 |  |  |  |  |  |  |  |
Can't Connect To Internet...Please Help!
 |
Hi all! First post here, so gonna jump right in... Yesterday while working on the internet I suddenly was unable to access the internet. Thinking quickly I snagged another computer in the house (the one i'm currently on) and checked to see if i could access on it, of course it worked. This leads me to believe that i've got a bug/virus/spyware/malware/worm hidden on my machine. So below i'm gonna add my logfile from hijack this and see if anybody can gimmie a hand! Thank you in advance for all your help and input!
Hijack This Log File:
Logfile of HijackThis v1.99.1
Scan Saved at 10:08:07 Am, on 8/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
(6.00.2900.2180)
Running Processes:
C:\windows\system32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system32\ati2evxx.exe
C:\windows\system32\spoolsv.exe
C:\Progra~1\Grisoft\AVG7\avgamsvr.exe
C:\Windows\Explorer.exe
C:\Progra~1\Grisoft\AVG7\avgupsvc.exe
C:\Windows\system32\CTsvcCDA.exe
C:\windows\system32\UAService7.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\java\jre1.6.0_02/bin/jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Progra~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\windows\system32\utilman.exe
C:\windows\system32\wscntfy.exe
G:\Program Files\Hijackthis\Hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main, Start Page = http://google.bearshare.com/
02 - BHO: Adobe PDF Reader Link Helper - {06849e9f-C8D7-4D590B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcoIEHelper.dll
02 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\java\jre1.6.0_02\bin]ssv.dll
02 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\google\googletoolbar2.dll (file missing)
04 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\ Module Loader\ Audio Emulator\AudDrvEm.dll"
04 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
04 - HKLM\..\Run [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\justched.exe"
04 - HKLM\..\Run [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
04 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
04 - HKLM\..\Run [Worm Detector] C:\Program Files\Worm Detector 3\Wd.exe tray
04 - HKLM\..\RunOnce [MyWebSearch bar uninstall] rundll32 C:\Progra~1\Uninst~1.DLL,0 -3
04 - Global Startup: Adobe reader Speed launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_s1.exe
08 - Extra Context menu item: &Gogle Search - res://C:\program files\google\GoogleToolbar2.dll/cmsearch.html
08 - Extra Context menu item: &Search - http://edits.mywebsearch.com/toolbar...tml?p=ZJfox000
08 - Extra Context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
08 - Exra Context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
08 - Extra Context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
08 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
09 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\java\jre1.6.0_02\bin]ssv.dll
09 Extra 'Tools' menuitem: Sun java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
020 - Winlogon ntify: WgaLogon - C:\Windows\System32\WgaLogon.dll
021 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45BO-95D7-94D524869DB5} = C:\Windows\system32\WPDShServiceObj.dll
023 - Service: Ati hotkey Poller - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
023 - Service: Ati Smart - Unknown owner - C:\Windows\system32\ati2sgag.exe
023 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o - C:\Progra~1\Grisoft\AVG7\avgamsvr.exe
023 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o - C:\Progra~1\Grisoft\AVG7\avgupsvc.exe
023 - Service: Creative Service for CDROM Access - Creative Technology LTD - C:\Windows\System32\CTsvcCDA.exe
023 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - F:\program files\ewido anti-spyware 4.0\guard.exe
023 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\Installshield\driver\1050\Intel 32\IdriverT.exe
023 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvsvc32.exe
023 - Service: StarWind isCSI Service (StarWindService) - Unknown Owner - G:\Program Files\Alcohol Soft\Alcohol 120\Starwind\StarwindService.exe (file missing)
023 - Service: SecuRom user Access Service (V7) (UserAccess7) - Son DADC Austria AG. - C:\Windows\system32\UAService7.exe
Well thats it, without my burner working had to type it, don't think there were any typo's. Hope to hear from you all soon! And thanks again!
