Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My Hjt Log, Help Needed!


  • Please log in to reply
20 replies to this topic

#1 meat5391

meat5391

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:52 AM

Posted 09 November 2005 - 01:40 AM

Hey everyone, I'm new here, and I am having trouble with my Internet Explorer. I can't get it to connect to any websites at all. Firefox is my main browser but IE is needed in some rare instances. Maxthon (built on IE) doesn't even load any websites. Firefox extensions to load website into a new IE tab doesn't work either.
I've tried clearing IE's cache and history as well as lowering the security settings. Scanned for spyware w/ Spybot and Ad-Aware, viruses with AVG Free, and trojans with Ewido Free. I still can't get anything to load up. Firefox works great though, so I'm not sure what it is, thought I'd try HJT. Thanks!

Logfile of HijackThis v1.99.1
Scan saved at 11:22:05 PM, on 11/8/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\RssBandit\RSSBandit.exe
C:\Program Files\KatMouse\KatMouse.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\FreshDevices\FreshDownload\fd.exe
C:\Documents and Settings\Meaty Puffs\Desktop\hijackthis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SDHelper.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [feedreader.exe] C:\Program Files\FeedReader\feedreader.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - Startup: KatMouse.lnk = C:\Program Files\KatMouse\KatMouse.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Startup: Winamp (2).lnk = C:\Program Files\Winamp\winamp.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: RSS Bandit (2).lnk = ?
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Subscribe in default RSS reader - C:\Documents and Settings\Meaty Puffs\Application Data\RssBandit\iecontext_subscribefeed.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} - https://beta.windowsonecare.com/install/cli...nSSWebAgent.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{63FB7E0D-870B-46BB-87A6-73078E0232B0}: NameServer = 24.223.0.16,24.223.0.5
O18 - Protocol: Festoon - (no CLSID) - (no file)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: vskype - (no CLSID) - (no file)
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Microsoft Protection Service (mpssvc) - Unknown owner - C:\Program Files\Microsoft Windows OneCare Live\Firewall\mpssvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

BC AdBot (Login to Remove)

 


#2 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:06:52 PM

Posted 09 November 2005 - 11:40 AM

Nothing major showing in the log:

Letís give WinSock XP Fix a try.

Please download Winsock XP Fix

Close every other program, then open winsockxpfix and click reg backup. Save the reg backup somewhere.

After that is done, click the fix button of winsockxpfix

David

#3 meat5391

meat5391
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:52 AM

Posted 09 November 2005 - 05:41 PM

WinSock XP didn't seem to fix anything. Also, when I tried to do the Reg Backup in WinSock I received a number of warnings that said it couldn't save C:\ERDNT\SECURITY, \software, \system, \default, \SAM, and an ntuser.dat and a UsrClass.dat file. However, I backed up the registry in regedit just in case and clicked 'Fix' in WinSock, and it seemed to run. Restarted computer and Internet Explorer still didn't work for any website.

I've tried reinstalling the newest version of internet explorer I could find, but it keeps saying I already have a newer version installed. I've also tried "Add/Remove Windows Components" and unchecking IE and then later rechecking it, but it didn't seem to make any difference.

IE doesn't look to be blocked by my router's firewall or XP's Firewall, and the Connection information in Internet Options looks correct and hasn't changed.

The only changes as far as programs have been recently has been removing Microsoft Antispyware, Windows OneCare beta, and reinstall AVG. I've been playing around with a few Download Managers, uninstalling Flashget and Leechget recently, and reinstalling Fresh Download Manager that I have used for the past two years. Other than that I haven't really made any changes that would affect IE's connection. Any other suggestions, or suggestions to why WinSock's Reg-Backup wouldn't work?

Thank you, I appreciate your assistance, this has been bugging me the past few weeks why I can't get IE to work in the rare occasions I need it to.

#4 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:06:52 PM

Posted 10 November 2005 - 06:00 PM

Go to this site:

http://windowsxp.mvps.org/IEFIX.htm

and download and run iefix and see if the problem is resolved.....

David

#5 meat5391

meat5391
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:52 AM

Posted 15 November 2005 - 12:41 AM

Sorry for not responding for a few days, I was away from an internet connection and didn't have my XP Pro disk with me to run the SFC portion of IEFix when I did get a connection. IEFix didn't seem to have any impact. The IE installer continued to say that I had a newer version installed already. After getting ahold of my XP Pro disk, I went through the SFC but it didn't seem to have any effect either. Am I skipping a step somewhere or did it just not work? Thank you.

Edited by meat5391, 15 November 2005 - 12:43 AM.


#6 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:06:52 PM

Posted 15 November 2005 - 12:12 PM

Download this regedit and open it to install it:

http://www.onecomputerguy.com/reg/xp_winsock.reg

See if that helps

David

#7 meat5391

meat5391
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:52 AM

Posted 15 November 2005 - 07:23 PM

Imported the winsock reg you suggested. It didn't seem to work, even after a restart.
Thanks for your continued help,
Meat

Edited by meat5391, 15 November 2005 - 07:24 PM.


#8 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:06:52 PM

Posted 16 November 2005 - 12:03 PM

Please visit http://virusscan.jotti.org/
Click on Browse... and navigate to the following file: C:\Program Files\Microsoft Windows OneCare Live\Firewall\mpssvc.exe
Click Open
Please let me know the results.
David

#9 meat5391

meat5391
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:52 AM

Posted 16 November 2005 - 01:27 PM

The Windows OneCare folder isn't there anymore, so I couldn't test the mpssvc.exe file. Before running HJT I uninstalled OneCare to see if that would maybe help things. After I uninstalled OneCare I installed AVG and am using XP's built-in firewall. I still have the OneCare Live install disk though, would you like me to reinstall it and test that file? Thanks.

#10 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:06:52 PM

Posted 17 November 2005 - 01:00 PM

The unregistered version of FlashGet serves up Ads in Internet Explorer that are downloaded from Cydoor servers. I would suggest removing it if it is this version. The registered version supposedly does not... so it should be ok. I usually recommend Leechget. Please uninstall FlashGet in the Control Panel /Add Remove programs. These are the items to fix in HijackThis.


O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)

I know this probably won;t fix the internet - but it's a step in the right direction. I'm just conacting someone over the internet problem.

David

#11 meat5391

meat5391
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:52 AM

Posted 17 November 2005 - 02:19 PM

Thank you David. I fixed the suggested items in HJT. Also, thank you for the recommendation. I used FreshDownload for a couple years before giving the free version of Flashget a shot. After that I tried Leechget, and it seemed around the time that I was playing with Leeghget, Flashget, and the new version of Fresh Download was when my Internet Explorer stopped working. I'm not sure if that's related at all, but it might help out.

Thanks again.

#12 meat5391

meat5391
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:52 AM

Posted 28 November 2005 - 02:51 PM

David,
Just wondering if you've found out any mroe information on this topic.
Thanks.

#13 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:06:52 PM

Posted 29 November 2005 - 02:07 PM

Ok, try this IP in internet explorer for google:

http://72.14.207.99/

i.e. enter this in the address bar and press enter.

Tell me what happens

David :thumbsup:

#14 meat5391

meat5391
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:52 AM

Posted 29 November 2005 - 02:18 PM

Nothing happened, the Windows flag in the upper right hand corner of the screen continued waving, like it was trying to load, but nothing came up. In Firefox, the Google page loaded up, of course.

Thanks again for your help,
Meat

#15 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:06:52 PM

Posted 29 November 2005 - 02:36 PM

Please go to:
start-->run

and type this in:
regedit

Then click on the FILE menu and select export
Save the file as backup. Save the file somewhere you will remember and not delete.
IMPORTANT: make sure to set the export range to ALL

Then, go to start-->run

and type this in:
notepad

Paste this into the box:
Windows Registry Editor Version 5.00 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ 
{89820200-ECBD-11cf-8B85-00AA005B4383}] 
"IsInstalled"=dword:00000000


Then click on the FILE menu and select save as
Save the file as regfix.reg. Save the file to the desktop.
IMPORTANT: make sure to save the file as "all types" and NOT as a text file


Now double click on fixreg.reg and insert it into the registry.

Then, go here, and reinstall Internet Explorer:
Internet Explorer Update




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users