leonfelpz6 Posted June 20, 2008 Share Posted June 20, 2008 Hello to all. Let me start off by saying I am fairly new to 'fixing' things that go wrong on my computer, so I apologize in advance if i seem quite ignorant. With that being said my problem is... Whenever I go to load certain pages using FireFox or IE, they don't load...any reason why? I can provide latest HJT log if that is helpful. I looked on another forum and someone suggested i test to see if i had a few working .dll files...the one that i tested and it didnt work was "regsvr32 Mshtml.dll" ...so i downloaded it again and it worked fine last night...then i go to access the same sites and go figure i'm back to square 1.... I appreciate any and all help Link to comment Share on other sites More sharing options...
AdzzzUK Posted June 20, 2008 Share Posted June 20, 2008 Hi, Welcome to Neowin Yes, please post your HJT log and we'll get sorted. Obviously you have another PC to use, great, as I'll need you to download some files a bit later. Cheers, Ad Link to comment Share on other sites More sharing options...
leonfelpz6 Posted June 20, 2008 Author Share Posted June 20, 2008 Hi,Welcome to Neowin Yes, please post your HJT log and we'll get sorted. Obviously you have another PC to use, great, as I'll need you to download some files a bit later. Cheers, Ad This was saved last night and I haven't used it since... Logfile of HijackThis v1.99.1 Scan saved at 7:59:00 PM, on 6/19/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\System32\basfipm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Trend Micro\AntiVirus 2007\tavsvc.exe C:\Program Files\Trend Micro\AntiVirus 2007\Components\tmproxy.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Trend Micro\AntiVirus 2007\tavui.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\AIM\aim.exe C:\Documents and Settings\Leon\Desktop\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R3 - URLSearchHook: (no name) - {5BC6834F-4888-515B-8D89-10541C09B19D} - C:\Program Files\Outerinfo\OinBHO.dll (file missing) O2 - BHO: (no name) - {13F20E4F-F379-41EA-8F80-CCAAE787362A} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5BC6834F-4888-515B-8D89-10541C09B19D} - C:\Program Files\Outerinfo\OinBHO.dll (file missing) O2 - BHO: (no name) - {6C630E6C-DC71-4DF7-8A0F-0CE5B4E0B6A4} - (no file) O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - (no file) O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file) O2 - BHO: {610dd766-c875-24cb-3864-05e218f6177d} - {d7716f81-2e50-4683-bc42-578c667dd016} - C:\WINDOWS\system32\drphdgnj.dll O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [Trend Micro AntiVirus 2007] "C:\Program Files\Trend Micro\AntiVirus 2007\tavui.exe" -1 --delay 15 O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [{66-66-61-1A-ZN}] C:\DOCUME~1\Leon\LOCALS~1\Temp\stdrun2.exe CHD001 O4 - HKLM\..\Run: [OCAudioIni] C:\Program Files\One-click Audio Converter\OCAudioIni.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bM0b255529] Rundll32.exe "C:\WINDOWS\system32\titvdxvt.dll",s O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O11 - Options group: [iNTERNATIONAL] International* O15 - Trusted Zone: *.avsystemcare.com O15 - Trusted Zone: *.onerateld.com O15 - Trusted Zone: *.safetydownload.com O15 - Trusted Zone: *.trustedantivirus.com O15 - Trusted Zone: *.virusschlacht.com O15 - Trusted Zone: *.avsystemcare.com (HKLM) O15 - Trusted Zone: *.onerateld.com (HKLM) O15 - Trusted Zone: *.safetydownload.com (HKLM) O15 - Trusted Zone: *.trustedantivirus.com (HKLM) O15 - Trusted Zone: *.virusschlacht.com (HKLM) O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/172c772e55c835...ip/RdxIE601.cab O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} - O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1189821869276 O16 - DPF: {65E7DB1D-0101-4100-BD66-C5C78C917F93} - O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1195270563765 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} - O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: NavLogon - C:\WINDOWS\ O20 - Winlogon Notify: vupdnwed - C:\WINDOWS\ O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Broadcom ASF IP monitoring service v6.0.3 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\System32\basfipm.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Trend Micro AntiVirus Protection Service (tavsvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\AntiVirus 2007\tavsvc.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\AntiVirus 2007\Components\tmproxy.exe O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE O23 - Service: Security Center (wscsvc) - Unknown owner - C:\WINDOWS\C:\WINDOWS\C:\WINDOWS\System32\svchost.exe (file missing) Link to comment Share on other sites More sharing options...
simsie Posted June 20, 2008 Share Posted June 20, 2008 Is Opera or Safari also affected by the issue? Link to comment Share on other sites More sharing options...
leonfelpz6 Posted June 20, 2008 Author Share Posted June 20, 2008 Is Opera or Safari also affected by the issue? Uhh...I'm confused...I dont know what 'Opera' or 'Safari' are...I am running Windows XP...sorry for being ignorant... Link to comment Share on other sites More sharing options...
simsie Posted June 20, 2008 Share Posted June 20, 2008 Other web browsers, like Firefox... Link to comment Share on other sites More sharing options...
