Computer Support Forum

Vista not accepting updates & blocking Avast web shield

Question: Vista not accepting updates & blocking Avast web shield

Working on a computer with 32-bit Vista. Windows Updates appear to be stuck - any updates are rolled back with the error of them "not being configured properly". Tried Googling and trying individual update solutions, but no luck.
 
PC had Microsoft Security Essentials installed, I removed it and installed Avast. Although Avast installs, the Web shield appears to be permanently disabled.
 
I have run Adwcleaner, Malwarebytes Anti-malware and Eset online scanner.  A few low-level threats were found and cleaned, but nothing has changed with the symptoms above.
 
Thanks for the help!
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by Shari (administrator) on P2JOFFICE (21-03-2016 11:16:46)
Running from J:\
Loaded Profiles: Shari (Available Profiles: Denise Pauls & Shari)
Platform: Windows Vista ™ Home Premium (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(New Boundary Technologies, Inc.) C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
(Sonic Solutions) C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
(SpareBackup, Inc.) C:\Program Files\Spare Backup\SpareBackup.exe
(Alcatel-Lucent) C:\Program Files\ATT-SST\McciTrayApp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Portrait Displays, Inc) C:\Program Files\Gateway\EzTune\dthtml.exe
() C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Chicony) C:\Windows\ModPS2Key.exe
() C:\Windows\zHotkey.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\redirector.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
(PIXELA CORPORATION) C:\Program Files\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe
() C:\Program Files\Portrait Displays\Pivot Software\Floater.exe
(Portrait Displays Inc.) C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\Receiver\Receiver.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [NapsterShell] => C:\Program Files\Napster\napster.exe /systray
HKLM\...\Run: [Spare Backup] => C:\Program Files\Spare Backup\SpareBackup.exe [5252936 2007-09-13] (SpareBackup, Inc.)
HKLM\...\Run: [ATT-SST_McciTrayApp] => C:\Program Files\ATT-SST\McciTrayApp.exe [1573888 2010-07-27] (Alcatel-Lucent)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-15] (Nero AG)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [141624 2010-06-15] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-03-18] (Apple Inc.)
HKLM\...\Run: [NvMediaCenter] => "C:\Windows\system32\RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NvCplDaemon] => "C:\Windows\system32\RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RoxWatchTray] => C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [232184 2007-04-03] (Sonic Solutions)
HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [DT GWY] => C:\Program Files\Gateway\EzTune\DTHtml.exe [282624 2007-05-02] (Portrait Displays, Inc)
HKLM\...\Run: [PivotSoftware] => C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe [694008 2007-02-09] ()
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4435968 2007-04-23] (Realtek Semiconductor)
HKLM\...\Run: [ModPS2] => C:\Windows\ModPS2Key.exe [53248 2006-11-07] (Chicony)
HKLM\...\Run: [ShowWnd] => C:\Windows\ShowWnd.exe [36864 2005-01-27] ()
HKLM\...\Run: [CHotkey] => C:\Windows\zHotkey.exe [547840 2006-11-07] ()
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1006264 2007-11-17] (Microsoft Corporation)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM\...\Run: [Conime] => C:\Windows\system32\conime.exe [68608 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [EKStatusMonitor] => C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
HKLM\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM\...\Run: [ConnectionCenter] => C:\Program Files\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM\...\Run: [Redirector] => C:\Program Files\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-18] (AVAST Software)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-14] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1603152 2007-04-03] (CANON INC.)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1822720 2007-04-13] (Realtek Semiconductor Corp.)
HKU\S-1-5-21-441842238-3827488038-1711259271-1003\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-21-441842238-3827488038-1711259271-1003\...\Run: [Messenger (Yahoo!)] => "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
HKU\S-1-5-21-441842238-3827488038-1711259271-1003\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe [2234064 2014-05-06] (Eastman Kodak Company)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-03-18] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageMixer 3 SE Camera Monitor Ver.6.lnk [2011-03-13]
ShortcutTarget: ImageMixer 3 SE Camera Monitor Ver.6.lnk -> C:\Program Files\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe (PIXELA CORPORATION)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [152864 2010-05-18] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.1.10.10 10.1.10.5
Tcpip\..\Interfaces\{7AC926DA-5804-4E34-BC8F-8447497809E9}: [DhcpNameServer] 10.1.10.10 10.1.10.5
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5656
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5656
HKU\S-1-5-21-441842238-3827488038-1711259271-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5656
HKU\S-1-5-21-441842238-3827488038-1711259271-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5656
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-441842238-3827488038-1711259271-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23] (DivX, LLC)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-03-18] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-18] (AVAST Software)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> c:\windows\system32\BAE.dll [2006-02-01] (Gateway Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-03-18] (Oracle Corporation)
Toolbar: HKLM - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Shari\AppData\Roaming\Mozilla\Firefox\Profiles\0z89tbcs.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2010-01-18] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2010-06-09] ()
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll [2013-10-01] (Citrix Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-05-25] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-03-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-03-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 -> C:\Program Files\Common Files\Motive\npMotive.dll [2010-05-04] (Alcatel-Lucent)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-06-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-06-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-06-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010-06-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-06-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010-06-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010-06-27] (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-10-15]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-11-05] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-18]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2010-06-09]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-18]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-18] (AVAST Software)
R2 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [73728 2007-05-02] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395640 2014-05-06] (Eastman Kodak Company)
R2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [780152 2013-12-11] (Eastman Kodak Company)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2006-12-14] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [319488 2010-05-04] (Alcatel-Lucent) [File not signed]
R2 PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS [65536 2007-11-17] (New Boundary Technologies, Inc.) [File not signed]
R2 Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [57344 2006-12-13] (Sonic Solutions) [File not signed]
S2 Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [294912 2006-12-13] (Sonic Solutions) [File not signed]
S3 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [73728 2006-09-14] (MicroVision Development, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [265912 2007-11-17] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [108032 2006-11-02] (Intel Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-03-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-03-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-03-18] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-03-18] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [816304 2016-03-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447848 2016-03-18] (AVAST Software)
S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [171608 2016-03-18] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [67088 2016-03-18] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221240 2016-03-18] (AVAST Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-05-04] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-05-04] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2589184 2006-11-02] (Intel® Corporation)
R3 PdiPorts; C:\Windows\System32\Drivers\PdiPorts.sys [15920 2006-11-16] (Portrait Displays, Inc.)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2006-10-18] (Sonic Solutions) [File not signed]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
U5 Browser; C:\Windows\System32\svchost.exe [22016 2006-11-02] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RasSstp; system32\DRIVERS\rassstp.sys [X]
S3 SymIM; system32\DRIVERS\SymIM.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-21 11:16 - 2016-03-21 11:16 - 00000000 ____D C:\FRST
2016-03-21 11:15 - 2016-03-21 11:15 - 01725440 _____ (Farbar) C:\Users\Shari\Downloads\FRST.exe
2016-03-21 11:10 - 2016-03-21 11:11 - 00183990 _____ C:\TDSSKiller.3.1.0.9_21.03.2016_11.10.00_log.txt
2016-03-21 10:51 - 2016-03-21 10:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Shari\Downloads\MicrosoftFixit.wu.Run.exe
2016-03-21 10:32 - 2016-03-21 10:32 - 00000000 ____D C:\Users\Shari\Downloads\dotnetfx_cleanup_tool
2016-03-21 10:29 - 2016-03-21 10:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-03-21 10:28 - 2016-03-21 10:28 - 01098961 _____ (Igor Pavlov) C:\Users\Shari\Downloads\7z1514.exe
2016-03-21 10:26 - 2016-03-21 10:26 - 00267049 _____ C:\Users\Shari\Downloads\dotnetfx_cleanup_tool.zip
2016-03-18 17:45 - 2016-03-18 17:45 - 00000000 ____D C:\Program Files\MSN
2016-03-18 17:43 - 2016-03-18 17:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_00_00.Wdf
2016-03-18 16:26 - 2016-03-21 11:10 - 00000000 ____D C:\Users\Shari\Tracing
2016-03-18 15:53 - 2016-03-18 16:26 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SPWizUI.dll
2016-03-18 15:53 - 2016-03-18 16:26 - 00047560 _____ (Microsoft Corporation) C:\Windows\system32\SPReview.exe
2016-03-18 15:28 - 2008-01-18 23:33 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cbsra.exe
2016-03-18 15:27 - 2016-03-18 16:44 - 00327680 _____ C:\Windows\SPInstall.etl
2016-03-18 15:26 - 2016-03-18 15:26 - 00000000 ____D C:\1aaa687c1aa5653cb0648a
2016-03-18 15:22 - 2016-03-18 15:22 - 00347816 _____ (Microsoft Corporation) C:\Users\Shari\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe
2016-03-18 15:21 - 2016-03-18 15:21 - 00000000 ____D C:\Users\Shari\AppData\Roaming\SampleView
2016-03-18 14:02 - 2016-03-18 14:02 - 00001829 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-03-18 14:02 - 2016-03-18 14:02 - 00000000 ____D C:\Users\Shari\AppData\Roaming\AVAST Software
2016-03-18 14:02 - 2016-03-18 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-03-18 14:00 - 2016-03-18 14:00 - 00816304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-03-18 14:00 - 2016-03-18 14:00 - 00447848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-03-18 14:00 - 2016-03-18 14:00 - 00221240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-03-18 14:00 - 2016-03-18 14:00 - 00091168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2016-03-18 14:00 - 2016-03-18 13:59 - 00171608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2016-03-18 14:00 - 2016-03-18 13:59 - 00067088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2016-03-18 14:00 - 2016-03-18 13:59 - 00064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2016-03-18 14:00 - 2016-03-18 13:59 - 00058776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-03-18 14:00 - 2016-03-18 13:59 - 00032792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-03-18 13:59 - 2016-03-18 13:59 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-03-18 13:59 - 2016-03-18 13:59 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-03-18 13:58 - 2016-03-18 13:58 - 00000000 ____D C:\Program Files\AVAST Software
2016-03-18 13:57 - 2016-03-18 13:57 - 00000000 ____D C:\ProgramData\AVAST Software
2016-03-18 13:50 - 2016-03-18 13:50 - 00000680 _____ C:\Users\Shari\AppData\Local\d3d9caps.dat
2016-03-18 11:20 - 2016-03-18 11:20 - 00000000 ____D C:\Program Files\ESET
2016-03-18 11:19 - 2016-03-18 11:19 - 02870984 _____ (ESET) C:\Users\Shari\Downloads\esetsmartinstaller_enu.exe
2016-03-18 10:54 - 2016-03-18 10:56 - 00000000 ____D C:\Program Files\AdwCleaner
2016-03-18 10:54 - 2016-03-18 10:54 - 01527296 _____ C:\Users\Shari\Downloads\adwcleaner_5.102.exe
2016-03-18 10:52 - 2016-03-18 10:52 - 00000000 ____D C:\Users\Shari\AppData\Local\Eastman Kodak Company
2016-03-18 10:49 - 2016-03-18 10:49 - 00735328 _____ (Oracle Corporation) C:\Users\Shari\Downloads\jxpiinstall.exe
2016-03-18 10:47 - 2016-03-18 10:48 - 00000000 ____D C:\ProgramData\Oracle
2016-03-18 10:47 - 2016-03-18 10:45 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2016-03-18 10:46 - 2016-03-18 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-18 10:46 - 2016-03-18 10:45 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2016-03-18 10:46 - 2016-03-18 10:45 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2016-03-18 10:46 - 2016-03-18 10:45 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-03-17 19:52 - 2006-11-02 04:45 - 00638976 _____ (Microsoft Corporation) C:\Utilman.exe
2016-03-17 17:08 - 2016-03-04 14:14 - 201900432 _____ (AVAST Software) C:\Users\Shari\Desktop\avast_free_antivirus_setup.exe
2016-03-17 16:57 - 2016-03-17 16:57 - 00000000 ____D C:\Users\Shari\AppData\Roaming\ICAClient
2016-03-17 16:56 - 2016-03-17 16:56 - 00000000 ____D C:\Users\Shari\AppData\Local\Citrix
2016-03-17 16:56 - 2016-03-17 16:56 - 00000000 ____D C:\ProgramData\Citrix
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-21 11:17 - 2012-04-03 18:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-21 11:10 - 2013-06-16 09:19 - 00000000 ____D C:\Users\Shari\AppData\Roaming\Spare Backup
2016-03-21 11:02 - 2013-11-14 21:37 - 00000000 ____D C:\ProgramData\Kodak
2016-03-21 11:02 - 2006-11-02 08:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-21 11:02 - 2006-11-02 07:47 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-21 11:02 - 2006-11-02 07:47 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-21 11:02 - 2006-11-02 07:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-03-21 11:01 - 2006-11-02 07:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2016-03-21 10:59 - 2006-11-02 08:01 - 00032568 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-21 10:46 - 2009-06-07 10:15 - 84606976 _____ C:\Windows\ocsetup_install_NetFx3.etl
2016-03-21 10:46 - 2009-06-07 10:15 - 00983040 _____ C:\Windows\ocsetup_cbs_install_NetFx3.perf
2016-03-21 10:46 - 2009-06-07 10:15 - 00065536 _____ C:\Windows\ocsetup_cbs_install_NetFx3.dpx
2016-03-21 10:29 - 2009-01-24 18:41 - 00000000 ____D C:\Program Files\7-Zip
2016-03-21 08:59 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\rescache
2016-03-18 18:18 - 2006-11-02 07:50 - 00000749 ___RH C:\Windows\WindowsShell.Manifest
2016-03-18 18:18 - 2006-11-02 07:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-18 18:18 - 2006-11-02 05:33 - 00721936 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-18 17:48 - 2006-11-02 07:47 - 00430008 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-18 17:45 - 2006-11-02 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2016-03-18 17:45 - 2006-11-02 07:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-03-18 17:45 - 2006-11-02 07:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2016-03-18 17:45 - 2006-11-02 07:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-18 17:45 - 2006-11-02 07:37 - 00000000 ____D C:\Program Files\Windows Defender
2016-03-18 17:45 - 2006-11-02 07:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2016-03-18 17:45 - 2006-11-02 07:37 - 00000000 ____D C:\Program Files\Windows Calendar
2016-03-18 17:45 - 2006-11-02 07:37 - 00000000 ____D C:\Program Files\Movie Maker
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ___HD C:\Windows\inf
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\sysprep
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\SLUI
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\setup
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\oobe
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\migwiz
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\manifeststore
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\ias
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\com
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\servicing
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\MSAgent
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\L2Schemas
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\IME
2016-03-18 17:45 - 2006-11-02 06:18 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-18 17:41 - 2007-11-17 18:33 - 00000000 ____D C:\Windows\system32\RTCOM
2016-03-18 17:37 - 2006-11-02 05:32 - 00101376 _____ (Infineon Technologies AG) C:\Windows\system32\ifxcardm.dll
2016-03-18 17:37 - 2006-11-02 05:32 - 00079872 _____ (Axalto, Inc.) C:\Windows\system32\axaltocm.dll
2016-03-18 16:46 - 2012-04-03 18:11 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-03-18 16:46 - 2011-07-10 09:24 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-03-18 16:26 - 2010-04-08 16:38 - 00000000 ____D C:\Users\Shari
2016-03-18 15:09 - 2008-12-14 12:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-03-18 15:02 - 2010-06-03 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-03-18 14:54 - 2014-06-17 18:37 - 00000000 ____D C:\Windows\system32\MRT
2016-03-18 14:47 - 2006-11-02 05:24 - 141270216 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-03-18 10:57 - 2011-04-15 22:19 - 00000000 ____D C:\Users\Denise Pauls\AppData\LocalLow\Yahoo!
2016-03-18 10:55 - 2014-08-03 16:05 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-18 10:48 - 2014-07-13 14:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-18 10:47 - 2007-11-17 18:43 - 00000000 ____D C:\Program Files\Common Files\Java
2016-03-18 10:45 - 2007-11-17 18:43 - 00000000 ____D C:\Program Files\Java
2016-03-17 17:12 - 2014-07-13 15:03 - 00001945 _____ C:\Windows\epplauncher.mif
2016-03-12 09:10 - 2015-04-26 09:33 - 222403667 _____ C:\Windows\MEMORY.DMP
==================== Files in the root of some directories =======
2016-03-18 13:50 - 2016-03-18 13:50 - 0000680 _____ () C:\Users\Shari\AppData\Local\d3d9caps.dat
2015-10-18 08:24 - 2015-10-18 08:24 - 0000057 _____ () C:\ProgramData\Ament.ini
Files to move or delete:
====================
C:\Users\Denise Pauls\gotomypc_533.exe
C:\Users\Denise Pauls\gotomypc_635.exe
C:\Users\Denise Pauls\mseinstall.exe
Some files in TEMP:
====================
C:\Users\Denise Pauls\AppData\Local\Temp\avg-94a50c2c-c60a-472a-b86e-526c09c1a116.exe
C:\Users\Denise Pauls\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Shari\AppData\Local\Temp\jre-7u79-windows-i586-iftw.exe
C:\Users\Shari\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-21 11:15
==================== End of FRST.txt ============================

