Results 1 to 8 of 8

Thread: Hi please help

  1. #1
    Member
    Join Date
    Feb 2012
    Posts
    4
    Points
    0

    Default Hi please help

    hi please help, i am new to hijack this and dont know what to delete.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 5:46:45 PM, on 2/23/2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\s3hotkey.exe
    C:\WINDOWS\system32\S3Tray2.exe
    C:\WINDOWS\vVX3000.exe
    C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
    C:\Program Files\Alwil Software\Avast5\avastUI.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program files\360Amigo\360Amigo.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\3 Mobile Broadband\3Connect\AutoUpdateSrv.exe
    C:\Program Files\3 Mobile Broadband\3Connect\WilogApp.exe
    C:\WINDOWS\system32\msiexec.exe
    c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware.
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = The Mechcommander Series™
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [S3Hotkey] s3hotkey.exe
    O4 - HKLM\..\Run: [S3TRAY2] S3Tray2.exe
    O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [360Amigo] "C:\Program files\360Amigo\360Amigo.exe" -autorun
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - http://www.caminova.net/en/downloads...e.aspx?lang=en
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/Messen.../GAME_UNO1.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1276159165127
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - http://javadl-esd.sun.com/update/1.5...ndows-i586.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A47A2A57-329D-4B11-8AA7-99B45656AD3B}: NameServer = 83.136.47.249 193.120.14.101
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    --
    End of file - 5695 bytes

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Hi Andthepand25,

    Welcome to Help2go!

    Most of what a Hijackthis log shows is required. I don't see anything standing out in your log. Please tells us what problems you may be experiencing with this computer.

    Joe

  3. #3
    Member
    Join Date
    Feb 2012
    Posts
    4
    Points
    0

    Default

    Quote Originally Posted by zep516 View Post
    Hi Andthepand25,

    Welcome to Help2go!

    Most of what a Hijackthis log shows is required. I don't see anything standing out in your log. Please tells us what problems you may be experiencing with this computer.

    Joe
    Hey Joe, thanks for such a quick reply, im trying to get into this gaming lobby, first i got .framenetwork errors, then i smart defragged, cc cleaned it out, went into safe mode, to try and uninstall and reinstall the .net frameworks but it wouldnt let me still, said it needed it for programs to run and afterwards said fatal error from installation...and thats on all of them 2.0. 3.5 e.t.c. Im now at the point of getting connection errors to teamspeak 3 and also the lobby program itself, no1 else is having these errors just me, my inital thought was i kept download the installation over another one and maybe ive corrupted it, but im not sure what to do about it, im at a real dead end. Any advice would be greatly appreciated

    Andy.

  4. #4
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Ok. Lets look at more detailed scan to get better acquainted with your machine. This is just a diagnostic scan and does not fix anything.

    Download DDS link from here http://download.bleepingcomputer.com/sUBs/dds.scr

    Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

    * XP users Double click on dds to run it.
    * If your antivirus or firewall try to block DDS then please allow it to run.
    * When finished DDS will open two (2) logs:

    1) DDS.txt
    2) Attach.txt

    * Save both logs to your desktop.
    * Please include the entire contents of both logs in your next reply.

    Note: DDS will instruct you to post the Attach.txt log as an attachment.
    Please just post it as you would any other log by copy and pasting it into the reply.
    Last edited by zep516; 02-23-2012 at 12:33 PM.

  5. #5
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Andy,

    Edit------> Please tell me what exactly the Framework errors are too?


    gaming lobby What is the game name or any other pertinent information you can provide?
    Last edited by zep516; 02-23-2012 at 01:03 PM.

  6. #6
    Member
    Join Date
    Feb 2012
    Posts
    4
    Points
    0

    Default

    Quote Originally Posted by zep516 View Post
    Andy,

    Edit------> Please tell me what exactly the Framework errors are too?


    gaming lobby What is the game name or any other pertinent information you can provide?
    Ok sorry computer is slow, as far as that program dds is concerned i tried running it twice and was not succesful in finishing it, it would just freeze up forcing me to power off


    Framework error:
    See the end of this message for details on invoking
    just-in-time (JIT) debugging instead of this dialog box.

