Jump to content

Recommended Posts

Hello everyone here at malwarebytes.org,

I've been trying to sort out my friend's laptop for a while now. It's a Sasmung Nc10 (don't ask me why anyone would want that) and runs windows xp.

She has been having several problems with it, ranging from pop ups to all sorts of issues. I got rid of most of those. The only problem now is that I can't seem to use the internet, as it comes up with the message "Internet explorer cannot display web-page". Then shortly after my wireless thing disappeared under networks, but now it's back again, after having restarted and playing around, the error message is however still the same.

I've tried so many things and they haven't worked, here's a list of them:

http://www.troublefixers.com/fix-can-not-display-web-page-trouble-in-4-easy-steps/

Completed all steps for the above link, still have the same issue.

http://forums.techguy.org/virus-other-malware-removal/583059-solved-internet-explorer-cannot-display.html

Only took the idea to use hijack this from this page and save the log and post it here. Did not follow the specific steps, because I don't want to risk damaging the netbook.

http://www.sammynetbook.com/forum/threads/14476-NC10-wireless-connection-lost-and-not-

visible-in-Network-Connections-folder

THis webpage has a temporary sollution of taking out the battery, which I reckon isn't a

great idea.

Another problem I am having at the moment is that Avast says "C:\WINDOWS\winstart.bat is

offline - it is currently not available (42006)".

I read this forum post http://forums.malwarebytes.org/index.php?showtopic=9573

and have attached the requested items and some extras, like the results of Malwarebytes, Spybot Search and Destroy, as well as Avira Antivir.

It said to post the DDS in full:

DDS (Ver_10-12-12.02) - NTFSx86

Run by Holly at 19:05:45.40 on 13/02/2011

Internet Explorer: 8.0.6001.18702

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.545 [GMT 0:00]

AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

C:\WINDOWS\System32\svchost.exe -k yksvcs

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxtray.exe

C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

svchost.exe

C:\Documents and Settings\Holly.YOUR-164CA47C93\Desktop\More New Data\dds.scr

C:\Program Files\Samsung\Samsung Update Plus\SLUSelfUpdateClient.exe

C:\Program Files\Samsung\Samsung Update Plus\Downloads\SupUpdateNotice.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uStart Page = hxxp://www.google.com/

uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/redirectdomain?

brand=SMSN&bmod=SMSN

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program

files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1

\spybot~1\SDHelper.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program

files\google\google toolbar\GoogleToolbar.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program

files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program

files\google\googletoolbarnotifier\5.0.926.3450\swg.dll

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} -

c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program

files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [EDS] c:\program files\samsung\samsung eds\EDSAgent.exe

mRun: [DMHotKey] c:\program files\samsung\easy display manager\DMLoader.exe

mRun: [batteryManager] c:\program files\samsung\samsung battery manager\BatteryManager.exe

mRun: [Alcmtr] ALCMTR.EXE

mRun: [<NO NAME>]

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0

\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [pcsafedoctor.exe] c:\program files\pcsafedoctor\pcsafedoctor.exe

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program

files\widcomm\bluetooth software\BTTray.exe

uPolicies-explorer: RestrictRun = 0 (0x0)

uPolicies-system: NoSecCPL = 0 (0x0)

uPolicies-system: NoDispAppearancePage = 0 (0x0)

uPolicies-system: NoDispSettingsPage = 0 (0x0)

uPolicies-system: NoDevMgrPage = 0 (0x0)

uPolicies-system: NoConfigPage = 0 (0x0)

uPolicies-system: NoVirtMemPage = 0 (0x0)

uPolicies-system: NoFileSysPage = 0 (0x0)

uPolicies-system: NoNetSetup = 0 (0x0)

uPolicies-system: NoNetSetupIDPage = 0 (0x0)

uPolicies-system: NoNetSetupSecurityPage = 0 (0x0)

uPolicies-system: NoWorkgroupContents = 0 (0x0)

uPolicies-system: NoEntireNetwork = 0 (0x0)

uPolicies-system: NoFileSharingControl = 0 (0x0)

mPolicies-explorer: NoFolderOptions = 00000000

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} -

c:\progra~1\spybot~1\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-

1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-

1_5_0-windows-i586.cab

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program

files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1

\skype\SKYPE4~1.DLL

Notify: igfxcui - igfxdev.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-2-10 294608]

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-1-15 11608]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys

[2011-2-12 218688]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir

desktop\sched.exe [2011-1-15 135336]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe

[2011-1-15 267944]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-2-10 17744]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe

[2011-2-10 40384]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-1-15 61960]

R2 yksvc;Marvell Yukon Service;c:\windows\system32\svchost.exe -k yksvcs [2008-6-18 14336]

R3 DNSeFilter;DNSeFilter;c:\windows\system32\drivers\SamsungEDS.SYS [2008-1-15 30208]

R3 VMC326;Vimicro Camera Service VMC326;c:\windows\system32\drivers\VMC326.sys [2009-6-18

238464]

S0 Partizan;Partizan;c:\windows\system32\drivers\partizan.sys --> c:\windows\system32

\drivers\Partizan.sys [?]