Relevance 100%
Preferred Solution: Vista not accepting updates & blocking Avast web shield

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Vista not accepting updates & blocking Avast web shield

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the LogFile button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleanerCx.txt (x is a number).===I need more information. Please run this tool.Download the version of this tool for your operating system.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)and save it to a folder on your computer's Desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.How to attach a file to your reply:In the Reply section in the bottom of the topic Click the "more reply Options" button.Attach the file.Select the "Choose a File" navigate to the location of the File.Click the file you wish to Attach.Click the Add reply button.===Please post the logs.Let me know what problems persists.

16 more replies
Relevance 84.05%

Hello, Thanks for being there for us.
I have a problem with my computer. After downloading a PDF file which instead of opening, suddenly disappeared and I cannot locate it. From there on whenever I open Firefox or iexplorer, Avast starts alerting me that it’s blocking a harmful website or file. Although these alerts stop when I go offline and so far the computer is running properly. Kindly assist me to fix this problem.
 
Thanks alot.
 
Taha

Answer:Avast web shield blocking harmful website whenever i go online

Hello Taha,please run a FRST scan to start with:Please download Farbar Recovery Scan Tool and save it to your Desktop.(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)Start FRST with administator privileges.Make sure the option Addition.txt is checked and press the Scan button.When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.Please copy and paste these logs in your next reply.

9 more replies
Relevance 75.85%

Hi all,

I recently got a copy of Sibelius 6 and downloaded on my pc laptop - os. Windows Vista. It worked fine, however, recently my hard-drive had to be reset to factory settings cos of a different issue with a port. When I got the laptop back from the repair place it was cleared of all software as one would expect. I popped in the Sibelius disc and downloaded successfully Sibelius Sounds Essentials and the scanning facility but Sibelius itself will not install fully. I am getting this error just when it seems mere seconds away from completing installation:

error 1935
An error occurred during the installation of assembly 'Microsoft VC90,CRT, processorArchitecture="x86",type="win32", publickey Token="1fc8b3b9a1e18e3b,version="9.0.30729.1'"


I tried the following ( I am not so knowlegable on comps, a tech friend suggested this ):

Install Visual C++ 2005 Redistributable Package (x86)

I did try but it refused to install, as it encountered another error.


Also... to give more detail:

It says 'updates available' on the system tray. I click on it and it says that there was a failed download on a certain date and that 14 uploads are pending, including service pack updates for Vista.

Now the cause of the error is listed as a code and the code is different for each failed one. I click on 'Get Help with this Error' and I am directed to the following:

1. Go to the Knowledge Base article webpage. In the Information for ... Read more

More replies
Relevance 73.8%

Using free Avast unsure about firewall possibly windows defender, not able to update satnav as "device not connected" when it clearly is and it shows on satnav that it is connected, so USB lead is ok. How do I allow my laptop to connect to TomTom site? TIA RedMist

Answer:Avast or Firewall possibly blocking TomTom updates

Have you updated TomTom Home for your device?

3 more replies
Relevance 68.88%

Hi, My niece just got a refurbed Acer desktop with Vista Home Premium 32bit. I uninstalled all of the crapware on it and installed Avast 5.0.418.

The problem is that at boot Vista blocks Avast from loading. Before I installed Avast I went into services and disabled Windows defender. Opened Windows Defender and unchecked everything so it isn't loaded or scanning anything.

Why would Vista stop my Avast from loading at startup, what good is it to have it not loading at start up when the computer is online at all time? UAC should not stop it from loading and the only way I could get it to load is by turning UAC off which I didn't want to do.

Windows 7 does not do this. Oh and I also have all of the windows updates installed.

How do I keep UAC from blocking my antivirus from loading at start up without having to click on "run this program" or whatever to get it running. I would like to keep UAC on but it's unexceptable to have to tell Vista to let run at every start up.

If she or one of her kids misses that ignores it then the computer is online with no antivirus running.

Thanks for any help, I don't remember this happening when I had Vista on my pc.

Answer:New Vista install blocking Avast from start up

Hallo kbz1960, this should not be happening and i would suspect malware is blocking it. If you try this first & set up Avast to run as Admin. just right click on avast in the start menu select properties & then compatibility tab and select run this program as admim. then apply/ok



If this does not work try running a Boot time scan with Avast & download Malwarebytes to your desktop;

Malwarebytes.org

Then follow corrine instructions on this page;

"Internet Security 2010" virus ... help!????

I hope this is of some help

1 more replies
Relevance 67.65%

I am having a problem in my sister's laptop. She does have antivirus installed (AVG Internet Security). However, its license expired, so I downgraded it to free version. After, downgrading it, I installed Avast! as it's antivirus and decided to uninstall AVG. Then, a few minutes ago after rebooting the laptop, a window opened saying that Trojan is infecting my computer, I heal it.. Then, another pops out. Heal and heal and heal..

After doing it, I rebooted the laptop thinking that it will refresh the system. Unfortunately, after rebooting, I cannot connect to Internet now. :cry :cry :cry Help me please? I already performed the Malware removing however, it did not help the laptop. I attached the files you asked me.. Please, help please? Thank you!
 

Answer:Avast error code 10050/No internet connection/Cannot start web shield in Avast

Welcome to Major Geeks!

Please attach the below log from Malwarebytes as requested:
Code:

"C:\Users\MSI\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\"
Oct 23 2012 11802 "mbam-log-2012-10-23 (21-32-26).txt"

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista or Win 7, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.searchcompletion.com?si=29053&bs=true&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=101702
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.searchcompletion.com?si=29053&bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.searchcompletion.com?si=29053&bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.searchcompletion.com?si=29053&bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchcompletion.com?si=29053&home=true
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.searchcompletion.com?si=29053&bs=true&q=
R1... Read more

1 more replies
Relevance 67.65%

End webcam spying ? for good ? with Webcam Shield and Avast Premier

Essentially, with Webcam Shield you have total control over what (and who!) uses your camera. This means you can now force any app to ask your permission before it can access your webcam.

Simply put, Webcam Shield promises to:
Protect Privacy
Give you total control over your webcam
Help prevent blackmail
With webcams now embedded in so many devices, it?s never been more important to protect yourself and your family from prying eyes and those with unknown motives.

& +

Automatically fix and update over 127,000 drivers for peak PC performance
Less crashing Faster browsing Better graphics Richer audio Fewer device problems

Print, scan, import files. Play crystal clear videos and make crackle-free voice calls. Avast Driver Updater auto-scans and updates your drivers to reduce and prevent problems with:

Printers and scanners, Photo and video cameras, Headphones and speakers, Mouse and keyboards, Monitors and Wifi routers, and other external devices.

MORE : Avast Driver Updater & Scanner | For Peak PC Performance
 

Answer:Avast have new tools: Webcam Shield feature & Avast Driver Updater.

Windows has webcam shield built-in. It works great!
 

0 more replies
Relevance 63.96%

My icon is to express my frustration with Vista right now...ahhhh!!!!!

So first the updates blocked just firefox, and then IE stopping working, too. The error message I get is along the lines of "Cannot display web page," and I know my connection is okay because I can use it with my laptop and iTunes on my desktop (the problem is in my HP desktop). A friend of mine managed to get IE working but not firefox, but as soon as stupid Vista auto-updated itself, both browsers were blocked again. I've tried making exceptions in the security programs and have even turned off the firewall but to no avail. I have Windows Protector/Defender (whatever comes with Vista) and Sysmantec (sorry, spelling is wrong, I'm in a hurry, it's finals week and I'm swamped!).
Anyone know what update is responsible for this and how to prevent it from happening in the future? Any advice is appreciated and I will test it out as soon as I get home.

Answer:Vista updates blocking IE & Firefox

Did you update any anti-malware software or a firewall? Also did any drivers update that could be responsible,,, find your update llog and see if anything could have modified it.. or go to windows update and click "remove updates" or something like that... theres basically a function to revert certain updates... just see if you can work it out like that... or you could try re-installing firefox?

This does sound random... Maybe synmanteck (or however its spelt) is blocking firefox's connection.... You need to check the settings for firefox in your antivirus/firewall/anti-malware software

Cheers,
Jamey

1 more replies
Relevance 62.32%

Hi

I installed AVAST on my other computer which has Vista's outbound firewall turned on. On AVAST's faq it says I have to allow 'avast.setup' outbound access. But, the problem is that Vista outbound rules only allows you to specify 'exe' files to allow outbound. So I'm stuck. Does anyone know of a workaround ?
Thanks
 

More replies
Relevance 59.86%

My first post, my first virus/issue that I know about. This is a 3-4 year old HP computer running Windows XP Home with all applied service packs and updates. Spy Sweeper has for the last week been displaying a pop up above the tray saying, "The Internet Communication shield has blocked access to: UDEFNDER.COM" where the website changes and a new alert displayed about every 3-5 seconds. McAfee, SpyBot S&D, Malwarebytes scans all normal. Microsoft Safety.live.com on-line scan is normal. There's no other obvious abnormal behavior, just the alerts from Spy Sweeper.I should add, when this all first started happening I tried using HJT to make some changes, I got very frustrated and tried deleting all the BHO stuff and whatever entries I could. The only thing I've noticed as a result of all that is, for example, when I try to bring up McAfee's main screen, the "frame" is there, but there's no text displayed.Here's the HiJack log... the DDS log and attachment is available if requested. Thanks in advance for any assistance -- BobLogfile of Trend Micro HijackThis v2.0.2Scan saved at 11:09:49 PM, on 5/18/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\Program Files\Webroot\Spy Swee... Read more

Answer:Spysweeper shield pop up says blocking xyz

Hello

Apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.
If you have since resolved the original problem you were having would appreciate you letting us know If not please perform the following below so I can have a look at the current condition of your machine.

