replies
Relevance 56.17%

I have posted this question/complaint on another thread, but I have been locked out. So I'll try again. Why can't Microsoft fix the Edge import process to reliably import all favorites from IE 11? I have tried all the workarounds including copying the IE 11 favorites to the <username>/appdata/local...directory and the editing the Registry. Nothing works. Why should it be so difficult for MS to implement a reliable Favorites transfer? What is the point of using Edge, when IE 11 is more friendly?

Any thoughts/suggestions? I have been using Windows 10 for over a year and the problem persists.

Answer:Problems Importing Favorites into Edge from IE11

Well, you didn't really tell us what problems you were having with performing the import.

So, let's skip the diagnosis and jump right to an alternative approach...

You might consider using a 3rd-party application called EdgeManage to see if you have better luck with performing an import operation from Internet Explorer.

5 more replies
Relevance 56.17%

Folks,

Before I wiped my Windows 7 install, I exported my IE11 favorites into an HTM file, "bookmark", by using IE11's "export" feature.

My clean Windows 10 install only has 2 browsers: Edge and Chrome. I do not want to install IE11.

How do I get the saved favorites/bookmarks to be imported into Edge? There is no browse function. Edge only allows an automatic import, and that seems to require a functioning IE11 install.

Thanks,
Ken

Answer:How do I import saved IE11 favorites into Edge?

Hello Ken,

Windows 10 still comes with Internet Explorer.

Internet Explorer - Open in Windows 10

If you like, the tutorial below can help show you how import favorites from IE to Edge.

Microsoft Edge - Import Favorites from Internet Explorer in Windows 10

1 more replies
Relevance 56.17%

Hi all
we have set a EDGE und IE11 GPO for Entersprise Site but it don't work?
have anybody experience with edge and IE11?
XML ????
<rules version="4">
  <docMode>
    <domain docMode="edge">abc</domain>
    <domain docMode="11">xyz</domain>
 </docMode>
  <emie>
    <domain docMode="11">xyz</domain>
  </emie>
</rules>

must set both? IE11 and EDGE


Chris

More replies
Relevance 56.17%

Folks,

Before I wiped my Windows 7 install, I exported my IE11 favorites into an HTM file, "bookmark", by using IE11's "export" feature.

My clean Windows 10 install only has 2 browsers: Edge and Chrome. I do not want to install IE11.

How do I get the saved favorites/bookmarks to be imported into Edge? There is no browse function. Edge only allows an automatic import, and that seems to require a functioning IE11 install.

Thanks,
Ken

Answer:How do I import saved IE11 favorites into Edge?

Hello Ken,

Windows 10 still comes with Internet Explorer.

https://www.tenforums.com/tutorials/1...dows-10-a.html

If you like, the tutorial below can help show you how import favorites from IE to Edge.

https://www.tenforums.com/tutorials/1...dows-10-a.html

5 more replies
Relevance 56.17%

my windows 10 has the Blue E that states 'Microsoft Edge' when mouse hovers over the taskbar avatar .. but My MSN videos play videos back in black screen( no video) and sound is OK .. BUT every where I look for a fix remedy says to fix this within IE11 settings where is IE11?

"When upgrading from an earlier version of Windows to Windows 10, Microsoft Edge will automatically become your default browser. Microsoft Edge is a new internet browser introduced with Windows 10 ."

in the mean time have made my default browser google chrome and have no problem with MSN videos ...

Answer:Running windows 10 AEd . confused over IE11 and EDGE

Windows 10 comes with both IE11 and Edge built in. Edge is Microsoft's recommended browser and the one where all future development will concentrate. But the business world would throw up their hand in horror if IE was removed - many bespoke company Intranet applications will only work with IE because only IE can run Microsoft ActiveX controls. Indeed Microsoft's own Update Catalog website will only work with IE for the same reason.

You have IE if you really need it but MS don't really want you to use it, so it's hidden away on an infrequently visited part of the All Apps list. It's to be found under 'Windows Accessories'. The only other place you can find it is (ironically) in Edge. Open any webpage, click on the 'three dots' icon at the top right and one of the items in the menu that appears is 'Open with Internet Explorer'. However you get to it, once running you can pin it to the taskbar.

But finding IE isn't necessarily going to help you fix Edge's video problems, the settings you need to change may be in Edge, not IE. It's not clear what you mean by 10 A.Ed. Can you type Winver in the search box next to Start and run it. To be of more help we need to know the full set of numbers shown there for the version and OS build.

What I can tell you is that for my version 1607 (OS Build 14393.187) Edge has no such problems showing videos from MSN.

4 more replies
Relevance 56.17%

my windows 10 has the Blue E that states 'Microsoft Edge' when mouse hovers over the taskbar avatar .. but My MSN videos play videos back in black screen( no video) and sound is OK .. BUT every where I look for a fix remedy says to fix this within IE11 settings where is IE11?

"When upgrading from an earlier version of Windows to Windows 10, Microsoft Edge will automatically become your default browser. Microsoft Edge is a new internet browser introduced with Windows 10 ."

in the mean time have made my default browser google chrome and have no problem with MSN videos ...

More replies
Relevance 56.17%

Just built a new box with an ASUS X99m ws board and Intel 5930 processor, booting from a Samsung 950 Pro with 4 WD blacks configured in a RAID 10 storage and backup.
I've read and tried every googled fix and trick for getting MS Edge to load pages to no avail. Even went so far as to try the admin only delete and reinstall of MS Edge. No luck. Anybody know of anything else that doesn't show up in a standard search?
What's interesting is Edge works fine on an old DELL XPS 720 from 2006 that was upgraded a week ago. No luck on the hot, new one.

More replies
Relevance 56.17%

Hi Team, I am using  HP Pavilion x2 (OS- WIndows 10).  When I  use this as laptop, most of sites are working good. But when I use this as a tablet few sites are not working as expected. e.g tab functionality is not working in IE11 and edge. Using main menu I am unable to navigate to other pages. You can try https://hmri.org.au/ in IE11 & edge.  Microsoft Edge 25.10586.0.0Internet Explorer 11 I am not sure how to reslove this problem ? is this any problem with device ?  Thanks,Ashwini 

More replies
Relevance 55.35%

Hello,

I am unable to access Sign in to your Microsoft account on my desktop computer running Windows 10 on a home Ethernet network using Edge and IE11. I am connected to the Internet through a Fritz!Box 7490 DSL connection.

I originally tried to solve this problem as a network issue - and it may still turn out to be one - but since I am able to log in to my live.com account using Google Chrome on this computer and from Linux and OS X machines on the network, I am now looking at the possibility that it is some setting shared by Edge and IE11 that is causing my problem.

A secondary effect of this problem is that I am unable to activate Office 365 products, because once I enter my account email address, the activation process wants to take me to live.com to confirm my subscription.

I have seen a number of posts on this and other sites about the "Hmm..." messages, and that's the message I am shown when I try to access login.live.com. Since, in all of the other posts, the issue was a complete inability of Edge to access the sites, this seems to me to be something different. Thus, I started a new thread rather than add to one of the others.

I will be grateful for any and all suggestions on how to fix this problem.

Cheers,
hussar

Answer:Edge and IE11 cannot reach https://login.live.com

Hi:

What antivirus and other security applications are you running?

MM

1 more replies
Relevance 55.35%

Microsoft has announced that (the embedded) Flash for IE11/ActiveX & Edge on Win10 was finally updated to 20.0.0.272

https://technet.microsoft.com/library/security/2755801
https://support.microsoft.com/en-us/kb/3133431

Remark:   Based on the change in wording in the above document... as well as "confirmed" on my Win8.1 tablet... there has NOT (yet?) been a corresponding update for Win8.x

Answer:Updates 1/5/16 - Flash for IE11/ActiveX & Edge on Win10

So to summarize the Flash confusion at present:
the current Flash plug-in version (non-IE browsers) is 20.0.0.267
The current IE/ActiveX version for Win 7 and earlier is 20.0.0.270
The temporary [?] version for IE10/11 on Windows 8.x is also 20.0.0.267 ; an update was expected, but has not been released as of this writing (6 January 2016, 12:40pm EST).
The current IE11/ActiveX and Edge version for Win 10 is [allegedly] 20.0.0.272
 

 

3 more replies
Relevance 55.35%

I would like to replace working certificate for the localhost (127.0.0.1), with an end date in a few months. (Win10 - Edge - IE11)
I managed to create a certificate (made a copy form the previous one with Powershell), and imported it in the list of Trusted Root Certificates. I removed the previous certificate.