S3 cpuz134;cpuz134;\??\c:\docume~1\holly~1.you\locals~1\temp\cpuz134\cpuz134_x32.sys -->

c:\docume~1\holly~1.you\locals~1\temp\cpuz134\cpuz134_x32.sys [?]

S3 RkHit;RkHit; [x]

=============== Created Last 30 ================

2011-02-13 02:11:03 -------- d-----w- c:\program files\QMI

2011-02-13 02:10:52 393216 ----a-w- c:\windows\system32\athihvs.dll

2011-02-13 02:10:30 385024 ----a-w- c:\windows\system32\QmiInstDev.exe

2011-02-13 02:04:59 -------- d-----w- c:\program files\Driver-Soft

2011-02-12 23:15:16 -------- d-----w- c:\program files\Registry Genius

2011-02-12 21:35:13 -------- d--h--w- c:\windows\PIF

2011-02-12 19:20:45 -------- d-----w- c:\program files\Apoint2K

2011-02-12 19:20:28 1419232 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll

2011-02-12 19:20:28 108606 ----a-w- c:\windows\system32\Vxdif.dll

2011-02-12 19:20:26 212528 ----a-w- c:\windows\system32\drivers\Apfiltr.sys

2011-02-12 19:12:52 36616 ----a-w- c:\windows\system32\drivers\btcusb.sys

2011-02-12 19:12:52 19464 ----a-w- c:\windows\system32\btinstall.dll

2011-02-12 18:57:50 -------- d-----w- c:\documents and settings\all

users\Uniblue

2011-02-12 18:55:33 -------- dc-h--w- c:\docume~1\alluse~1\applic~1

\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}

2011-02-12 17:02:19 -------- d-----w- c:\program files\Advanced PC

Tweaker

2011-02-12 16:54:07 -------- d-----w- c:\windows\pss

2011-02-12 06:12:19 -------- d-----w- c:\docume~1\holly~1.you\applic~1

\Regrun

2011-02-12 06:12:19 -------- d-----w- C:\backreg

2011-02-12 06:11:28 -------- d-----w- c:\program files\Greatis

2011-02-12 04:31:33 -------- d-----w- c:\docume~1\holly~1.you\applic~1

\Uniblue

2011-02-12 04:31:08 -------- d-----w- c:\program files\Uniblue

2011-02-12 04:30:50 -------- d-----w- c:\docume~1\holly~1.you\locals~1

\applic~1\PackageAware

2011-02-12 00:58:32 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2011-02-12 00:57:41 -------- d-----w- c:\program files\DAEMON Tools Lite

2011-02-12 00:57:20 -------- d-----w- c:\docume~1\holly~1.you\applic~1

\DAEMON Tools Lite

2011-02-12 00:57:20 -------- d-----w- c:\docume~1\alluse~1\applic~1

\DAEMON Tools Lite

2011-02-11 23:35:53 -------- d-----w- c:\docume~1\holly~1.you\locals~1

\applic~1\Help

2011-02-11 22:29:09 2 --shatr- c:\windows\winstart.bat

2011-02-11 22:28:52 -------- d-----w- c:\program files\UnHackMe

2011-02-11 20:17:02 -------- d-----w- c:\windows\SxsCaPendDel

2011-02-11 02:54:25 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-02-11 02:54:25 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-02-10 20:08:35 38848 ----a-w- c:\windows\avastSS.scr

2011-02-10 20:08:28 -------- d-----w- c:\docume~1\alluse~1\applic~1\Alwil

Software

2011-02-04 22:45:26 -------- d-----w- c:\program files\Spybot - Search &

Destroy

2011-02-04 22:45:26 -------- d-----w- c:\docume~1\alluse~1\applic~1

\Spybot - Search & Destroy

2011-02-04 20:18:45 -------- d-----w- c:\docume~1\holly~1.you\applic~1

\Malwarebytes

2011-02-04 20:18:37 38224 ----a-w- c:\windows\system32

\drivers\mbamswissarmy.sys

2011-02-04 20:18:34 -------- d-----w- c:\docume~1\alluse~1\applic~1

\Malwarebytes

2011-02-04 20:18:30 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-02-04 20:18:30 -------- d-----w- c:\program files\Malwarebytes'