Thanks and again sorry for the delay.

Before we can continue, please post a fresh HijackThis log back here

2 more replies
Relevance 59.45%

IObit's Advanced System Care Pro prompted me yesterday that there was an updated version available.

I downloaded and installed it.

A little while later Microsoft's update facility told me that there were updates waiting.

I downloaded them. At the end of the installation a window opened up saying that there had been a problem and the updates were not installed. (Sorry, I don't remember what it said exactly.)

I ran CCleaner and rebooted.

IObit's update alert popped up again and so did Microsoft's, so I jumped through both hoops again.

Neither of them seems to have been installed as I still get both alerts.

Help would be appreciated please.
 

More replies
Relevance 59.04%

Guys I am trying to insert my lic. key into a software program & when I click 'ENTER KEY' button that WIN7 blue & yellow shield pops up. I click YES - (i want to proceed) but thats it folks. Can i disable it long enough to activate my lic.??

Answer:That Blue & Yellow win 7 Shield is blocking me.

Start orb,type uac into search, select User Account Control Settings, change it to never notify via the slider. Don't forget to change it back when done.

1 more replies
Relevance 59.04%

I really like Avast AV very much. I have a question about the Web Shield part of the program. On the program itself, generally 6 of the 7 modules are running. I do not have Outlook or MS Exchange so for that area the program says, "The Program is Waiting for a Subsystem to Start." (or something like that.)

About once a month, maybe twice a month, I will notice 5 of the 7 providers running and the program will have one of the Web Shields running. However, it will say, "The Program is Waiting for a Subsystem to Start." (instead of saying, "The Provider is currently running." The funny part is that when I go to webpages and do a check, the Web Sheld is still scanning them. So on the Web Shield thing, what is Avast waiting for?

This is a common issue with the program based on Internet Searches. I don't know if this is a bug or the way that Avast 4.8 works. Can you also provide information about the two different shields that the program uses? One is the Web Shield, the other is called the P2P Shield.

The updates are working fine. Oh, it hasn't happend often enough, but so far the only way that I can get the Web Shield back to not saying, "The Program is Waiting for a Subsystem to Start." is to do a reboot.

Jack
 

Answer:Question About Avast 4.8 AV Web Shield?

Go to control panel and uninstall avast, when you try it it will display 4 choises choose repair.
Webshield scans scripts, cookies such stuff from yout browser.
And psp shield scans files downloaded from utorrent, limewire you can see them all if you right click avast icon choose on access protection contol psp program-customize.
 

2 more replies
Relevance 59.04%

Hello everyone I have a problem with my Toshiba laptop. Avast! Pro Antivirus keeps popping up from down right corner of my screen saying that Avast Web shield blocked malwarius web page or file. It's popping up literally every second and i need a solution how to stop this and remove viruses if I even have them. ( I already looked on web for solutions and everyone is saying different so i don't want to mess it all up).Edit: Topic moved from Windows 7 to AII ~ Computerxpds

Answer:Avast web shield problem, need help!

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scr... Read more

1 more replies
Relevance 59.04%

Now I can't access this site on another computer because I get the message: Avast Web Shield has blocked access to this page because the following certificate is invalid, SS1278353 Cloudflaressl.com. I've run the Avast software, Malwarebytes, Adwarecleaner, and 360 Total security to no avail.

What's up?
 

More replies
Relevance 58.63%

I am running windows XP. I have a virus/malware that is blocking any applications from opening and keeps sending me warning messages. I've run spybot in Safe mode but the infection is still there. I can not download to the computer or do anything web related without out pop-ups that block me from running applications.I was able to run a HiJack This log and save, put it on a memory stick and send it from my work computer but my version is 2.0.2 and the admin won't let me post it.I tried to download the hijack this in safe mode from a stick and got an admin settings message...Please advise how to proceed....

Answer:windows XP - Virus shield blocking all applications

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

19 more replies
Relevance 58.63%

Hello,I've had this problem before (see link below):http://www.bleepingcomputer.com/forums/t/109041/trojan-trying-to-access-malicious-websites/Now it has started up again. I've done scans with Dr. Web, Superantispyware, SpyBot, Zonealarm Antivirus all in Safe Mode and nothing was found. I also cleaned out all temp files, the problem still persists. There are no other symptoms (no popups, things are working fine, computer is fast) except a very active hard drive at bootup time as if some process was trying to access the blocked sites.I've looked through Process Explorer and the Task Manager and found nothing unusual....at least nothing that seemed out of the ordinary.After bootup, here are the sites that are blocked (from the SpySweeper logs):9:05 PM: The Internet Communication shield has blocked access to: 4SOFTGET.COM9:04 PM: The Internet Communication shield has blocked access to: 2SEARCH.ORG9:04 PM: The Internet Communication shield has blocked access to: 2SEARCH.ORG9:03 PM: The Internet Communication shield has blocked access to: 24-7SEARCHING-AND-MORE.COM9:03 PM: The Internet Communication shield has blocked access to: 24-7SEARCHING-AND-MORE.COM9:03 PM: The Internet Communication shield has blocked access to: 1STSEARCHPORTAL.COM9:03 PM: The Internet Communication shield has blocked access to: 1STSEARCHPORTAL.COM9:02 PM: The Internet Communication shield has blocked access to: 1-EXTREME.BIZ9:02 PM: The Internet Communication shield has blocked access to: 1-EXTREME.BIZ9... Read more

Answer:Spysweeper Communication Shield Blocking Access

I've had this problem beforeBut there was nothing of significant concern in your log.If the Spybot Hosts file was the problem last time, then its probably the problem again. Reboot and confirm if the Shield alerts go away. If you do a Google search, you will find this issue seems to be a common complaint from those using Spysweeper and other security programs like Spybot and Spywareblaster. Others frustrated by the alerts turned off the Internet Communication shield to stop if from monitoring the HOSTS file but then you loose the protection from that feature. Webroots response has been lacking in response to the numerous complaints about this.

11 more replies
Relevance 58.22%

Every time I open firefox, a window or tab I get a frightfully well spoken lady telling me a threat has been detected. I've run malwarebytes (4 PUP detected and removed) and scanned with Avast (no problems detected). Only intrusion found recently is homepage hijacked by search engine which is OutBrowse sp4 but can't find it in programs (control Panel) to remove it. Any ideas pls?

Answer:Avast Web Shield threat detected

Take a read here - there is a LINK to download AdwCleaner which should be able to remove it.
outbrowse removal guide

2 more replies
Relevance 58.22%

Thanks for your time.

I just installed Antivir and felt naked without a web shield, so I reinstalled everything in Avast! except the standard shield.

In theory, this should work, however the apps froze on startup, so I set Avast! to launch after all other applications load and they seem to like each other now.

What I'm here to ask is whether this should theoretically cause any problems.

Please don't reply with, "OMG YOU ONLY NEED ONE ANTIVIRUS" because I am only running one antivirus. My reasoning for running both apps is so that the Avast! web shield will take effect during browsing, and Avira will handle everything locally. The issue I have with using Avast! for everything is that it seems to constantly scan all my files, without letting me set it to just "scan on application read/write" which causes major slowdowns.
 

Answer:Antivir + Avast (Web Shield Only) Compatibility

Wow no one has any experience with this pairing? That's amazing.
OK thanks anyway.
 

1 more replies
Relevance 58.22%

the behaviour shield is yet not improved....

i still see the shield is not yet fully operational on auto decide it should be able to block atleast 50% of malware beahviour atleast...

i see the behav shield records suspicious events but doesnt block them neither no alerts are displayed....why??

I saw all this in my tests...behav shield records suspicious events but doesnt display a pop-up and neither blocks it....

when avast sees something bad is suspicious is going on it should block it....what's the deal with that??
 

Answer:no improvement in avast 7 for behaviour shield.

Likely Behavior Shield uses heuristics analysis so therefore a file that's known to be malicious/suspicious will popup so for Sandbox feature too.

When its set to ask a behavior popup must shown with the option.
 

24 more replies
Relevance 58.22%

I recently went from Avast 4.8 to Avast 5 and am pleased with the new version. I note that it has a Behavior Shield and can't recall if the earlier version also had. What I would like to know is this: does the Behavior Shield make Threatfire, which I also use, redundant?

Unfortunately, although I tried to glean an answer from Avast's Help Center, I do not know enough about computers to know what the description there of the Behavior Shield amounts to: it 'monitors all activity on your computer and detects and blocks any unusual activity that might indicate the presence of malware. It does this by continuously monitoring your computer's entry points using special sensors to identify anything suspicious.'

I have XP, SP 3.

Thanks in anticipation.

Answer:Avast 5's Behavior Shield and Threatfire

Behavior shield - monitors all activity on your computer and detects and bloxks any unusual activity that might indicate the presence of malware. It does this by continuously monitoring your computer's entry points using special sensors to identify anything suspicious.avast! 5.0 Quick User GuideThreatFire monitors your machines activity and uses an intelligent behavioral engine to alert you about malicious behavior rather than rely on signatures. - How ThreatFire WorksAs such there will be some redundancy using both but their technology is different and therefore, what is detected may vary.

2 more replies
Relevance 58.22%

i'm having some problems with my broadband but have just notice that my avast is not running. whenever i try to start it up it says" unable to reach file system shield. shield unreachable. how can i get it going again, thanks

Answer:avast smart shield not running

an happen with a corrupt update. rmove avast with the removal tool click here and reinstall.

1 more replies
Relevance 58.22%

Last April, a gentle person from Europe helped someone with this same problem.  I tried to follow the advice, but find I need some help. What I've done: 1)  Run Malwarebytes software daily.2)  Uninstalled Avast and reinstalled it.3)  Installed IE 11.4)  Have trouble with downloads.  I get Current Security settings do not allow download.  I've gone into Internet Options and attempted to change all settings to allow file downloads.  I accomplished this once, but then it does not last.5)  I've run Tweaking.com, Windows Repair All-in-one. The Avast Web Shield is still popping up. Thanks for any help!Edit: Moved topic from Windows 7 to the more appropriate forum.~ Animal

Answer:Avast Web Shield notifications appear constantly

Please run the following scans in the order they appear.
 
Please run Malwarebytes AntiMalware
 
Please download Malwarebytes Anti-Malware.  After clicking on the link the download will start automatically.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 

 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 

 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 
 
3)  The scan will automatically run now.
 

 
 
4)  When the scan is complete the results will be displayed.  Click on Quarantine All, then click on Apply Actions
 

 
 
5)  To complete any actions taken you will be asked if you want to restart your computer, click on Yes
 
 
 
6)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items. &... Read more

3 more replies
Relevance 58.22%

Greetings all! I apologize if this isn't the right place for this! I'm trying to help my boss get his computer squared away and I'm having issues with Avast Web Shield popping up constantly. As of the typing of this message, it seems to have slowed down a little bit, but I want to make sure the problem is solved and that there is not going to be any issues going forward for him!
 
I would try to do something myself, but every time I've searched anything online about this, it says that every case is different and that solutions only work in that particular situation.

Answer:Avast Web Shield Working Overtime

You have the option to turn off the Web Shield permanently according to the info in link below.
Turn Off (Disable, Pause) Avast Antivirus 2015
 

1 more replies
Relevance 58.22%

Hello!

Brand new computer (well, used, but new to me) and the same old virus problems.

The Avast Behavior Shield turns itself off every time I hit "Connect" on VZAccess manager during the last 24 hours. Avast does warn me that it's off and I click it back on manually. Says it's back on, but I have my doubts.

Particularly as when I tried to surf eBay, the website suddenly thought I lived in the Czech Republic. Yeah, I've changed my eBay password and my PayPal on a friend's clean computer already.

So here's the DDS log with the ATTACH, err, attached.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18377
Run by Lois at 19:58:07 on 2017-05-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2302.1316 [GMT -7:00]
.
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus *Disabled* {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\s... Read more

More replies
Relevance 58.22%

Hello,

My son got into some bad stuff which led me to this forum a few months back. After some research I went with Avast Anti Virus (free version), Malware Bytes (paid version), and Comodo Firewall (free version). I have had a lot of slow behavior when surfing and doing email. The cursor is unstable and I cannot type things without a long wait. I turned of the Avast Behavior Shield and everything is a lot better. What have I lost turing off this feature? There are still several other Avast Shields running along with the Malware Bytes and Comodo.

Any suggestions? Should I try a different AV program?