But Edge (and IE11 since I suppose Edge has no support for this yet) is still pointing to the old certificate.
Does anyone know how to make the browsers point to the new certificate?

More replies
Relevance 55.35%

Hi there

What a DOGS DINNER of a mess -- SKY GO is still using Silverlight for DRM - however it's deprecated in Windows so sooner or later IE11 won't work with it. Edge of course doesn't work with it, and the non Ms browsers seem randomly to work or not work.

This is NOT an Ms problem though -- surely SKY could use similar DRM / Copyright protection to NETFLIX etc - since the ANDROID application works without any problem whatsoever they must be using something other than Silverlight.

I only suspect that SKY would rather get people to sign up to their SKY Q service -- it's fine but not very portable if you want to watch on a laptop instead of on a small tablet or smart phone.

If Ms would RETIRE Silverlight completely then SKY would be forced to fix SKY GO for their customers !!!!

I suppose the words Customer and Service should probably be removed from the English Language or relegated tp a History archive as it seems with pretty well ANY service one subscribes to there is just about ZERO customer service available any more.

Cheers
jimbo

Answer:SKY GO - edge, IE11 and silverlight What a dogs dinner of a mess

Silverlight is expected to have a long life-cycle:
https://support.microsoft.com/en-us/...arch/?c2=12905

compatibility issues are always on the agenda, given that rs3 builds are going deeper into underlying code
I suspect we may see improvements further down the line, at present I am getting hints that Edge is not fully compatible yet..

- no doubt, there will be more on this subject in the coming months..

6 more replies
Relevance 55.35%

Hello,

I am unable to access Sign in to your Microsoft account on my desktop computer running Windows 10 on a home Ethernet network using Edge and IE11. I am connected to the Internet through a Fritz!Box 7490 DSL connection.

I originally tried to solve this problem as a network issue - and it may still turn out to be one - but since I am able to log in to my live.com account using Google Chrome on this computer and from Linux and OS X machines on the network, I am now looking at the possibility that it is some setting shared by Edge and IE11 that is causing my problem.

A secondary effect of this problem is that I am unable to activate Office 365 products, because once I enter my account email address, the activation process wants to take me to live.com to confirm my subscription.

I have seen a number of posts on this and other sites about the "Hmm..." messages, and that's the message I am shown when I try to access login.live.com. Since, in all of the other posts, the issue was a complete inability of Edge to access the sites, this seems to me to be something different. Thus, I started a new thread rather than add to one of the others.

I will be grateful for any and all suggestions on how to fix this problem.

Cheers,
hussar

Answer:Edge and IE11 cannot reach https://login.live.com

Hi:

What antivirus and other security applications are you running?

MM

4 more replies
Relevance 55.35%

Hi there

I believe this also appeared on Google as well but here's a very recent (2 days ago approx) note from the BBC about security problem found in Edge and IE11 browsers.

Bad bug found in Microsoft browsing code - BBC News

I haven't had any update over this yet --anybody know if Ms has patched this problem yet.

Cheers
jimbo

Answer:Has Ms fixed security flaws found in Edge and IE11 yet

Not yet, apparently - but someone else has...

Unpatched Windows Vulnerability Gets a 3rd Party Fix

1 more replies
Relevance 55.35%

Yesterday I was forced to reboot my computer as MS installed some Windows Updates. After the reboot I can no longer access google.com's main page and some other https site like my companies Citrix Storefront login page. These all worked before the forced update. There were 2 updates installed KB3142588 and KB3140768. I uninstalled the KB3142588 and rebooted and everything worked again. Later in the day again MS installed something and forced me to reboot. After the reboot, the same problem came back. Funny thing now, is that those 2 updates are no longer there and were replaced by others. One of them I could uninstall and the other I cannot. I uninstalled the one (didn't write done the KB#) and rebooted and still the same problem. It only really seems to be issues with some https sites. I can't believe that there is a problem with googles certificate.

I get a "There is a problem with this website's security certificate". The security certificate presented by this website is not secure. Security certificate problems may indicate an attempt to fool you or intercept and data you send to the server.

I cannot just accept the cert nor can I look at it like I could in Windows 7.

More replies
Relevance 55.35%

MS16-064 Security Update for Adobe Flash Player (3157993)   
has been revised:
KB 3163207 updates Flash (ActiveX) to 21.0.0.242 in Windows 8.1/10 
[ KB 3157993, issued on Tuesday 5/10, had updated Flash (ActiveX) to 21.0.0.241  ]   

More replies
Relevance 55.35%

Yesterday I was forced to reboot my computer as MS installed some Windows Updates. After the reboot I can no longer access google.com's main page and some other https site like my companies Citrix Storefront login page. These all worked before the forced update. There were 2 updates installed KB3142588 and KB3140768. I uninstalled the KB3142588 and rebooted and everything worked again. Later in the day again MS installed something and forced me to reboot. After the reboot, the same problem came back. Funny thing now, is that those 2 updates are no longer there and were replaced by others. One of them I could uninstall and the other I cannot. I uninstalled the one (didn't write done the KB#) and rebooted and still the same problem. It only really seems to be issues with some https sites. I can't believe that there is a problem with googles certificate.

I get a "There is a problem with this website's security certificate". The security certificate presented by this website is not secure. Security certificate problems may indicate an attempt to fool you or intercept and data you send to the server.

I cannot just accept the cert nor can I look at it like I could in Windows 7.

More replies
Relevance 54.94%

Hello,
I'm encountering a problem on different computers.
Internet Explorer 11 and Edge are not able to open files from a shared folder located on the same computer.
For example, let's say I typed this "\\10.100.100.10\folder_1\DOC_FILE.doc" on the address bar.
The browser then shows : "This page can't be displayed".
When I display more information, the error "INET_E_RESOURCE_NOT_FOUND" appears.
I have already tried to uncheck "Enable TCP Fast open" and it is still not working.
It seems like this problem cannot be reproduced on all IE11/EDGE browsers, and can be encountered on both Windows 7 and Windows 10.
Any ideas ?
Best regards

More replies
Relevance 54.94%

Hi there

Is there any way to copy the stored passwords / account information saved in IE11 to edge

I've a couple of account logins (not Banks I hasten to add) on some sites where I can't remember all the details -- logon automatically in IE11 but I need to try EDGE a bit more now and can't remember those details.

Cheers
jimbo

Answer:Copy saved passwords / account info from IE11 to Edge

You should be able to find them in Manage Web Credentials in Control Panel. If there are only a couple you can click on "Show" and it will tell you your password and then you can enter it in Edge.


Both Edge and IE store user id/passwords here I believe but I'm not sure how to make one browser use the credentials saved by the other or even if you can.

3 more replies
Relevance 54.94%

OS: Windows 10 Pro v.1607
Suddenly Pinterest.com fails to load in Edge; a few pins appear but then the page freezes. This same Pinterest account works fine in IE on this same computer and also loads fine in Edge on other computers. Here is what I've tried without success:

1. Clear browser cache and cookies
2. Delete all files in Edge recovery folder
3. Sign in with another Pinterest user account
4. Sign in with local account instead of Microsoft Account
5. Removed saved password for Pinterest
6. Reboot computer

Edge performs perfectly with all other sites. This issue is apparently limited to this one site in this one browser on this one computer. Pinterest support suggested we use IE Of course, but I like to figure out what causes these things to happen. It may be irrelevant but this issue was first observed following a batch of Windows updates on 12/13/16. The only one that looked like a remote possibility was KB3206632, but that was a significant cumulative update that I really do not want to uninstall. Furthermore, that same update was applied to another computer which does not exhibit this issue. I'm out of ideas. Thanks in advance for any suggestions.

Regards,
John

Answer:One site (Pinterest) no longer loads in Edge but it will load in IE11.

jhcarver said:

Suddenly Pinterest.com fails to load in Edge; a few pins appear but then the page freezes. This same Pinterest account works fine in IE on this same computer and also loads fine in Edge on other computers. Here is what I've tried without success...



