Recommended Posts

Hello to all. Let me start off by saying I am fairly new to 'fixing' things that go wrong on my computer, so I apologize in advance if i seem quite ignorant. With that being said my problem is...

Whenever I go to load certain pages using FireFox or IE, they don't load...any reason why?

I can provide latest HJT log if that is helpful. I looked on another forum and someone suggested i test to see if i had a few working .dll files...the one that i tested and it didnt work was "regsvr32 Mshtml.dll" ...so i downloaded it again and it worked fine last night...then i go to access the same sites and go figure i'm back to square 1....

I appreciate any and all help

  Adaytay said:
Hi,

Welcome to Neowin

Yes, please post your HJT log and we'll get sorted. Obviously you have another PC to use, great, as I'll need you to download some files a bit later.

Cheers,

Ad

This was saved last night and I haven't used it since...

Logfile of HijackThis v1.99.1

Scan saved at 7:59:00 PM, on 6/19/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\WINDOWS\System32\basfipm.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\Trend Micro\AntiVirus 2007\tavsvc.exe

C:\Program Files\Trend Micro\AntiVirus 2007\Components\tmproxy.exe

C:\WINDOWS\System32\WLTRYSVC.EXE

C:\WINDOWS\System32\bcmwltry.exe

C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\Program Files\Trend Micro\AntiVirus 2007\tavui.exe

C:\Program Files\Logitech\MouseWare\system\em_exec.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\Rundll32.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\AIM\aim.exe

C:\Documents and Settings\Leon\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R3 - URLSearchHook: (no name) - {5BC6834F-4888-515B-8D89-10541C09B19D} - C:\Program Files\Outerinfo\OinBHO.dll (file missing)

O2 - BHO: (no name) - {13F20E4F-F379-41EA-8F80-CCAAE787362A} - (no file)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5BC6834F-4888-515B-8D89-10541C09B19D} - C:\Program Files\Outerinfo\OinBHO.dll (file missing)

O2 - BHO: (no name) - {6C630E6C-DC71-4DF7-8A0F-0CE5B4E0B6A4} - (no file)

O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - (no file)

O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)

O2 - BHO: {610dd766-c875-24cb-3864-05e218f6177d} - {d7716f81-2e50-4683-bc42-578c667dd016} - C:\WINDOWS\system32\drphdgnj.dll

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [Trend Micro AntiVirus 2007] "C:\Program Files\Trend Micro\AntiVirus 2007\tavui.exe" -1 --delay 15

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [{66-66-61-1A-ZN}] C:\DOCUME~1\Leon\LOCALS~1\Temp\stdrun2.exe CHD001

O4 - HKLM\..\Run: [OCAudioIni] C:\Program Files\One-click Audio Converter\OCAudioIni.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [bM0b255529] Rundll32.exe "C:\WINDOWS\system32\titvdxvt.dll",s

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O15 - Trusted Zone: *.avsystemcare.com

O15 - Trusted Zone: *.onerateld.com

O15 - Trusted Zone: *.safetydownload.com

O15 - Trusted Zone: *.trustedantivirus.com

O15 - Trusted Zone: *.virusschlacht.com

O15 - Trusted Zone: *.avsystemcare.com (HKLM)

O15 - Trusted Zone: *.onerateld.com (HKLM)

O15 - Trusted Zone: *.safetydownload.com (HKLM)

O15 - Trusted Zone: *.trustedantivirus.com (HKLM)

O15 - Trusted Zone: *.virusschlacht.com (HKLM)

O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) -

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/172c772e55c835...ip/RdxIE601.cab

O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} -

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1189821869276

O16 - DPF: {65E7DB1D-0101-4100-BD66-C5C78C917F93} -

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1195270563765

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -

O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} -

O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} -

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: NavLogon - C:\WINDOWS\

O20 - Winlogon Notify: vupdnwed - C:\WINDOWS\

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: Broadcom ASF IP monitoring service v6.0.3 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\System32\basfipm.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Trend Micro AntiVirus Protection Service (tavsvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\AntiVirus 2007\tavsvc.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\AntiVirus 2007\Components\tmproxy.exe

O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

O23 - Service: Security Center (wscsvc) - Unknown owner - C:\WINDOWS\C:\WINDOWS\C:\WINDOWS\System32\svchost.exe (file missing)

Hi,

Sorry for the delay in getting back to you, only just had notification of your reply!