Anti-Malware

2011-02-04 04:49:36 -------- d-----w- c:\documents and

settings\holly.your-164ca47c93\Report Files

2011-02-04 04:35:22 499712 ----a-w- c:\windows\system32\msvcp71.dll

2011-02-04 04:35:22 348160 ----a-w- c:\windows\system32\msvcr71.dll

2011-02-04 04:35:22 1060864 ----a-w- c:\windows\system32\MFC71.dll

2011-02-04 04:35:22 1047552 ----a-w- c:\windows\system32\MFC71u.dll

2011-02-04 04:35:20 -------- d-----w- c:\program files\common

files\NewTech Infosystems

2011-02-04 04:35:20 -------- d-----w- c:\docume~1\holly~1.you\applic~1

\NewTech Infosystems

2011-02-04 04:35:01 -------- d-----w- c:\program files\NewTech

Infosystems

2011-02-04 04:34:58 749568 ----a-w- c:\program files\common

files\installshield\professional\runtime\10\50\intel32\iKernel.dll

2011-02-04 04:34:58 69715 ----a-w- c:\program files\common

files\installshield\professional\runtime\10\50\intel32\ctor.dll

2011-02-04 04:34:58 5632 ----a-w- c:\program files\common

files\installshield\professional\runtime\10\50\intel32\DotNetInstaller.exe

2011-02-04 04:34:58 274432 ----a-w- c:\program files\common

files\installshield\professional\runtime\10\50\intel32\iscript.dll

2011-02-04 04:34:58 180224 ----a-w- c:\program files\common

files\installshield\professional\runtime\10\50\intel32\iuser.dll

2011-02-04 04:34:57 323716 ----a-w- c:\program files\common

files\installshield\professional\runtime\10\50\intel32\setup.dll

2011-02-04 04:34:57 192644 ----a-w- c:\program files\common

files\installshield\professional\runtime\10\50\intel32\iGdi.dll

2011-02-04 04:01:46 1024 ---h--r- c:\windows\system32\NTIBUN4.dll

2011-01-24 20:06:14 -------- d-----w- c:\program files\Restore My Files

Data Recovery v6.01

2011-01-24 19:22:54 -------- d-----w- c:\docume~1\alluse~1\applic~1\FAM

2011-01-24 19:22:42 13824 ----a-w- c:\windows\system32\drivers\NTIDrvr.sys

2011-01-24 19:22:42 12288 ----a-w- c:\windows\system32\drivers\UBHelper.sys

2011-01-24 19:22:11 -------- d-----w- c:\program files\common

files\Macrovision Shared

2011-01-24 19:21:36 -------- d-----w- c:\docume~1\holly~1.you\locals~1

\applic~1\Downloaded Installations

2011-01-23 01:20:30 -------- d-sh--w- c:\documents and

settings\holly.your-164ca47c93\IECompatCache

2011-01-22 00:05:45 -------- d-----w- c:\docume~1\holly~1.you\applic~1

\Avira

2011-01-22 00:04:51 -------- d-sh--w- c:\documents and

settings\holly.your-164ca47c93\PrivacIE

2011-01-22 00:02:03 -------- d-sh--w- c:\documents and

settings\holly.your-164ca47c93\IETldCache

2011-01-21 23:51:59 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll

2011-01-21 23:51:25 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll

2011-01-21 23:51:25 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll

2011-01-21 23:51:25 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2011-01-21 23:51:23 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2011-01-21 23:51:23 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2011-01-21 23:51:22 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll

2011-01-21 23:51:20 11080704 -c----w- c:\windows\system32

\dllcache\ieframe.dll

2011-01-21 23:48:05 -------- d-----w- c:\docume~1\holly~1.you\locals~1

\applic~1\Google

2011-01-16 17:43:27 -------- d-----w- c:\docume~1\holly~1.you\locals~1

\applic~1\Opera

2011-01-16 14:45:19 -------- d-----w- c:\documents and

settings\holly.your-164ca47c93\Bluetooth Software

2011-01-15 02:04:34 -------- d-----w- c:\windows\system32\LogFiles

2011-01-15 00:37:13 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys

==================== Find3M ====================

2011-02-12 20:49:31 374048 ----a-w- c:\windows\system32\yk51x86.dll

2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll

2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll

2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys

2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll

2010-12-20 23:59:20 916480 ------w- c:\windows\system32\wininet.dll

2010-12-20 23:59:19 43520 ------w- c:\windows\system32\licmgr10.dll

2010-12-20 23:59:19 1469440 ------w- c:\windows\system32\inetcpl.cpl

2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll

2010-12-20 12:55:26 385024 ------w- c:\windows\system32\html.iec

2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll

2010-12-09 14:30:22 33280 ----a-w- c:\windows\system32\csrsrv.dll

2010-12-09 13:42:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe

2010-12-09 13:07:07 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe

2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll

============= FINISH: 19:07:04.21 ===============

If anyone could help me, I'd be greatful. Thanks guys.

Attach and ark.zip

Malwarebytes, SpybotSD and Avira Scan.zip

hijackthis.txt

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.