You've tried all the obvious things I would have suggested, but there is one more you could have a look at, the 'Use Microsoft Compatibility List' setting. This is hidden on a 'Developer settings' page which you get to by typing about:flags in Edge's address bar. Are the 'working' Edge PCs also on 1607? If so, compare this settings page on the Edge that doesn't work with the settings for one that does and see if they are different. If only the 'non-working' Edge is on 1607, then try turning 'Use Microsoft Compatibility List' on or off and see if it makes a difference.

6 more replies
Relevance 54.94%

Microsoft’s Security Staff on Monday announced that they have made the decision of keeping Adobe Flash Player as default in both the Internet Explorer 11 and Microsoft Edge browsers in Windows 10... until a good replacement is found.
http://news.thewindowsclub.com/adobe-flash-player-microsoft-browsers-86550/

Answer:Adobe Flash to remain as default in IE11 & Edge in Win10

How much did Adobe have to pay MS for that..?? 

1 more replies
Relevance 54.53%

When I push Adobe Acrobat DC to the computer, the default pdf association is set to Edge instead of Adobe Acrobat DC.
I've tried the "NoOpenWith" registry hack, (Link) but apparently this
is not working anymore with Windows 10 1607.
Does somebody know how I can fix this?

More replies
Relevance 54.53%

Nothing seems to help. I have a toolbar which appears intermittently at the top of my Google home page. I am using Microsoft Edge. It has a close (x) button and can be shut down but it reappears and hijacks searches in Google whenever it appears. You think you are typing in Google but your typing is actually being hijacked to the unwanted toolbar which then searches in Yahoo. Also separate pop ups appear from time to time in small minimised windows. Also sometimes an extra tab is inserted into Microsft Edge.

I have used Adware Cleaner, Malware Bytes, CCleaner, and Hitman Pro nut nothing seesm to fix the problem. It also infects Internet Explorer if I open that. I have removed and reinstalled Edge but that didn't work either.

Any solutions would be appreciated.
 

More replies
Relevance 54.12%

I belong to a forum where we sometimes post a music video, and I never had problems until a couple of days ago seeing a video that was downloaded to the forum in full-screen mode.

It happens in IE11 and Edge browsers, and just started. A couple of other people are having the same problems. The error message actually blocks the title of the video, so you can't read who it is.

Any idea how to go in these browsers and change the permissions to view full screen for YouTube videos even if they're on another site? On YouTube, the full screen works fine.

I haven't changed any settings at all in the last couple of days. Any advice appreciated.

More replies
Relevance 54.12%

I belong to a forum where we sometimes post a music video, and I never had problems until a couple of days ago seeing a video that was downloaded to the forum in full-screen mode.

It happens in IE11 and Edge browsers, and just started. A couple of other people are having the same problems. The error message actually blocks the title of the video, so you can't read who it is.

Any idea how to go in these browsers and change the permissions to view full screen for YouTube videos even if they're on another site? On YouTube, the full screen works fine.

I haven't changed any settings at all in the last couple of days. Any advice appreciated.

Answer:Sudden YouTube Full-Screen Issues with both IE11 and Edge Browsers

I also get the same full view error with videos here. Not a big deal, can go to youtube to see full screen if I really want to....but wondering why this is suddenly a problem in the last couple of days.

2 more replies
Relevance 53.71%

I setup a new user on a stand-alone Windows 10 laptop this weekend and noticed that most websites hang in both Edge and IE11.  I had a look at the user's rights and made sure that they were removed from the local USERS group and only were a member of
the Administrators group.  Then I looked at IE itself and found that if I ran IE as administrator, it worked fine, so I logged the user out and back in again, and still nothing.  I also noticed that IE has a setting to run with administrative privileges,
which I enabled and still nothing.  I thought at this point that it might be a website issue, or at least an ISP issue.  I tried the same sites with the first logged in account on the same machine and everything worked fine.
At this point I was looking at a user rights issue, I thought.  Then I tried the same sites with the new user using Chrome and everything worked fine.  So I'm at a loss as to what this might be.  I've check that IE is using software rendering
so that's not the issue.
Any ideas, or suggestions would be greatly appreciated.
An example of a site would be to go to www.webex.com then try to log in.  The login page just spins and spins.

More replies
Relevance 52.48%

IE 11 is the browser that currently frustrates me the least (doesn't 'not responding' that often)

Firefox is unusable: always having unresponsive script error causes it to hang forever, & cumsumes between 358-498 MB RAM (upgrade is not an option, this is a 3GB RAM Work laptop)

Comodo Icedragon is just as unusable: unresponsive script error happens less often, but cumsumes just as much RAM. Worse: trying to go to Any websites='cannot find server'

So anyone knows a better non-chromium browser? (chromium's multi-process architecture eats more RAM than firefox)
 

Answer:So is ie11 the best browser now?

I have IE11 installed, but rarely used.

Best browsers for 64-bit systems: PaleMoon, Waterfox.
 

8 more replies
Relevance 52.48%
Question: BROWSER HIJACKING

I have tried many attempts at removing this browser hijack problem. I have been loading this laptop with many VST plugins and hard disk recording applications. I installed a Team H20 version of Cubase and some other software released by other a few teams. Guitar Pro 6 seemed to be one of the last ones i installed and then i started seeing some issues when browsing.

I have scanned with MAMB SAS various online scanners and ATF cleaner CCleaner and many others recommended on here. I was able to remove other viruses such as wildtangent and several trojans and worms, but still i can not get the hijacking to stop. All i am now getting on my scans are adware cookies located in networkservices folder and administrator folders, i clean them out and they are gone, but of course when i browse again they reappear.

I am also getting an error after start up please see ERROR image attached.

Microsoft updates webpage is blocked as well. I have experimented with removing adobe products and java. I had went in and tried to kill as many folders with force to try and stop any attempts of hijacking.

I have also used defogger to disable alcohol 52% and i have used an app to remove avast and MBAM and a pandasoft antivrus program.

Any help on this will be greatly appreciated.

Vikkie


DDS (Ver_10-12-12.02) - NTFSx86
Run by user at 7:10:02.12 on Tue 01/25/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1421 [GMT -8:00]

AV: Lavasof... Read more

Answer:BROWSER HIJACKING

Hello vikkiewiid, Welcome to Bleeping Computer.
My name is fireman4it and I will be helping you with your Malware problem.

Please take note of some guidelines for this fix:
Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
Finally, please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.1.Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change ... Read more

3 more replies
Relevance 52.48%
Question: Browser Hijacking

Getting redirects on Google links.

No issues when I ran tdskiller and mb.

Logs attached for hitman, mgtools, and rk.

Thanks for checking into the problem.
 

Answer:Browser Hijacking

Hello there.

Before we continue I would like for you to use MSConfig to put this machine back into normal start up mode. You should always be in normal start up mode. Any other mode is primarily used for troubleshooting and diagnostic purposes. You would be better served using a third party start up manager rather than depending on msconfig.
Please re run Hitman and have it delete Malware remnants.

Fix items using RogueKiller.

Double-click RogueKiller.exe to run. (Vista/7 right-click and select Run as Administrator)
When it opens, press the Scan button
Now click the Registry tab and locate these 4 detections:
[RUN][SUSP PATH] HKCU\[...]\Run : (C:\Users\Mike\AppData\Local\Temp\irb700.exe [x]) -> FOUND
[RUN][SUSP PATH] HKCU\[...]\Run : Microsoft (rundll32 "C:\Users\Mike\AppData\Local\Stardock_Corporation\Microsoft\acpioj.dll",DllRegisterServer [x][-][x]) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-2457565460-2395524819-1261518412-1001\[...]\Run : (C:\Users\Mike\AppData\Local\Temp\irb700.exe [x]) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-2457565460-2395524819-1261518412-1001\[...]\Run : Microsoft (rundll32 "C:\Users\Mike\AppData\Local\Stardock_Corporation\Microsoft\acpioj.dll",DllRegisterServer [x][-][x]) -> FOUND

Place a checkmark each of these items, leave the others unchecked.
Now press the Delete button.
When it is finished, there will be a log on your desktop called: RKreport[2].txt
Attach RKreport[2].txt to your next message. (How ... Read more

7 more replies
Relevance 52.48%

I have gotten rid of most of the spyware via Microsoft's Anti-Spyware and Adware's program but can't seem to clean up my browser (Can't get rid of the R1 dll's that keep re-installing. Also, I keep getting explorer.exe errors when I try to open navigate my hard drive via windows explorer. Here is my Log:

Logfile of HijackThis v1.99.1
Scan saved at 6:49:13 AM, on 7/6/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\SYSTEM32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\OLYMPUS\DeviceDetector\DM1Service.exe
C:\WINNT\System32\svchost.exe
c:\mssql7\binn\sqlservr.exe
C:\WINNT\System32\NMSSvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\RioMSC.exe
C:\WINNT\system32\MSTask.exe
c:\mssql7\binn\sqlagent.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\ORL\VNC\WinVNC.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINNT\system32\d3sa32.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\Smtray.exe
C:\WINNT\system32\atiptaxx.exe
C:\WINNT\system32\Promon.exe
C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\j2re1.4.2_06\b... Read more

Answer:Browser Hijacking won't go away.