Re-run HijackThis and check the boxes next to the following, then click "Fix":

R3 - URLSearchHook: (no name) - {5BC6834F-4888-515B-8D89-10541C09B19D} - C:\Program Files\Outerinfo\OinBHO.dll
O2 - BHO: (no name) - {13F20E4F-F379-41EA-8F80-CCAAE787362A}
O2 - BHO: (no name) - {5BC6834F-4888-515B-8D89-10541C09B19D} - C:\Program Files\Outerinfo\OinBHO.dll (file missing)
O2 - BHO: (no name) - {6C630E6C-DC71-4DF7-8A0F-0CE5B4E0B6A4} - (no file)
O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: {610dd766-c875-24cb-3864-05e218f6177d} - {d7716f81-2e50-4683-bc42-578c667dd016} - C:\WINDOWS\system32\drphdgnj.dll
O4 - HKLM\..\Run: [{66-66-61-1A-ZN}] C:\DOCUME~1\Leon\LOCALS~1\Temp\stdrun2.exe CHD001
O4 - HKLM\..\Run: [BM0b255529] Rundll32.exe "C:\WINDOWS\system32\titvdxvt.dll",s- Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} -
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} -
O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll
O20 - Winlogon Notify: vupdnwed - C:\WINDOWS\

Once you've hit Fix, reboot the PC in SAFE MODE.

I notice that you have got Spybot S&D installed. From another PC, head to the Spybot Download Page, and download the latest detection updates (should be dated 2008-06-18).

Also, download the SmitFraud Fix from here. Instructions for use are also on that page.

Once downloaded, stick both those files onto a USB stick as you'll need them now on the other PC.

Go to the other PC, and run spybot_includes.exe off the USB. Then, open Spybot and immunize the system, before running a full sweep - once completed, you may need to restart the PC.

Once the spybot has finished running, open the SmitFraud fix and run that, running a full scan. Reboot afterwards, and post back with an update :)

Hope this helps,

Ad

Hello- I am actually receiving help from another forum...I appreciate your advice / pointers. This thread can be closed.

  Adaytay said:
Hi,

Sorry for the delay in getting back to you, only just had notification of your reply!

Re-run HijackThis and check the boxes next to the following, then click "Fix":

R3 - URLSearchHook: (no name) - {5BC6834F-4888-515B-8D89-10541C09B19D} - C:\Program Files\Outerinfo\OinBHO.dll
O2 - BHO: (no name) - {13F20E4F-F379-41EA-8F80-CCAAE787362A}
O2 - BHO: (no name) - {5BC6834F-4888-515B-8D89-10541C09B19D} - C:\Program Files\Outerinfo\OinBHO.dll (file missing)
O2 - BHO: (no name) - {6C630E6C-DC71-4DF7-8A0F-0CE5B4E0B6A4} - (no file)
O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - (no file)
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O2 - BHO: {610dd766-c875-24cb-3864-05e218f6177d} - {d7716f81-2e50-4683-bc42-578c667dd016} - C:\WINDOWS\system32\drphdgnj.dll
O4 - HKLM\..\Run: [{66-66-61-1A-ZN}] C:\DOCUME~1\Leon\LOCALS~1\Temp\stdrun2.exe CHD001
O4 - HKLM\..\Run: [BM0b255529] Rundll32.exe "C:\WINDOWS\system32\titvdxvt.dll",s- Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} -
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} -
O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll
O20 - Winlogon Notify: vupdnwed - C:\WINDOWS\

Once you've hit Fix, reboot the PC in SAFE MODE.

I notice that you have got Spybot S&D installed. From another PC, head to the Spybot Download Page, and download the latest detection updates (should be dated 2008-06-18).

Also, download the SmitFraud Fix from here. Instructions for use are also on that page.

Once downloaded, stick both those files onto a USB stick as you'll need them now on the other PC.

Go to the other PC, and run spybot_includes.exe off the USB. Then, open Spybot and immunize the system, before running a full sweep - once completed, you may need to restart the PC.

Once the spybot has finished running, open the SmitFraud fix and run that, running a full scan. Reboot afterwards, and post back with an update :)

Hope this helps,

Ad

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.