Thanks,

Dave

Answer:Avast 5 Behavior Shield Slows Down XP?

hello daveplaysbass,The behaviour shield is a bit of a mystery! There's quite a few questions about it on the Avast forums and no real answers. I think the guys on there have been waiting for months for a 'promised' explanation from an Avast official. Found out a few things tho. This is a quote from an interview with a Avast official ...."The Behavior Shield that we shipped in version 5.0 is a new component that is going to be further developed moving forward. For example, in version 5.1, we will be adding more sensors that will allow for even finer-grain filtering.For now, the Behavior Shield is focused on exploits coming via typical mechanisms (browser, PDF reader, and flash vulnerabilities, for example). It also closely monitors all kernel-mode code (drivers) loaded into the operating system, and is able to detect zero-day rootkits."So whilst it's new and not operating at it's fullest potential, it still is an important part of Avast!It's not supposed to use hardly any system resources, but a few people have had problems with it conflicting with other software. One person had the problem of it conflicting with the 'Payed' version of Malwarebytes. And thats interesting because my set up is the same as yours, Avast(free), Comodo firewall(free) but i have the Free version of Malwarebytes, and i have no problems with conflicts.Its worth checking to see if there's any information in the Behaviour Shield report( at the bottom of the Behaviour shield page) in th... Read more

1 more replies
Relevance 58.22%

Hi everyone,

new beta version 17.5.2298 is released.

What's new:
- Tiny Firewall for blocking EternalBlue exploit - (internal) It is a part of StreamFilter, turned ON/OFF by Online Shield
- internal fixes

As many of you are aware Avast and AVG are 1 company now. Cause development of 2 different UIs takes different time, in this beta we introduce Ransomware shield in AVG beta now. You can expect Ransomware shield in Avast in next betas.

If you wanna try Ransomware protection in AVG build, check this link:
- AVG Antivirus Beta 17.5.3017

Download links:
BETA testing - Overview & Download links
 

Answer:Finally,the ransomware shield in avast

Good, but why they need a whole new tiny shield for stopping an exploit and this has to go through beta and be delivered after tests!? There are firewalls for blocking ports like the Windows Firewall and the Avast one in paid solutions. Maybe it is a sign that they need something like Norton's IPS?
 

3 more replies
Relevance 57.81%

Good day,
 
I've been getting a lot of alert from avast as per the topic title. The specifics of it are as below
 
Object: hxxp://69.65.5.105/ (Changed tt to xx in the URL for obvious reason)
Infection: URL:Mal
Process: C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
 
Avast will keep on alerting me at a very random interval. sometimes as often as once every 4-5 minutes. When I stop the FileZilla Server service, the alert will stop too. As soon as I start the service again, avast will immediately start alerting me again. One peculiar things I have noticed since avast started alerting me on this is that I cannot download any file directly from the browser (Chrome, Firefox) anymore. I started noticing this one when I wanted to download DDS. 
 
Anyway, I've got my hand on the DDS software from another PC. Unfortunately running the software gave me the following error message
 
"DDS is not meant to run in 'Compatibility Mode'. The program shall now exit."
 
Thus I'm not able to produce the logs to accompany this post. By the way, I'm using Windows 8.1 Pro (64-bit). I'm pretty sure I'm infected and any help will be much appreciated.

Answer:Avast web shield has blocked a harmful webpage

Hello and Welcome on board ,my Name is Machiavelli and I will assist you with your problem.If you booted into safe mode on your computer then print my instructions!I'm in the 'Malware Staff Team' and will provide you with advice:To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.Below are a few tips:Removing Malware is usually very difficult.We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!Please follow these instructionsIf you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!Please stay in contact with me until your problem is resolvedAs Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.Please don't run any other tools without consulting with me as this can complicate finding and removing all MalwareDon't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!Read my post completelyIf you don't do so, you may make mistakes that could result in your System crashing by your own ... Read more

4 more replies
Relevance 57.81%

S y s t e m I n f o r m a t i o n

OS Name Microsoft Windows 7 Ultimate
Version 6.1.7600 Build 7600
System Manufacturer INTELR
System Model AWRDACPI
System Type X86-based PC
Processor Intel(R) Pentium(R) 4 CPU 2.40GHz, 2394 Mhz, 1 Core(s), 1 Logical Processor(s)
BIOS Version/Date Phoenix Technologies, LTD 6.00 PG, 27/01/2004
SMBIOS Version 2.2
Windows Directory C:\Windows
System Directory C:\Windows\system32
Boot Device \Device\HarddiskVolume1
Hardware Abstraction Layer Version = "6.1.7600.16385"
Installed Physical Memory (RAM) 1.50 GB
Available Physical Memory 536 MB
Total Virtual Memory 3.00 GB
Available Virtual Memory 1.69 GB

I installed AVAST Free Antivirus Version 5.0.677

Enabled the REAL-TIME SHIELDS (which include 7 options) all listed below:

File System Shield
Mail Shield
Web Shield
P2P Shield
IM Shield
Network Shield
Behavior Shield

I'm only able to enable 6 of the 7 Shields without locking out all internet web page traffic loading.
Every time I enable the WEB SHIELD it prevents any pages loading.

My questions are why, how do I correct it & what exposure does it present not having it enabled???

Any help to resolve these issues would be really appreciated.!
 

More replies
Relevance 57.81%

Hello,
For several days AVAST keeps popping up all the time messages like this one:
 
"MAIL SHIELD SECURITY EXCLUSION
Avast has indentified a problem with this site certificate.
You can add this certificate as an exclusion, if you are sure about it.
Click the 'View' button for more details about the certificate.
If you want to change your certificates/exclusions, please open the Windows Certificate browser and perform the required operations directly from within the system certificate storage.
Legitimate public sites and mail servers should not ask you to do this.
 
SERVER
Location: smtp.stcable.net
Process: C:\Windows\SysWOW64\regsvr32.exe
CERTIFICATE STATUS
This site attempts to identify itself with invalid information.
Problems:
The certificate is not trusted."

 
I either close it or select "CANCEL" but it starts to worry me. I saw another topic with the same problem but it's closed without solution. Here's the contents of the FRST.txt report:
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
Ran by USER (administrator) on ОЛЕГ-PC (14-11-2016 19:47:08)
Running from C:\Users\USER\Desktop
Loaded Profiles: USER & UpdatusUser (Available Profiles: USER & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Български (България)
Internet Explorer Version 11 (Default browser:... Read more

Answer:Avast keeps asking for Mail Shield Security Exclusions

I'm sorry for the second topic, the browser gave me internet error (or something) and I clicked refresh.

1 more replies
Relevance 57.81%

Hello,
For several days AVAST keeps popping up all the time messages like this one:
 
"MAIL SHIELD SECURITY EXCLUSION
Avast has indentified a problem with this site certificate.
You can add this certificate as an exclusion, if you are sure about it.
Click the 'View' button for more details about the certificate.
If you want to change your certificates/exclusions, please open the Windows Certificate browser and perform the required operations directly from within the system certificate storage.
Legitimate public sites and mail servers should not ask you to do this.
 
SERVER
Location: smtp.stcable.net
Process: C:\Windows\SysWOW64\regsvr32.exe
CERTIFICATE STATUS
This site attempts to identify itself with invalid information.
Problems:
The certificate is not trusted."

 
I either close it or select "CANCEL" but it starts to worry me. I saw another topic with the same problem but it's closed without solution. Here's the contents of the FRST.txt report:
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
Ran by USER (administrator) on ОЛЕГ-PC (14-11-2016 19:47:08)
Running from C:\Users\USER\Desktop
Loaded Profiles: USER & UpdatusUser (Available Profiles: USER & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Български (България)
Internet Explorer Version 11 (Default browser:... Read more

More replies
Relevance 57.4%

I am using windows XP with IE 6 and I recently installed version 8 of the AVG free virus protection. Was using the previous version with no problems. Now it will not let my system do an automatic system restore. Here is the popup message I get every time it tries to do a system restore: Resident Shield Alert-Accessed file is unwanted.
File name:"C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP272\A0009499.dll"
Threat name: Potentially Harmful Program RemoteAdmin.AWM detected on open,
Gives me the following options-- Remove threat as Power User or
Move to vault Add to exceptions Ignore
Virus Vault indicates this as infection type PUP.
I have placed the file in Vault and also have added to exceptions and still get message each time system tries to do an automatic restore so I sent it to AVG for analysis. The following is their response:
This email is an auto-response message. Please do not reply.
AVG Anti-virus Research Lab has analyzed the file(s) you have sent from your AVG Virus Vault. Below you can find the results for each file. The final verdict on the file is either a correct detection or a false positive detection.

Further information about the verdicts are available at our website:
http://www.avg.com/faq-1184 THIS DIRECTS YOU TO http://www.grisoft.com/ww.90823.

"C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP272\A0009499.dll" - detection is correct

AVG Technical Support
website: http... Read more

Answer:Solved: Resident Shield in AVG blocking auto system restore

This is to correct what I submitted. I am not too smart.
I should have said when system is trying to create a daily restore point. ( not a system restore).
I can create a restore point manually but system will not do it automatically without the popup message.
 

3 more replies
Relevance 57.4%

I have recently had some trouble in that the Google Chrome icon on my desktop has had this picture of a blue and yellow shield over it, which is preventing it from running. I say running -- I am able to open the application, but I just get 'loading' with the standard circle going round and round and round in the top left hand corner... Then, after a minute or so, I get the Page(s) Unresponsive message, telling me to kill the chrome application. I spoke to a Microsoft representative who told me to follow some steps to disable user account control settings, however this had no effect. I read on a forum that this could be a malware problem, so I downloaded the free trial of Malwarebytes, only to find that; when this appeared on my desktop, it too had the same blue and yellow shield I mentioned above! These are the only two applications I can see with the shield preventing them from opening.

I'm running on Windows 7.

Any help as to how I can rid of this problem would be most appreciated.

Thanks!
 

More replies
Relevance 56.99%

Good Day
 
I have an Avast Premier antivirus
and recently this pop-up has been coming up frequently(actualy starting to be annoying now)
I have done a full scan and nothing seems to help.
I have attached the logs i ran with DDS
help would be apreciated,
thanx
 
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.17207  BrowserJavaVersion: 10.67.2
Run by user at 9:02:46 on 2014-08-08
Microsoft Windows 7 Professional   6.1.7601.1.1252.44.1033.18.1954.340 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\BlueStacks\HD-LogRotatorService.exe
C:\Users\user\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explor... Read more

Answer:Avast! Web Shield has blocked a harmful webpage or file

Hello tonata I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", ... Read more

15 more replies
Relevance 56.99%

So basically I only installed the behavior shield from the avast installation wizard. I was thinking having Kaspersky as my main AV along with avast's behavior blocker is a good set up. However, admittingly I am a novice, and I don't know if these two will clash. So far, everything seems to be going smoothly, but the WD notification icon is displaying that X and is saying I shouldn't have more than one AV installed. Thanks.
 

Answer:Using Kaspersky free with only Avast Behavior Shield installed.

I personally think it should work ok running these 2 programs if Avast is only enabled for behavior blocking.
 

20 more replies
Relevance 56.99%

Q. 1.There is a Heuristic Scale and Test Whole file box in File shield.
Should I Scale up it to high (from normal) and check the "Test whole File" box, for better protection?

Q 2. There are two tabs in File Shield settings, "Scan when opening" and "Scan when Writing"
Should I tick the Scan All files in both Opening and Writing for better Protection? (It will scan all files that are being opened or written in the system but there will be negative impact that IDC)

Q. 3. Should I tick "All Packers" or go with Default packers.

Q. 4. Should I activate Avast Aggressive Hardened mode because I don't like Voodooshield as it shows its Pro Version Advertisement in every Startup which is too much annoying for me.
 

More replies
Relevance 56.99%

Can anyone suggest the most appropriate settings for COMODO HIPS so that it would work with Avast behavior shield in tandem?
 

Answer:Avast Behavior Shield with COMODO HIPS. Which settings should I use?

U can use safe mode in comodo hips. It should work realy nice with the behavour shield from avast. Well, i would turn off hips totaly if u use comodo firewall and avast. there is no need for hips.
 

5 more replies
Relevance 56.99%

Hello I'm having problems with the Avast! web shield popping up very often and have no idea what to do. Pop ups go along the line of
 
Avast Web Shield has blocked a harmful webpage or file.
  Object:  htp://filesonlinehere.com/sync/?rmbs=...
Infection:  URL:Mal
Process:  C:\Program Files (x86)\...\chrome.exe
 
I have posted the DDS log below
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17496  BrowserJavaVersion: 10.67.2
Run by LEOLEOLEOLEO at 1:06:42 on 2015-01-11
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8141.4816 [GMT -8:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:... Read more

Answer:Avast! Web Shield has blocked a harmful webpage or file

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).===Download the version of this tool for your operating system.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)and save it to a folder on your computer's Desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first t... Read more

11 more replies
Relevance 56.99%

Hello Guys,
My system:
Toshiba  / Satellite C55-A   /  Intel ® Celeron  ® N2820
64 bit Windows 8.1
I am at the end of my rope. I have tried everything. First, let me say I am not good at technical things on a computer, just enough to be dangerous. So if some things I say seem crazy, they probably are.  So here is the story. About a week ago I received a email on my go daddy webmail.  www.login.securserver.net. That is how I long into that email. Now, that is not my main email. My main email is gmail, which I use the most.
The email I received on the go daddy email was a Notice of Apperance in Court #00406341. It contained a zip file,  Court Notification 00406341.zip.   Of course being stupid, I unzipped the file, thinking it was something important, since I have some court cases ongoing for business.
With research  I think it is a Kuluoz or another one that starts with  A.  cant remember.
It put a zip file in my downloads folder  Court_Notification_00406341.doc, which shows as File Type: Java Script file, 8.84kb.  That is the only one I noticed, not sure if they are more somewhere.  Then things started getting a little weird. Nothing major, I still get emails, still send them, and my system seems to be running normally, except for Avast Mail Shield security exclusions ,  It keeps poping up at least 40 times a day, saying 
 
Now, here I used to get different info, like websit... Read more

Answer:Avast keeps giving me Mail Shield Security Exclusions

hi,
 
We will start with FRST to remove some items from the log.
 
