| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 63588 | 2005-11-15 10:49:00 | iexplorer/firefox half working | guy_who_doesnt_know_much (9248) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 404526 | 2005-11-15 10:49:00 | basically iexplorer/firefox/all the other browsers i have tried only work sometimes (they used to work perfectly fine). i have reinstalled them, scanned for viruses, spyware etc. anyway.. an example of problem - a friend gives me a link on msn to view a website, i click it, nothing happens. there are other things that dont work, but that is the most common one. i really have no clue what the problem could be.. so meh. if computer specs or anything will help you resolve this please ask. thanks, guy_who_doesnt_know_much |
guy_who_doesnt_know_much (9248) | ||
| 404527 | 2005-11-15 10:53:00 | Does MSN continue to work even when you can't get web pages? | Greg (193) | ||
| 404528 | 2005-11-15 10:55:00 | yes, msn and nearly everything else work. | guy_who_doesnt_know_much (9248) | ||
| 404529 | 2005-11-15 12:11:00 | Is that the only problem, when you clik a link in msn it dosent open? Does your browser function in every other way? Do you have a similar problem when clicking links emailed to you? |
Rob99 (151) | ||
| 404530 | 2005-11-15 17:50:00 | Depending on how many browsers you've installed, make IE the default browser. That maybe why links dont work. Or get hijackthis www.merijn.org UNZIP it first, into its own folder. And scan / copy and paste the log here. |
Speedy Gonzales (78) | ||
| 404531 | 2005-11-15 22:16:00 | i've tried making ie default, but nothing happens still. here's what the test said: Logfile of HijackThis v1.99.1 Scan saved at 11:12:27 a.m., on 16/11/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\Program Files\iPlay gamma\ipgamma-v0.01.14\IPGamma.exe C:\Program Files\MSN Messenger\MSN Messenger.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\The All-Seeing Eye\The All Seeing Eye.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\DebG\LOCALS~1\Temp\Rar$EX00.563\Hijack This.exe C:\DOCUME~1\DebG\LOCALS~1\Temp\Rar$EX08.844\Hijack This.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = g.xtramsn.co.nz R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = games.uber.net.nz O1 - Hosts: 64.233.167.104 sandbox.norman.no O1 - Hosts: 64.233.167.104 www.pandasoftware.com O1 - Hosts: 64.233.167.104 uk.trendmicro-europe.com O1 - Hosts: 123.123.123.123 www.nittorevolution.com O1 - Hosts: 123.123.123.123 nittorevolution.com O2 - BHO: Tensons.Application.DownloadAcceleratorManager.BHO - {00000003-1118-11da-8cd6-0800200c9888} - mscoree.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing) O2 - BHO: (no name) - {F061479B-4504-6B49-F3A9-AE07655CF0BA} - C:\DOCUME~1\DebG\APPLIC~1\INTERD~1\AudioBall.exe (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing) O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.en-us.en-nz\msntb.dll (file missing) O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [Tsl2] C:\PROGRA~1\COMMON~1\tsa\tsl2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Download Accelerator Manager Free Edition] C:\Program Files\Tensons\Download Accelerator Manager\Free Edition\dam.exe O4 - HKLM\..\RunServices: [serpe] C:\WINDOWS\system32\serbw.exe O4 - HKLM\..\RunServices: [Windows] system.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4 O4 - HKCU\..\Run: [Internet Download Accelerator] C:\Program Files\IDA\ida.exe -autorun O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Download with DAM - C:\Program Files\Tensons\Download Accelerator Manager\Free Edition\addUrl.htm O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm O8 - Extra context menu item: Open In New Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file) O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\DebG\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - messenger.zone.msn.com O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - messenger.zone.msn.com O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - by17fd.bay17.hotmail.msn.com O16 - DPF: {6E2D6932-3885-4FA2-8DD4-DB63FFE33797} (PhotoPickConvert Class) - appdirectory.messenger.msn.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - messenger.zone.msn.com O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - messenger.zone.msn.com O17 - HKLM\System\CCS\Services\Tcpip\..\{631D75EF-2AF9-4716-B56D-B76A2F4861FC}: NameServer = 203.96.152.4,203.96.152.12 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe (file missing) O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe (file missing) O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe |
guy_who_doesnt_know_much (9248) | ||
| 404532 | 2005-11-15 22:44:00 | Reboot into safe mode . Tick these, then tick fix checked . Also turn system restore OFF . C:\Program Files\MSN Messenger\MSN Messenger . exe I dont think this is MSN messenger's file . O1 - Hosts: 64 . 233 . 167 . 104 www . pandasoftware . com O1 - Hosts: 64 . 233 . 167 . 104 uk . trendmicro-europe . com O1 - Hosts: 123 . 123 . 123 . 123 www . nittorevolution . com O1 - Hosts: 123 . 123 . 123 . 123 nittorevolution . com O2 - BHO: Tensons . Application . DownloadAcceleratorManager . BHO - {00000003-1118-11da-8cd6-0800200c9888} - mscoree . dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1 . dll (file missing) O2 - BHO: (no name) - {F061479B-4504-6B49-F3A9-AE07655CF0BA} - C:\DOCUME~1\DebG\APPLIC~1\INTERD~1\AudioBall . exe (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1 . dll (file missing) O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01 . 01 . 2607 . 0\msgr . en-us . en-nz\msntb . dll (file missing) O4 - HKLM\ . . \RunServices: [serpe] C:\WINDOWS\system32\serbw . exe This is a worm - Messenger worm Download this and run it . symantec . com/avcenter/FixSflog . exe" target="_blank">securityresponse . symantec . com Read the info here . symantec . com/avcenter/venc/data/w32 . serflog . a . html" target="_blank">securityresponse . symantec . com O4 - HKLM\ . . \RunServices: [Windows] system . exe This maybe related to the above worm . O4 - HKLM\ . . \Run: [Tsl2] C:\PROGRA~1\COMMON~1\tsa\tsl2 . exe O4 - HKLM\ . . \Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus . exe" If Messenger plus is in add/remove programs uninstall it . O4 - HKLM\ . . \Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask . exe" -atboottime O4 - HKLM\ . . \Run: [Download Accelerator Manager Free Edition] C:\Program Files\Tensons\Download Accelerator Manager\Free Edition\dam . exe O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file) O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\DebG\Start Menu\Programs\IMVU\Run IMVU . lnk (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr . exe (file missing) O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc . exe (file missing) I would also reinstall AVG again, and install a firewall . And keep XP up to date . |
Speedy Gonzales (78) | ||
| 404533 | 2005-11-15 23:18:00 | Oops missed this entry out tick this entry as well. O1 - Hosts: 64.233.167.104 sandbox.norman.no |
Speedy Gonzales (78) | ||
| 404534 | 2005-11-15 23:26:00 | sorry about this, but where do i tick/untick them? once in safe mode. i have turned off system restore. | guy_who_doesnt_know_much (9248) | ||
| 404535 | 2005-11-15 23:30:00 | You run hijackthis again in safe mode, and the entries that appeared, like the first log u posted, tick them then tick fix checked . After the entries have been ticked and you've ticked fix checked and deleted those entries . Reboot and post another log here . Make sure u UNZIP hijackthis first, into its own folder, before u run it this time . DON'T run it within the zip file . |
Speedy Gonzales (78) | ||
| 1 2 | |||||