Tech Support Forum - View Single Post - MS Windows XP will not load when connected to internet

**Pancake** · 02-15-2007, 10:54 PM

Sorry about that.Cant see how I missed you.
Ok.So lets see what we get left with after this gets cleaned.

Have "Hijack This" fix all the following items in the list below by placing a check in the appropriate boxes.Confirm that you have only the listed ones checked, then press <Fix checked> and Close HJT.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///c:/secure32.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
O4 - HKLM\..\Run: [Error Nuker] C:\Program Files\Error Nuker\bin\ErrorNuker.exe autostart
O4 - HKLM\..\Run: [ijciiqc.dll] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\ijciiqc.dll,okbblr
O4 - HKLM\..\Run: [AutoSys] C:\WINDOWS\System32\autosys.exe
O4 - HKLM\..\Run: [{7B-BE-E8-8B-ZN}] C:\windows\system32\nodsregj.exe SKY001
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\System32\qwinpoeb.exe SKY001
O4 - HKLM\..\Run: [lmjvservc] fxsugwhh.exe
O4 - HKLM\..\Run: [nvcdllx] C:\WINDOWS\System32\cstatvmq.exe
O4 - HKLM\..\Run: [kdmmcvs] C:\WINDOWS\System32\gmonstml.exe
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\System32\iiydacla.dll",setvm
O4 - HKCU\..\Run: [cwingllib] C:\WINDOWS\system32\atllsimm.exe
O4 - HKCU\..\Run: [jmlcv4m] C:\WINDOWS\System32\mgcplwin.exe
O4 - HKCU\..\Run: [WinInit] "C:\DOCUME~1\Duane\LOCALS~1\Temp\162015.exe "
O4 - HKCU\..\Run: [ymmsddlop] C:\WINDOWS\system32\vssmnptc.exe
O4 - HKCU\..\Run: [mdwinllm3] C:\WINDOWS\System32\sscmsslv.exe
O4 - HKCU\..\Run: [lvcdmsys] C:\WINDOWS\System32\dbbsrcc.exe
O4 - HKCU\..\Run: [winksddm] C:\WINDOWS\System32\jvmmods.exe
O4 - HKCU\..\Run: [lsmdwinr] C:\WINDOWS\System32\vstldmem.exe
O4 - HKCU\..\Run: [gdxapimn] C:\WINDOWS\System32\jgdepgc.exe
O4 - HKCU\..\Run: [nvcdllx] C:\WINDOWS\System32\cstatvmq.exe
O4 - HKCU\..\Run: [csmhtop] C:\WINDOWS\System32\sdmmlmn.exe
O4 - HKCU\..\Run: [ddsysmns] C:\WINDOWS\System32\scmdcon.exe
O4 - HKCU\..\Run: [ncsmmlg] C:\WINDOWS\System32\ctlmems.exe
O4 - HKCU\..\Run: [kdmmcvs] C:\WINDOWS\System32\gmonstml.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZUxdm080YYUS
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/mini...ansporter
O23 - Service: Windows Host Services (DLLHOST32) - Unknown owner - C:\WINDOWS\system\dllhost.exe (file missing)
O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\System32\msasvc.exe (file missing)
O23 - Service: WINS Client (RpcPatch) - Unknown owner - C:\WINDOWS\System32\wins\DLLHOST.EXE (file missing)
O23 - Service: Network Connections Sharing (RpcTftpd) - Unknown owner - C:\WINDOWS\System32\wins\svchost.exe (file missing
O23 - Service: Microsoft Apache for Windows (Windows Apache Service) - Unknown owner - C:\WINDOWS\wpablin.exe (file missing)

Reboo and post a new HJT log....

02-15-2007, 10:54 PM	#6 (permalink)
Pancake Security Team (ret.) Join Date: Nov 2003 Location: Victoria.Australia Posts: 7,404 OS: XP Pro SP3	Sorry about that.Cant see how I missed you. Ok.So lets see what we get left with after this gets cleaned. Have "Hijack This" fix all the following items in the list below by placing a check in the appropriate boxes.Confirm that you have only the listed ones checked, then press <Fix checked> and Close HJT. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///c:/secure32.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank O4 - HKLM\..\Run: [Error Nuker] C:\Program Files\Error Nuker\bin\ErrorNuker.exe autostart O4 - HKLM\..\Run: [ijciiqc.dll] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\ijciiqc.dll,okbblr O4 - HKLM\..\Run: [AutoSys] C:\WINDOWS\System32\autosys.exe O4 - HKLM\..\Run: [{7B-BE-E8-8B-ZN}] C:\windows\system32\nodsregj.exe SKY001 O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\System32\qwinpoeb.exe SKY001 O4 - HKLM\..\Run: [lmjvservc] fxsugwhh.exe O4 - HKLM\..\Run: [nvcdllx] C:\WINDOWS\System32\cstatvmq.exe O4 - HKLM\..\Run: [kdmmcvs] C:\WINDOWS\System32\gmonstml.exe O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\System32\iiydacla.dll",setvm O4 - HKCU\..\Run: [cwingllib] C:\WINDOWS\system32\atllsimm.exe O4 - HKCU\..\Run: [jmlcv4m] C:\WINDOWS\System32\mgcplwin.exe O4 - HKCU\..\Run: [WinInit] "C:\DOCUME~1\Duane\LOCALS~1\Temp\162015.exe " O4 - HKCU\..\Run: [ymmsddlop] C:\WINDOWS\system32\vssmnptc.exe O4 - HKCU\..\Run: [mdwinllm3] C:\WINDOWS\System32\sscmsslv.exe O4 - HKCU\..\Run: [lvcdmsys] C:\WINDOWS\System32\dbbsrcc.exe O4 - HKCU\..\Run: [winksddm] C:\WINDOWS\System32\jvmmods.exe O4 - HKCU\..\Run: [lsmdwinr] C:\WINDOWS\System32\vstldmem.exe O4 - HKCU\..\Run: [gdxapimn] C:\WINDOWS\System32\jgdepgc.exe O4 - HKCU\..\Run: [nvcdllx] C:\WINDOWS\System32\cstatvmq.exe O4 - HKCU\..\Run: [csmhtop] C:\WINDOWS\System32\sdmmlmn.exe O4 - HKCU\..\Run: [ddsysmns] C:\WINDOWS\System32\scmdcon.exe O4 - HKCU\..\Run: [ncsmmlg] C:\WINDOWS\System32\ctlmems.exe O4 - HKCU\..\Run: [kdmmcvs] C:\WINDOWS\System32\gmonstml.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZUxdm080YYUS O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/mini...ansporter O23 - Service: Windows Host Services (DLLHOST32) - Unknown owner - C:\WINDOWS\system\dllhost.exe (file missing) O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\System32\msasvc.exe (file missing) O23 - Service: WINS Client (RpcPatch) - Unknown owner - C:\WINDOWS\System32\wins\DLLHOST.EXE (file missing) O23 - Service: Network Connections Sharing (RpcTftpd) - Unknown owner - C:\WINDOWS\System32\wins\svchost.exe (file missing O23 - Service: Microsoft Apache for Windows (Windows Apache Service) - Unknown owner - C:\WINDOWS\wpablin.exe (file missing) Reboo and post a new HJT log.... __________________ Eddy