|
| ||
| Dns Error I have the exact same problem as CST does http://www.daniweb.com/techtalkforum...ead.php?t=5212 and heres my log from hijackthis, can someone plz help me I have been having this problem for over 2 weeks now. Thanks Logfile of HijackThis v1.98.2 Scan saved at 10:12:46, on 09/10/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\cisvc.exe C:\WINDOWS\System32\muamgrd.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\wind32.exe C:\WINDOWS\System32\ndis.exe C:\WINDOWS\System32\win32usb.exe C:\WINDOWS\System32\winssv.exe C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\WINDOWS\System32\gsicon.exe C:\WINDOWS\System32\dslagent.exe C:\WINDOWS\System32\sres32.exe C:\WINDOWS\System32\wvsvc.exe C:\windows\system32\winrpx.exe C:\WINDOWS\System32\ms32cfg.exe C:\WINDOWS\System32\lssrv.exe C:\WINDOWS\System32\winmplayer.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\System32\ms32cfg.exe C:\Program Files\BT Broadband\Help\bin\mpbtn.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\cidaemon.exe C:\Documents and Settings\Owner\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.btbroadbandstart.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [OEM32 Tools] sres32.exe O4 - HKLM\..\Run: [Win32 USB2 Driver] wind32.exe O4 - HKLM\..\Run: [wvsvc] wvsvc.exe O4 - HKLM\..\Run: [NDIS Adapter] ndis.exe O4 - HKLM\..\Run: [USB Device] win32usb.exe O4 - HKLM\..\Run: [Printer] C:\windows\system32\winrpx.exe O4 - HKLM\..\Run: [Microsoft Update] muamgrd.exe O4 - HKLM\..\Run: [Microsoft Features] ms32cfg.exe O4 - HKLM\..\Run: [Win32 SSL Driver] winssv.exe O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\fachkibx.exe O4 - HKLM\..\Run: [Microsoft Services] lssrv.exe O4 - HKLM\..\Run: [Microsoft media services] winmplayer.exe O4 - HKLM\..\RunServices: [OEM32 Tools] sres32.exe O4 - HKLM\..\RunServices: [Win32 USB2 Driver] wind32.exe O4 - HKLM\..\RunServices: [wvsvc] wvsvc.exe O4 - HKLM\..\RunServices: [NDIS Adapter] ndis.exe O4 - HKLM\..\RunServices: [USB Device] win32usb.exe O4 - HKLM\..\RunServices: [Microsoft Update] muamgrd.exe O4 - HKLM\..\RunServices: [Microsoft Features] ms32cfg.exe O4 - HKLM\..\RunServices: [msconfig] wins.exe O4 - HKLM\..\RunServices: [Win32 SSL Driver] winssv.exe O4 - HKLM\..\RunServices: [Windows Update] winupupdate1.exe O4 - HKLM\..\RunServices: [Microsoft Services] lssrv.exe O4 - HKLM\..\RunServices: [Microsoft media services] winmplayer.exe O4 - HKLM\..\RunOnce: [Win32 USB2 Driver] wind32.exe O4 - HKLM\..\RunOnce: [NDIS Adapter] ndis.exe O4 - HKLM\..\RunOnce: [USB Device] win32usb.exe O4 - HKLM\..\RunOnce: [Win32 SSL Driver] winssv.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0 O4 - HKCU\..\Run: [Win32 USB2 Driver] wind32.exe O4 - HKCU\..\Run: [NDIS Adapter] ndis.exe O4 - HKCU\..\Run: [OEM32 Tools] sres32.exe O4 - HKCU\..\Run: [wvsvc] wvsvc.exe O4 - HKCU\..\Run: [USB Device] win32usb.exe O4 - HKCU\..\Run: [Microsoft Features] ms32cfg.exe O4 - HKCU\..\Run: [Win32 SSL Driver] winssv.exe O4 - HKCU\..\RunOnce: [Win32 USB2 Driver] wind32.exe O4 - HKCU\..\RunOnce: [Win32 SSL Driver] winssv.exe O4 - HKCU\..\RunOnce: [USB Device] win32usb.exe O4 - HKCU\..\RunOnce: [NDIS Adapter] ndis.exe O4 - Global Startup: BT Broadband Help.lnk = C:\Program Files\BT Broadband\Help\bin\matcli.exe O9 - Extra button: iOpus Internet Macros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Program Files\InternetMacros\imacros.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{00EC9413-4953-4ECC-8AE6-9EAEBB815EC0}: NameServer = 194.72.9.34 194.74.65.68 O17 - HKLM\System\CS1\Services\Tcpip\..\{00EC9413-4953-4ECC-8AE6-9EAEBB815EC0}: NameServer = 194.72.9.34 194.74.65.68 |
| ||
| Re: Dns Error Hey aulakh, welcome to DaniWeb! :) I hate to be the one to tell you this, but there is a notice at the top of this forum requesting that all hijackthis logs be posted in the Security forum as this is where the malware guru's hang out. Before you post a log there, HJT should not be run from your desktop, it should be in a permanent folder (like c:\hjt\hijackthis.exe). Also, close all windows before scanning with HJT (you had IE open in your last scan). Good luck! |
