Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't open windows update and Internet Explorer redirects.


  • Please log in to reply
4 replies to this topic

#1 Rob81

Rob81

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:10:33 AM

Posted 28 April 2010 - 06:18 PM

Hello I am having a problem loading the windows update page. Whenever I try to open it, it tells me "internet explorer cannot display the webpage" and I also get redirected to different websites then the ones that I click on when I do a search in google. I recently ran Malwarebytes, Super AntiSpyware and AVG and erased a whole bunch of Trojans and such spyware. I have ran scans and everything now comes up clean and the computer is running good, I just have this problem still. Any help??

Thanks, Rob

Edited by Pandy, 28 April 2010 - 07:01 PM.
Moved from Windows XP Home and Pro to a more appropriate forum ~Pandy


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:02:33 PM

Posted 28 April 2010 - 06:29 PM

Do you have the logs from those scans?

#3 Rob81

Rob81
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:10:33 AM

Posted 28 April 2010 - 06:44 PM

All that I have are the malwarebytes scans.

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 4043

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

4/28/2010 9:08:29 AM
mbam-log-2010-04-28 (09-08-29).txt

Scan type: Full scan (C:\|)
Objects scanned: 151772
Time elapsed: 36 minute(s), 54 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 9

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\_voidwtspkyxmbp (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\_VOIDd.sys (Rootkit.TDSS) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\WINDOWS\_VOIDwtspkyxmbp (Rootkit.TDSS) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\_VOIDaagilrdkte.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_VOIDkxodspcxtb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_VOIDlpdpmceblv.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_VOIDuufbcppuoq.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\rcvomt.sys (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\_VOIDwtspkyxmbp\_VOIDd.sys (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_VOIDupndavriwf.dat (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_VOIDvcnoqhxwxq.dat (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\_VOID412a.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 4043

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

4/28/2010 4:05:17 AM
mbam-log-2010-04-28 (04-05-17).txt

Scan type: Full scan (C:\|)
Objects scanned: 154038
Time elapsed: 37 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\_VOID (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\_VOIDd.sys (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Paladin Antivirus (Rogue.PaladinAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Paladin Antivirus (Rogue.PaladinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 93.188.164.12,93.188.166.116 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{195af6fc-2195-40b5-b006-2f7443d1ee76}\NameServer (Trojan.DNSChanger) -> Data: 93.188.164.12,93.188.166.116 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7dbb92c1-ac5c-496f-aa0e-7757519d61a5}\NameServer (Trojan.DNSChanger) -> Data: 93.188.164.12,93.188.166.116 -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\spool\prtprocs\w32x86\00001089.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Favorites\_favdata.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\010112010146116101.xxe (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\0101120101464855.xxe (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\010112010146101105.rx (Malware.Trace) -> Quarantined and deleted successfully.

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:02:33 PM

Posted 28 April 2010 - 06:54 PM

I would advise you to visit the following forum: Malware and Virus Removal Forum and follow the preparation guide.

#5 Rob81

Rob81
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:10:33 AM

Posted 28 April 2010 - 08:23 PM

Done!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users