AdzzzUK Posted June 20, 2008 Share Posted June 20, 2008 Hi, Sorry for the delay in getting back to you, only just had notification of your reply! Re-run HijackThis and check the boxes next to the following, then click "Fix": R3 - URLSearchHook: (no name) - {5BC6834F-4888-515B-8D89-10541C09B19D} - C:\Program Files\Outerinfo\OinBHO.dll O2 - BHO: (no name) - {13F20E4F-F379-41EA-8F80-CCAAE787362A} O2 - BHO: (no name) - {5BC6834F-4888-515B-8D89-10541C09B19D} - C:\Program Files\Outerinfo\OinBHO.dll (file missing) O2 - BHO: (no name) - {6C630E6C-DC71-4DF7-8A0F-0CE5B4E0B6A4} - (no file) O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - (no file) O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file) O2 - BHO: {610dd766-c875-24cb-3864-05e218f6177d} - {d7716f81-2e50-4683-bc42-578c667dd016} - C:\WINDOWS\system32\drphdgnj.dll O4 - HKLM\..\Run: [{66-66-61-1A-ZN}] C:\DOCUME~1\Leon\LOCALS~1\Temp\stdrun2.exe CHD001 O4 - HKLM\..\Run: [BM0b255529] Rundll32.exe "C:\WINDOWS\system32\titvdxvt.dll",s O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O15 - Trusted Zone: *.avsystemcare.com O15 - Trusted Zone: *.onerateld.com O15 - Trusted Zone: *.safetydownload.com O15 - Trusted Zone: *.trustedantivirus.com O15 - Trusted Zone: *.virusschlacht.com O15 - Trusted Zone: *.avsystemcare.com (HKLM) O15 - Trusted Zone: *.onerateld.com (HKLM) O15 - Trusted Zone: *.safetydownload.com (HKLM) O15 - Trusted Zone: *.trustedantivirus.com (HKLM) O15 - Trusted Zone: *.virusschlacht.com (HKLM) O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} - O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll O20 - Winlogon Notify: vupdnwed - C:\WINDOWS\ Once you've hit Fix, reboot the PC in SAFE MODE. I notice that you have got Spybot S&D installed. From another PC, head to the Spybot Download Page, and download the latest detection updates (should be dated 2008-06-18). Also, download the SmitFraud Fix from here. Instructions for use are also on that page. Once downloaded, stick both those files onto a USB stick as you'll need them now on the other PC. Go to the other PC, and run spybot_includes.exe off the USB. Then, open Spybot and immunize the system, before running a full sweep - once completed, you may need to restart the PC. Once the spybot has finished running, open the SmitFraud fix and run that, running a full scan. Reboot afterwards, and post back with an update :) Hope this helps, Ad Link to comment Share on other sites More sharing options...
leonfelpz6 Posted June 23, 2008 Author Share Posted June 23, 2008 Hello- I am actually receiving help from another forum...I appreciate your advice / pointers. This thread can be closed. Hi,Sorry for the delay in getting back to you, only just had notification of your reply! Re-run HijackThis and check the boxes next to the following, then click "Fix": R3 - URLSearchHook: (no name) - {5BC6834F-4888-515B-8D89-10541C09B19D} - C:\Program Files\Outerinfo\OinBHO.dll O2 - BHO: (no name) - {13F20E4F-F379-41EA-8F80-CCAAE787362A} O2 - BHO: (no name) - {5BC6834F-4888-515B-8D89-10541C09B19D} - C:\Program Files\Outerinfo\OinBHO.dll (file missing) O2 - BHO: (no name) - {6C630E6C-DC71-4DF7-8A0F-0CE5B4E0B6A4} - (no file) O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - (no file) O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file) O2 - BHO: {610dd766-c875-24cb-3864-05e218f6177d} - {d7716f81-2e50-4683-bc42-578c667dd016} - C:\WINDOWS\system32\drphdgnj.dll O4 - HKLM\..\Run: [{66-66-61-1A-ZN}] C:\DOCUME~1\Leon\LOCALS~1\Temp\stdrun2.exe CHD001 O4 - HKLM\..\Run: [BM0b255529] Rundll32.exe "C:\WINDOWS\system32\titvdxvt.dll",s O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll O15 - Trusted Zone: *.avsystemcare.com O15 - Trusted Zone: *.onerateld.com O15 - Trusted Zone: *.safetydownload.com O15 - Trusted Zone: *.trustedantivirus.com O15 - Trusted Zone: *.virusschlacht.com O15 - Trusted Zone: *.avsystemcare.com (HKLM) O15 - Trusted Zone: *.onerateld.com (HKLM) O15 - Trusted Zone: *.safetydownload.com (HKLM) O15 - Trusted Zone: *.trustedantivirus.com (HKLM) O15 - Trusted Zone: *.virusschlacht.com (HKLM) O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} - O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll O20 - Winlogon Notify: vupdnwed - C:\WINDOWS\ Once you've hit Fix, reboot the PC in SAFE MODE. I notice that you have got Spybot S&D installed. From another PC, head to the Spybot Download Page, and download the latest detection updates (should be dated 2008-06-18). Also, download the SmitFraud Fix from here. Instructions for use are also on that page. Once downloaded, stick both those files onto a USB stick as you'll need them now on the other PC. Go to the other PC, and run spybot_includes.exe off the USB. Then, open Spybot and immunize the system, before running a full sweep - once completed, you may need to restart the PC. Once the spybot has finished running, open the SmitFraud fix and run that, running a full scan. Reboot afterwards, and post back with an update :) Hope this helps, Ad Link to comment Share on other sites More sharing options...
Recommended Posts