Hi Brendan, and Welcome to TSF!

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below.

Go to My Computer->Tools->Folder Options->View tab and make sure that 'Show hidden files and folders' is checked under the 'Hidden Files and Folders' section. Also make sure there is no checkmark beside 'Hide file extensions for known file types' or 'Hide protected operating system files'.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Please download Ad-aware at http://www.lavasoftusa.com/ and install it if you don't have it already. Make sure it's the newest version and check for any updates before running it. We will use this later.

Download CWShredder at http://www.greyknight17.com/spy/CWShredder.sfx.exe We will use this later.

First Click here to download cwsserviceremove.zip and unzip it to your desktop. Do not run it now.

Download AboutBuster http://www.greyknight17.com/spy/AboutBuster.sfx.exe and uncompress the files to a folder on your the Desktop... Read more

9 more replies
Relevance 52.48%
Question: Browser Hijacking

Recently while updating a UTube program I have used for years with no problem, this time it gave me a browser hijacking malware now that seems to come back no matter what I do to eliminate it. I use Firefox startpage mainly and can correct it temporarily by using Firefox help but the hijacker"hxxp:// proxy.allsearchapp.com/app/start/" is persistant and keeps returning. Is there any Anti-Malware program that can get rid of this?? Not being a pc expert I don't want to do it manually for fear of messing up the registry.Thank you for any suggestions.Bill S.

Answer:Browser Hijacking

Please download Malwarebytes Anti-Malware and save it to your desktop.Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.Double-click on the renamed file to install, then follow these instructions for doing a Quick Scan in normal mode.Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A.4. Issues.Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.After the scan, make sure that everything is checked and then click the Remove Selected button to remove all the listed malware.When done, a log report will open in Notepad.The log is automatically saved and can be viewed by clicking the Logs tab .Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.Exit Malwarebytes when done.If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection... Read more

20 more replies
Relevance 52.48%

I have read numerous posts and I am almost certain my browser has been hi jacked...ran anti-spyware,did a virus check, but can not run malware software nor open any other .exe files. I am in safemode now because my computer freezes up in normal mode and internet will open sometimes and or if it does when clicking a link from google search it redirects to another page that has nothing to do with the search?? Also I am getting a 'svchost.exe application error' all the time now. WTH? is going on here?? I have spent almost 4 days trying to figure this out before finding this forum to no avail...any help would be appreciated thankx.DDS (Ver_09-03-16.01) - NTFSx86 NETWORK Run by Foster at 16:17:24.95 on Thu 03/26/2009Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_11Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.721 [GMT -6:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\Explorer.EXEC:\Program Files\internet explorer\iexplore.exeC:\WINDOWS\system32\ctfmon.exeC:\Documents and Settings\Foster\Local Settings\Temporary Internet Files\Content.IE5\AIPFHANX\dds[1].scr============== Pseudo HJT Report ==... Read more

Answer:Browser Hijacking Going On?

No help i guess??

15 more replies
Relevance 52.48%
Question: browser hijacking?

this weird thing started happening on my comp and i think its a browser hijacker. whenever you start up the homepage it brings up some site thats like a .dd followed by a .htp. every time you try and reset it to yahoo or whatever, it works for like the 1st time, then diverts back to the .dll site. the site is like a typical popup, a bunch of topics listed (vacationing, real estate, software, yadda yadda) just a bunch of links to different sites. the thing thats kinda weird is that the windows logo is in the top left corner, like it has something to do with microsoft. i have run every spyware prog under the sun (spybot, ad-aware, pest patrol, spyware blaster) and also virus software, and nothing has come up. does anybody have any ideas? sorry if i'm not clear on the specifics, just tell me if you need any more info.

Answer:browser hijacking?

First, create a folder for HijackThis in the root folder of your hard drive so it can make proper backups

example

C:/HJT
C:/hijackthis

next

Click here to download Hijack This. Save it to the folder you have just created

Close all open windows and open HIJACK THIS. Click “Scan”[/b] . When the scan is finished (it only takes a second), the scan button will change to“Save Log”. Click on“Save Log” and save it to NotePad. Copy the entire log and paste it here.

DO NOT FIX ANYTHING YET , most items that appear in the log are harmless or even needed. Wait for someone to analyze the scan and advise.

1 more replies
Relevance 52.48%
Question: Browser hijacking

I have gotten a browser hijacker loaded on my computer. I tried Spyware Doctor but it has not helped. Also tried Cloud Prevx 3.0 but it cannot get past the Master Boot scan. Hijack This came back with this log. Can you help?

Thanks,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:44:13 AM, on 1/20/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Prevx\prevx.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Progr... Read more

Answer:Browser hijacking

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

3 more replies
Relevance 52.48%

My friend's father seems to be the victim of a browser hijacking, and possibly other malignant software. The computer is too bogged down to properly run Ad-Aware or a virus scanner. I ran HijackThis and got the following log:

Logfile of HijackThis v1.99.1
Scan saved at 3:48:50 PM, on 7/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\cox\applications\app\CurtainsSysSvcNt.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Documents and Settings\DAD\Application Data\SVCHOST.EXE
C:\Program Files\Cox\Applications\app\Prism.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Winferno\Secure IE\SIEPulse.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network As... Read more

Answer:possible browser hijacking

You have 2 AV's running, remove one - you only want one active AV on a system

==================
Download http://downloads.andymanchesta.com/RemovalTools/SDFix.exe and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
· Restart your computer
· After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
· Instead of Windows loading as normal, the Advanced Options Menu should appear;
· Select the first option, to run Windows in Safe Mode, then press Enter.
· Choose your usual account.
· Open the extracted SDFix folder and double click RunThis.bat to start the script.
· Type Y to begin the cleanup process.
· It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
· Press any Key and it will restart the PC.
· When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
· Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
· Finally paste the contents of the Report.txt back on the forum with a new HijackThis log
============... Read more

1 more replies
Relevance 52.48%
Question: Browser Hijacking

I have been hacked. The malware now always lands on Yahoo be it IE or Google.

Re setting browsers does not work.
It's now starting to hijack Windows 7 by not allowing me to delete or uninstall Windows files that could be used to assists in tracking the problems.

Windows 7 PRO
 

More replies
Relevance 52.48%
Question: browser hijacking

I think my browser has been hijacked. I have ran avast and adaware and spybot and deleted about 500 infected files, but there always seems to be more. I do not know what else to do. Please help.
 

Answer:browser hijacking

Logfile of HijackThis v1.99.1
Scan saved at 1:19:09 AM, on 06/27/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\WeirdOnTheWeb\WeirdOnTheWeb.exe
C:\WINDOWS\System32\ClientBR.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\Owner\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\System32\Searchx.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cgi.ve... Read more

1 more replies
Relevance 52.48%
Question: Browser hijacking

I'm having a number of issues. One is a Google hijack issue, which I've had for a few months now - the first time I click on a Google result, I get redirected. If I go back and click the link a second time, it's OK. This happens across Chrome and FireFox.

Another issue which started the last few weeks is that when I click a link or tab or anywhere on a web page, I get a new tab opening up, which is some malware masquerading as a program (e.g. Flash or Java) and telling me I need to update. And a third recent issue is that I'm seeing ads on the Google homepage and Google results which shouldn't be there (they even say "ads not by this site", which is rather polite for malware ).

