Browser problems - cannot access microsoft.com etc!

Hi and welcome to the Daniweb forums :).

==========

Can you please do the following.

===============

Please go here & install ALL critical updates required for your system, including service pack 1a for both XP and IE6.
Most malware is designed to attack unpatched XP systems - exploiting the available 'holes' - and can bypass third-party protection on an unpatched system. The most that can be done with an unpatched system is put a temporary bandage on it. Your system can potentially be reinfected within minutes of cleaning it.

===============

Scan with HijackThis and then place a check next to all the following, if present:

O2 - BHO: MyTotalSearch Search Assistant BHO - {00BD2861-C654-4694-A44A-98642D73247D} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: mtsBar BHO - {094176F1-BF35-4bcb-B68A-108DFB8C3825} - (no file)
O2 - BHO: dcads - {4504e329-95e1-1eca-1e3c-141b5ac943a7} - C:\WINDOWS\System32\nsgA3.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\System32\SearchEnhancer\nsm38.dll
O2 - BHO: Search Assistant MySidesearch - {6156A32A-C512-4e23-AA9A-2315F4265681} - C:\WINDOWS\System32\myss_sb.dll
O2 - BHO: (no name) - {72D3867F-FE3D-6EE3-56A3-2F837F901618} - (no file)
O2 - BHO: dcads - {733716E1-76D2-4003-AC39-845281C0EF85} - C:\WINDOWS\System32\nsjA8.dll
O2 - BHO: (no name) - {7D8CB2B5-2D59-B62A-C006-B513E61A230D} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: (no name) - {F1724573-DF8D-8727-F186-FAF2421ED0D7} - (no file)
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O8 - Extra context menu item: &Search - http://bar.mytotalsearch.com/menusea...p=VNxmk18146AU

O16 - DPF: {706F3805-27D7-478D-80E5-E25D2BB030B3} - http://www.advnt01.com/dialer/internazionale_ver3.CAB
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} - http://secure2.comned.com/signuptemp...veSecurity.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemp...ogin-devel.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/au/games4.cab

Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked".

===============

Locate and delete the following item(s), if present. Make sure you are able to view system and hidden files/ folders:

folders...

C:\WINDOWS\System32\SearchEnhancer

files...

C:\WINDOWS\System32\nsgA3.dll
C:\WINDOWS\System32\myss_sb.dll
C:\WINDOWS\System32\nsjA8.dll

Note that some of these file(s)/folder(s) may or may not be present. If present, and cannot be deleted because they're 'in use', try deleting them in Safe Mode by doing the following: Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
Instead of Windows loading as normal, a menu should appear.
Select the first option to run Windows in Safe Mode hit enter.

Reboot.

===============

To help protect your system from hostile ActiveX content, or special 'downloadable' files:

Download, install and keep updated, SpywareBlaster . If you've installed it for the first time:

1) Check for any available updates; if present, they'll be automatically downloaded and installed.
2) Next, "Enable all protection".
3) Exit the program.

Note: Remember to regularly check for updates.

===============

After rebooting, rescan with hijackthis and post back a new log. Please let me know how your pc is now.

Most Valuable Poster

Moderator

20,095 posts since Feb 2004

Reputation Points: 1,142

Solved Threads: 985

Damn, computer works a lot smoother now, especially general browsing, but it still won't access microsoft.com and sites such as that. One thing it does come up with when trying to load it though is

"DNS Error - Server cannot be found"

I'm presuming DNS is something to do with my router? I don't think I can access my router because I have done so before and my ISP provider has put a password and login to access the settings. Therefore I might have to give them a cal;.

Any other suggestions? Here is the updated HiJack log file

-------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:55:18 PM, on 23/06/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE
C:\Program Files\LClock\LClock.exe
C:\Program Files\Lexmark 4200 Series\lxbmbmgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\BearShare\BearShare.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Lexmark 4200 Series\lxbmbmon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\vghd\vghd.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
C:\Program Files\vghd\VirtuaGirl_downloader.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\AVENGINE.EXE
C:\WINDOWS\System32\PnkBstrA.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\WebProxy.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\SMax4.exe" /tray
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [Lexmark 4200 Series] "C:\Program Files\Lexmark 4200 Series\lxbmbmgr.exe"
O4 - HKLM\..\Run: [FaxCenterServer4_in_1] "C:\Program Files\Lexmark 4200 Series\Fax\fm3032.exe" /s
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [SystemDriverLoad] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: VirtuaGirl HD.LNK = C:\Program Files\vghd\vghd.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_42.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {CA11EB7C-1C85-4577-8A49-9E28EFB30184} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl4.cab
O17 - HKLM\System\CS1\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: MS Software Shadow Download Provider (dnlsvc) - Unknown owner - C:\DOCUME~1\CHRIST~1.CHR\LOCALS~1\Temp\dnlsvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\System32\PnkBstrA.exe
O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 12092 bytes

Blitz_

Newbie Poster

6 posts since May 2008

Reputation Points: 10

Solved Threads: 0

Try the following in the order given, trying to connect after each; (you may need to reboot)

Download the HostsXpert.
Run it and press "Restore Original Hosts" and press "OK". Exit Program.
Note that if you have a custom host file, this will remove it. You can edit the host file with this program too.

Download and run Winsockfix from here http://www.softpedia.com/get/Tweak/Network-Tweak/WinSockFix.shtml

Download Dial-a-Fix and run it. Select the 'Check all' (green arrow) and then hit 'GO.'
Reboot when done and see how things are now.

Most Valuable Poster

Moderator

20,095 posts since Feb 2004

Reputation Points: 1,142

Solved Threads: 985

Everything is up and running perfectly now guys! Thank you for the quick response and easy to follow solutions!

Blitz_

Newbie Poster

6 posts since May 2008

Reputation Points: 10

Solved Threads: 0

No worries. Which one did the trick?

Most Valuable Poster

Moderator

20,095 posts since Feb 2004

Reputation Points: 1,142

Solved Threads: 985

No worries. Which one did the trick?

I had the same problem. Thanks to you I was able to fix it. I was so frustrated and thought that microsoft.com was down turns out it was my problem.

The 2nd solution did the trick:Download and run Winsockfix from here http://www.softpedia.com/get/Tweak/N...nSockFix.shtml

zakbain

Newbie Poster

3 posts since Aug 2009

Reputation Points: 10

Solved Threads: 1

No worries :).

Most Valuable Poster

Moderator

20,095 posts since Feb 2004

Reputation Points: 1,142

Solved Threads: 985

Hehe someone I know always says no worries no worries :D

Thanks a bunch. I tried 1000 solutions before singing up for DaniWeb.

zakbain

Newbie Poster

3 posts since Aug 2009

Reputation Points: 10

Solved Threads: 1

Must be an Aussie :)

Most Valuable Poster

Moderator

20,095 posts since Feb 2004

Reputation Points: 1,142

Solved Threads: 985

hehe no he's Indian.

zakbain

Newbie Poster

3 posts since Aug 2009

Reputation Points: 10

Solved Threads: 1

Hello everyone,

Sorry for digging up this thread, but I have the exact problem.

I tried all those 3 fixes and none worked. Is there any hope left?

Buffalo101

Junior Poster

116 posts since Oct 2009

Reputation Points: 9

Solved Threads: 3

I am also facing same problem ........ try all the fixed cant work...
even i reformated also cant..............
Please help ...

Thank YOu

michealj22

Newbie Poster

1 post since Nov 2009

Reputation Points: 10

Solved Threads: 1