Usually Iam only on this site once or twice per day so you may not get a reply from me until the next day.
 
Copy/paste whats below in the box into notepad. Save it as fixlist.txt in the same location you have FRST, your desktop. Click the FRST icon like before and this time click on the fix button just once. When done you will find a fixlog on your desktop. Please post the fixlog in your reply. Machine may reboot to finish the process.

HKLM\...\Run: [] => [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Users\Philip\tmp2098815588907764838.exe
C:\Users\Philip\tmp3347511962698503720.exe
C:\Users\Philip\tmp7839474401173251832.exe
2014-03-10 16:57 - 2014-03-10 16:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
SearchScopes: HKU\S-1-5-21-2793440623-1628646824-2415799637-1001 -> {21A3F5B1-BB9E-458A-815D-54E44AA350A8} URL =
CHR HKU\S-1-5-21-2793440623-16286... Read more

5 more replies
Relevance 56.99%

Purchased avast internet security in November 2011. It's suddenly stopped working. "Fix Now" button not responding and unable to restart program as I'm being advised that the file system shield is unreachable! Any idea what's happened? Please help.
Angie.

Answer:avast internet security: file system shield

You have posted this twice - to avoid confusion:-
Please tick this thread as resolved (click the rigt hand column) and do as suggested in the other thread and reinstall avast.

1 more replies
Relevance 56.99%

I'm sure you've seen these topics before...
I need some help about the constant popups avast has given me FOR EXAMPLE
 
Avast Web Shield has blocked a harmful webpage or file.Object:  htp://filesonlinehere.com/sync/?rmbs=...Infection:  URL:MalProcess:  C:\Program Files (x86)\...\chrome.exe
 

 
If there is anything I need to provide, please elaborate and I will be grateful to supply it

Answer:Avast! Web Shield has blocked a harmful webpage or file

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Download Malwarebytes' Anti-Malware from HereDouble-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).The scan may take some time to finish,so please be patient.If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Log... Read more

18 more replies
Relevance 56.99%

Every time I click on the Account hyperlink to access my YouTube account on YouTube Avast Network Shield blocks the attempt. This is obviously a false alarm but I don't see a option to edit it's block list or to make a exception though I see it for the Web Shield. Is there anyway to fix this or do I have to pause it each time I want to access the account page on YouTube because thats the only thing that works.
 

Answer:Avast Network Shield Blocks YouTube/Account

Outlawstar15a2 said:





Every time I click on the Account hyperlink to access my YouTube account on YouTube Avast Network Shield blocks the attempt. This is obviously a false alarm but I don't see a option to edit it's block list or to make a exception though I see it for the Web Shield. Is there anyway to fix this or do I have to pause it each time I want to access the account page on YouTube because thats the only thing that works.Click to expand...

You're not alone, see Avast forum. Avast has acknowledged the problem and an update should be available soon.
 

1 more replies
Relevance 56.99%

I get this specific error "avast! Web Shield has blocked a harmful webpage or file
 
Infection: URL:Mal
 
Process: C:\Windows\System32\svchost.exe"
 
Everytime I opened up google, I actually removed avast thinking malwarebytes would remove it, but it didn't. I did multiple threat runs on avast + malware, stuff showed up I got rid of it, yet it's still here. I don't see the error anymore only because I removed the avast, I want to get rid of it could someone help me.
 
I also get something called Nexxtcoup on my google extensions, everytime I remove it, I'll close google and then bam it's back there.

Answer:avast! Web Shield has blocked a harmful webpage or file

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware to your desktop.NOTE. If you already have MBAM 2.0 installed scroll down.Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkma... Read more

1 more replies
Relevance 56.99%

For a week, I have been getting constant alerts from Avast!, and since I updated Malwarebytes, it is also giving me alerts.
 
Avast! Alert: 
Avast! Web Shield has blocked a harmful webpage or file.
Object: http://brozblagrom-c2.com/online/526 (This changes with ever new alert popup, usualy 6 or more will show up at once)
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe
 
Malwarebytes Alert: 
Malicious Website Blocked
Domain: forteen-meters7.me
IP: 5.45.6.199
Port: 50271
Type: Outbound
Process: C:\Windows\System32\svchost.exe
 
 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16457  BrowserJavaVersion: 10.45.2
Run by Kistoway at 16:17:04 on 2014-06-28
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3564.1531 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microso... Read more

Answer:Avast! Web Shield has blocked a harmful webpage or file

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/539339 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

11 more replies
Relevance 56.99%

Hello!
 
I installed Avast recently and have the premium trial version of it at the moment. Every so often, there's a notification that pops up with "Avast! Web Shield has blocked a harmful webpage or file", and some random website. It notifies that it's running through Chrome even when I'm not currently running it (I'm mostly using Firefox). I believe my computer may be infected because I started seeing ads that appear normally where they shouldn't (with a description like ads by deall2ddeualit), and some Firefox addons that enabled these ads that were installed without me knowing about it.
Somewhat related, I allowed a scan from Avast of the computer files while it was booting up and accidentally unplugged the power which turned off the computer mid scan. When I booted it up again, I was entered into something like a temporary account where all my saved documents were pretty much gone. After another reboot, it did the same thing except now it stated that the copy of windows was not genuine. And after a third reboot, everything seemed restored. However, it feels as though start up is somewhat slow now. I'm not quite sure what happened here.
I'm not quite sure where to start, but I believe I need to provide a log? How do I go about doing that?

 

Answer:Avast! Web Shield has blocked a harmful webpage or file

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/545315 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

2 more replies
Relevance 56.58%

I recently had to restore from a system image (full restore of C:\ drive where my program and system files are kept, no changes to D:\ so my personal files weren't reset, and probably some temp files and preferences weren't either) and after doing so, and then reinstalling avast onto this system image (the image was made at a time when I had a different antivirus) I encountered a problem with firefox which seems to be something to do with conflicts with it and avast.
Immediately after the system imaging firefox worked fine, and immediately after avast's installation avast worked fine too. The I updated both of them to the latest state, restarted and logged back on. This time when I opened avast to go to google I got a warning about a certificate on google's page being unrecognised (Unfortunately I can't remember the exact wording), But I was able to follow some of the options on the dialogue brought up by firefox and see a certificate related to avast was causing the issues. I tested by temporarily disbaling avast's web and mail shields and opening firefox again, that time it went to google.co.uk without issues. I turned the web and mail shields of avast back on and I got the same certificate problem again.
Eventually I used the "I know the risks button" in firefox and created an exception, which I think might not have been the best way to solve this. Because I still had problems loading other https pages (for exmaple the links to google plus or gmail from the google home pa... Read more

Answer:Conflicts involving avast's web/mail shield certificates and firefox

It's a known issue with avast! from my experience, take a look.https://support.mozilla.org/fr/questions/981937https://forum.avast.com/index.php?topic=161376.0http://kb.mozillazine.org/SSL_Security_Errorhttps://support.mozilla.org/fr/questions/1032509I think the instructions you are looking for are in the first link.

16 more replies
Relevance 56.58%

Hi, My laptop keeps getting a popup from avast stating this below Avast web shield has blocked a harmful webpage or file Object:  http://weath4us.info/qOxXS:f<GM///Infection:  URL:MalC:\users\joseph\AppData\Roaming\CrashRep\GUP.exe Joseph is the user of this laptop.  This popup come up whether I'm browsing the internet or just on my desktop in word or something similar.  I have run spybot and only thing it finds is Browser:cache for internet explorer.  I have windows 10 home on a Toshiba Satellite.  What do I need to do?  Do I have a virus on my laptop? Thanks,Joseph   Here is the log info  --------------------------------------------------------------------------- SecurityCheck by glax24 v.1.4.0.32 [01.11.15]WebSite: www.safezone.ccDateLog: 24.12.2015 00:27:43Path starting: C:\Users\Joseph\AppData\Local\Temp\SecurityCheck\SecurityCheck.exeLog directory: C:\SecurityCheck\IsAdmin: TrueUser: JosephVersionXML: 2.20is-21.12.2015___________________________________________________________________________Windows 10(6.3.10586) (x64) Core Lang: English(0409)Installation date OS: 21.12.2015 01:01:20LicenseStatus: Office 15, OfficeO365ProPlusR_Subscription1 edition Timebased activation will expire :84194 minutesLicenseStatus: Windows®, Core edition The machine is permanently activated.Boot Mode: NormalDefault Browser: C:\WINDOWS\system32\LaunchWinApp.exeSystemDrive: C: FS: [NTFS] Capacity: [... Read more

Answer:Avast Web Shield has blocked a harmful webpage or file.... am I infected

Uninstall Spybot from your machine. Then Download Security Check to your desktop, right click it run as administrator. When the program completes, the tool will automatically open a log file, please post that log here in your next post.
 
Adware Cleaner Scan.
 
Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Scan button.
When the scan has finished click on Clean button.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.
 
JRT Scan.
Please download Junkware Removal Tool and save it on your desktop.
 
Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log is saved to your desktop and will automatically open.
Please post the JRT log.
 
Adware Removal Tool Scan.
 
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.
 
 

 
Hit Ok.
 

 
Hit next m... Read more

5 more replies
Relevance 56.58%

I have gotten an error message from Avast when downloading email.

The message says that Avast mail shield cannot scan the emails because
I have an SSL secure connection configured in the mail client, Outlook Express 6.

Both incoming and outgoing server ports have "This server requires a secure connection (SSL)" ticked ON.

I think this setting may be required for att.yahoo.com servers. :confused

Should I just disable the mail guard in Avast?

Thanks
 

Answer:Avast Mail Shield not working with AT&T account and Outlook Express

Have you read this?
http://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=458
 

1 more replies
Relevance 56.58%

I keep getting messages from avast saying it is blocking a webpage or file. My task manager shows there are a lot of processes running. My computer is acting really slow now, and it started making buzzing noises, and on startup the fan is making an incredible racket as well. Malwarebytes hasn't found anything. What should I do? I saw other people post, but there were warnings not to repeat these things. 
 
Each warning has three fields, object: infection: and Process: 
usually says http;//f0fff0...... or fa8072 or maybe go.wymedia
 
infection is always url mal
 and process is generally windows syswow64/dllhost or program files....iexplores/exe

Answer:Avast popup - web shield has blocked harmful webpage or file

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scr... Read more

20 more replies
Relevance 56.58%

Hi there, My laptop and i are in deep trouble. 2 days ago, i was trying to download a game from the internet and it got me to this. i was opening a lot of links and pages, installing and uninstalling a lot of stuffs and right now, im in big trouble. There is an ads keep popping up on the bottom right corner of my desktop, and it keep on popping up throughout the day. at first it was a chinese game ads and then it becomes a chinese shopping ads and others. it pops up everytime i turn on my computer, and i wasnt even on the browser and it pops up. soon after that, my antivirus which is avast keep on giving this message 'Avast! Web Shield has blocked a harmful webpage or file URL: hxxttp://js.union001.com/PClick.aspx?AID=19927&KEY=CF3C8B99B339869B0A2895A79B102D884535DEAF40EC8624Infection: URL:MalProcess: C:\Program Files (x86)\t_201601210117\201601210117\lsas.exe.it is so annoying and i dont know how to fix this. I have read through some of the forum here, but still i do not understand what should i do first. would someone please help me. i do not wish to format my laptop please. im running windows 7 X64bit. im very grateful if someone could provide me steps by steps instruction so that i could catch up on what to do and im new here. thank you very much for any of your help.

Answer:'Avast! Web Shield has blocked a harmful webpage or file' with ads keep popping

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Download Malwarebytes' Anti-Malware from HereDouble-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).The scan may take some time to finish,so please be patient.If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Log... Read more

6 more replies
Relevance 56.58%

Cleaning up my daughters computer - Dell Vostro 260 - Intel I5-2400, 4GB RAM, Windows 7 Home Premium 64bit.
 
Ran Malwarebytes, adwcleaner and CCleaner.  Installed avast free and ran boot time scan.   
 
Now receive continuing popups from avast stating:
 
avast! Web Shield has blocked a harmful webpage or file. 
Object:  hxxp://on-bend.com/b/opt/CB8F9...............
Infection:  URL:Mal  Process: c:\Windows\explorer.exe
 
Also appears that MS Update does not work and some downloads are being blocked.
 
Ran DDS as directed.  Only produced Attach.txt file (Below).  Rechecked and the DDS.txt box was checked - reran but did not produce this file.
 
Thanks in advance!!
 