| ||
| Re: Dns Error Moving to the Security forum now... |
| ||
| Re: Dns Error Time to run a online virus scan..http://housecall.trendmicro.com/ and or this one also ...http://www.pandasoftware.com/actives..._principal.htm and Trojan hunter fully working demo here ... http://www.trojanhunter.com/ |
| ||
| Re: Dns Error ok sorry abot that, I ran hijackthis again heres the log Logfile of HijackThis v1.98.2 Scan saved at 21:10:04, on 09/10/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\cisvc.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\wind32.exe C:\WINDOWS\System32\removeme.exe C:\WINDOWS\System32\MSPMSPSU.EXE C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\WINDOWS\System32\igfxtray.exe C:\WINDOWS\System32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\gsicon.exe C:\WINDOWS\System32\dslagent.exe C:\WINDOWS\System32\cfachub.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\BT Broadband\Help\bin\mpbtn.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\winssv.exe C:\Documents and Settings\sunny\Desktop\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.btbroadbandstart.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [Microsoft Update] cfachub.exe O4 - HKLM\..\Run: [Win32 USB2 Driver] wind32.exe O4 - HKLM\..\Run: [zonealarm] removeme.exe O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\qzcthn.exe O4 - HKLM\..\Run: [Win32 NVIDIA Driver] MSPMSPSU.EXE O4 - HKLM\..\Run: [Win32 SSL Driver] winssv.exe O4 - HKLM\..\RunServices: [Microsoft Update] cfachub.exe O4 - HKLM\..\RunServices: [Win32 USB2 Driver] wind32.exe O4 - HKLM\..\RunServices: [zonealarm] removeme.exe O4 - HKLM\..\RunServices: [Win32 NVIDIA Driver] MSPMSPSU.EXE O4 - HKLM\..\RunServices: [Win32 SSL Driver] winssv.exe O4 - HKLM\..\RunOnce: [Win32 USB2 Driver] wind32.exe O4 - HKLM\..\RunOnce: [zonealarm] removeme.exe O4 - HKLM\..\RunOnce: [Win32 NVIDIA Driver] MSPMSPSU.EXE O4 - HKLM\..\RunOnce: [Win32 SSL Driver] winssv.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Win32 USB2 Driver] wind32.exe O4 - HKCU\..\Run: [zonealarm] removeme.exe O4 - HKCU\..\Run: [Microsoft Update] cfachub.exe O4 - HKCU\..\Run: [Win32 NVIDIA Driver] MSPMSPSU.EXE O4 - HKCU\..\RunOnce: [zonealarm] removeme.exe O4 - HKCU\..\RunOnce: [Win32 USB2 Driver] wind32.exe O4 - HKCU\..\RunOnce: [Win32 NVIDIA Driver] MSPMSPSU.EXE O4 - Global Startup: BT Broadband Help.lnk = C:\Program Files\BT Broadband\Help\bin\matcli.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O17 - HKLM\System\CCS\Services\Tcpip\..\{370FCF97-A1E0-4DA2-88D1-B6796231BF42}: NameServer = 194.72.9.34 194.74.65.68 |
| ||
| Re: Dns Error Can someone plz help me out, also I got another problem a box appears with a timer of 60 secs then it restarts the comp. |
| ||
| Re: Dns Error Open Task Manager & end process on the following: wind32.exe removeme.exe cfachub.exe winssv.exe Then go to C:\WINDOWS\System32 & delete those files manually. Close all (browser) windows & rescan with hijackthis. When the scan is finished place a check in the box to the left of the following entries & click 'fix checked': O4 - HKLM\..\Run: [Microsoft Update] cfachub.exe O4 - HKLM\..\Run: [Win32 USB2 Driver] wind32.exe O4 - HKLM\..\Run: [zonealarm] removeme.exe O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\qzcthn.exe O4 - HKLM\..\Run: [Win32 NVIDIA Driver] MSPMSPSU.EXE O4 - HKLM\..\Run: [Win32 SSL Driver] winssv.exe O4 - HKLM\..\RunServices: [Microsoft Update] cfachub.exe O4 - HKLM\..\RunServices: [Win32 USB2 Driver] wind32.exe O4 - HKLM\..\RunServices: [zonealarm] removeme.exe O4 - HKLM\..\RunServices: [Win32 NVIDIA Driver] MSPMSPSU.EXE O4 - HKLM\..\RunServices: [Win32 SSL Driver] winssv.exe O4 - HKLM\..\RunOnce: [Win32 USB2 Driver] wind32.exe O4 - HKLM\..\RunOnce: [zonealarm] removeme.exe O4 - HKLM\..\RunOnce: [Win32 NVIDIA Driver] MSPMSPSU.EXE O4 - HKLM\..