    ************** Exception Text **************
    System.Configuration.ConfigurationErrorsException: Configuration system failed to initialize ---> System.Configuration.ConfigurationErrorsException: Root element is missing. (C:\Documents and Settings\Andy\Local Settings\Application Data\Pyro_CanEh_Productions\GameLobby.exe_Url_x5ly1tnoe1ynkjncuqyv0bsb2g0cttsj\2.7.3.0\user.config) ---> System.Xml.XmlException: Root element is missing.
    at System.Xml.XmlTextReaderImpl.Throw(Exception e)
    at System.Xml.XmlTextReaderImpl.ThrowWithoutLineInfo(String res)
    at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
    at System.Xml.XmlTextReaderImpl.Read()
    at System.Xml.XmlTextReader.Read()
    at System.Configuration.XmlUtil..ctor(Stream stream, String name, Boolean readToFirstElement, ConfigurationSchemaErrors schemaErrors)
    at System.Configuration.BaseConfigurationRecord.InitConfigFromFile()
    --- End of inner exception stack trace ---
    at System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean ignoreLocal)
    at System.Configuration.BaseConfigurationRecord.ThrowIfParseErrors(ConfigurationSchemaErrors schemaErrors)
    at System.Configuration.BaseConfigurationRecord.ThrowIfInitErrors()
    at System.Configuration.ClientConfigurationSystem.OnConfigRemoved(Object sender, InternalConfigEventArgs e)
    --- End of inner exception stack trace ---
    at System.Configuration.ClientConfigurationSystem.OnConfigRemoved(Object sender, InternalConfigEventArgs e)
    at System.Configuration.Internal.InternalConfigRoot.OnConfigRemoved(InternalConfigEventArgs e)
    at System.Configuration.Internal.InternalConfigRoot.RemoveConfigImpl(String configPath, BaseConfigurationRecord configRecord)
    at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
    at System.Configuration.BaseConfigurationRecord.GetSection(String configKey, Boolean getLkg, Boolean checkPermission)
    at System.Configuration.BaseConfigurationRecord.GetSection(String configKey)
    at System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(String sectionName)
    at System.Configuration.ConfigurationManager.GetSection(String sectionName)
    at System.Configuration.ClientSettingsStore.ReadSettings(String sectionName, Boolean isUserScoped)
    at System.Configuration.LocalFileSettingsProvider.GetPropertyValues(SettingsContext context, SettingsPropertyCollection properties)
    at System.Configuration.SettingsBase.GetPropertiesFromProvider(SettingsProvider provider)
    at System.Configuration.SettingsBase.GetPropertyValueByName(String propertyName)
    at System.Configuration.SettingsBase.get_Item(String propertyName)
    at System.Configuration.ApplicationSettingsBase.GetPropertyValue(String propertyName)
    at System.Configuration.ApplicationSettingsBase.get_Item(String propertyName)
    at GameLobby.My.MySettings.get_ShouldUpgrade()
    at DyarLqeh7htyU4BxRh.XpDWeDgp9Y1Q5RmTy9.amvuhkrnb(Object , EventArgs )
    at System.EventHandler.Invoke(Object sender, EventArgs e)
    at System.Windows.Forms.Form.OnLoad(EventArgs e)
    at System.Windows.Forms.Form.OnCreateControl()
    at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
    at System.Windows.Forms.Control.CreateControl()
    at System.Windows.Forms.Control.WmShowWindow(Message& m)
    at System.Windows.Forms.Control.WndProc(Message& m)
    at System.Windows.Forms.ScrollableControl.WndProc(Message& m)
    at System.Windows.Forms.ContainerControl.WndProc(Message& m)
    at System.Windows.Forms.Form.WmShowWindow(Message& m)
    at System.Windows.Forms.Form.WndProc(Message& m)
    at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
    at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
    at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)


    ************** Loaded Assemblies **************
    mscorlib
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.3625 (GDR.050727-3600)
    CodeBase: file:///c:/WINDOWS/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
    ----------------------------------------
    GameLobby
    Assembly Version: 2.7.3.0
    Win32 Version: 1.0.0.0
    CodeBase: file:///C:/Program%20Files/Digital%20Blood%20Sports/CDRom/GameLobby.exe
    ----------------------------------------
    System.Drawing
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.3053 (netfxsp.050727-3000)
    CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System.Drawing/2.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
    ----------------------------------------
    System
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.3631 (GDR.050727-3600)
    CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System/2.0.0.0__b77a5c561934e089/System.dll
    ----------------------------------------
    System.Windows.Forms
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.3623 (GDR.050727-3600)
    CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System.Windows.Forms/2.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
    ----------------------------------------
    Microsoft.VisualBasic
    Assembly Version: 8.0.0.0
    Win32 Version: 8.0.50727.3053 (netfxsp.050727-3000)
    CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/Microsoft.VisualBasic/8.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll
    ----------------------------------------
    System.Runtime.Remoting
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.3053 (netfxsp.050727-3000)
    CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System.Runtime.Remoting/2.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll
    ----------------------------------------
    System.Configuration
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.3053 (netfxsp.050727-3000)
    CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System.Configuration/2.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
    ----------------------------------------
    System.Xml
    Assembly Version: 2.0.0.0
    Win32 Version: 2.0.50727.3082 (QFE.050727-3000)
    CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System.Xml/2.0.0.0__b77a5c561934e089/System.Xml.dll
    ----------------------------------------

    ************** JIT Debugging **************
    To enable just-in-time (JIT) debugging, the .config file for this
    application or computer (machine.config) must have the
    jitDebugging value set in the system.windows.forms section.
    The application must also be compiled with debugging
    enabled.

    For example:

    <configuration>
    <system.windows.forms jitDebugging="true" />
    </configuration>

    When JIT debugging is enabled, any unhandled exception
    will be sent to the JIT debugger registered on the computer
    rather than be handled by this dialog box.

    most recent error before a connection error
    ImageShack&#174; - Online Photo and Video Hosting

    i just got into the lobby , but feel it will happen again at some point. something is definitely corrupted

  7. #7
    Member
    Join Date
    Feb 2012
    Posts
    4
    Points
    0

    Default

    DigitalBloodSports Online Gaming is the gaming software and The Mechcommander Series™ is my siteforum where i promote the game i like

  8. #8
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    What kind of support can you get from Digital Blood Sports? This is something I am personally not familiar with at all.

    System.Configuration.ConfigurationErrorsException: Configuration system failed to initialize ---> System.Configuration.ConfigurationErrorsException: Root element is missing. (C:\Documents and Settings\Andy\Local Settings\Application Data\Pyro_CanEh_Productions\GameLobby.exe_Url_x5ly1tnoe1ynkjncuqyv0bsb2g0cttsj\2.7.3.0\user.config) ---> System.Xml.XmlException: Root element is missing.
    Not sure what "root element is missing," means. You could try doing Google searches on it. I actually copied an pasted the entire line in Google, but had little luck understanding the results.

    Joe