********************************************
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 3/10/2012 10:44:31 AM
System Uptime: 1/7/2005 6:12:05 PM (83176 hours ago)
.
Motherboard: Dell Inc. |  | 0GDG8Y      
Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz | CPU 1 | 3101/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 454 GiB total, 332.036 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Photosmart C6300 series
Device ID: ROOT\IMAGE\0000
Manufacturer: HP
Name: Photosmart C6300 series
PNP Device ID: ROOT\I... Read more

Answer:avast! Web Shield has blocked a harmful webpage or file - explorer.exe

Hi there,this is malware for sure. Please run the following scans:Step 1Please download TDSSKiller and save it to your Desktop.Start tdsskiller.exe with administrator privileges.Accept the EULA and the KSN Statement.Click on Change parameters.Make sure that all available options (except "Loaded modules") are checked and click OK.Click on Start scan.If any threats are found don't delete them but choose the Skip option for all of them.Click on Report to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).Copy and paste its contents in your next reply.Step 2Please download Farbar Recovery Scan Tool and save it to your Desktop.(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)Start FRST with administator privileges.Make sure the option Addition.txt is checked and press the Scan button.When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.Please copy and paste these logs in your next reply.

11 more replies
Relevance 56.17%
Relevance 55.76%

Just like what is described in these two topics (http://www.bleepingcomputer.com/forums/t/531503/avast-web-shield-has-blocked-a-harmful-webpage-or-file-coming-up-all-the-time/ & http://www.bleepingcomputer.com/forums/t/537505/avast-web-shield-has-blocked-a-harmful-webpage-or-file-coming-up-frequently/).
 
As in the other posts my laptop restarted itself last night and since then whenever I have been connected to the internet I keep receiving notifications from Avast saying that a threat was blocked:
 
Object:http://getmeegan.info/?e=svon&cht=2&dcu=1&cpatch=2&dcs=1&pf=1&publisher=1091&dd=4&country=AU&.....
 
Infection:URL:Mal
 
Process:C:\Windows\System32\svchost.exe
 
The notifications are all the same and come in pairs(two at a time), I have tried following this guide with no luck (http://necroneurology.hubpages.com/hub/How-to-EASILY-remove-the-svchostexe-Trojan)
 
 
If anyone has anytime to help out I would be really grateful.
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126  BrowserJavaVersion: 10.60.2
Run by k at 0:16:26 on 2014-06-25
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.64.1033.18.3986.1200 [GMT 10:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D... Read more

Answer:"Avast! Web Shield has blocked a harmful webpage or file" constant notifications

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/538830 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

12 more replies
Relevance 55.76%

Hello! Hope I'm in the right place!
 
Last night I was just playing RuneScape and had two safe webpages open, when suddenly my computer restarted on its own for no reason. After restarting, I logged back in and now my Avast! keeps popping up saying that it has blocked a malicious URL, even when I'm not using the internet. Here is what it says:
 
avast! Web Shield has blocked a harmful webpage or file
 
Object: (Various, I will post pictures)
 
Infection: URL:Mal
 
Process: C:\Windows\System32\svchost.exe
 
I have ran Malwarebytes, Rkill, aswMBR, and Avast, all have come up clean except Malwarebytes, I will post my logs for aswMBR and Rkill as I do not know how for Avast! and every time I try to export my log for MBAM it keeps crashing. 
 
This isn't affecting my computer's performance, other than the MBAM thing, but it is very annoying and I hope someone can help me solve this issue. 
aswMBR log: aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-04-17 22:32:39
-----------------------------
22:32:39.365    OS Version: Windows x64 6.1.7601 Service Pack 1
22:32:39.365    Number of processors: 4 586 0x2A07
22:32:39.366    ComputerName: DAVIDSIMON-PC  UserName: David Simon
22:32:41.122    Initialize success
22:32:43.930    AVAST engine defs: 14041703
22:32:56.680    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:32:56.... Read more

Answer:"Avast! Web Shield has blocked a harmful webpage or file" coming up all the time

Hello,
 
 
I think that you have Zekos (Pigeon) on board:
 
 * C:\Windows\System32\rpcss.dll : 515,072 : 11/20/2010 11:24 PM : d8d58144e133b0d429b69671f1300cb2 [NoSig]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll : 512,000 : 11/20/2010 11:24 PM : 5c627d1b1138676c0a7ab2c2c190d123 [Pos Repl]

 
Your topic should be moved to the MRT area where more tools are allowed.
 
 
Regards,
Georgi

18 more replies
Relevance 55.76%

Hello everyone,
 
LighthouseParty had been trying to help me with my problem and suggested that I would post here as he did everything he could to help. Here is our threat link to see what he tried - http://www.bleepingcomputer.com/forums/t/558159/computer-running-slowly-antivirus-constantly-scanning/#entry3555990
 
I have posted my DDS info below. Thanks for anyone who can help.
 
Eric
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17420
Run by mark at 16:46:36 on 2014-12-02
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6051.4343 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\... Read more

Answer:Avast realtime shield constantly pops up infections when connected to internet

Hello and welcome.  Please follow these guidelines while we work on your PC:Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I’ve given you the “All clear.”  Absence of symptoms does not mean your machine is clean!Please do not run any scans or install/uninstall any applications without being directed to do so.Please note that the forum is very busy and if I don't hear from you within five days this thread will be closed.   Please download Farbar Recovery Scan Tool and save it to your desktop.Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

18 more replies
Relevance 55.76%

I have a problem similar to this post ( http://www.bleepingcomputer.com/forums/t/531503/avast-web-shield-has-blocked-a-harmful-webpage-or-file-coming-up-all-the-time/ ) and was hoping for some help.
 
2 or three days ago I started having frequent messages from Avast! about harmful pages. 
Ex. http://tinypic.com/view.php?pic=mt76m0&s=8#.U5n3YfldWSo
 
 
The gist of the message is:
 
Object: hxxp://getmeegan.info/?e=svon&publisher=1091&dd=4&country=US&ind=531952001116606
 
Infection: URL:Mal
 
Process: C:\Windows\System32\svchost.exe
 
Avast! takes me to this page when I click more details on the pop-up: http://tinypic.com/view.php?pic=epoho6&s=8#.U5n4VPldWSo
 
The messages information have been consistent, the same Object, Infection type, and Process.
 
 
My laptop has been fine except I get constant messages from Avast causing me to worry.
 
Thank you for reading this.
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17126  BrowserJavaVersion: 10.55.2
Run by Mumsie at 12:14:48 on 2014-06-12
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files (x86)\Launch Manag... Read more

Answer:"Avast! Web Shield has blocked a harmful webpage or file" coming up frequently

Hello and welcome to Bleeping Computer! My nickname is Pystryker , and I will be helping you with your issue today.Before we get started, I have a few things I need to go over with youIf you are receiving help for this issue at another forum, please let me know so I can close this thread.Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.Please read through my instructions carefully and completely before executing them. I will lay the instructions out in a step by step order to make them easy to follow.Please make sure that all the programs I ask you to download are downloaded to and run from your Desktop.Please make sure you (if you are able) to print out these instructions so that you will be able to refer to them while working on your machine. Part of the solution(s) to your problem may in... Read more

2 more replies
Relevance 55.35%

This is an inconvenient delay, not anything serious. Running Windows 7, if it makes a difference.

Issue: Microsoft Security Essentials auto-updates block Microsoft Updates until MSE is finished.

Description: I have Microsoft Update (or Windows Update, whichever it's known as in 7) set to automatically check for updates but not download or install without my approval. I do this so I can review what's being updated, (I'm a little wary of Microsoft putting an anti-piracy app in as a "critical" update in the last year or two). Anyways, when I boot up the computer, it checks for updates and alerts me of them.

However, Microsoft Security Essentials also auto-checks for updates upon boot, and if it has an update it will automatically being downloading and installing it in the background. Which is all well and good, except whenever that's happening it causes MU to "fail" updates until it's done updating. Thus, I have to remember to wait until the MSE update is done, then run the MU update.

Question: MSE definition updates are included under "Optional" updates in MU, is there a way to make MSE stop updating independent of MU so I can queue all the updates together? I feel like this would be the easiest way to prevent this annoyance. I don't see an option, and I'd rather put up with this annoyance if the only solution is to put all updates back into Microsoft's hands completely.
 

Answer:Microsoft Security Essentials updates blocking other windows updates

My understanding of MSE is it will check several times during the to make it has the latest updates. Most GOOD VA programs will do this as there are several releases daily for AV definitions. This is the only way you and your machine will be aware of these releases.

When some of these attacks happen, a definition is released, but as the infection is refined, the the definition must also be refined and/or improved. I use F-Prot on my machines, but I install MSE on the kids and grand kids machines. I have seen as many as 12 releases in one day from F-Prot, this is what is call" being on top of things".

So I would not want to rely on ME being the one to check several times daily on all of my machines to see if a new release has been made.
 

1 more replies
Relevance 55.35%

I've got something screwy going on with my home WinXP box, and I'm hoping someone here can point me in the direction of a solution to the problem.
I'm running XP Home, Service Pack 2, on a machine with (according to the properties tag) 960MB RAM. I've been running Avast antivirus, and allowing it to update definitions automatically. At the time this incident happened, the most recent update it had acquired was from yesterday morning.
There was a power outage at my house yesterday morning, lasting for ~2 minutes. I powered the system back on after that, and everything appeared to be working; I mention this merely for completeness of information.
The first symptom of my problem occured yesterday afternoon. I heard the little 'ding' sound made by a download finishing, during a time where I had no downloads running, and within a few minutes of this, my system seemed to grind to a halt. Anything I already had running would continue to work, but I couldn't open anything new, including the windows task manager, nor could I get new pages to load in the copy of Firefox I was running. I was planning to visit my parents' house at that point, so I powered the system down and took it with me. I had to manually power the system down (done via the on/off switch just above the power cable socket); the attempt to shut the system down fell victim to the same halt as everything else.
For the record, I may have had Spider Solitare up when I heard the ding, an... Read more

More replies
Relevance 55.35%

I have looking at my network shield in Avast! Pro. I've noticed that whenever I open save file prompt I see http://127.0.0.1.:5357/767aa349-1aa1...-01eb939773ce/ spike.
It does not indicate infection and just goes on, is this stuff normal?

Malwarebytes doesn't see anything wrong. I generally get a http://192.168.1.1:5678/igd.xml spike precedes the 127... spike

Avast boot scan also finds nothing
Typing http://127.0.0.1.:5357/767aa349-1aa1...-01eb939773ce/ into Run gets "Bad Request - Invalid Hostname

HTTP Error 400. The request hostname is invalid."
Can anyone else on Win 7 Home Premium 64-bit try this for themselves?

Open a save file prompt and look at your network shield at the same time and see if that connection or a similar connection shows up.

I don't seem to have any weird issues otherwise.

I have attached the DDS stuff

Answer:Weird spike in Avast network shield whenever opening a save file prompt

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help


Quote:




NOTE: We are aware that users sometimes seek help from several Forums at the same time. Unfortunately, this can cause confusion and actually wastes time and resources - yours, ours and other Volunteers across the community. If you have already posted at another Forum, please advise us, or them, and choose just one.




As this issue is being addressed at the Avast forums, this topic is now closed.

1 more replies
Relevance 54.94%

Hi,
 
For the past... quite a while now... Avast has had a habit of randomly telling me two (2) similar threats have been blocked at once by the web shield. I haven't been keeping a good enough record of these links - svchost.exe was blocked from connecting to the following links in the time it took me to write this post:
http://opticguardzip.net/4242/CutterGeneration_142669100090772.dll (twice)
http://bestdriverstar.net/4242/CutterGeneration_142669100045866.dll
http://alwaysisobar.com/4242/SoftwareLogistics_142667320126881.dll (three times)
http://bestdriverstar.net/4242/RelayDouble_142669497317257.dll (three times)
http://opticguardzip.net/4242/PathGeneration_142669364730906.dll (four times)
 
Avast has picked up no viruses even on boot time scans, similarly MalwareBytes hasn't found anything, system restore won't work, and I'm at the point of considering reformatting the whole machine just to make sure I get rid of whatever it is that is causing this. If there's anything I'm missing that could explain and/or help stop this, I'd really appreciate it.
 
When I ran FRST per the instructions, it had the text pasted below to say in FRST.txt. As per procedure, Addition.txt should be attached.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by User (administrator) on HP-8460P on 05-07-2015 23:13:43
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 7 Ultimate Service Pack 1 (X64)... Read more

Answer:Avast is blocking svchost.exe (yes, yet. another. one)

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===I can only conclude that Avast is doing a good job.There might be some malware letf over that triggers these treats.Lets check it out.===Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. 
start

EmptyTemp:
CloseProcesses:

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-18]
S2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [X]
S2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [X]
S2 ZeroConfigService; "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\BatteryCare\WinRing0x64.sys [X]
C:\Windows\system32\perfh00C.dat
C:\Windows\system32\perfh015.dat
C:\Windows\system32\prfh0416.dat
C:\Windows\system32\perfh00E.dat
C:\Windows\system32\perfh008.dat
C:\Windows\system32\perfh00B.dat
C:\Windows\system32\perfh001.dat
C:\Windows\system32\perfc00E.dat
C:\Windows\system32\perfc015.dat
C:\Windows\system32\perfc00C.dat
C:\Window... Read more

4 more replies
Relevance 54.94%

working on a dell. every time I start-up the computer, avast comes up and blocks a web page because it is infected with malware. I tried to find where it is comming from but it still is being blocked every time i start-up my computer. can anyone help why this is happening and how i can stop it.
 
thanks

Answer:avast blocking web page

OTL Extras logfile created on: 6/14/2014 10:50:50 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\JASON OFFICE\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.92 Gb Total Physical Memory | 6.47 Gb Available Physical Memory | 81.67% Memory free
15.84 Gb Paging File | 14.34 Gb Available in Paging File | 90.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 464.98 Gb Total Space | 413.66 Gb Free Space | 88.96% Space Free | Partition Type: NTFS
 
Computer Name: JASONOFFICE-PC | User Name: JASON OFFICE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C... Read more

7 more replies
Relevance 54.94%

I'm asking this on behalf of my full-time working college student son who doesn't have a lot of time to try and figure out his own problems.Anyway, he recently downloaded and installed Avast anti-virus, and after doing so, has been unable to go to any websites at all. When he turns off Avast and relies on the Vista security features, he has no problem with surfing.Any thoughts?