Also another issue that is very recent is that I get pop-in video ads in the bottom right of my browser. They don't usually happen, but it is still frequent. So far I've only seen this in Chrome, but I don't use other browsers often enough to know if it happens in them.

I've followed the instructions in the Fixing Google Redirection/hijacking and other redirection problems thread, which also led me to the Vista, Win 7 and Win 8 Malware Removal/Cleaning Procedure and READ & RUN ME FIRST Malware Removal Guide (incl. spyware, virus, trojan, hijacker) threads. I've tried following instructions as best I could - however I've never done this before, so my apologies if I made a mistake with any step.

I had a minor issue with MGTo... Read more

Answer:Browser hijacking

Nothing attached. Try again.
 

9 more replies
Relevance 52.48%
Question: Browser Hijacking

Hello greyknight17

thanks in advance for your help. Please find below the logfile I created with HijackThis.exe.

Logfile of HijackThis v1.98.1
Scan saved at 19:34:50, on 04.08.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Programme\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Programme\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Programme\Messenger\MSMSGS.EXE
C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\WinZip\WZQKPICK.EXE ... Read more

Answer:Browser Hijacking

Did you post a previous log file? If you did you should have added a reply to that one (not create a new thread). It's ok if this is the first one.

Please print out or copy this page to Notepad. You should not have any open browsers when you are following the procedures below.

Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore. Click Apply and then OK. Restart your computer. After we are finished with your log file and verified that it’s clean, you may turn it back on and create a new restore point.

Go to My Computer->Tools->Folder Options->View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing/visible also.

Make sure to close any open browsers you have. Check and fix the following in HijackThis (make sure not to miss any):

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://apzkhd.t.muxa.cc/s.php?aid=11156 (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://apzkhd.t.muxa.cc/s.php?aid=11156 (obfuscated)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://apzkhd.t.muxa.cc/h.php?aid=11156 (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://
R1 - HKLM\Software\Microsoft\Internet E... Read more

1 more replies
Relevance 52.48%
Question: browser hijacking

sorry if this is in the wrong spot, but i know my browser is being hijacked cause it keeps redirecting me to some random website

heres a hijack this log (idk what to delete)


Quote:




C:\Windows\system32\Dwm.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\NETGEAR\WG311T\wlancfg5.exe
C:\Program Files\MagicDisc2\MagicDisc.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Owner\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\Owner\Desktop\010101\Warden.exe
C:\Users\Owner\Desktop\Bots\Bots\Clan-DT\StealthBot v2.6R3.exe
C:\Users\Owner\Desktop\Bots\Bots\DarkTemplars\DarkTemplars\StealthBot v2.6R3.exe
C:\Users\Owner\Desktop\Bots\Bots\DT-Baal\StealthBot v2.6R3.exe
C:\Users\Owner\Desktop\Bots\Bots\DT-Chaos\StealthBot v2.6R3.exe
C:\Users\Owner\Desktop\Bots\Bots\Dt-Trivia\Dt-Trivia\StealthBot v2.6R3.exe
C... Read more

Answer:browser hijacking

does anyone know how to fix this? -.-

2 more replies
Relevance 52.48%

Hello,

I've been experiencing an odd problem over the last couple of days. All of a sudden I am unable to veiw about 75% of my internet bookmarks or any site for that matter. they all come up with the same general IE message "The page cannot be displayed". The odd one will reload after a few refreshes but most don't come up at all. I contacted my ISP and everything appears fine on their end, we also checked Lan settings, I powered down both my router and modem, as well as several release/renew procedures. And oddly my MSN messenger and email or both working fine.

I then started to think that it may have been some type of Browser hyjacking/virus, and performed my usual, Norton /Adaware scan which came up clean (The odd tracking cookie nothing to serious)

So I came here and read/ installed / preformed all the additional suggested scanning and cleaning steps. and aside from the online scan at Trend Mirco (wasn't able to open the page) all the newly installed progams came up with minor stuff, like tracking cookies and data miners. I haven't gone as far as the "Hijack this" and although my device manager shows no conflicts, I'm thinking it may be a hardware issue like my NIC card or something...

Is anyone familiar with a Browser Hijacker that works in this manner? or have any recommendations on things I might check/try.

Thanks
C
 

Answer:Browser Hijacking...???

Hi Chris,

It doesn't sound like malware to me. Did you recently install SP2? It has had issues with Norton that result in similar problems. It may well be a settings type issue. You could temporarily uninstall Norton to rule that out.
Also, you might try asking the regulars in Hardware and Software forums for input if you rule out malware.

Best luck,

PP
 

5 more replies
Relevance 52.48%

Hi,I have Norton Personal Firewall. I've tried running Norton Antivirus, AdAware SE, Spybot S&D, Spysubtract and CWShredder. I also have Spyware Guard and Spyware Blaster. All of these (fully updated) have failed to prevent what looks like a hijacker from creeping in.Any chance of some help with this?Hopefully,HeraLogfile of HijackThis v1.99.1Scan saved at 21:37:19, on 30/06/2005Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Norton Internet Security\ISSVC.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\PackethSvc.exeC:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeC:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exeC:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exeC:\... Read more

Answer:HJT log [hijacking web browser]

If you still need help, could you post a fresh log please?

6 more replies
Relevance 52.48%
Question: Browser Hijacking

Having a problem with something that has gotten into my browser and at random times will take over my browser and start popping windows everywhere. It will continue to do it even if I disconnect my ethernet connection, so I know it is somewhere on my pc, I just can't locate all of it. I can find some of it and delete it.
When it happens, I have to stop everything and use the task manager to close IE, but it closes all browsers and is a HUGE annoyance, because I have to start up a new one and it makes surfing virtually impossible.
Does anyone know of a program that searches for these pirates of my web browser??? Please let me know.

Brewha
 

Answer:Browser Hijacking

Hi brewha88,

Please go to http://www.tomcoyote.org/hjt/, and download 'Hijack This!'.
Unzip, doubleclick HijackThis.exe, and hit "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log as a .txt file, and copy and paste its contents into your next post.

Most of what it lists will be harmless, so do not fix anything yet.

Regards,

Pieter
 

1 more replies
Relevance 52.48%

I'm running win XP and my browser will not go to Google and other sites on searches.

Hijackthis log follows and thanks for any help.
Doug

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 10:31:03 AM, on 3/8/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\Program Files\Dell\OpenManage\Client\ActionAgent.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\DMI\WIN32\bin\DellDmi.exe
C:\Program Files\Dell\OpenManage\Client\EventAgt.exe
C:\Program Files\Dell\OpenManage\Client\DLT.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINNT\System32\svchost.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Norton Utilities\NPROTECT.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Norton Speed Disk\nopdb.exe
C:\dmi\win32\bin\Win32sl.exe
C:\Program Files\RealVNC\WinVNC\WinVNC.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\SearchIndexer.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\PROGRA~1\WALGRE~1\WALGRE~1\data\xtras\mssysmgr.exe
C:\WINNT\... Read more

More replies
Relevance 52.48%

Hi,I had a virtumond virus last month and ran several specialized programs and S&D, SaS, MAM, etc... but I still get occasional redirects (maybe once a day or something)... annoying enough that I'd like help to clean it all out I ran the gmer and have that ready.thanks.DDS (Ver_09-12-01.01) - NTFSx86 Run by Matt Reddick at 18:55:58.56 on Fri 03/12/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1337 [GMT -5:00]AV: avast! antivirus 4.8.1368 [VPS 100312-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}AV: *On-access scanning disabled* (Outdated) {84B5EE75-6421-4CDE-A33A

-DD43BA9FAD83}FW: Online Armor Firewall *disabled* {B797DAA0-7E2E-4711-8BB3-

D12744F1922A}FW: *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exeC:\Program Files\Tall Emu\Online Armor\oacat.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\igfxpers.exeC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Program Fi... Read more

Answer:browser hijacking, pls help

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you let... Read more

14 more replies
Relevance 52.48%
Question: browser hijacking

i have a browser thats being highjacked. When i perform a search, the results show up, but if i choose when i get redirected. I am unable to run my malwarebytes-antimalware program, it will install fine but will not run. I tried to run the DDS program like instructed but never received a log. I have attached one from highjack this. I also get music and what sounds like commercials coming through my speakers? Logfile of Trend Micro HijackThis v2.0.2Scan saved at 13:37:21, on 4/2/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16791)Boot mode: NormalRunning processes:C:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\WINDOWS\system32\CSHelper.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exeC:\WINDO... Read more

