Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Hosts File Hijacked and Browser Re-Directs - Need help pls

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Hosts File Hijacked and Browser Re-Directs - Need help pls

Unread postby retrogamer123 » April 22nd, 2011, 7:40 am

Hi, I'm having an issue with my Hosts File as when I try to manually update it and save, a Windows Defender popup displays instantly about a hostshijack and everytime I try to remove the issue, it never goes away. Some websites are constantly re-directed. Before I format, I'd try to get some help if possible. Thanks and here are the logs:

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Administrator at 8:33:28.83 on 22/04/2011
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_13
Windows Windows Vista™ Extreme Edition 6.0.6001.1.1252.2.1033.18.1278.453 [GMT -3:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\ehome\ehsched.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Google\Update\1.3.21.53\GoogleCrashHandler.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Administrator\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [PlayNC Launcher]
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [CloneCDTray] "c:\program files\slysoft\clonecd\CloneCDTray.exe" /s
mRun: [TrayServer] c:\program files\magix\movie_edit_pro_14_plus_download_version\TrayServer.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableInstallerDetection = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/200 ... oader5.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/v ... .2.4.1.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\puresp.dll
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll
STS: Stardock Vista ControlPanel Extension: {ec654325-1273-c2a9-2b7c-45d29bce68fd} - c:\progra~1\stardock\object~1\desksc~1\DesktopControlPanel.dll
STS: Deskscapes Class: {ec654325-1273-c2a9-2b7c-45d29bce68fb} - c:\progra~1\stardock\object~1\desksc~1\deskscapes.dll
STS: StardockDreamController: {ec654325-1273-c2a9-2b7c-45d29bce68ff} - c:\progra~1\stardock\object~1\desksc~1\DreamControl.dll
STS: AveVistaBackgroundFolder Class: {73526e5a-fd53-4be7-b5e2-d3c89d7413dc} - c:\windows\system32\branding\folderbg\VistaFolderBackground.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 www.avast.com
Hosts: 127.0.0.1 www.avg.com
Hosts: 127.0.0.1 www.bitdefender.com
Hosts: 127.0.0.1 www.eset.com
Hosts: 127.0.0.1 www.f-secure.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\admini~1\appdata\roaming\mozilla\firefox\profiles\3525dkbi.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - www.google.ca
FF - prefs.js: keyword.URL - hxxp://ca.search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - component: c:\program files\google\google gears\firefox\lib\ff30\gears.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
FF - plugin: c:\users\administrator\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Mega Manager Integration: {40a1f5d7-afc2-498f-b264-02668d616ff6} - %profile%\extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Google Gears: {000a9d1c-beef-4f90-9363-039d445309b8} - c:\program files\google\google gears\Firefox
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [2009-11-10 14976]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
.
=============== Created Last 30 ================
.
2011-04-22 11:10:19 7071056 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{ed81dac4-003f-459b-935f-563e23885b1d}\mpengine.dll
2011-04-22 10:42:50 102400 ----a-w- c:\windows\RegBootClean.exe
2011-04-22 02:40:37 388096 ----a-r- c:\users\admini~1\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-04-22 02:40:31 -------- d-----w- c:\program files\Trend Micro
2011-04-22 02:22:09 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-04-12 02:00:31 -------- d-----w- C:\LAME
2011-04-02 10:57:59 -------- d-----w- c:\program files\TagRename
.
==================== Find3M ====================
.
.
============= FINISH: 8:35:14.95 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Windows Windows Vista™ Extreme Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 07/08/2008 11:31:35 PM
System Uptime: 20/02/2011 6:11:08 PM (1454 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P4P800-VM
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | CPU 1 | 2992/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 1.865 GiB free.
D: is CDROM (UDF)
E: is FIXED (NTFS) - 5 GiB total, 2.776 GiB free.
F: is FIXED (NTFS) - 39 GiB total, 0.952 GiB free.
G: is FIXED (NTFS) - 31 GiB total, 1.869 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Hosts File Hijack ======================
.
Hosts: 127.0.0.1 www.avast.com
Hosts: 127.0.0.1 www.avg.com
Hosts: 127.0.0.1 www.bitdefender.com
Hosts: 127.0.0.1 www.eset.com
Hosts: 127.0.0.1 www.f-secure.com
Hosts: 127.0.0.1 www.grisoft.com
Hosts: 127.0.0.1 www.kaspersky.com
Hosts: 127.0.0.1 www.mcafee.com
Hosts: 127.0.0.1 www.microsoft.com