Answer:Avast is blocking my son from browsing the web

Some AVs simply don't agree with some PCs. Everyones set up is different so the results on how well they work can vary.Try to uninstall Avast and instead install AVG-Free and see if it will allow normal functions.

2 more replies
Relevance 54.94%

Hope it's okk to post this here, if not just delete it. running XP home SP3 on this computer with Avast anti virus and avast is blocking the Tech support guy site from opening, I get a pop up window from avast that says the certifacate is not valid, is there a way to prevent this.
 
Thanks

Answer:Avast is blocking a website

I am a bit of a novice and as such I don't feel I have the knowledge to help you. Just posting here to share my experiences with Avast! (free suite) to say that I got a fair amount of false-positives and even got blocked out of my own profile page on another site on a number of occasions. I tried playing around with the settings, hardened mode etc, but to no avail.
Recently switched back to Windows Defender (in Win10) and use in conjunction with Malwarebytes Anti-Exploit and Zemana Anti-Logger. No false-pozzies any more, all good! I feel I have a pretty good combo going on here, although time will tell, I guess! All seems very light on CPU usage as well....so far so good!
Best of luck with sorting the issues you are having.

4 more replies
Relevance 54.94%

I keep getting popups from Malware Bytes that say "data.rbtfy.com" has been blocked. It's very annoying and I want to make an exception for it so it will stop popping up, but I want to be careful because I don't know what it is. It says it's coming from Avast, my anti-virus. Any ideas on how I should address this?
 
Thank you.

Answer:rbtfy? Avast keeps blocking it

First, read This Topic for allowing Web Exclusions from your program.
Next, follow the directions in This Topic to install a fresh version of Malwarebytes Anti-Malware program.
Next uninstall or disable  Avast antivirus while you scan with ESET Online Antivirus - (See below)Temporarily Disable your Antivirus
Run ESET Online Scanner.
For Internet Explorer users only, hold down Control  (Ctrl) and click on This Link to open ESET OnlineScan in a new window.
Click the ESET Online button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on esetsmartinstaller_enu. to download the ESET Smart Installer. Save it to your desktop.
Double click on the esetsmartinstaller_enu icon on your desktop.
Check "YES, I accept the Terms of Use."
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives and Remove Threats"
Click Advanced settings and select the following:Scan potentially unwanted applications
 Scan for potentially unsafe applications
 Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer.
Please be patient as this will take some time (2 hours is not unusual for a first scan).
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finis... Read more

3 more replies
Relevance 54.94%

I just got a new company email and have it setup via outlook 2003. Avast blocks when Im sending messages and I have to turn it off to use my email. Does anyone know how I can fix this problem? Please keep in mind i am not good with computers.

Answer:Avast Blocking My Email

anyone?

3 more replies
Relevance 54.94%

This has only been happening today and I'm not sure why.
Sometimes when I search something or go to a page, Avast will beep and give me this message:
I haven't downloaded anything new, haven't gone to any weird websites, nothing.
I scanned with MalwareBytes and it came up clean, so I don't know what's going on with it.

Answer:Avast blocking a "Mal" URL and firefox.exe?

It seems Avast is blocking a particular website. See this thread on their forum.https://forum.avast.com/index.php?topic=160071.0

3 more replies
Relevance 54.94%

I get this annoying pop-up every 2 minutes when browsing the internet:

The file is here. Notice its description:

When I try to delete the file, the following happens:

My questions is - what do I do? Is the file infected or is avast simply going nuts? I have the free version of avast and I am using win7.
 

More replies
Relevance 54.94%

I keep getting popups from Malware Bytes that say "data.rbtfy.com" has been blocked. It's very annoying and I want to make an exception for it so it will stop popping up, but I want to be careful because I don't know what it is. It says it's coming from Avast, my anti-virus. Any ideas on how I should address this?

Thank you.
 

More replies
Relevance 54.53%

I have a laptop that I RDP into. The IP addressed changed due to DHCP (I've since locked it down so it wont change again.) After the IP address change, I am no longer able to RDP into the machine. The password is very easy and is only set just so I can RDP. Normally I would bother, but when I first set this up, I was blocked because a password wasn't set.

Now when I try to remote into the laptop, I get "User name or password is incorrect". I've reset the password multiple times and even removed the password, but I can no longer RDP into the laptop. Why? Nothing else has changed, that I am aware of.

Thanks

Daryl

Answer:Vista not accepting password when RDP

Okay, I figured out what I was doing wrong.

I received this laptop from someone else. This person already setup the user and user name (user name is user1). I renamed the user to something friendlier and I was sure that was what I had been using to RDP into the laptop in the past, but perhaps I forgot. I used the name user1 to log in and it worked. Go figure. Hahaha.

Daryl

1 more replies
Relevance 54.53%

Im having a very frustrating issue with Windows Vista. For the past couple of days I have been having issues with logging onto my computer. It would let me logon after many attempts. Today was the worst its been. I have been trying all day to log on and finally just 5 minutes ago and I got to log on.

I currently just tried to remove my password and it wont even let me. It is still telling me that the password that I am entering in is incorrect.

If someone could please help me with resolving this issue it will be truly appreciated. I contacted tech support for my laptop manufacturer (HP) but the only option that I had was to re-install Windows Vista (which would result in me losing files). But like I said I just got to log on and dont plan on logging off until I can get some help. PLZ HELP!!
 

Answer:Vista Not Accepting My Password-HELP PLZ!

Please read the rules.
 

1 more replies
Relevance 54.12%

hi i am having trouble with avast 7 free it is blocking ligitimate sites on 3 of my pcs Chippy

Answer:avast blocking ligitimate sites

Do you mean Web Rep.
Maybe copy and paste one of the sites on here to see if it passes with WOT.

1 more replies
Relevance 54.12%

I can't find anything to help me with this problem so I turn to you MG pros.

AVAST (free edition) started issuing the following popups yesterday 12/11/14 about 7pm et. (this is what is listed when I click show details).

Infection blocked

URL:cdn1.movieroomreviews.com (this part varies)
(other URL's are also blocked but movieroomreviews is the main one)

Infection: URL:Mal

Process: C:\Program Files\Internet Explorer\iexplore.exe

I suspect I ran into some malware but I don't know. I have run MBAM multiple times, CCleaner multiple times, AVAST system scan. Even removed and reinstalled AVAST.

I am sure AVAST is doing it's job properly but the popups are driving me nuts and it seems to get worse later in the day. Any help will be appreciated.
 

Answer:AVAST blocking multiple threats

Welcome to the Malware Removal forum.

Please read ALL of this message including the notes before doing anything.

Please follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide

and attach the requested logs when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.


After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:


If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual update Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
If you cannot seem to login to an infected user account, try using a differen... Read more

20 more replies
Relevance 54.12%

Just installed free 2015 Avast on my SIL's rig. Set it up just like mine which runs great. However, after install cannot send emails from Win Live OR from her iPad. I can understand that Avast could interfere with Win Live as there are many reported cases. But, how could Avast on her PC possibly affect her iPad mail account? Could there be something associated with SSL happening at her router? This problem seems restricted to her Verizon email account as I can add my Verizon email account to her iPad and it works fine through her router. I plan to disable the Avast Mail Shield to see if that helps. Then I will unistall Avast and go back to MS Essentials. Any tips will be greatly appreciated.

More replies
Relevance 54.12%

I inserted an infected flash drive in my laptop and took a pdf from it, then when i removed it avast started to block this file every couple of seconds, this is what it shows :
URL: http://disorderstatus.ru/order.php
Infection:URL:Mal
Process:C:\windows\SysWOW64\msiexec.exe
please help me, i attached my FRST scan with the thread.
 

Answer:Avast keeps blocking msiexec.exe file

This topic will be closed due to presence of pirated content.

Piracy policy
 

1 more replies
Relevance 54.12%

First of all my OS is Windows 8.1, my pc is extremely slow, and Avast keeps saying I have malware. I have scanned with Malwarebytes and Avast and they have not found anything.

Answer:Avast blocking everything, and I have a feeling I have malware

First of all my OS is Windows 8.1, my pc is extremely slow, and Avast keeps saying I have malware. I have scanned with Malwarebytes and Avast and they have not found anything.
Switch the machine to Windows Defender, give it a good & proper cleaning* then, scan (Full) w/ WD.  Remove any unwanted or unneeded programs, as well; including any 'computer tuner-uppers'
* CCleaner, Internet Options & Sage
 
Cheers,Drew
 

 

4 more replies
Relevance 54.12%

9:42 pm eastern time USA
 
Avast is blocking the download of ComboFix, reporting it as Win32:Dropper-gen [Drp]
 
Current Avast signature/engine version is reported as 140922-1.
 
Attempting to download from http://www.bleepingcomputer.com/download/combofix/
 
Download link resolves to http://www.bleepingcomputer.com/download/combofix/dl/12/
 
 

Answer:Avast blocking download of Combofix

This is a false positive by the anti-virus.Certain embedded files that are part of legitimate programs or specialized fix tools such as Combofix may at times be detected by some anti-virus and anti-malware scanners as suspicious, a Risk Tool, Hacking Tool, Potentially Unwanted Program, a possible threat or even Malware (virus/trojan) when that is not the case. This occurs for a variety of reasons to include the tool's compiler, the files it uses, whether files are compressed or packed, what behavior (routines, scripts, etc) it performs, any registry strings it may contain and the type of security engine that was used during the scan. Other legitimate files which may be obfuscated, encrypted or password protected in order to conceal itself so they do not allow access for scanning but often trigger alerts by anti-virus software.When flagged by an anti-virus or security scanner, it's because the program includes features, behavior or files that appear suspicious or which can potentially be used for malicious purposes. Compressed and packed files in particular are often flagged as suspicious by security software because they have difficulty reading what is inside them. These detections do not necessarily mean the file is malicious or a bad program. It means it has the potential for being misused by others or that it was simply detected as suspicious or a threat due to the security program's heuristic analysis engine which provides the ability to detect possible new variants of ma... Read more

3 more replies
Relevance 54.12%

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Pentium(R) CPU 2127U @ 1.90GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 2
RAM: 3983 Mb
Graphics Card: Intel(R) HD Graphics, 1799 Mb
Hard Drives: C: Total - 460856 MB, Free - 385827 MB;
Motherboard: Dell Inc., 0FXP6Y
Antivirus: avast! Antivirus, Updated and Enabled
Of course after I just got help for my sister's laptop, now it seems I'm infected with something. Everytime I open my Google browser I keep getting popups from Avast saying it blocked a harmful webpage. Such as:
homedatastars.co
takethefilenow.co
yourdownloadplace.com
URL:mal
In programs files...chrome.exe

I installed Adware Cleaner and copied and pasted the following report.

# AdwCleaner v3.311 - Report created 10/10/2014 at 02:10:51
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : smorovic - SMOROVIC-PC
# Running from : C:\Users\smorovic\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : 70e6ca8c

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\smorovic\Documents\Online

***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****

Key Deleted : HKCU\Software\BRS
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Dele... Read more

More replies
Relevance 54.12%

I think I had this question in the wrong area so here goes:
i recently was having problems with every part of my laptop it seems and my AVG said all was good but a friend suggested Avast and he was a professor for ITT. I loaded that and Malware Bytes then upgraded to the pay version of both and ran the scans which Malware found several trojans ect. Since then neither has not a one virus or anything in the quarantine areas but constantly I do see a window at the bottom right saying Malware has successfully blocked a incoming threat. when I check the logs here is what I get and it is blocking a outgoing port IP but at the end says Avast.exe are they conflicting with each other?? Please help me determine what's wrong. Here is what is printed 50 plus times on each log and they are rapid fire!
17:31:20 nardcore714 IP-BLOCK 178.218.210.194 (Type: outgoing, Port: 50785, Process: avastsvc.exe)
17:31:21 nardcore714 IP-BLOCK 178.218.210.194 (Type: outgoing, Port: 50788, Process: avastsvc.exe)
17:31:21 nardcore714 IP-BLOCK 178.218.210.194 (Type: outgoing, Port: 50790, Process: avastsvc.exe)
17:31:21 nardcore714 IP-BLOCK 178.218.210.194 (Type: outgoing, Port: 50791, Process: avastsvc.exe)
17:31:21 nardcore714 IP-BLOCK 178.218.210.194 (Type: outgoing, Port: 50792, Process: avastsvc.exe)
17:31:21 nardcore714 IP-BLOCK 178.218.210.194 (Type: outgoing, Port: 50793, Process: avastsvc.exe)
17:31:21 nardcore714 IP-BLOCK 178.218.210.194 (Type: outgoing, Port: 50794, Process: avastsvc.exe)... Read more

Answer:Is my Malware blocking my Avast security?