Answer:browser hijacking

Hello.Please run Combofix.Download and Run ComboFix (Rename Before Saving)Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.Link 1Link 2 Link 3Refer to the page below for further instructions on running ComboFix. This includes installing the Recovery Console. Note that you do not need your Windows XP disk to install it. Refer to this page if you are unsure how.Double click on Combo-Fix.exe & follow the prompts. When finished, it will produce a open a report for you. Post back with it. It is at C:\ComboFix.txt.Do not mouseclick the ComboFix window while it's running. That may cause it to stall.With Regards,Extremeboy

5 more replies
Relevance 52.48%

For a month or so now I have had this problem.
The symptoms are:
Google search results - when I click on a result I am taken to a completely unrelated page - often something along the lines of smart.seekers appears in the address bar. If I click on the search same result 3 times however, the third time the problem does not occur.
I cannot download anything from Microsoft - all of the download pages slow down then lock up, so I cannot download updates to fix the problem.
We cannot access our hotmail accounts from the PC in question.
I was hit with a trojan about the same time, and I enlisted the help of a reputable techo who removed numerous trojans/viruses, but he didn't resolve the hijacking problem.
I have had to remove widows defender as I could not use it and it would bomb out when I tried updating definitions. It appeared to be some of the reason behind my PC running slow.
I have also tried NoAdware, however it also will not work properly, it stops after about 150000 files - it produces an error report which mentions active-x.
I am running xp professional with IE7. I have unstalled and reinstalled IE - it did make my PC work a lot faster, but I still have the same problems as mentioned above.
I use nod32 protection along with a couple of anti-spyware programs - I have changed them several times trying to find one that works. (I am using my work PC at present, so I haven't got the other programs in front of me to say what they are)
Would systems restore help?
I t... Read more

Answer:Web Browser Hijacking

Do your Nod32 and Anti-Spyware scans come up clean?

11 more replies
Relevance 52.48%
Question: Browser Hijacking

Helppppppppp......
I am running IE on Windows XP and have had my home page hijacked.
I have disabled the restore function, downloaded all the removal tools listed but when I change the homepage back to google for example, within a matter of seconds the registry changes and the homepage is changed .

The homepage details always change and are in the format of 78%63% etc etc.

Can anybody shed any light please.

Thanking you in advance

Gary
 

Answer:Browser Hijacking

you say you've downloaded all the removal tools listed? does that mean you followed the tutorial?

http://forums.majorgeeks.com/showthread.php?t=35407
READ ME FIRST: Basic Spyware, Trojan And Virus Removal.

I just want to make sure before we proceed.
 

24 more replies
Relevance 52.48%
Question: browser hijacking

Morning experts!

My browser was (is) hijacked by searchpage.cc/1507. I am hoping that someone would look over my hijackthis log and let me know the proper steps to take.

Logfile of HijackThis v1.97.7
Scan saved at 9:52:01 AM, on 4/21/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\System32\NWTRAY.EXE
C:\Program Files\Dell\Support\Alert\bin\DAMon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\BRIANO~1\LOCALS~1\Temp\JobMonitor\JobMonitor.exe
C:\Documents and Settings\Brian O'Reilly\My Documents\My Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://nkvd.us/1507/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://nkvd.us/1507/
R1 - HKCU\... Read more

Answer:browser hijacking

12 more replies
Relevance 52.48%
Question: Browser Hijacking

Hello,
 
I have Windows 7, i use Mozilla Firefox (i tried IE and Chrome and it happens on them too but it stopped since i went back to Mozilla and now it just does it in this one)
 
I have had an issue for the past week or two and any program i run is not solving it. I dont even have to be doing anything on my computer and a browser will pop up and it will be an ad like a casino, how to make money fast, news page, page that tends to have a video on it, etc. I can be away for 2 hours and ill have a browser window open with around 2 + tabs open. Overnight i will come back to about 7+. Even while i've been scanning my computer i have had the browsers popping up. What i have noticed is, this happens really fast, is a page will pop up - address of http://red.installer.xyz/ - and the page will count down from like 5 and the message says redirecting you to the site requested, along those lines. I still have full control of my browsers however.
 
Programs I have ran: (maybe im not running in the correct mode/options selected)
Malwarebytes Anti-Malware
JRT
Spybot (wasnt 100% sure how to run this one but it didnt seem to find anything)
AdwCleaner
Ad-Aware Antivirus
Microsoft Security Client
CCleaner
Microsoft Windows Malicious Software Removal Tool
Microsoft Safety Scanner
McAfee (unistalled now)
 
I have reset all the browsers - removed add ons if there were any. There were no addons installed that i didnt know what they were - it was all things ive done. There are... Read more

More replies
Relevance 52.48%

I've a serious problem with IE browser being hijacked with numerous pop-ups and redirecting to other websites. I ran all the spyware help, (Adaware,Spybot,Windows defender), and they find stuff and remove them but they come right back. I dowmloaded Hijackthis and install it. I just don't know what to fixand repair without messing something else up. I'm including the log below. Any help would be greatly appreciated.

Logfile of HijackThis v1.99.1
Scan saved at 2:49:09 PM, on 1/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common... Read more

Answer:Need help with browser hijacking !

Hi, juxie123.

Welcome to TSG.

Download the HostsXpert 4.2 - Hosts File Manager.

Unzip HostsXpert 4.2 - Hosts File Manager to a convenient folder such as C:\HostsXpert 4.2 - Hosts File Manager
Run HostsXpert 4.2 - Hosts File Manager from its new home
Click on "File Handling".
Click on "Restore MS Hosts File".
Click OK on the Confirmation box.
Click on "Make Read Only?"
Click the X to exit the program.
Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Upgrading Java:

Download the latest version of Java Runtime Environment (JRE) 6 Update 4.
Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
Check any item wit... Read more

1 more replies
Relevance 52.48%
Question: Browser Hijacking

I have performed all the steps outlined in the preparatory guide to use before posting a log. My HijackThis log appears below. The problem I am having is periodically being redirected to undesirable websites while surfing, some which cannot be found and some pornographic. I am running Windows Media Center Edition and this mostly occurs while using Internet Explorer version 7.0.5730.11. Any and all help is appreciated.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:17:45 AM, on 10/24/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16544)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\WINDOWS\system32\CTsvcCDA.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exec:\program files\common files\mcafee\mna\mcnasvc.exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exeC:\PROGRA~1\McAfee\VIRUSS~1\m... Read more

Answer:Browser Hijacking

Welcome to the BleepingComputer HijackThis Logs and Analysis forum Mikey L My name is Richie and i'll be helping you to fix your problems.Download and run Fixwareout from the link below: http://www.bleepingcomputer.com/files/lonny/Fixwareout.exeAfter the reboot post the contents of the logfile C:\fixwareout\report.txt in your next reply.If you have previously downloaded ComboFix,please delete that version now.Now download Combofix and save to your desktop:Note: It is important that it is saved directly to your desktop Close any open browsers. Double click on combofix.exe and follow the prompts. When it's finished it will produce a log. Post the entire contents of C:\ComboFix.txt into your next reply. Note: Do not mouseclick combofix's window while it's running. That may cause the program to freeze/hang. Do NOT post the ComboFix-quarantined-files.txt unless I ask.Also post a new Hijackthis log please.