Hijack This Log File:
Logfile of HijackThis v1.99.1
Scan Saved at 10:08:07 Am, on 8/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
(6.00.2900.2180)
Running Processes:
C:\windows\system32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system32\ati2evxx.exe
C:\windows\system32\spoolsv.exe
C:\Progra~1\Grisoft\AVG7\avgamsvr.exe
C:\Windows\Explorer.exe
C:\Progra~1\Grisoft\AVG7\avgupsvc.exe
C:\Windows\system32\CTsvcCDA.exe
C:\windows\system32\UAService7.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\java\jre1.6.0_02/bin/jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Progra~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\windows\system32\utilman.exe
C:\windows\system32\wscntfy.exe
G:\Program Files\Hijackthis\Hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main, Start Page = http://google.bearshare.com/
02 - BHO: Adobe PDF Reader Link Helper - {06849e9f-C8D7-4D590B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcoIEHelper.dll
02 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\java\jre1.6.0_02\bin]ssv.dll
02 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\google\googletoolbar2.dll (file missing)
04 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\ Module Loader\ Audio Emulator\AudDrvEm.dll"
04 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
04 - HKLM\..\Run [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\justched.exe"
04 - HKLM\..\Run [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
04 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
04 - HKLM\..\Run [Worm Detector] C:\Program Files\Worm Detector 3\Wd.exe tray
04 - HKLM\..\RunOnce [MyWebSearch bar uninstall] rundll32 C:\Progra~1\Uninst~1.DLL,0 -3
04 - Global Startup: Adobe reader Speed launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_s1.exe
08 - Extra Context menu item: &Gogle Search - res://C:\program files\google\GoogleToolbar2.dll/cmsearch.html
08 - Extra Context menu item: &Search - http://edits.mywebsearch.com/toolbar...tml?p=ZJfox000
08 - Extra Context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
08 - Exra Context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
08 - Extra Context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
08 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
09 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\java\jre1.6.0_02\bin]ssv.dll
09 Extra 'Tools' menuitem: Sun java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
020 - Winlogon ntify: WgaLogon - C:\Windows\System32\WgaLogon.dll
021 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45BO-95D7-94D524869DB5} = C:\Windows\system32\WPDShServiceObj.dll
023 - Service: Ati hotkey Poller - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
023 - Service: Ati Smart - Unknown owner - C:\Windows\system32\ati2sgag.exe
023 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o - C:\Progra~1\Grisoft\AVG7\avgamsvr.exe
023 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o - C:\Progra~1\Grisoft\AVG7\avgupsvc.exe
023 - Service: Creative Service for CDROM Access - Creative Technology LTD - C:\Windows\System32\CTsvcCDA.exe
023 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - F:\program files\ewido anti-spyware 4.0\guard.exe
023 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\Installshield\driver\1050\Intel 32\IdriverT.exe
023 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvsvc32.exe
023 - Service: StarWind isCSI Service (StarWindService) - Unknown Owner - G:\Program Files\Alcohol Soft\Alcohol 120\Starwind\StarwindService.exe (file missing)
023 - Service: SecuRom user Access Service (V7) (UserAccess7) - Son DADC Austria AG. - C:\Windows\system32\UAService7.exe
Well thats it, without my burner working had to type it, don't think there were any typo's. Hope to hear from you all soon! And thanks again!
Welcome first of all 
Now what method do you conenct to the interent? USB Modem, Ethernet, Dial Up, or something else?
And what anti-virus programme do you currently use?
Now what method do you conenct to the interent? USB Modem, Ethernet, Dial Up, or something else?
And what anti-virus programme do you currently use?
The Great Lord, Serunson.
Epic Hedgehog power all the way!
Quote from scru :: "If you were a file I'd hit delete."
Epic Hedgehog power all the way!
Quote from scru :: "If you were a file I'd hit delete."
Have you run a scan? If so, do one if you suspect you have a virus. Being AVG, it should find anything that is a virus on your system. Then attempt to connect again after you have run the scan and then rebooted.
The Great Lord, Serunson.
Epic Hedgehog power all the way!
Quote from scru :: "If you were a file I'd hit delete."
Epic Hedgehog power all the way!
Quote from scru :: "If you were a file I'd hit delete."
Ran a check last night, rebooted this morning and nothing, maybe it s something that AVG cant find? Btw it is avg 7.5 if that helps. Anyhow, is anything in my Hijackthis log file horribly bad? I always get a slow down on my machine while on the internet. Gonna run another AVG scan now though, hope it fixes all this!
Have you defragmented your HDD recently, it's off the point slightly, but it makes your machine faster so it may help with speeding up your interent browsing. Also run a disk clearup as well to get rid of a backlog of internet sites visited, which accumulates to alot over time!
The Great Lord, Serunson.
Epic Hedgehog power all the way!
Quote from scru :: "If you were a file I'd hit delete."
Epic Hedgehog power all the way!
Quote from scru :: "If you were a file I'd hit delete."
Gonna do a new defrag/error check after my Anti-Virus is done checking, nothing yet on the anti virus though, appreciate all the help
Okay nothing on my AVG scan whatsoever 
Any other ideas i can try out, gotta leave for work here in 30mins so i'll be on after i get home at 10pm pacific time. Thanks again!
Any other ideas i can try out, gotta leave for work here in 30mins so i'll be on after i get home at 10pm pacific time. Thanks again! Is 7.5 the latest version of AVG?
I currently use Norton 06 version, so you could try running another antivirus programme, with a free version. But you may get conflict between the two.