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList last 10 Event Viewer logList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here.Be sure to restart the computer.The log can also be found here:C... Read more

8 more replies
Relevance 54.12%

Hi
Yesterday I accidentally installed a load of dodgy programs which were apparently bundled in with a free trial of a program I was trying to install. Nosibay Bubble Dock is one of them but I think there are several things going on. I'm getting popups constantly which Avast is identifying as threats and the computer is very slow. I've run Avast scan and it found some problems but the malware shut it down when I tried to clean them. I also installed and ran adwcleaner which identified problems and appeared to allow me to resolve them but the popups and slow down persist - the malware/virus is blocking the software. I'd really appreciate some help. It's Windows 8. Thanks
Ben
 

Answer:Slow, popups, blocking avast

Hello, benus333. Welcome to the forum! My nickname is Nevan and I will be helping you getting your system back on its electronic feet.

Before we get started, please keep these things in mind:

Always read every part of my post carefully. If you don't, you may do something wrong and there could be more problems to solve.
If your security programs give you any warnings when using tools I asked you to, don't be afraid. Every tool I provide to you is 100% safe.
Only run tools that I ask you to. Some of them can be dangerous to your system as they have much power.
You should save or print my instructions. It is possible that we will be using Safe mode, which will cut you off from your internet connection and without access to them, you might be stuck.
Malware removal is a complicated process that takes multiple steps to be completed. Don't give up, be patient.
The tools we are going to use and your software may cause unwanted interactions. Because of that, I recommend you to make backups of any important files from your machine before proceeding as they might be lost.
I recommend you to stay with me until I tell you that we are done. It is important because when your system does not show any bad symptoms anymore it does not mean that it is 100% clean.
Every program I ask you to download should be saved to and run from desktop. If you don't know how to choose the direction of where a download is saved, check this site. You can also just copy these programs to y... Read more

1 more replies
Relevance 54.12%

I dont know really how to explain this... my avast! blocks the same website everytime im surfing on the internet and I NEVER VISIT THIS WEBSITE. It's weird.

Look at the attachment.

I need help!

It's been doing this for a while now.

Thanks You.
 

Answer:Avast keeps blocking a website that I never visit

bumping this thread
 

2 more replies
Relevance 54.12%

OK So I got up this morning, got on my PC, and tried to go to Facebook. Immediately I get a little red box pop up from Avast! saying that it detected a trojan and aborted my connection. Firefox then proceeds to show me a "Connection was reset" page. Awesome right?

Assuming FB was just having issues, I tried going to IMDB.com. Same result. Then YouTube. Same deal. Craigslist works fine, and so does Google, but about 50% of the search results in Google give me the same Avast warning and reset.

Next I thought maybe Avast was catching something that I already had, so I ran an Avast scan and found nothing. Ran Malwarebytes and got rid of 4 infections, none of which were serious. Restarted the computer, opened Firefox, tried to go to Facebook.....same problem.

Then I tried updating the Avast database, thinking maybe it downloaded a new DB overnight with a false positive and it just needed a good update. It did find an update to download, and successfully did so, but the problem persists, so that must not have been it.

What do I do? Any suggestions? Everything was working just fine last night, and nothing has changed between then and now. Any help would be greatly appreciated!
 

Answer:Solved: Avast keeps blocking Facebook, etc

13 more replies
Relevance 54.12%

Upgraded to Vista, have used Symantec Corporate for years, older version of the software, 9 I think. Not vista compatible, and I no longer have access to the latest version.

A couple of weeks ago I tried NOD32. Ran pretty good, fast, but it was buggy, has issues with lots of simultaneous connections and messes with them. Googling I found where people have to turn off parts of it. I'm not paying for something that's glitchy and known not to work 100%. So that got nixed off the list. And I uninstalled it.

Tried Avast. It seems to run good, fdidn't immediately seem like it interfered with my system or performance. But now Remote Desktop is broken... I terminated all of Avast's modules, and I can't remote desktop in from work, or even in from other computers on my local network. These two apps are the only things I've been tweaking with the last few days. Mostly used my home computer for playing Oblivion and SupCom.

Going to be real annoying if I have to reformat to clean them out =(

Those apps had way to much complexity, all kinds of modules and shit, I guess going back to a simple focused AV-only app is best. Symantec v10.2 I think was updated for Vista =( I'm not paying out the ass for a 5pack, why is mexico'ing it the only option they offer.
 

Answer:Avast blocking ports? need new AV software.

I would suggest trying NOD32 again.. and this time, just install it and leave it alone. I've seen all the "tweaks" you refer to, however, in my opinion they are not needed. I have been using NOD32 for quite a while, under Vista, and it works flawlessly for me. I RDC into my home machine from work all the time, and I have yet to have an issue with it.

I personally feel that NOD32 is best just left alone, and I think if you give it another chance, you might actually like it. That's just my advice... that's all.

If that absolutely won't work for you... maybe try AVG? I've used it in the past, and it was... well OK...
 

8 more replies
Relevance 54.12%

Hello
I have a customer who I set up a Vpop3 Enterprise mail server for some time ago.   Its been working fine and they recently updated and paid for the Pro Avast on all computers.  For some reason around the same the mail server stopped recieving any emails.  Also they have one PC that just receives everything directly into an Outlook account and thats not working either.
If you turn off the Mail shield all the emails come flooding in.  Obviously this is not ideal.  Its just possible thier email provider has changed something but they are impossible to talk to. 
I dug around on the Avast site and forum and it seems you need to go into Mail shield settings and Expert settings and turn off SSL encryption but I am a little lost at this stage and dont want to start turning things on or off until I know what the implications are.
I hope someone can perhaps offer me some advice on this.
Thanks
 

Answer:Avast Pro blocking incoming emails

I see you have also started a topic here at the avast forms and have been receiving some suggestions. The last one was a link to enabling the Mail Shield SSL scanning when encountering issues after an upgrade.You also mentioned contacting Avast support and nothing...does that mean you submitted a ticket and they never answered you or did not provide any useful information?If you did not hear anything, how long ago did you submit your ticket?I'm not sure how many or if any BC members use Vpop3 Enterprise mail server with avast so you may not get many suggestions here. Same goes at the avast forums since most of their folks are also volunteers and may not have actual hands on experience. Looking around the forums I found several similar topics from last year but no one appeared to get a satisfactory answer so I suspect they don't know either.I would keep pestering avast Tech Support until you receive a satisfactory answer. In the meantime I will also poke around some more and see if I can find any further information that addresses your issue.

5 more replies
Relevance 54.12%

i recently was having problems with every part of my laptop it seems and my AVG said all was good but a friend suggested Avast and he was a professor for ITT. I loaded that and Malware Bytes then upgraded to the pay version of both and ran the scans which Malware found several trojans ect. Since then neither has not a one virus or anything in the quarantine areas but constantly I do see a window at the bottom right saying Malware has successfully blocked a incoming threat. when I check the logs here is what I get and it is blocking a outgoing port IP but at the end says Avast.exe are they conflicting with each other?? Please help me determine what's wrong.
Thank you

Answer:Is my Malware blocking my Avast security?

Simple answer to your question.. yes they are conflicting with eachother. It is only recommend to have ONE live scanner on your computer. I would suggest removing AVG, Avast and keeping the paid version of MBam as your antivirus since it provides active security.

4 more replies
Relevance 54.12%

I extremely often get a avast message saying malicious site blocked even when I didnt go to it.
It says the object came from 199.80.55.19/go.php?uid=47196&suid=179829&data=xgxft2HDjxUP
Infection: URL:Mal
Action: Blocked
Process: c:\windows\system32\svchost.exe
nothing bad has happened except its really annoying. I dont know if someone is trying to communicate with my computer with bad intentions, or its a random act of bad intentions.
My hijackthis log said this: (I didnt stop any programs and I didnt stop avast because its the only thing stopping me from the malware to activate, so if i was supposed to stop any programs, i didnt)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:41:37 PM, on 4/10/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19019)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows&... Read more

Answer:Avast keeps blocking Malware Site

Nevermind I removed it by first downloading the new service pack for vista, using ATF cleaner, then using a program i found on here called aswMBR and it scanned for the virus, removed it, then when I rebooted using malwarebytes, (a malware scanning removing tool) and removed a file in my application data folder.
Now im clean.
Supposably I had some sort of fake alert virus, and a rootkit malware/trojan i forgot what it was.

2 more replies
Relevance 53.71%

Hello all,
My computer with vista home premium is only about 2 months old.
It was passworded multiple times during that time.
Now when i start it, it goes past the first screen where it checks for RAM and such and goes to a black screen with a white box asking for me to enter password.
I've tried every password ever used on it but nothing works
any help given would be good.

thanks
 

Answer:Windows Vista not accepting password

Sorry. Please read the rules.
 

1 more replies
Relevance 53.71%

Anyone else getting this? I've tried everything available and been everywhere Online, and I can't find an answer. Win 7 won't open .msu files, even from Command Prompt. Yet, a freebie software, 360, can use Win Update to Download Security Updates and get Windows to Install and Configure them.

More replies
Relevance 53.71%

Hello, I'm new to forum.  I've noticed in last day or two that Avast reports on wakeup that it's blocking URL:Mal 6 or 7 times while I'm typing in my password to get to my start screen.
 
I'm running windows 8.1.  Avast 2015.
 
I did a full scan with Avast, a root scan with reboot overnight, but that didn't seem to remove the issue.
 
I've installed a few programs to find the malware:
Spybot-S&D
Malwarebytes Anti-Malware
SuperAntiSpyware
 
Everything I've run or tried hasn't eliminated the behavior.  I'm hoping someone here can help.
 
Thanks in advance.

Answer:Avast blocking URL:Mal several times on system wakeup

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scr... Read more

8 more replies
Relevance 53.71%

Hello
 
A customer brought in a laptop that was infested with quite a few PUPs, torjans, viruses, adware and just about everything else.
 
I have removed all the PUPs using a combination of adwcleaner, JRT, Malwarebytes and Avast and Trend Micro's House Call. Anything left over was removed using Revo uninstaller.
 
I then perfromed the Windows 8.1 update.
 
At this point I wanted to run the AVG rescue disk, but this laptop doesn't have an optical drive. I have a copy on a USB flash drive, but even though I get the UEFI to allow booting from a USB device, it keeps refusing to boot from the flash drive. At this point I'm not sure if it's the drive or the computer causing this.
 
The problem is that, even though the computer works perfectly, Avast keeps reporting that it has blocked malware. It seems to be outgoing attempts to contact assorted websites, and I'm really not sure if these are false positives or a legitimate function.
 
For example: (don't click these links)
 
hxxp://bestdriverstar.net/4242/segmentsustainer_142667093542149.dll (Process svchost.exe)
 
hxxp://anythicago.com/4242/seekerinstance_142666919466027.dll (missed the process on this one)
hxxp://simplesitescan.net/4242/softwareForce_142669433532350.dll (Process c:\windows\system32\svchost.exe
 
They all follow the same pattern of Avast going "ding-ding-ding" Threat has been detected, and then a window will pop up showing it blocked an attempt at outside communication... Read more

Answer:Avast reports blocking outgoing URL attempts Win 8.1

Just started getting the exact same thing on my win 8.1 lappy today (I also run Avast and am getting the "dingdingding" with those same sites). Ran Malwarebytes found a PUP and I removed it, but problem not solved. Laptop is almost brand new.

6 more replies
Relevance 53.71%

I downloaded Malware bytes, ran that, downloaded tddkiller, but that would not run. so I downloaded conbofix and that has completed successfully and it did fnd an llm trojan. I also upgraded my jdk to 6. But when I open ie 8 ( i reloaded that , too) I still get messages that avast bis blocking svchost.exe.

I am lost and need help please.

Here is the hijack this:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:45:20 PM, on 4/23/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bo... Read more

Answer:Ran combo fix and Avast is still blocking malicious url svchost.exe

Good evening. As HijackThis has not been seriously updated by Trend Micro in some time, it is now no longer considered to be an effective tool for malware removal. You will need to go here, follow steps 6, 7 and 8 and post accordingly into this thread.

4 more replies
Relevance 53.71%

Yesterday I got a popup screen for Microsoft Security Essentials Alert.
It said I had an Unknown Win32/Trojan and the computer would not shut down. It also would not let me bring up the task manager.

I was able to start in safe mode and restore to October 31. It appears that this got rid of the Microsoft Security Essentials Alert.

I'm getting browser redirects and Avast keeps blocking malicious URL attempts. These involve svchost.exe.

My data is backed up and I have restore disks, but they're from 2008

I'm running Windows XP, version 2002, Service Pack 3.

Thanks for your help,
Dan

Answer:Browser redirects and AVAST blocking svchost.exe

Hello,Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic360316.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.Please be patient. It may take several days to get a response but your log will... Read more

1 more replies