9 more replies
Relevance 52.48%
Question: BROWSER HIJACKING

I have recently been experiencing some very annoying problems with my online time wherein I try to go to a frequently used site only to be told it cannot be found. "unable to locate" and also NGIX (I think 9.0 not sure) FILE NOT FOUND and similar messages. I finally found the culprit and they have gotten me before. ASK search engine somehow takes over my browser and it never goes well afterwards. Not sure HOW I ended up with this but probably when i downloaded something somewhere in the fine print I agreed to have them for my search engine. I try to watch out for that but sometimes when you're trying to download something then you have to type in the CAPTCHA stuff and if you get it wrong (those things are sometimes next to impossible to figure out or get right but that's another issue) then you have to go back and start over and I think that's the whole point that you have to keep completing the same info till you get careless and let something like ASK take over.How are these people able to get away with this. Amost FUNNY but not - ASK is where you can go and ask any question to get an answer but when I ASKED how do I get rid of you they had no answer that worked. I sent them some FEEDBACK but never got an answer.Eventually, through deleting this and that (sorry its been a couple days I forget exactly) and dumping temporary files and a few other things I managed to get rid of them but I figure its just a matter of time till they get me again and... Read more

Answer:BROWSER HIJACKING

I have recently been experiencing some very annoying problems with my online time wherein I try to go to a frequently used site only to be told it cannot be found. "unable to locate" and also NGIX (I think 9.0 not sure) FILE NOT FOUND and similar messages. I finally found the culprit and they have gotten me before. ASK search engine somehow takes over my browser and it never goes well afterwards. Not sure HOW I ended up with this but probably when i downloaded something somewhere in the fine print I agreed to have them for my search engine. I try to watch out for that but sometimes when you're trying to download something then you have to type in the CAPTCHA stuff and if you get it wrong (those things are sometimes next to impossible to figure out or get right but that's another issue) then you have to go back and start over and I think that's the whole point that you have to keep completing the same info till you get careless and let something like ASK take over.How are these people able to get away with this. Amost FUNNY but not - ASK is where you can go and ask any question to get an answer but when I ASKED how do I get rid of you they had no answer that worked. I sent them some FEEDBACK but never got an answer.Eventually, through deleting this and that (sorry its been a couple days I forget exactly) and dumping temporary files and a few other things I managed to get rid of them but I figure its just a matter of time till they get me again and... Read more

2 more replies
Relevance 52.48%

Hi there,My browser has been hijacked and is periodically redirected to a casino website. My homepage is still fine though and has not been changed. I have 3 or 4 new items added to my Favourites list.I have run Spybot and Adware, but they seem to indicate that nothing is wrong. I have checked for updates and then re-run these tools to no avail. Below is my HijackThis logfile. Any comments would be much appreciated. Have a good weekend.regards,Arif Logfile of HijackThis v1.97.7Scan saved at 12:42:46, on 03/07/2004Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\alg.exeC:\WINDOWS\system32\crypserv.exeC:\PROGRA~1\Iomega\System32\AppServices.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFSERVICE.exeC:\Program Files\Iomega\AutoDisk\ADService.exeC:\WIN... Read more

Answer:Browser Hijacking- Please Help!

You also have a CoolWebSearch hijacker. There is a special tool to remove it called CWShredder.http://www.spywareinfo.com/~merijn/files/cwshredder.zipPlease download and then unzip the program. Close all open browser windows and run the program. Click the "Fix" button and let it fix everything it finds.Reboot, run HijackThis again and post a fresh log please

1 more replies
Relevance 52.48%

Title says it all, whenever I open up a browser IE pops up with ads. Ive run Avira Antivirus and Ad-Aware 2007 both come up negative. Ill be bumping this thread in a few days if no one sees it.

Answer:IE browser hijacking

Forgot to post the log file. Here it is:

Logfile of HijackThis v1.99.1
Scan saved at 10:08:58 PM, on 3/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Wallpaper Master\Wallpaper.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\lolifox\lolifox.exe
C:\Documents and Settings\Star Scream\D... Read more

19 more replies
Relevance 52.48%

Please advise what needs to be removed. Have already run AW6, SSD in normal and safe mode on WXPSP1 wksta. Thanks.

Startup List log:

StartupList report, 8/12/2004, 10:35:16 AM
StartupList version: 1.52
Started from : C:\Documents and Settings\ccraver\Local Settings\Temp\Temporary Directory 2 for startuplist1521.zip\StartupList.EXE
Detected: Windows XP SP1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\NALNTSRV.EXE
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\RealVNC\WinVNC\WinVNC.exe
C:\WINDOWS\System32\wm.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\dpmw32.exe
C:\WINDOWS\System32\NWTRAY.EXE
C:\Program Files\Castelle\FaxPress\FaxTray.Exe
C:\Program Files\Castelle\FaxPress\ExCnvt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Novell\Group... Read more

Answer:browser hijacking, etc.

7 more replies
Relevance 52.48%

Have a computer at work that got hijacked by about:blank. Here is the hijack this file. Help please.

Logfile of HijackThis v1.99.0
Scan saved at 11:49:56 AM, on 1/14/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\NoAds\NoAds.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Documents and Settings\Bernie Gerring\Desktop\New Folder\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKCU\..\Run: [NoAds] "C:\Program Files\NoAds\NoAds.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O23 - Service:... Read more

Answer:Browser Hijacking HELP!!!!!!!!!!!!!!

9 more replies
Relevance 52.48%
Question: Browser Hijacking

Hello All,

I keep getting this cool find browser redirect, I have done my best to research it but I cannot find the answer. I hope you guys can help.

Thanks, Anton

Here is the HiJackThis Log

Logfile of Trend Micro HijackThis v2.0.2
R
 

Answer:Browser Hijacking

Welcome to Major Geeks!

Please follow the instructions in the below link and attach the requested logs when you finish these instructions.


If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First.
TDSSserv Non-Plug & Play Driver Disable

If something does not run, write down the info to explain to us later but keep on going.
Do not assume that because one step does not work that they all will not.
READ & RUN ME FIRST. Malware Removal Guide

Notes:


If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware, Malwarebytes and Spybot ( links are given in the READ & RUN ME ) onto another PC and burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes, you could use a flash drive too but flash drives are writeable and infections can spread to them.
To avoid additional delay in getting a response, it is advised that... Read more

1 more replies
Relevance 52.48%

hello, my browser has been hijacked by e-finder it looks like. i've used spybot and ad-aware but it keeps coming back. here is my hijack this log. please help...it'd be much appreciated.Logfile of HijackThis v1.97.3Scan saved at 12:05:23 PM, on 11/7/2004Platform: Windows 2000 SP3 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\svchost.exeC:\WINNT\system32\spoolsv.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINNT\System32\svchost.exeC:\WINNT\System32\gearsec.exeC:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINNT\System32\nvsvc32.exeC:\WINNT\system32\regsvc.exeC:\WINNT\system32\MSTask.exeC:\WINNT\System32\WBEM\WinMgmt.exeC:\WINNT\System32\mspmspsv.exeC:\WINNT\Explorer.EXEC:\WINNT\system32\ntvdm.exeC:\WINNT\System\MSMSGSVC.exeC:\OPLIMIT\ocrawr32.exeD:\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.e-finder.cc/search/ (obfuscated)R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.e-finder.cc/search... Read more

Answer:browser hijacking..please help

HiYou are running an outdated version of HijackThis.. Delete the copy you have and download the latest version of HijackThis!: Download here HJT 1.98.2. Save it on your Desktop. You will need now to unzip hijackthis.exe to a permanent folder, such as c:\hjt . This has to be done as HijackThis creates backups. You may need to use these backups.First create a new folder:A. Click My Computer icon on your desktopB. Click C: driveC. Click the File menu --> New --> Folder, a folder "New folder" will be created.D. Rename it HJTUnzip hijackthis.exe to the c:\HJT folder.Run hijackthis.exe and post a new log please.When responding to a post from one of our HJT Team members, please reply in the same topic - click the Add Reply button. Do not create a new topic for your reply. This will cause confusion and only cause a delay in the help you are receiving.

10 more replies
Relevance 52.48%
Question: Browser Hijacking

Hi all, as with many computer users my IE6 browser has been hijacked and wont relinquish its grip. The following comes up in the address bar -

res://ufjhn.dll/index.html#96676

I have Adaware6.0, SpywareBlaster and HiJackThis installed.
I regularily run Adaware and find the same 31 malware files day after day.

Day after day I quarantine and delete them only to have them reappear.
Heres what I do-
&#61623; Scan with Adaware6.0
&#61623; Quarantine and delete offending items
&#61623; Rescan with Adaware6.0
&#61623; All will be OK, nothing found.

However if I now launch IE6 (without even being connected to the internet) and rescan with Adaware6.0 I will find the same browser hijackers reinstalled ............. why ??

Not only this but my internet security settings keep changing to enable all ActiveX controls and plug-ins ........ not good.

Can anyone suggest what is going on and what I need to post here to rid myself of this evil ??

