when trying to access websites I get the error "cannot find server or DNS error" We have ZoneAlarm--but I even get that message if I turn off ZoneAlarm. As you can tell, I don't know that much about the internet or computers.

Thank you in advance for any help!

Logfile of HijackThis v1.99.1
Scan saved at 10:56:28 AM, on 3/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Documents and Settings\Owner.TOM-KRISTI-HOME\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: (no name) - {0547E87F-AAC0-97FE-0FE4-FE099C732FDB} - C:\WINDOWS\system32\nwlohvxj\sciwvwwa.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {221672FF-375B-4A2D-11CD-EF162050B0CF} - C:\WINDOWS\system32\knyicbio\rpefbsvg.dll (file missing)
O2 - BHO: (no name) - {2427E087-83FF-8B63-74A8-EA2BE57BA6C1} - C:\WINDOWS\system32\udhabvby\xgsdbfyb.dll (file missing)
O2 - BHO: (no name) - {24753D53-C339-2EE6-ACBE-4720F038BDE3} - C:\WINDOWS\system32\ultikesg\ntwqdmop.dll (file missing)
O2 - BHO: (no name) - {2ACCB4DA-AB30-966B-DC03-8FF0862940F3} - C:\WINDOWS\system32\lhksvvbc\wyjafihm.dll (file missing)
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll (file missing)
O2 - BHO: (no name) - {7080746F-2C59-27A5-846E-DA843F768E11} - C:\WINDOWS\system32\cetywdcp\gsmpbjcb.dll (file missing)
O2 - BHO: SDWin32 Class - {8761538E-DE6C-44AD-BBB6-5DCC92E25052} - C:\WINDOWS\system32\dtohb.dll (file missing)
O2 - BHO: (no name) - {A025B920-B8B6-F629-C6A5-81FACBBDC8B5} - C:\WINDOWS\system32\vlauxqxj\vdytsfui.dll (file missing)
O2 - BHO: (no name) - {B4BE4E49-4A17-04E5-7E17-152D23673F64} - C:\WINDOWS\system32\ibvymkcp\qhgwrrvu.dll (file missing)
O2 - BHO: (no name) - {B53A39A9-608A-3781-429D-002D37288C1F} - C:\WINDOWS\system32\xhvnmudu\pqcrehav.dll (file missing)
O2 - BHO: (no name) - {D13B7F44-3014-DB5B-DA8B-287F392A9C3F} - C:\WINDOWS\system32\inhwetlq\wgptnntk.dll (file missing)
O2 - BHO: (no name) - {E1A1AE48-6EFA-3856-B99F-A968805D48D3} - C:\WINDOWS\system32\btknbyun\bcewusnq.dll (file missing)
O2 - BHO: (no name) - {E73BB602-AC91-A115-74A5-C92128D820D4} - C:\WINDOWS\system32\ligodakx\xgjvwpqk.dll (file missing)
O2 - BHO: (no name) - {E7A9C7D9-3E92-BB8E-3C71-6F4E42B80673} - C:\WINDOWS\system32\tatnnsrh\ipbddtod.dll (file missing)
O2 - BHO: (no name) - {E9EB14C2-F65A-3219-E701-6A7332DB4A03} - C:\WINDOWS\system32\vabkontv\xueawxbf.dll (file missing)
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZFxdm016YYUS
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {67B50696-04BA-48ea-A697-28AA0EAA9C26} - file://C:\Program Files\MyPoints_PointAlert\Sy800\Tp800\scri800a.htm (file missing) (HKCU)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab
O16 - DPF: {3907FEBA-74A6-49C1-A389-B1E076416538} - http://www.topmoxie.com/external/builds/mypoints/mypt800_301.cab
O16 - DPF: {610FB8B8-2427-4375-BCF9-2F7AE17173A6} (Snapfish File Upload ActiveX Control) - http://www.yorkphoto.com/YorkUpload.cab
O16 - DPF: {6A9B2484-3BE4-4FB2-ACF0-CC20B3B9F665} - https://www.my.sony.com/smartcard/download/install.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebSWK.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297B} - http://d2.aaa1screensavers.com/affiliates/10021/rist.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {CA797B15-445F-4AA9-9828-8A88502F560F} (Uninstall Control) - http://www.worldwinner.com/games/shared/uninstall.cab
O16 - DPF: {D3D83E08-54D1-4E9D-8EAF-9F979D139294} (MaxisSimCityScapeTeleX Control) - http://simcity.ea.com/scape/teleport/MaxisSimCityScapeTeleX.cab
O20 - AppInit_DLLs: PAVWAIT.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

Recommended Answers

All 2 Replies

Have Hijack This fix the following by placing a check in the appropriate boxes and selecting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.
You might want to print out or copy & paste to notePad , these instructions as you will need to close this browser window to fix with hijackthis !

