+ Reply to Thread
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 16
  1. 06-28-2009 05:54 AM #1
    flyingpete212
    flyingpete212 is offline
    Member
    Join Date
    Jun 2009
    Location
    Ireland
    Posts
    9
    Points
    0

    Default Caanot access YOUTUBE.

    I cannot access youtube through my browser I also get the same problem with updates offered on some software sites I have on my computer?
    I get msg"Cannot find "http://www.youtube.com/"--DNS Error - Server cannot be found
    I have tried entering direct into the browser and also via a search engine but I still get the same msg.

    Hope someone can help me.

    PS be gentle I am not a GEEK or anything approaching one.

    Best wishes to all, flyingpete212
    Reply With Quote Reply With Quote
  2. 06-28-2009 08:04 AM #2
    MrDarn
    MrDarn is offline
    Member MrDarn's Avatar
    Join Date
    Jul 2007
    Location
    South East Northumberland
    Posts
    2,581
    Points
    447

    Default

    Download and install HijackThis:

    You can download the latest version of HijackThis by clicking HERE.
    Should you be prompted to save to a certain directory, please choose the desktop.
    Note:Only this file should be saved to the desktop. During the installation process, you must allow HijackThis to install into its own directory.

    Once you download the HijackThis Installer from the above link:

    • Double-click the new HJTInstall.exe icon on your desktop or your default download location.
    • An install window will appear, please accept all the default locations and settings. (Vista users may need to approve a notification from windows. Please accept this warning if it appears, and allow the instalation)
    • Once installed, you will be presented with a list of options, please select 'Do a system scan and save a logfile'. (Vista users: you may need to close the program, then Right-click the HijackThis icon, choosing 'Run as Administrator')
    • Once he scan has completed, a 'Notepad' window will appear. This is the log i require.
    • In the notepad window, select 'Edit' from the top row, then 'Select all'
    • Again, in the notepad window, select 'Edit' again, this time choosing 'copy'
    • Close HijackThis by clicking the red X in the top right hand corner of the programs window.
    • Please reply to this message. In the reply window, please Right click, and select Paste
    • Once your log is posted, please close the Notepad window. You may also delete HJTInstall.exe from your desktop, as it is no longer required.


    Note: DO NOT have HijackThis fix anything yet! Most of what it finds is legitimate, and even needed!!
    DO NOT use this program to delete anything unless told to by a Trained Malware Removal Expert, and make sure you understand and follow ALL instructions. If you don't understand STOP and ASK!!!
    Please Note:
    The information I provide is based on my own personal computing experience, and research I have done on your behalf.
    !!!DO NOT FOLLOW MY ADVICE IF THIS IS A BUSINESS COMPUTER OR YOU RELY ON ITS USE!!!
    Please remember, we are all unpaid volunteers here!
    "The only stupid question is the one left unasked!"
    Reply With Quote Reply With Quote
  3. 06-28-2009 08:57 AM #3
    arraknid
    arraknid is offline
    Moderator Forum Moderator arraknid's Avatar
    Join Date
    Dec 2006
    Location
    France
    Posts
    5,299
    Points
    1129
    Blog Entries
    1

    Default

    See if bypassing the dns helps. Enter one of the following into the address line instead of the YouTube address...

    208.65.153.238
    208.65.153.251
    208.65.153.253
    208.117.236.69
    Man is the only all-purpose computer system which can be mass-produced by unskilled labour.
    Reply With Quote Reply With Quote
  4. 06-28-2009 09:50 AM #4
    flyingpete212
    flyingpete212 is offline
    Member
    Join Date
    Jun 2009
    Location
    Ireland
    Posts
    9
    Points
    0

    Default

    Quote Originally Posted by MrDarn View Post
    Download and install HijackThis:

    You can download the latest version of HijackThis by clicking HERE.
    Should you be prompted to save to a certain directory, please choose the desktop.
    Note:Only this file should be saved to the desktop. During the installation process, you must allow HijackThis to install into its own directory.

    Once you download the HijackThis Installer from the above link:

    • Double-click the new HJTInstall.exe icon on your desktop or your default download location.
    • An install window will appear, please accept all the default locations and settings. (Vista users may need to approve a notification from windows. Please accept this warning if it appears, and allow the instalation)
    • Once installed, you will be presented with a list of options, please select 'Do a system scan and save a logfile'. (Vista users: you may need to close the program, then Right-click the HijackThis icon, choosing 'Run as Administrator')
    • Once he scan has completed, a 'Notepad' window will appear. This is the log i require.
    • In the notepad window, select 'Edit' from the top row, then 'Select all'
    • Again, in the notepad window, select 'Edit' again, this time choosing 'copy'
    • Close HijackThis by clicking the red X in the top right hand corner of the programs window.
    • Please reply to this message. In the reply window, please Right click, and select Paste
    • Once your log is posted, please close the Notepad window. You may also delete HJTInstall.exe from your desktop, as it is no longer required.


    Note: DO NOT have HijackThis fix anything yet! Most of what it finds is legitimate, and even needed!!
    DO NOT use this program to delete anything unless told to by a Trained Malware Removal Expert, and make sure you understand and follow ALL instructions. If you don't understand STOP and ASK!!!
    Reply With Quote Reply With Quote
  5. 06-28-2009 09:52 AM #5
    flyingpete212
    flyingpete212 is offline
    Member
    Join Date
    Jun 2009
    Location
    Ireland
    Posts
    9
    Points
    0

    Default

    Hi Mr Darn, is this what you want?

    Best wishes flyingpete212

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:19:54, on 28/06/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18372)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS.2\System32\smss.exe
    C:\WINDOWS.2\system32\csrss.exe
    C:\WINDOWS.2\system32\winlogon.exe
    C:\WINDOWS.2\system32\services.exe
    C:\WINDOWS.2\system32\lsass.exe
    C:\WINDOWS.2\system32\Ati2evxx.exe
    C:\WINDOWS.2\system32\svchost.exe
    C:\WINDOWS.2\system32\svchost.exe
    C:\WINDOWS.2\System32\svchost.exe
    C:\WINDOWS.2\system32\Ati2evxx.exe
    C:\WINDOWS.2\system32\spoolsv.exe
    C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
    C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
    C:\WINDOWS.2\system32\svchost.exe
    C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\PC Tools Firewall Plus\FWService.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\SPAMfighter\sfus.exe
    C:\WINDOWS.2\Explorer.EXE
    C:\WINDOWS.2\system32\svchost.exe
    C:\Program Files\ThreatFire\TFService.exe
    C:\PROGRA~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe
    C:\PROGRA~1\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe
    C:\PROGRA~1\Bandoo\Bandoo.exe
    C:\WINDOWS.2\System32\alg.exe
    C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
    C:\WINDOWS.2\system32\svchost.exe
    C:\Program Files\Multi-Direction Opitcal Mouse\Multi-Direction Opitcal Mouse\2.0\ACQTMAPP.exe
    C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
    C:\WINDOWS.2\system32\LVCOMSX.EXE
    C:\WINDOWS.2\System32\svchost.exe
    C:\Program Files\ThreatFire\TFTray.exe
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\Program Files\TweakNow PowerPack 2009\CDAuto.exe
    C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe
    C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
    C:\Program Files\IObit\IObit Security 360\IS360tray.exe
    C:\WINDOWS.2\system32\ctfmon.exe
    C:\Documents and Settings\Peter.PETER-0ACAC9F69\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Cactus Spam Filter 2.13\cactusspamfilter.exe
    C:\Program Files\Rainlendar2\Rainlendar2.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE
    C:\Program Files\IObit\IObit Security 360\IS360srv.exe
    C:\Program Files\IncrediMail\bin\IMApp.exe
    C:\Program Files\DesktopEarth\DesktopEarth.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\Program Files\IncrediMail\Bin\IncMail.exe
    C:\Program Files\JetAudio\jetAudio.exe
    C:\Program Files\LimeWire\LimeWire.exe
    C:\Program Files\Giganology\Gigaget\Gigaget.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\All Users.WINDOWS.2\Documents\Desktop\HijackThis.exe
    C:\WINDOWS.2\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:\PROGRA~1\SpeedBit Video Accelerator\vaproxy.pac
    R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS.2\system32\gigagetbho_v10.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
    O2 - BHO: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\Inbox Toolbar\Inbox.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
    O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll
    O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\Inbox Toolbar\Inbox.dll
    O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
    O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Muiltmedia keyboard utility\2.2D\MMKEYBD.EXE
    O4 - HKLM\..\Run: [ACQTMOUSE] "C:\Program Files\Multi-Direction Opitcal Mouse\Multi-Direction Opitcal Mouse\2.0\ACQTMAPP.exe"
    O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS.2\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [CD Autorun] C:\Program Files\TweakNow PowerPack 2009\CDAuto.exe
    O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe"
    O4 - HKLM\..\Run: [F-PROT Antivirus Tray application] C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
    O4 - HKLM\..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.2\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.2\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.2\system32\ctfmon.exe (User 'Default user')
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O4 - Global Startup: DesktopEarth AutoStart.lnk = ?
    O8 - Extra context menu item: &Download All by Gigaget - C:\Program Files\Giganology\Gigaget\getallurl.htm
    O8 - Extra context menu item: &Download by Gigaget - C:\Program Files\Giganology\Gigaget\geturl.htm
    O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
    O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS.2\system32\GPhotos.scr/200
    O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
    O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
    O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
    O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: LastPass - file://C:\Program Files\LastPass\context.html?cmd=lastpass
    O8 - Extra context menu item: LastPass Fill Forms - file://C:\Program Files\LastPass\context.html?cmd=fillforms
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.2\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.2\Network Diagnostic\xpnetdiag.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\Inbox Toolbar\Inbox.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
    O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS.2\system32\Ati2evxx.exe
    O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe
    O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
    O23 - Service: F-PROT Antivirus for Windows system (FPAVServer) - FRISK Software International - C:\Program Files\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
    O23 - Service: Google Update Service (gupdate1c99b7d46ebc5a6) (gupdate1c99b7d46ebc5a6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: IS360service - Unknown owner - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
    O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
    O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
    O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe

    --
    End of file - 13322 bytes
    Reply With Quote Reply With Quote
  6. 06-28-2009 10:23 AM #6
    MrDarn
    MrDarn is offline
    Member MrDarn's Avatar
    Join Date
    Jul 2007
    Location
    South East Northumberland
    Posts
    2,581
    Points
    447

    Default

    Not exactly, i'm afraid my instructions may have been confusing.

    Please create a folder and place HijackThis.exe into this folder, then run the scan again.

    This must be completed, as hijack this creates backups that must be stored. this cannot be done from the desktop.

    May i suggest running the installer again, this time making sure you allow HijackThis to install into its own folder, and NOT the desktop

    Once you have done this, a spyware expert will look at your log,as you have some undesireable entries showing that i am not trained to deal with.
    Please Note:
    The information I provide is based on my own personal computing experience, and research I have done on your behalf.
    !!!DO NOT FOLLOW MY ADVICE IF THIS IS A BUSINESS COMPUTER OR YOU RELY ON ITS USE!!!
    Please remember, we are all unpaid volunteers here!
    "The only stupid question is the one left unasked!"
    Reply With Quote Reply With Quote
  7. 06-29-2009 07:06 AM #7
    MrDarn
    MrDarn is offline
    Member MrDarn's Avatar
    Join Date
    Jul 2007
    Location
    South East Northumberland
    Posts
    2,581
    Points
    447

    Default

    Quote Originally Posted by flyingpete212 via PM
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:19:33, on 29/06/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18372)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS.2\System32\smss.exe
    C:\WINDOWS.2\system32\winlogon.exe
    C:\WINDOWS.2\system32\services.exe
    C:\WINDOWS.2\system32\lsass.exe
    C:\WINDOWS.2\system32\Ati2evxx.exe
    C:\WINDOWS.2\system32\svchost.exe
    C:\WINDOWS.2\System32\svchost.exe
    C:\WINDOWS.2\system32\Ati2evxx.exe
    C:\WINDOWS.2\system32\spoolsv.exe
    C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
    C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\PC Tools Firewall Plus\FWService.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\SPAMfighter\sfus.exe
    C:\WINDOWS.2\system32\svchost.exe
    C:\Program Files\ThreatFire\TFService.exe
    C:\PROGRA~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe
    C:\PROGRA~1\Bandoo\Bandoo.exe
    C:\WINDOWS.2\Explorer.EXE
    C:\PROGRA~1\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe
    C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
    C:\Program Files\Multi-Direction Opitcal Mouse\Multi-Direction Opitcal Mouse\2.0\ACQTMAPP.exe
    C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
    C:\WINDOWS.2\system32\LVCOMSX.EXE
    C:\Program Files\ThreatFire\TFTray.exe
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\WINDOWS.2\system32\ctfmon.exe
    C:\Documents and Settings\Peter.PETER-0ACAC9F69\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
    C:\Program Files\Cactus Spam Filter 2.13\cactusspamfilter.exe
    C:\Program Files\Rainlendar2\Rainlendar2.exe
    C:\Program Files\PrtScr\PrtScr.exe
    C:\Program Files\DesktopEarth\DesktopEarth.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\IncrediMail\bin\IMApp.exe
    C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE
    C:\WINDOWS.2\system32\wuauclt.exe
    C:\WINDOWS.2\System32\svchost.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Giganology\Gigaget\Gigaget.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:\PROGRA~1\SpeedBit Video Accelerator\vaproxy.pac
    R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS.2\system32\gigagetbho_v10.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll
    O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
    O2 - BHO: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\Inbox Toolbar\Inbox.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
    O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll
    O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\Inbox Toolbar\Inbox.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Muiltmedia keyboard utility\2.2D\MMKEYBD.EXE
    O4 - HKLM\..\Run: [ACQTMOUSE] "C:\Program Files\Multi-Direction Opitcal Mouse\Multi-Direction Opitcal Mouse\2.0\ACQTMAPP.exe"
    O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS.2\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS.2\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Peter.PETER-0ACAC9F69\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
    O4 - HKCU\..\Run: [com.codeode.cactusspamfilter] "C:\Program Files\Cactus Spam Filter 2.13\cactusspamfilter.exe" -minimized
    O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
    O4 - HKCU\..\Run: [PrtScr by FireStarter] C:\Program Files\PrtScr\PrtScr.exe /Tray
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.2\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.2\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.2\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: DesktopEarth AutoStart.lnk = ?
    O8 - Extra context menu item: &Download All by Gigaget - C:\Program Files\Giganology\Gigaget\getallurl.htm
    O8 - Extra context menu item: &Download by Gigaget - C:\Program Files\Giganology\Gigaget\geturl.htm
    O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
    O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS.2\system32\GPhotos.scr/200
    O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
    O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
    O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
    O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: LastPass - file://C:\Program Files\LastPass\context.html?cmd=lastpass
    O8 - Extra context menu item: LastPass Fill Forms - file://C:\Program Files\LastPass\context.html?cmd=fillforms
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.2\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.2\Network Diagnostic\xpnetdiag.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (Egg Money Manager Digital Safe) - https://moneymanager.egg.com/Pinsafe...nttracking.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\Inbox Toolbar\Inbox.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
    O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS.2\system32\Ati2evxx.exe
    O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe
    O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
    O23 - Service: Google Update Service (gupdate1c99b7d46ebc5a6) (gupdate1c99b7d46ebc5a6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
    O23 - Service: Registry Helper Service - Unknown owner - C:\Program Files\Registry Helper\RegistryHelperService.exe (file missing)
    O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
    O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
    O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe

    --
    End of file - 13294 bytes
    Please Note:
    The information I provide is based on my own personal computing experience, and research I have done on your behalf.
    !!!DO NOT FOLLOW MY ADVICE IF THIS IS A BUSINESS COMPUTER OR YOU RELY ON ITS USE!!!
    Please remember, we are all unpaid volunteers here!
    "The only stupid question is the one left unasked!"
    Reply With Quote Reply With Quote
  8. 06-29-2009 07:26 AM #8
    flyingpete212
    flyingpete212 is offline
    Member
    Join Date
    Jun 2009
    Location
    Ireland
    Posts
    9
    Points
    0

    Default

    Sorry, ye I can see where you coming from.
    Thanks again Flyingpete212
    Reply With Quote Reply With Quote
  9. 06-29-2009 07:43 AM #9
    MrDarn
    MrDarn is offline
    Member MrDarn's Avatar
    Join Date
    Jul 2007
    Location
    South East Northumberland
    Posts
    2,581
    Points
    447

    Default

    Perfectly alright pete

    Just waiting for a spyware advisor to arrive to take over the thread.

    We are quite busy at the moment, so if you are in a hurry, it may be an idea to follow the instructions LISTED HERE (click this link)

    or, if you prefer the personal touch, you may want to start a new thread HERE (click here) for faster attention as some of our experts are on summer vacation.
    Please Note:
    The information I provide is based on my own personal computing experience, and research I have done on your behalf.
    !!!DO NOT FOLLOW MY ADVICE IF THIS IS A BUSINESS COMPUTER OR YOU RELY ON ITS USE!!!
    Please remember, we are all unpaid volunteers here!
    "The only stupid question is the one left unasked!"
    Reply With Quote Reply With Quote
  10. 06-29-2009 08:03 AM #10
    arraknid
    arraknid is offline
    Moderator Forum Moderator arraknid's Avatar
    Join Date
    Dec 2006
    Location
    France
    Posts
    5,299
    Points
    1129
    Blog Entries
    1

    Default

    Just out of interest, did you try this...

    See if bypassing the dns helps. Enter one of the following into the address line instead of the YouTube address...

    208.65.153.238
    208.65.153.251
    208.65.153.253
    208.117.236.69
    Man is the only all-purpose computer system which can be mass-produced by unskilled labour.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »