My HiJackThis Log

[Akubane]

it failed right from the start.
http://i47.photobucket.com/albums/f167/Akubane/Untitled-1.jpg
failed on file 2 and 11. I hit continue on both and then the program just failed and closed altogether. Temp. killed internet at same time. XD

Suppose thats cause from not bothering with that recovery mode thing? I'll install it if i must.

 

[Osiris]

what about safe mode?

 

[Akubane]

sorry had to go to work.

It won't even run in safe mode. Crashes right after it opens. no errors or anything. The window opens and closes before it even finishes rendering.

and it screwed up my clock LOL reads in 24hr time now >.> no big deal since i have a clock right beside my computer.

 

[Osiris]

hhmm.... sounds like you have some major problems


go to regional and language options and change the format or the time

 

[Akubane]

yeah i got that fixed lol.
in the mean time i've uninstalled msn to keep it from spreading. it seems people were getting messages from me with links to random websites, even while i was offline they were beign sent. I hope uninstallign it completely will fix that

The only thing I've done different than usual was I installed the messenger plus! live add-on, and another msn tweak add-on that lets you get rid of all that useless crap. I scanned the files before opening and Avast never picked anything up, nor did it give any warnings during installation.

Think I'll have to format and try again?

Edit~ ok its systematically shutting down access to different parts of my pc. first i couldnt save any photo's files from the browsers, then IE Pro and opera both fragged completely.
I'm gonna format my windows partition, then reinstall, run all these programs again then if smitfraud and combofix still fail then something is serious. i'll post a log after that.

edit~ boo cant run winamp either XD always sleep with music playing haha

only two things i can think as the cause is like i said that MSN addon, or the internet explorer addon.
I havent even installed many programs/games on yet after last format. Just my media (mp3's and anime videos), final fantasy 11, all this anti virus crap, and drivers/codecs. plus winamp, media player classic, ie pro addon, msn addon, IDM, opera, and ms word.

its all straightforward cept those addons. ffxi is paid for, same as ms word. everything else is legal freeware.

 

[Osiris]

what all us running in msconfig>startup?

 

[Akubane]

is it normal that smitfraud is detected as a virus?
http://i47.photobucket.com/albums/f167/Akubane/smitfraud.jpg

and heres a picture of msconfig startup
http://i47.photobucket.com/albums/f167/Akubane/msconfigstart.jpg
only things that dont show there cause it's not scrolled down is
spybot S&D teatimer - which is supposed to be uninstalled a while ago
winamp agent (again?)
and windows defender

mentioned above that msconfig cleaner wouldnt work. It never detected any of these as disabled, even though they're clearly disabled. winamp and Idm i just re-enabled because i use them often enough

 

[MuseGimm]

Re: My JACKED UP Log

I NEED HELP TOO ! PLEEEEEEEZZZZZZZZZZZZZ, Internet Explorer keeps shutting down, checked out after two weeks telling me now to download xp pro sp2, I had to order disc, widowed, poor get it barely afford dial-up lol, !, cost $, wonder why after paying for os why should you have to put out for more go figure any hoo will some one please tell me if it is possibly anything else it is getting worse than it initially was I already copied my log and everything !
Here it is .....Logfile of HijackThis v1.97.7
Scan saved at 6:49:06 PM, on 2/27/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Iomega HotBurn\Autolaunch.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Juno\exec.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\System32\dwwin.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Juno\exec.exe
C:\WINDOWS\System32\dwwin.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Ivanna.MUSEGIMM-0D2YSP\Desktop\Hijack This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = myjuno.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Search
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Search
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\Juno\SearchEnh1.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: JunoBar - {5854FAC4-5BF0-47DD-B5A9-A5EA8CFF3CF4} - C:\Program Files\Juno\Toolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Drag'n'Drop_Autolaunch] "C:\Program Files\Iomega HotBurn\Autolaunch.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Juno_uoltray] C:\Program Files\Juno\exec.exe regrun
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158899711250
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{58D32960-89AD-436A-8A6B-CF5F2AEB4257}: NameServer = 64.136.52.73 64.136.44.73

 

[Redmo0n]

Ok one don't post in someone elses log thread, make your own.

You should get SP2 and also get the newer version of Hijackthis.

Go through Osiris's guide.

Do you use the ISP NetZero? If not end this task and check it off msconfig, also delete it as well.

O4 - HKCU\..\Run: [Juno_uoltray] C:\Program Files\Juno\exec.exe regrun

C:\Program Files\Juno\exec.exe

 

[Akubane]

anyhow.

reformatted C and reinstalld windows. some problems just got swapped with different ones. I.E., opera and winamp all work fine. But now the windows update isn't functioning properly.
http://i47.photobucket.com/albums/f167/Akubane/Untitled-2.jpg

and the turn off automatic update screen
http://i47.photobucket.com/albums/f167/Akubane/Untitled1.jpg

on a side note it also seems like photobuckets autocopy wont work XD odd

I ran smitfraudfix, the host file doesn't seem to be corrupted anymore. I haven't installed MSN to see if people are still getting the messages.

combofix still fails. same two errors on same files as above.

edit~ oh missed my 1000th lol >.>

log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:42:54 AM, on 2/28/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
D:\Programs\Internet Download Manager\IDMan.exe
D:\Programs\Alwil Software\Avast4\ashDisp.exe
D:\Programs\Internet Download Manager\IEMonitor.exe
C:\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Programs\Internet Download Manager\IDMIECC.dll
O4 - HKLM\..\Run: [avast!] D:\Programs\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [IDMan] D:\Programs\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download all links with IDM - D:\Programs\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - D:\Programs\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - D:\Programs\Internet Download Manager\IEExt.htm
O13 - Gopher Prefix:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Programs\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Programs\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Programs\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Programs\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5064 bytes