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL (file missing)

O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)

O2 - BHO: (no name) - {0547E87F-AAC0-97FE-0FE4-FE099C732FDB} - C:\WINDOWS\system32\nwlohvxj\sciwvwwa.dll (file missing)

O2 - BHO: (no name) - {221672FF-375B-4A2D-11CD-EF162050B0CF} - C:\WINDOWS\system32\knyicbio\rpefbsvg.dll (file missing)

O2 - BHO: (no name) - {2427E087-83FF-8B63-74A8-EA2BE57BA6C1} - C:\WINDOWS\system32\udhabvby\xgsdbfyb.dll (file missing)

O2 - BHO: (no name) - {24753D53-C339-2EE6-ACBE-4720F038BDE3} - C:\WINDOWS\system32\ultikesg\ntwqdmop.dll (file missing)

O2 - BHO: (no name) - {2ACCB4DA-AB30-966B-DC03-8FF0862940F3} - C:\WINDOWS\system32\lhksvvbc\wyjafihm.dll (file missing)

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll (file missing)

O2 - BHO: (no name) - {7080746F-2C59-27A5-846E-DA843F768E11} - C:\WINDOWS\system32\cetywdcp\gsmpbjcb.dll (file missing)

O2 - BHO: SDWin32 Class - {8761538E-DE6C-44AD-BBB6-5DCC92E25052} - C:\WINDOWS\system32\dtohb.dll (file missing)

O2 - BHO: (no name) - {A025B920-B8B6-F629-C6A5-81FACBBDC8B5} - C:\WINDOWS\system32\vlauxqxj\vdytsfui.dll (file missing)

O2 - BHO: (no name) - {B4BE4E49-4A17-04E5-7E17-152D23673F64} - C:\WINDOWS\system32\ibvymkcp\qhgwrrvu.dll (file missing)

O2 - BHO: (no name) - {B53A39A9-608A-3781-429D-002D37288C1F} - C:\WINDOWS\system32\xhvnmudu\pqcrehav.dll (file missing)

O2 - BHO: (no name) - {D13B7F44-3014-DB5B-DA8B-287F392A9C3F} - C:\WINDOWS\system32\inhwetlq\wgptnntk.dll (file missing)

O2 - BHO: (no name) - {E1A1AE48-6EFA-3856-B99F-A968805D48D3} - C:\WINDOWS\system32\btknbyun\bcewusnq.dll (file missing)

O2 - BHO: (no name) - {E73BB602-AC91-A115-74A5-C92128D820D4} - C:\WINDOWS\system32\ligodakx\xgjvwpqk.dll (file missing)

O2 - BHO: (no name) - {E7A9C7D9-3E92-BB8E-3C71-6F4E42B80673} - C:\WINDOWS\system32\tatnnsrh\ipbddtod.dll (file missing)

O2 - BHO: (no name) - {E9EB14C2-F65A-3219-E701-6A7332DB4A03} - C:\WINDOWS\system32\vabkontv\xueawxbf.dll (file missing)

this one is optional but suggested fix as its a resorce hog and not needed in startup
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusear...?p=ZFxdm016YYUS

O9 - Extra button: (no name) - {67B50696-04BA-48ea-A697-28AA0EAA9C26} - file://C:\Program Files\MyPoints_PointAlert\Sy800\Tp800\scri800a.htm (file missing) (HKCU)


O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297B} - http://d2.aaa1screensavers.com/affi.../10021/rist.exe
-Bargain Buddy

Reboot and post new log

I had Hijack This fix what you suggested. I rebooted and ran Hijack This again and here is the new log:

Logfile of HijackThis v1.99.1
Scan saved at 10:04:57 AM, on 3/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\RedStrike\UltraWipe\Launcher.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Documents and Settings\Owner.TOM-KRISTI-HOME\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Ultra Wipe Launcher.lnk = C:\Program Files\RedStrike\UltraWipe\Launcher.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab
O16 - DPF: {3907FEBA-74A6-49C1-A389-B1E076416538} - http://www.topmoxie.com/external/builds/mypoints/mypt800_301.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebSWK.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D3D83E08-54D1-4E9D-8EAF-9F979D139294} (MaxisSimCityScapeTeleX Control) - http://simcity.ea.com/scape/teleport/MaxisSimCityScapeTeleX.cab
O20 - AppInit_DLLs: PAVWAIT.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.