\RunOnce: [Win32 SSL Driver] winssv.exe O4 - HKCU\..\Run: [Win32 USB2 Driver] wind32.exe O4 - HKCU\..\Run: [zonealarm] removeme.exe O4 - HKCU\..\Run: [Microsoft Update] cfachub.exe O4 - HKCU\..\Run: [Win32 NVIDIA Driver] MSPMSPSU.EXE O4 - HKCU\..\RunOnce: [zonealarm] removeme.exe O4 - HKCU\..\RunOnce: [Win32 USB2 Driver] wind32.exe O4 - HKCU\..\RunOnce: [Win32 NVIDIA Driver] MSPMSPSU.EXE Reboot into safe mode following the instructions here & navigate to & delete the following if found: C:\WINDOWS\System32\qzcthn.exe-file Reboot normally after doing the above, rescan with hijackthis making certain that all instances of Internet Explorer are closed, then post that log here please. |
| ||
| Re: Dns Error Logfile of HijackThis v1.98.2 Scan saved at 15:38:50, on 10/10/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\cisvc.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchosting.exe C:\WINDOWS\System32\crsrs.exe C:\WINDOWS\System32\msmsgs.exe C:\WINDOWS\System32\MSPMSPSU.EXE C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\WINDOWS\System32\igfxtray.exe C:\WINDOWS\System32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\gsicon.exe C:\WINDOWS\System32\dslagent.exe C:\WINDOWS\System32\sres32.exe C:\WINDOWS\System32\tres32.exe C:\WINDOWS\System32\wvsvc.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\BT Broadband\Help\bin\mpbtn.exe C:\Documents and Settings\sunny\Desktop\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchmiracle.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.btbroadbandstart.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 53.dll O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 53.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [Win32 USB2 Driver] svchosting.exe O4 - HKLM\..\Run: [Win32 NVIDIA Driver] MSPMSPSU.EXE O4 - HKLM\..\Run: [OEM32 Tools] sres32.exe O4 - HKLM\..\Run: [Auto updat] crsrs.exe O4 - HKLM\..\Run: [OEM Tools 32] tres32.exe O4 - HKLM\..\Run: [Windows Messenger] msmsgs.exe O4 - HKLM\..\Run: [wvsvc] wvsvc.exe O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe O4 - HKLM\..\RunServices: [Win32 USB2 Driver] svchosting.exe O4 - HKLM\..\RunServices: [OEM32 Tools] sres32.exe O4 - HKLM\..\RunServices: [Auto updat] crsrs.exe O4 - HKLM\..\RunServices: [wvsvc] wvsvc.exe O4 - HKLM\..\RunServices: [OEM Tools 32] tres32.exe O4 - HKLM\..\RunServices: [Windows Messenger] msmsgs.exe O4 - HKLM\..\RunServices: [Win32 NVIDIA Driver] MSPMSPSU.EXE O4 - HKLM\..\RunOnce: [Win32 USB2 Driver] svchosting.exe O4 - HKLM\..\RunOnce: [Auto updat] crsrs.exe O4 - HKLM\..\RunOnce: [Windows Messenger] msmsgs.exe O4 - HKLM\..\RunOnce: [Win32 NVIDIA Driver] MSPMSPSU.EXE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Win32 USB2 Driver] svchosting.exe O4 - HKCU\..\Run: [zonealarm] removeme.exe O4 - HKCU\..\Run: [Auto updat] crsrs.exe O4 - HKCU\..\Run: [OEM32 Tools] sres32.exe O4 - HKCU\..\Run: [wvsvc] wvsvc.exe O4 - HKCU\..\Run: [OEM Tools 32] tres32.exe O4 - HKCU\..\Run: [Windows Messenger] msmsgs.exe O4 - HKCU\..\Run: [Win32 NVIDIA Driver] MSPMSPSU.EXE O4 - HKCU\..\RunOnce: [Win32 NVIDIA Driver] MSPMSPSU.EXE O4 - HKCU\..\RunOnce: [Win32 USB2 Driver] svchosting.exe O4 - HKCU\..\RunOnce: [Auto updat] crsrs.exe O4 - HKCU\..\RunOnce: [Windows Messenger] msmsgs.exe O4 - Global Startup: BT Broadband Help.lnk = C:\Program Files\BT Broadband\Help\bin\matcli.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm |
| ||
| Re: Dns Error The HJT entries which crunchie asked you to fix (and which seem to have reappeared) indicate that you are infected with a couple of different worms. HJT alone isn't going to be able to remove them for you. Your HJT log also indicates that you have no anti-virus program running, which means you're just asking for trouble. If you can't immediately purchase and install a good anti-virus program like Norton or McAfee, use the links that caperjack posted and get a free online scan at those sites. |
| All times are GMT -4. The time now is 11:08 am. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC