 |  |  |  |  |  |  |  |
Cannot access website
 |
There are still three malicious entries in your latest log.
1. Have HijackThis fix:
O4 - HKLM\..\Run: [Dynamic DLL Injection] dyntopat32.exe
O4 - HKLM\..\Run: [Adobe Acrobat Reader CFG] mnaetwrplj.exe
O4 - HKLM\..\RunServices: [Dynamic DLL Injection] dyntopat32.exe
2. Open Windows Explorer, and in the Folder Options->View settings under the Tools menu, select "show hidden files and folders", and uncheck "Hide protected operating system files" and "Hide extentions for known file types". Search for the following files and delete them if found:
dyntopat32.exe
mnaetwrplj.exe
3. Empty your Recycle Bin and reboot.
4. Once the computer reboots, run HijackThis again and post the new log.
1. Have HijackThis fix:
O4 - HKLM\..\Run: [Dynamic DLL Injection] dyntopat32.exe
O4 - HKLM\..\Run: [Adobe Acrobat Reader CFG] mnaetwrplj.exe
O4 - HKLM\..\RunServices: [Dynamic DLL Injection] dyntopat32.exe
2. Open Windows Explorer, and in the Folder Options->View settings under the Tools menu, select "show hidden files and folders", and uncheck "Hide protected operating system files" and "Hide extentions for known file types". Search for the following files and delete them if found:
dyntopat32.exe
mnaetwrplj.exe
3. Empty your Recycle Bin and reboot.
4. Once the computer reboots, run HijackThis again and post the new log.
"May the Wombat of Happiness snuffle through your underbrush."
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
Hi, I done all the suggests yesterday. Here is the new HJT report.
Logfile of HijackThis v1.99.1
Scan saved at 10:05:50 PM, on 11/21/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\devldr32.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/yco...search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mystarhub.com.sg:8080
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bit Torrent (Bt) - Unknown owner - C:\WINDOWS\system.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
Logfile of HijackThis v1.99.1
Scan saved at 10:05:50 PM, on 11/21/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\devldr32.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/yco...search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mystarhub.com.sg:8080
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bit Torrent (Bt) - Unknown owner - C:\WINDOWS\system.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
•
•
Join Date: Jul 2005
Posts: 163
Reputation: 
Solved Threads: 9
Junior Poster
Are you still having problems? If so, try this:
1. Quit all programs that are running.
2. Click Start, and then click Run.
3. Type regsvr32 urlmon.dll, and then click OK.
4. When you receive the "DllRegisterServer in urlmon.dll succeeded" message, click OK.
1. Quit all programs that are running.
2. Click Start, and then click Run.
3. Type regsvr32 urlmon.dll, and then click OK.
4. When you receive the "DllRegisterServer in urlmon.dll succeeded" message, click OK.
Your latest log is infection-free, so try just_a_nobody's suggestion.
If that doesn't work, here are a few more troubleshooting steps to try:
1. Open your Internet Options control panel, click on the Connections tab, and then on the "LAN Settings" button. In the LAN settings window, make sure the "automatically detect settings" box is checked.
2. In Internet Explorer and Firefox, see if you can reach Google and Yahoo by their IP addresses as opposed to their URL. In hte browsers' address/location bars, type in the following locations one at a time and tell us what happens:
http://66.102.7.147
http://66.94.230.37
3. Click on the "Run..." option in your Start menu. In the "Open:" box of the resulting window, type "cmd" (omit the quotes) and hit Enter. This will bring up a DOS window
- At the DOS prompt, type the following commands, hit Enter after each, and tell us the exact results for each command:
ping 127.0.0.1
ping 66.102.7.147
ping www.google.com
- Again at the DOS prompt, type the following command, hit Enter, and post the information returned by the command:
ipconfig /all
If that doesn't work, here are a few more troubleshooting steps to try:
1. Open your Internet Options control panel, click on the Connections tab, and then on the "LAN Settings" button. In the LAN settings window, make sure the "automatically detect settings" box is checked.
2. In Internet Explorer and Firefox, see if you can reach Google and Yahoo by their IP addresses as opposed to their URL. In hte browsers' address/location bars, type in the following locations one at a time and tell us what happens:
http://66.102.7.147
http://66.94.230.37
3. Click on the "Run..." option in your Start menu. In the "Open:" box of the resulting window, type "cmd" (omit the quotes) and hit Enter. This will bring up a DOS window
- At the DOS prompt, type the following commands, hit Enter after each, and tell us the exact results for each command:
ping 127.0.0.1
ping 66.102.7.147
ping www.google.com
- Again at the DOS prompt, type the following command, hit Enter, and post the information returned by the command:
ipconfig /all
"May the Wombat of Happiness snuffle through your underbrush."
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
Thanks for the suggestions. I did the followings yesterday.
1.Tried just_a_nobody's suggestion, it still doesn't work.