Thanks in adavnce ............ SP
 

Answer:Browser Hijacking

7 more replies
Relevance 52.48%

Many different people have access to this system, as it is a family computer, I have tried to do as much as I can to keep it safe & run scans faithfully, but infections still seem to slip thru periodically. This time, something is causing the browsers to either take forever to open or not open at all. The system also seems to be slower than usual. It was working great after I had it checked the last time, but like I said, a lot of people do a lot of different things on here and are not always conscientious about what they are doing or how they are doing it. Thank you in advance for any and all assistance, I greatly appreciate it!
E
 

Answer:HELP, PLEASE!! Browser Hijacking, etc.

Sorry, I forgot to include the HJT log. Here it is:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:38:43 PM, on 12/15/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\wpcumi.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Micro... Read more

1 more replies
Relevance 52.48%
Question: Browser Hijacking

Hi, I have a problem... every time I click (left or right) in Chrome I get a new tab of varied content. which makes it impossible to surf.. I have tried to follow you guide, but still get the same problem.
I hope you can help me

// Nicke
 

Answer:Browser Hijacking

Re run Malware Bytes and have it remove all that it finds. Once done... re scan and upload a hopefully clean log.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Attach JRT.txt to your next message.

Do the below:
Reset Google Chrome to defaults

How are things running?
 

14 more replies
Relevance 52.48%
Question: Browser Hijacking

Hi & hope you can help.
My grandkids downloaded Kazaa and a few other programs during their visit . I have been busy trying to clean out all unwanted applications & all the ‘ScumWare’ that came along for the ride. Unfortunately, my Home Page setting (Use Blank) still gets hijacked periodically to MSN.com. Here is a recap of what I’ve done so far:
Downloaded & installed MS Service Pack 2, ran msconfig & selected Normal Startup. Rebooted & set Restore Point. Set Folder Options to show hidden files and folders. Ran CoolWebSearch Smartkiller (not found), CWShredder (cleaned infections found), Spybot S & D (fixed all), Ad-aware (quarantined all) and Bazooka Scanner (will follow advice later as to going into Registry Editor to correct). Prior to running the above, I checked for all available updates. I also downloaded, installed & ran Lavasoft’s VX2 Cleaner plug-in (system clean) as well as all other plug-ins. I’ve downloaded, installed & updated SpyBlaster. I’ve enabled IE & Restricted Sites protection and disabled the IE Home Page setting
I then went into the Add/Remove Programs function in Control Panel and removed PGate Basic & a few other unwanted applications but was unable to delete Kazaa v. 2.1.1 or IMBUM. Nothing happens when I click remove IMBUM and I get the following error message trying to delete Kazaa, ‘Error loading C:\WINNT\System32\cd_clint.dll. The specified module could not be found.’ IMBUM has me stumped as I can?... Read more

Answer:Browser Hijacking

14 more replies
Relevance 52.48%
Question: Browser Hijacking

This is my first time using this site or posting to these boards. After struggling to resolve these issues on my own, I couldn't take it anymore. I needed to seek help. I thankful that a place like this exists to lend support to the afflicted.I'm dealing with a couple of things. Not every time, but many times, when I open a browser window in internet explorer, my homepage opens, but then is IMMEDIATELY overlayed by two or three other windows. The taskbar shows "clickbank" loading, which then displays ads for "carb burning", body by jake ads, or loan ads. I can't close any of the windows until they open completely, which is a time consuming/ wasting process, plus just annoying as all hell.Secondly, and more recently, "about:blank-microsoft internet explorer" has begun running underneath my browser page. So, consequently, whenever I go to another web page, etc., there is a delay, I would assume, from the "about:blank" page loading beneath what I am looking at. Also, when I close my browser, there is a delay of several seconds as my browser window closes, and then reveals the "about:blank" window beneath (a blank, white screen), which takes a couple of second to close. Overall, it slows down the internet process considerably as I try to click from one page to the next.I am running Norton Anti-virus. The definitions are up to date. I have also run Ad-Aware SE, Spyware Blaster, and CW Shredder, which has not detected coolweb search... Read more

Answer:Browser Hijacking

Welcome indyfan05 to Bleeping Computer.Obi-wan Kenobi seems to be busy, hope I'll do Please disable Spyware Doctor, as it may interfere with the fix. To disable Spyware Doctor:Click the Spyware Doctor icon in the System Tray.Click Settings.Click Startup Settings under Pick a Category.Uncheck Run at Windows startup.Click Apply and Exit Spyware DoctorOnce your log is clean you can re-enable Spyware Doctor. ***Please disable SpybotSD?s protection, as it may hinder the removal of the infection. You can enable it after you're clean.Open Spybot and click on Mode and check Advanced ModeCheck yes to next window.Click on Tools in bottom left hand corner.Click on Resident icon.Uncheck Teatimer box and/or Uncheck Resident.Close Spybot.***To disable SpySweeper ShieldsClick Shields on the left.Click Internet Explorer and uncheck all items.Click Windows System and uncheck all items.Click Startup Programs and uncheck all items.Exit Spysweeper.***Download CleanUp!.If that doesn?t work, use this link.Here is a tutorial which describes its usage:http://www.bleepingcomputer.com/tutorials/how-to-use-cleanup/Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:*Click "Options"*Move the arrow down to "Custom CleanUp!"*Put a check next to the following:Empty Recycle BinsDelete CookiesDelete Prefetch filesScan local drives for temporary filesCleanup! All UsersClick OKPress the CleanUp&... Read more

1 more replies
Relevance 52.48%
Question: browser hijacking-

Hi,I've been dealing with browser hijacking now for over a month. First it hit my IE and I've tried every spy ware tool and virus tool commonly known but it hasn't stopped the random pages opening or all the redirects. I even went as far as to shut down Internet Explorer and use Mozilla Firefox. This worked for a little while but then recently something got to Mozilla and it is everywhere.I am so frustrated. Should I just go ahead and download all the programs stated in all the other forum exchanges and see if they work?Here are the scans from HijackThis.This is the first Scan:Logfile of HijackThis v1.99.1Scan saved at 8:24:17 AM, on 8/2/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Java\j2re1.4.2_07\bin\jusched.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\BellSouth\Application Center\BsnAppCenter.exeC:\PROGRA~1\SYMANT~1\SYMANT~1 ... Read more

Answer:browser hijacking-

Hello LLS and welcome to the BC malware forum. Let's start out with this.Download WinPFind.zip and unzip the contents to the C:\ folder.Start in Safe Mode Using the F8 method:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.Use the arrow keys to select the Safe Mode menu item.Press the Enter key.Locate the c:\winpfind\winpfind.exe file and double-click it to run it. Now click the Start Scan button to begin the scan.When the scan is complete reboot normally and post the WinPFind.txt file (located in the WinPFind folder) back here so I can review it.OT

11 more replies
Relevance 52.48%
Question: HiJacking Browser

I can't begin to tell you how much I have learned in the past week dealing with this browser hijacking situation. I have been all over the net searching for information about this particular situation and keep coming across bleepingcomputer.com. I've read entry after entry about how to find, identify and remove this rascal but boy it appears way out of my realm of expertise.

I have run Ad-Ware Se, Microsoft Antispyware, Norton and CW Shredder. I have now run Hijackthis and have copied the log below. Any help in identifying the code so I came remove it would be greatly appreciated. Thank you. I've even included a smiley face! Can't wait for Spring! Thank You.

Logfile of HijackThis v1.99.0
Scan saved at 6:16:09 PM, on 1/19/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files... Read more

Answer:HiJacking Browser

Hello lavler, ********************************************************* Please boot into safe mode and select the following with HijackThis. With all windows (including this one!) closed (close browser/explorer windows), please select "fix.? How to Reboot into Safe Mode  tap F8 key during reboot, until the boot menu appears...use the arrow keys to choose "Safe Mode" from the menu......,then press the "Enter" key.R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\TOMWIE~1\LOCALS~1\Temp\sp.dll/sp.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blankR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\TOMWIE~1\LOCALS~1\Temp\sp.dll/sp.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blankR1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blankR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blankR1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blankR1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blankO2 - BHO: (no name) - {CE68569E-425D-4A8B-9796-0D32EF022F6E} - C:\WINDOWS\system32\fonp.dllO18 - Filter: text/h... Read more

5 more replies