And also a disk defragmentation is a length proccess, so it is best to run it overnight, remember to turn off any screen saver you have, and also run no other programmes in the background while it is defragmenting.
I currently use Norton 06 version, so you could try running another antivirus programme, with a free version. But you may get conflict between the two.
And also a disk defragmentation is a length proccess, so it is best to run it overnight, remember to turn off any screen saver you have, and also run no other programmes in the background while it is defragmenting.
Last edited by Serunson; Aug 7th, 2007 at 9:02 am.
The Great Lord, Serunson.
Epic Hedgehog power all the way!
Quote from scru :: "If you were a file I'd hit delete."
Epic Hedgehog power all the way!
Quote from scru :: "If you were a file I'd hit delete."
If its a problem with spyware, then norton and avg aint gonna do it....
i always use adaware ad spybot S&D.... BUT i use a MiniPE enviroment...... lyk a UBCD.....
http://isohunt.com/torrents/?ihq=miniPE+digiwiz
i thinks thts the version i use ... same dude makes it, may be an earlier version ... but has a host of tools for removing adaware as well as viruses ect and coz it boots from the CD your not within windows so nothing can hide!!
this will also allow you to do a load more... i use it all day every day for work..... if u use a LAN connectio then adaware and spybot ect WILL UPDATE ... if not use WINISO and download the new definitions them add them into the directory as needbe
***** C:\windows\system32\lsass.exe ***** - Be careful here as there was a virus about long time ago which looked lyk a windows process.....
LSASS.EXE or ISASS.EXE 1 of these is a virus 1 is a windows process.... i forget which is which, but norton should kick it out....
also on the MiniPE boot disk there should be norton so u can run norton from the disk as well.....
if that download link dont work thn msn me and ill send u the ISO with the updated bits n pieces....
Hope this helps.....
Just read bit more..... if ya gonna defrag use safe mode..... much better
i always use adaware ad spybot S&D.... BUT i use a MiniPE enviroment...... lyk a UBCD.....
http://isohunt.com/torrents/?ihq=miniPE+digiwiz
i thinks thts the version i use ... same dude makes it, may be an earlier version ... but has a host of tools for removing adaware as well as viruses ect and coz it boots from the CD your not within windows so nothing can hide!!
this will also allow you to do a load more... i use it all day every day for work..... if u use a LAN connectio then adaware and spybot ect WILL UPDATE ... if not use WINISO and download the new definitions them add them into the directory as needbe
***** C:\windows\system32\lsass.exe ***** - Be careful here as there was a virus about long time ago which looked lyk a windows process.....
LSASS.EXE or ISASS.EXE 1 of these is a virus 1 is a windows process.... i forget which is which, but norton should kick it out....
also on the MiniPE boot disk there should be norton so u can run norton from the disk as well.....
if that download link dont work thn msn me and ill send u the ISO with the updated bits n pieces....
Hope this helps.....
Just read bit more..... if ya gonna defrag use safe mode..... much better
Last edited by PsyKoKill; Aug 7th, 2007 at 11:08 am. Reason: read more
|
Similar Threads
- My notebook crashes whenever I try to connect to internet (Windows NT / 2000 / XP)
- cant connect to internet with wireless router (Networking Hardware Configuration)
- new computer on net can't connect to internet (Networking Hardware Configuration)
- Please Help! Urgent! Cannot connect to the internet.... (Windows NT / 2000 / XP)
- Won't connect to internet (Troubleshooting Dead Machines)
- Can't connect to internet after removing Kazaa etc (Windows NT / 2000 / XP)
- PBG4 crashes trying to connect to internet (OS X)
- Reads Floppy Drive When Connect To Internet (Windows NT / 2000 / XP)
- can't connect to internet when panda running? (Viruses, Spyware and other Nasties)
- Can't connect to internet (Networking Hardware Configuration)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: Desktop Background Cannot Change
- Next Thread: Help!!keep downloading trojans and pc gets slow as time pass on
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Viruses, Spyware and other Nasties Posts
adware anti-malware anti-virussitesaccessissue antivirus attack audio avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial commercials conficker connect control crosssitescripting cyber cybercrime cyberwarfare ddos domains e-mafia education email europe exam exploit facebook fake fancheckvirus gaming gumblar halloween herss.exe hijack hosting internet iphone kaspersky legal logfiles mail malware mcafee mega-d messagelabs microsoft mobile nazi news obama onlinethreats paedophile panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem redirect redirecting reliability report research risk rogueantivirus samhain sans scareware school search security seopoisoning software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec trojan unwanted update usa virus viruses vista war warning windows worm yahoo zeroday
