Windows Security Center won't open and Browser Redirect

Status
Not open for further replies.

darrens

New Member
Thread author
Verified
Mar 18, 2013
26
I've never done any registry editing before, but if you walk me through it, I don't have any problem with it.
 

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Backup the registry using Registry Editor
  1. Please press the Windows key and R key on your keyboard together.
  2. Now you will get a Run window.
  3. Inside that Run Windows type REGEDIT and press on Ok.
  4. Now your will get a Registry Editor window.
  5. Inside that Registry Editor Select the My Computer in the Left Panel and press on File Menu and Presson Export.
  6. It will ask you where do you want to save this file.
  7. Save that file on your C drive with a name RegistryBackUp.reg

Please be very careful. If something wrong happen it may make your computer unstable.



Now go to the location HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options and click on File Menu and Press on Export.
It will ask you where do you want to save this file.
Save that file on your C drive with a name Image File Execution.reg and upload this Image File Execution .reg file in your next replay.....
 

darrens

New Member
Thread author
Verified
Mar 18, 2013
26
Okay, that was no problem. I've attached the ImageFileExecution registry file.
 

Attachments

  • Image File Execution.reg
    5 KB · Views: 127

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Okay..... Which Antivirus Program you would like to use in the Future? MSE or Avast?
 

darrens

New Member
Thread author
Verified
Mar 18, 2013
26
I think I would rather use MSE. It's just what I've always used. Which do you think is better?
 

kuttus

Level 2
Verified
Oct 5, 2012
2,697
I also recommend you to switch your antivirus program to a better one. Here are some suggestions:

In addition to your antivirus, you need additional protection such as a firewall and behavioural blocker.


Here are only a few suggestions that will improve your system security. Should you wish to allow us to make full recommendations and set your PC up with maximum security, please start a thread here. Our community of PC enthusiasts and experts will give you feedback and help you secure your system from future malware infections.

 

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Okay Cool..... So I think there is no need to install MSE.... Same the are you facing any other issues on the computer right now?
 

darrens

New Member
Thread author
Verified
Mar 18, 2013
26
I am fine with using Avast and Comodo, since MSE will still not run. I have to think though that it is not opening due to a virus or malware that is still present.

Also, my computer is still being redirected any time I do a search and click on a link. That has not changed.
 

kuttus

Level 2
Verified
Oct 5, 2012
2,697
STEP 1: Run the below OTL fix
<ol><li>Start <>OTL.exe</></li>
<li>Copy/paste the following text written <>inside of the code box</> into the <>Custom Scans/Fixes</> box located at the bottom of OTL
Code:
:OTL
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 128.200.1.201 128.200.192.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{524E062C-E61B-419D-91C5-24E89549DB3C}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0F9955B-CC2F-4B9F-9D61-9B8EF3FCCD64}: DhcpNameServer = 128.200.1.201 128.200.192.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0F9955B-CC2F-4B9F-9D61-9B8EF3FCCD64}: NameServer = 8.26.56.26,156.154.70.22
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found

:commands
[emptytemp]
[reboot]
<>NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system</></li>
<li>Then click the <>Run Fix</> button at the top</li>
<li>Let the program run unhindered, reboot when it is done</li>
<li>Attach the new log produced by OTL (C:\_OTL)</li>
</ol>

<hr />
 
Last edited by a moderator:

darrens

New Member
Thread author
Verified
Mar 18, 2013
26
I ran the OTL fix then rebooted, and here is the new log.
 

Attachments

  • OTL3.txt
    4.8 KB · Views: 98

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Send me one more fresh OTL Log and check how's the browsers working now.....
 

darrens

New Member
Thread author
Verified
Mar 18, 2013
26
I ran OTL one more time and here is the latest log.

After running the last OTL fix, I tried a bunch of links and the first few worked fine. But then I started getting redirected again. First to a monster.com promotional website then to various other ones.
 

Attachments

  • OTL4.txt
    153.4 KB · Views: 106

kuttus

Level 2
Verified
Oct 5, 2012
2,697
STEP 1: Run the below OTL fix
<ol><li>Start <>OTL.exe</></li>
<li>Copy/paste the following text written <>inside of the code box</> into the <>Custom Scans/Fixes</> box located at the bottom of OTL
Code:
:OTL
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 128.200.1.201 128.200.192.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0F9955B-CC2F-4B9F-9D61-9B8EF3FCCD64}: DhcpNameServer = 128.200.1.201 128.200.192.202
:commands
[emptytemp]
[reboot]
<>NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system</></li>
<li>Then click the <>Run Fix</> button at the top</li>
<li>Let the program run unhindered, reboot when it is done</li>
<li>Attach the new log produced by OTL (C:\_OTL)</li>
</ol>
<hr />

Now before rebooting the computer press on Windows Key and R key together on your keyboard...... Now you will get Run window. Inside that one type NCPA.CPL and press on Ok...Now you can see Network Connections

  • To change the settings for an Ethernet connection, right-click Local Area Connection, and click Properties.
  • To change the settings for a wireless connection, right-click Wireless Network Connection, and click Properties.

Select the Networking tab. Under This connection uses the following items, select Internet Protocol Version 4 (TCP/IPv4) and then click Properties.

Click Advanced and select the DNS tab. If there are any DNS server IP addresses listed there, write them down for future reference, and remove them from this window.

Click OK.

Select Use the following DNS server addresses. If there are any IP addresses listed in the Preferred DNS server or Alternate DNS server, write them down for future reference.


Replace those addresses with the IP addresses of the Google DNS servers:
8.8.8.8 and/or 8.8.4.4.

Press on Apply & Ok.

Now reboot the computer......

[attachment=3999]
 

Attachments

  • 1.PNG
    1.PNG
    30.6 KB · Views: 108
Last edited by a moderator:

darrens

New Member
Thread author
Verified
Mar 18, 2013
26
I ran the latest OTL fix and changed to the Google DNS server, but after rebooting I was still being redirected.

Here is the newest OTL log.
 

Attachments

  • OTL5.txt
    3.9 KB · Views: 86
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top