Jump to content

Hijack.WindowsUpdate


Recommended Posts

Hi, as advised I am starting new post w all required logs to find solution for this.

Malware finds and deletes Hijack.WindowsUpdates but it always comes back after restarting. Also, there is multiple iexplore.exe in task manager even if iexplorer is closed. Don't know if it is connected. last virus found by F_secure was Gen:Variant.Kazy.6148

Thanks in advance !

LAST DDS:

DDS (Ver_10-12-12.02) - NTFSx86

Run by Farka

Attach_ark.rar

DDS.txt

mbam_log_2010_12_26__20_00_37_.txt

Link to post
Share on other sites

  • Staff

Hi,

First of all, your version of Malwarebytes is way outdated. Please update malwarebytes to the latest version.

Then,

1) Open notepad and copy and paste next present in the quotebox below in it:

(don't forget to copy and paste REGEDIT4)

REGEDIT4

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Save this as fix.reg Choose to save as *all files and place it on your desktop.

It should look like this: reg.gif

Doubleclick on it and when it asks you if you want to merge the contents to the registry, click yes/ok.

2) Then, go to start > run and copy and paste the following commands one by one and hit enter after each of them:

sc delete NetDDELmHosts

sc delete COMSysAppWmiApSrv

sc delete ati8ltxx

sc delete ati4wfxx

sc delete ati2emxx

sc delete ati1kuxx

sc delete ati1dlxx

3) Then, Please download and run WUS_Fix.exe: http://users.telenet.be/marcvn/tools/WUS_Fix.exe

This should restore the default registry settings related with BITS and Automatic updates.

Let me know if that fixed your problem.

Link to post
Share on other sites

Thank u very much 4 ur time, Mieke

I did everything as u advised.

When I rebooted, it went to install 84 updates, because this malware was obviously blocking automatic update.

MalwareBytes and F-secure now finds no malware, BUT-

still there is a problem with multiple iexplore.exe in task manager. It starts everytime I open a browser, and it hangs on when I quit it, taking memory and cpu resources.

So, after that I removed IE8 and replaced it w Safari, but computer was still slow, now safari itself would take too much resources, and some of the sites wouldn't work because of missing plug-ins. I switched back to IE7, thinking with deinstalling it might have gone away, but- the same problem comes up (multiple iexplore.exe). Then I tried to upgrade back to IE8, but it couldn't cos it said running OS does not suppport chosen (Croatian) language. This was fine before, so it is something new.

I googled this problem, and saw many were having it. They recommend different soultions and other programs, but since I started here, I would like to stay here untill it is solved.

Waiting for ur input,

Best regards and happy new year with no malware in computers, work or private life!

Link to post
Share on other sites

  • Staff

Hi,

When you use IE7 or IE8, it is totally normal to have multiple processes of iexplore.exe in your taskmanager.

Also see here: http://www.winhelponline.com/blog/multiple...net-explorer-8/ so you really don't have to worry about that.

It's the way how Internet explorer manages tabs and crashes now. You'll see the same behavior in google chrome for example.

If your IE is hogging CPU, it's in most cases caused by a buggy add-on, so the only way to find out is to run IE in the no add-on mode.

To run Internet Explorer 8 without Add-ons, rightclick the IE8 icon present on your desktop and select: "Start without Add-ons"

ie7noaddons1.gif

In case that option is not present there, go to start > All Programs > Accessories > System Tools > Internet Explorer (No Add-ons)

ie7noaddons2.gif

This will start Internet Explorer 8 in the No-Add ons mode. This means that toolbars and Browser Helper Objects will be disabled.

So if your problem is solved when you use the No-Add on mode, this means that one of your Add ons is causing this.

Let me know if your problem is solved in the No-Add on mode.

In some cases, even though the add-ons are disabled, IE may still hog cpu (as it happens in my case). That's why I switched to use another browser instead of IE.

Link to post
Share on other sites

Thank u 4 ur reply.

But should multiple instances of iexplore.exe be running in Task manager, even if I close the program (all active windows of i-explorer that I have opened?)

What happens at my computer is that every time I close one opened internet explorer, it keeps running in TM. So if I open the program (and close it) 6 times in one afternoon, it will run 7 times when I open it again!

I will try no add-on mode and post results, but I am heading for round trip in Europe for 8 days and will come back on 11.jan (I am not taking my computer). Please dont close the post untill I return.

Best regards, obichni

Link to post
Share on other sites

  • 2 weeks later...
Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.