Hosts: 127.0.0.1 www.pandasecurity.com
Hosts: 127.0.0.1 www.sophos.com
Hosts: 127.0.0.1 www.symantec.com
Hosts: 127.0.0.1 www.trendmicro.com
Hosts: 127.0.0.1 www.viruslist.com
Hosts: 127.0.0.1 www.virustotal.com
.
==== Installed Programs ======================
.
.
2007 Microsoft Office Suite Service Pack 1 (SP1)
7-Zip 4.57
abgx360 v0.9.4
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Premiere Elements 7.0
Adobe Premiere Elements 7.0 Templates
Adobe Reader X (10.0.1)
Aion
Apple Application Support
Apple Mobile Device Support
Apple Software Update
µTorrent
Audacity 1.2.6
AutoUpdate
Bejeweled 3
Bejeweled Blitz
Big Fish Games Client
Bonjour
Candy Ball
Cassandras Journey The Legacy of Nostradamus
CloneCD
CompuApps SwissKnife V3
DeskScapes
DivX Codec
DivX Version Checker
Fabulous Finds
Facebook Plug-In
FINAL FANTASY XI
FINAL FANTASY XI: Chains of Promathia
FINAL FANTASY XI: Rise of the Zilart
FINAL FANTASY XI: Treasures of Aht Urhgan
FINAL FANTASY XI: Wings of the Goddess
Firebird SQL Server - MAGIX Edition
Fraps (remove only)
Free M4a to MP3 Converter 6.1
Fun & Learning - Puzzles & Challenges
Google Gears
Google Toolbar for Internet Explorer
Google Update Helper
Haunted Hotel II: Believe the Lies
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iClone 2 SE for Magix
Ikibago The Caribbean Jewel
InterVideo DeviceService
iTunes
Java(TM) 6 Update 13
Java(TM) 6 Update 7
LimeWire 4.18.5
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.0.19)
Mp3tag v2.46a
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery P.I.: The New York Fortune
Native Instruments Service Center
Native Instruments Traktor
NCsoft Launcher
NetZero Internet and Voice Offer
Peggle Nights Deluxe
PlayOnline Viewer & Tetra Master
Pure Networks Network Magic
QuickTime
Road to Riches
Season Match 2
Security Update for 2007 Microsoft Office System (KB2277947)
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB969682)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office Outlook 2007 (KB980376)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Word 2007 (KB2251419)
SmartSound Quicktracks for Premiere Elements
SqrSoft® Advanced Crossfading (remove only)
Steam
Tag&Rename 3.5.7
Total Video Converter 3.14 08113
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb973514)
VC80CRTRedist - 8.0.50727.762
Virtual DJ - Atomix Productions
Winamp
Winamp Detector Plug-in
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
WinRAR archiver
Xvid 1.1.3 final uninstall
.
==== Event Viewer Messages From Past Week ========
.
22/04/2011 8:34:12 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Capture Device Service service.
21/04/2011 9:37:10 AM, Error: atikmdag [45062] - CRT invalid display type
17/04/2011 9:44:38 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer GREYSKULL that believes that it is the master browser for the domain on transport NetBT_Tcpip_{CFDB7D9A-D465-4579-8324-1BB566A2. The master browser is stopping or an election is being forced.
17/04/2011 7:44:14 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
17/04/2011 7:10:22 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.10.103 for the Network Card with network address 0011D8126D51 has been denied by the DHCP server 192.168.10.1 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================
retrogamer123
Active Member
 
Posts: 1
Joined: April 22nd, 2011, 7:35 am
Advertisement
Register to Remove

Re: Hosts File Hijacked and Browser Re-Directs - Need help p

Unread postby Carolyn » April 23rd, 2011, 12:31 pm

Hello and Welcome to the forums!

My name is Carolyn and I'll be glad to help you with your computer problems.

Please do not run any other tool until instructed to do so!
Please reply to this thread, do not start another!
Please tell me about any problems that have occurred during the fix.
Please tell me of any other symptoms you may be having as these can help also.
Please try as much as possible not to run anything while executing a fix.

If you follow these instructions, everything should go smoothly.

=============================

Download and Run a Diagnostic Tool (MGADiag.exe) from here and save this to your desktop.
http://go.microsoft.com/fwlink/?linkid=56062
* Double-click on MGADiag.exe
* When the program has finished, click on the Validation tab and then click on Copy to Clipboard.
* Please post the results in your next reply.

=============================

Download CKScanner from here
Important - Save it to your desktop.
Doubleclick CKScanner.exe and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

=============================

Please post the results of both scans in your next reply.
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: Hosts File Hijacked and Browser Re-Directs - Need help p

Unread postby Carolyn » April 27th, 2011, 6:02 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 31 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware