Hi, For some reason my main PC cannot access Google or Facebook + some other ramdon sites, I get a msg saying "Bad Request (Invalid Hostname" or redirected to "Microsoft Security Center Alert : Your computer have been attacked by spyware or viruses! Please download AntiSpyware to fix. Download AntiSpyware Now" though the address bar still reads "http://www.google.co.uk/" I can access them from the laptop through the same hub/router & I even changed antivirus-firewall in case that was the problem but no joy. Would appreciate any help or suggestions. Kind regards Baydon. I'm not a technophobe. The machines just don't like me.

Please download Malwarebytes' Anti-Malware from one of these sites: MalwareBytes1 MalwareBytes2 1. Double Click mbam-setup.exe to install the application. 2. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. 3. If an update is found, it will download and install the latest version. 4. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. 5. When the scan is complete, click OK, then Show Results to view the results. 6. Make sure that everything found is checked, and click Remove Selected. 7. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately. 8. The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. 9. Copy&Paste the entire report in your next reply. Please download and install the latest version of HijackThis v2.0.2: Download the "HijackThis" Installer from this link: Hijack This 1. Save " HJTInstall.exe" to your desktop. 2. Double click on HJTInstall.exe to run the program. 3. By default it will install to C:\Program Files\Trend Micro\HijackThis. 4. Accept the license agreement by clicking the "I Accept" button. 5.Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log. 6. Click "Save log" to save the log file and then the log will open in Notepad. 7. Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log. 8. Paste the log in your next reply. 9. Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.

As well to add, turn off system restore before you do a Malwarebyte scan and lastly upgrade to SP3. Weaseling out of things is important to learn. It's what separates us from the animals ... except the weasel. ~Homer Simpson~

Hi, I did as you said and here are the reports. I'm still blocked from sites though... Malwarebytes' Anti-Malware 1.30 Database version: 1387 Windows 5.1.2600 Service Pack 2 12/11/2008 09:34:49 mbam-log-2008-11-12 (09-34-49).txt Scan type: Quick Scan Objects scanned: 48148 Time elapsed: 31 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) And.... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:35:52, on 12/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\Explorer.exe E:\WINDOWS\system32\spoolsv.exe E:\WINDOWS\system32\RUNDLL32.exe E:\WINDOWS\StartupMonitor.exe E:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe E:\Program Files\HP\HP Software Update\HPWuSchd2.exe E:\WINDOWS\system32\rundll32.exe E:\Program Files\Common Files\Real\Update_OB\realsched.exe E:\WINDOWS\system32\nvsvc32.exe E:\WINDOWS\system32\HPZipm12.exe E:\WINDOWS\system32\PnkBstrA.exe E:\Program Files\BitDefender\BitDefender 2008\bdagent.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe E:\WINDOWS\system32\ctfmon.exe E:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe E:\Documents and Settings\karl\My Documents\Trans\Utility Programs\Free Ram Booster\FreeRAM XP Pro 1.40.exe E:\Program Files\BitDefender\BitDefender 2008\vsserv.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Mozilla Firefox\firefox.exe E:\Documents and Settings\karl\My Documents\Downloads\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?Lin... R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?Lin... R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?Lin... R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Lin... O1 - Hosts: 204.16.197.121 www.yahoo.com O1 - Hosts: 204.16.197.121 www.google.com O1 - Hosts: 204.16.197.121 www.myspace.com O1 - Hosts: 204.16.197.121 www.youtube.com O1 - Hosts: 204.16.197.121 www.facebook.com O1 - Hosts: 204.16.197.121 www.live.com O1 - Hosts: 204.16.197.121 www.msn.com O1 - Hosts: 204.16.197.121 www.wikipedia.org O1 - Hosts: 204.16.197.121 www.ebay.com O1 - Hosts: 204.16.197.121 www.aol.com O1 - Hosts: 204.16.197.121 www.craigslist.org O1 - Hosts: 204.16.197.121 www.blogger.com O1 - Hosts: 204.16.197.121 www.go.com O1 - Hosts: 204.16.197.121 www.amazon.com O1 - Hosts: 204.16.197.121 www.cnn.com O1 - Hosts: 204.16.197.121 espn.go.com O1 - Hosts: 204.16.197.121 www.espn.com O1 - Hosts: 204.16.197.121 www.photobucket.com O1 - Hosts: 204.16.197.121 www.microsoft.com O1 - Hosts: 204.16.197.121 www.comcast.net O1 - Hosts: 204.16.197.121 www.imdb.com O1 - Hosts: 204.16.197.121 www.wordpress.com O1 - Hosts: 204.16.197.121 www.nytimes.com O1 - Hosts: 204.16.197.121 www.weather.com O1 - Hosts: 204.16.197.121 www.ask.com O1 - Hosts: 204.16.197.121 www.aim.com O1 - Hosts: 204.16.197.121 www.apple.com O1 - Hosts: 204.16.197.121 www.mapquest.com O1 - Hosts: 204.16.197.121 www.youporn.com O1 - Hosts: 204.16.197.121 www.fastclick.com O1 - Hosts: 204.16.197.121 www.pornhub.com O1 - Hosts: 204.16.197.121 www.rapidshare.com O1 - Hosts: 204.16.197.121 www.pogo.com O1 - Hosts: 204.16.197.121 www.redtube.com O1 - Hosts: 204.16.197.121 www.doubleclick.com O1 - Hosts: 204.16.197.121 www.att.com O1 - Hosts: 204.16.197.121 www.adobe.com O1 - Hosts: 204.16.197.121 www.vnn.com O1 - Hosts: 204.16.197.121 www.sportsline.com O1 - Hosts: 204.16.197.121 www.netflix.com O1 - Hosts: 204.16.197.121 www.dell.com O1 - Hosts: 204.16.197.121 www.google.co.uk O1 - Hosts: 204.16.197.121 www.bbc.co.uk O1 - Hosts: 204.16.197.121 www.ebay.co.uk O1 - Hosts: 204.16.197.121 www.bebo.com O1 - Hosts: 204.16.197.121 www.amazon.co.uk O1 - Hosts: 204.16.197.121 www.sky.com O1 - Hosts: 204.16.197.121 www.virginmedia.com O1 - Hosts: 204.16.197.121 www.aol.co.uk O1 - Hosts: 204.16.197.121 www.hsbc.co.uk O1 - Hosts: 204.16.197.121 www.antispyware.com O1 - Hosts: 204.16.197.121 www.antispy.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - E:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] E:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.exe E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "E:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [BDAgent] "E:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [FreeRAM XP] "E:\Documents and Settings\karl\My Documents\Trans\Utility Programs\Free Ram Booster\FreeRAM XP Pro 1.40.exe" -win O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.exe (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_05\bin Kind regards Baydon. I'm not a technophobe. The machines just don't like me.

The host file was purposely set most likely, if this is a network you should not make any changes you cannot reinstate. Please download HostsXpert from the following link: HostsXpert Extract the HostsXpert.zip by doing the following:Right-click HostsXpert.zip and select extract all – Follow the wizard and extract it to your DesktopClick Finish. Double-click the HostsXpert folder and then double-click HostsXpert.exe. Click “ Restore MS Hosts File” and press OK.Exit the program. Note: if you were using a custom Hosts file you will need to replace any of those entries yourself. Please run Esets online scanner from this link: ESET 1. Note: You will need to use Internet explorer for this scan 2. Tick the box next to YES, I accept the Terms of Use. 3. Click Start 4. When asked, allow the activex control to install 5. Click Start 6. Make sure that the option Remove found threats is unticked ( Iwant to see what is found first), and the option Scan unwanted applications is checked 7. Click Scan 8. Wait for the scan to finish 9. Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt 10. Copy and paste that log in your next reply.

Thanks Jabuck, It was fixed as soon as I ran Hostsxpert! Ran ESET as well but it found no problems Thanks again Kind regards Baydon. I'm not a technophobe. The machines just don't like me.

Glad we could help.