2. In Internet Explorer, I am also unable to reach Google and Yahoo by typing their IP address http://66.102.7.147 and http://66.94.230.37.
The title area of the browser screen shows: pinging 66.102.7.147 (or pinging 66.94.230.37)
& The page message shows:
Can not find server or DNS error.
3. At DOS prompt, type ping 127.0.0.1.
System return > reply from 127.0.0.1
> reply from 127.0.0.1
> reply from 127.0.0.1
4. At DOS prompt, type ping 66.102.7.147
System return > pinging 66.102.7.147 with 32 bytes of data
> request timed out
> request timed out
> request timed out
5. At DOS prompt, type ping www.google.com
System return > ping request could not find host
www.google.com. Please check the name and try again.
6. At DOS prompt, type ipconfig /all
System return the following:
> Windows IP configuration
Host Name …………………………. : HOME
Primary Dns Suffix ……………… :
Node Type …………………………. : Unknown
IP Routing Enabled …………….. : No
WINS Proxy Enabled …………. : No
> PPP adapter lohrenee:
Connection-specific DNS Suffix . :
Description ………………………. : WAN <PPP/SLIP> Interface
Physical Address ……………… : 00-53-45-00-00-00
Dhcp Enabled …………………… : No
IP Address …………………….... : 203.117.55.48
Subnet Mask …………………... : 255.255.255.255
Default Gateway ……………... : 203.117.55.48
DNS Servers …………………….. : 203.117.33.19
: 203.117.33.18
NetBIOS over Tcpip …………. : Disabled
Please advise.
1.Tried just_a_nobody's suggestion, it still doesn't work.
2. In Internet Explorer, I am also unable to reach Google and Yahoo by typing their IP address http://66.102.7.147 and http://66.94.230.37.
The title area of the browser screen shows: pinging 66.102.7.147 (or pinging 66.94.230.37)
& The page message shows:
Can not find server or DNS error.
3. At DOS prompt, type ping 127.0.0.1.
System return > reply from 127.0.0.1
> reply from 127.0.0.1
> reply from 127.0.0.1
4. At DOS prompt, type ping 66.102.7.147
System return > pinging 66.102.7.147 with 32 bytes of data
> request timed out
> request timed out
> request timed out
5. At DOS prompt, type ping www.google.com
System return > ping request could not find host
www.google.com. Please check the name and try again.
6. At DOS prompt, type ipconfig /all
System return the following:
> Windows IP configuration
Host Name …………………………. : HOME
Primary Dns Suffix ……………… :
Node Type …………………………. : Unknown
IP Routing Enabled …………….. : No
WINS Proxy Enabled …………. : No
> PPP adapter lohrenee:
Connection-specific DNS Suffix . :
Description ………………………. : WAN <PPP/SLIP> Interface
Physical Address ……………… : 00-53-45-00-00-00
Dhcp Enabled …………………… : No
IP Address …………………….... : 203.117.55.48
Subnet Mask …………………... : 255.255.255.255
Default Gateway ……………... : 203.117.55.48
DNS Servers …………………….. : 203.117.33.19
: 203.117.33.18
NetBIOS over Tcpip …………. : Disabled
Please advise.
Still can not go to any website. 
I am stuck here, what can I do next? Would appreciate very much if you have any suggestion.
I am stuck here, what can I do next? Would appreciate very much if you have any suggestion.
•
•
Join Date: Jan 2005
Posts: 854
Reputation:
Solved Threads: 15
Practically a Posting Shark
well this is interesting because your computer is not seeing the outside world. Something may be wrong with your modem or it could be software related. You can try a windows xp repair. This is done by inserting your winxp disk and rebooting to this disk and choose repair windows from the list of options. Let us know if this does anything for you. Remember, reparing windows doesnt reinstall everything so you will not lose anything. Hope this helps.
|
Similar Threads
- I cannot access my website HELP (Web Browsers)
- can't access a certain website!! (Web Browsers)
- DNS Problem - can't access own website (Networking Hardware Configuration)
- link access to website (MySQL)
- Unable to access web site (Web Browsers)
- Win 2000 PC, cannot access Internet or Messenger (Windows NT / 2000 / XP)
- Access ISP through browser (Windows NT / 2000 / XP)
- can not access amazon/hotmail/ebay... through DSL gateway (Networking Hardware Configuration)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: Virus
- Next Thread: Plss Hellppp!!!!!
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Latest Viruses, Spyware and other Nasties Posts
Related Forum Features
adware anti-malware anti-virussitesaccessissue antivirus apple attack audio avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial commercials conficker connect control crosssitescripting cyber cybercrime cyberwarfare ddos domains e-mafia education email europe exam exploit facebook fake fancheckvirus gaming gtaiv gumblar hijack hosting internet iphone kaspersky legal logfiles mail malware mcafee mega-d messagelabs microsoft mobile msn news obama paedophile panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem redirect redirecting reliability report research risk rogueantivirus scareware school search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista volume warning windows worm
