Thread: Not sure whats wrong,please take a look!!
View Single Post
Join Date: May 2005
Posts: 3,204
Reputation: gerbil will become famous soon enough gerbil will become famous soon enough 
Solved Threads: 188
gerbil gerbil is offline Offline
Nearly a Senior Poster

Re: Not sure whats wrong,please take a look!!

 
0
  #3
Apr 24th, 2007
Ok, that is prob a bit harsh, cos it is very likely not your fault, but you owe me a beer for struggling a bit of the way into that log - my eyes died trying..... Do this:
==Download fixwareout from http://www.bleepingcomputer.com/file...Fixwareout.exe - and save it to your desktop.
Either: go Control panel > folder options OR: in an explorer window > tools>folder options;
- then view tab, press Show hidden files and folders, Apply and Ok.
Double click Fixwareout.exe to start the Fixwareout Setup Wizard, click next and then install. Ensure that Run fixit is checked, and click on Finish.
After the fix follow the prompts. You will be asked to reboot your computer, and it may take longer than usual to load - this is normal.

Next check some settings....In control panel select the Network and Internet Connections , rclick on your default connection, usually local area connection for cable and dsl, and lclick on properties. Click the Networking tab. Dclick on the Internet Protocol (TCP/IP) item and select Obtain DNS servers automatically. Press OK twice to get out of the properties screen and reboot if it asks.

Now we have to flush the DNS cache: Go Start > Run, type cmd and click OK.
In the command screen, type in cd\ and then press Enter. Now type in ipconfig /flushdns and then Enter. [space after ipconfig]. Type Exit.

HiJackThis - get a fresh copy, remove the one you have!!
===download hijackthis: http://216.180.233.162/~merijn/files/HijackThis.exe
-install it to a new folder alongside your program files and then rename the Hijackthis.exe to imabunny.exe.
-in that folder start HijackThis by dclicking the .exe; now close ALL other applications and any open windows including the explorer window containing HijackThis.
-Select Scan Only, place checkmarks against all the entries listed below that still exist, and then Fix Checked.

R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {182B90A3-F372-438A-800C-6814B4DE417B} - C:\WINDOWS\system32\opnonkj.dll (file missing)
O2 - BHO: (no name) - {1AEB2E21-6D7F-48F8-B6E9-828A78D12889} - C:\WINDOWS\system\ilbent.dll (file missing)
O2 - BHO: (no name) - {2A498F09-890C-44DA-B8E3-BD1B1A5A28F5} - C:\WINDOWS\system32\awvtt.dll (file missing)
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll (file missing)
O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\uvsmgbug.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\PROGRA~1\IWINGA~1\IWINGA~1.DLL (file missing)
O2 - BHO: Internet Security Class - {A75E294E-C047-4D29-B07E-37B792881BEF} - (no file)
O2 - BHO: (no name) - {E7B36CEB-2A03-4A20-B99A-68E9E0CF4BC5} - C:\WINDOWS\system32\gebcy.dll (file missing)
O2 - BHO: (no name) - {FDE5F6A2-F64B-4956-92C4-91256F3965A0} - C:\WINDOWS\system32\dfrgsnbp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{4A425570-C639-4A19-B1F0-33E12189899D}: NameServer = 85.255.115.155,85.255.112.77
O17 - HKLM\System\CCS\Services\Tcpip\..\{57A31405-4E4A-41B6-B020-7E178A9A83BF}: NameServer = 85.255.115.155,85.255.112.77
O17 - HKLM\System\CCS\Services\Tcpip\..\{63C51876-8072-45DB-A697-0F6D9275013A}: NameServer = 85.255.115.155,85.255.112.77
O17 - HKLM\System\CCS\Services\Tcpip\..\{AEF35FFB-7FCD-40C3-ACD7-96194F3AF479}: NameServer = 85.255.115.155,85.255.112.77
O17 - HKLM\System\CCS\Services\Tcpip\..\{C4E21EF9-28BF-4C01-8DC0-98557C1698BF}: NameServer = 85.255.115.155,85.255.112.77
O17 - HKLM\System\CCS\Services\Tcpip\..\{DFC3F59C-CD1E-4A89-90A4-87A60219A88F}: NameServer = 85.255.115.155,85.255.112.77
O17 - HKLM\System\CCS\Services\Tcpip\..\{E5E2F48C-43AA-4788-BB06-969FAA3BF304}: NameServer = 85.255.115.155,85.255.112.77
O17 - HKLM\System\CCS\Services\Tcpip\..\{E6361592-35CC-4F87-B0D5-1C2BF5CBA273}: NameServer = 85.255.115.155,85.255.112.77
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.155 85.255.112.77
O20 - Winlogon Notify: awvtt - C:\WINDOWS\system32\awvtt.dll (file missing)
O20 - Winlogon Notify: gebcy - C:\WINDOWS\system32\gebcy.dll (file missing)
O20 - Winlogon Notify: ilbent - C:\WINDOWS\system\ilbent.dll (file missing)
O20 - Winlogon Notify: IPConfTSP - C:\WINDOWS\system32\enj8l11u1.dll (file missing)
O20 - Winlogon Notify: opnonkj - opnonkj.dll (file missing)
O20 - Winlogon Notify: urqronm - urqronm.dll (file missing)
O20 - Winlogon Notify: winpsa32 - winpsa32.dll (file missing)
O20 - Winlogon Notify: xxyyyay - xxyyyay.dll (file missing)
O21 - SSODL: flammei - {9d635a36-6b3c-4146-8625-f3aaf507bbf8} - (no file)

This may not be a complete list, but it will do for now. BE CAREFUL with checking the O17 entries -one in the middle of the HT list is valid [it has the shortest Nameserver number.. ]
When you have done that do another HT scan, save a logfile and post it along with the fixwareoutlog.
Phew!
Deep, deep in the woods, but walking about.
Reply With Quote