Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

englisheeyore

116 Posts

9889

December 14th, 2006 01:00

DSL connection problems, plz help! (HiJack This Log)

Well I thought we (Bugbatter and I) had got rid of whatever was on my computer a month ago but apparently did not. My McAfee subscription (was only 30 days apparently) ran out last night and a few minutes later started acting up the way it did last time. It disables your DSL connection and only intermittently lets you use the internet. I am actually writing this on Word so that in the minute it gives me to get on the net I can hopefully post this to you in time before it goes again!

I get a few random ad pop-ups but mostly I am getting a windows prompt that is labeled “RUNDLL” and says:

 

 

Error loading

The specified module could not be found.

(Then a prompt ‘ok’ button to close it)

 

The “

The only other pop-ups I notice are black rectangular dos prompt type boxes that pop up for a split second then disappear but doesn’t look like anything is written on it – as fast as it comes up it’s gone.

I updated and ran AVG Anti-Spyware and it found 164 medium threats and 3 high threats: Backdoor.Small.is, Backdoor.Agent.aif, and Trojan.BHO.d – it was able to quarantine them all. After restarting I scanned again and it shows it’s all clean but I’m having the problems like I said before.

I haven’t been able to check for updates for HiJack This just yet (can’t get online right now) but I ran my v1.99.1 version of HiJack This and here is what I’ve found:

Logfile of HijackThis v1.99.1

Scan saved at 1:15:58 AM, on 12/13/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe

C:\WINDOWS\weRecv.exe

C:\Program Files\SiteAdvisor\4608\SAService.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe

C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe

C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe

C:\Program Files\SiteAdvisor\4608\SiteAdv.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINDOWS\System32\prevx.exe

C:\PROGRA~1\Yahoo!\browser\ycommon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe

C:\WINDOWS\System32\wininet.exe

C:\Program Files\Microsoft Office\Office\WINWORD.EXE

C:\WINDOWS\System32\svchost.exe

C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://support.dell.com/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll

O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"

O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\4608\SiteAdv.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [PrevX] C:\WINDOWS\System32\prevx.exe

O4 - HKCU\..\Run: [Yahoo! Pager] 1

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra button: SBC Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll

O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) -

O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab

O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll

O21 - SSODL: SysRun - {D7FFD784-5276-42D1-887B-00267870A4C7} - C:\WINDOWS\System32\svshost.dll

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe

O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe

O23 - Service: Netmeeting For Windows (Netmeeting For Microsoft Windows) - Unknown owner - C:\WINDOWS\weRecv.exe

O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\4608\SAService.exe

After we get this situated I would like to know what I need to do to secure my computer from viruses (I had McAfee but the subscription just ran out). I went to the McAfee website to subscribe to it for a year but there were several options and it was a bit confusing. One offered $49.99 for 8-in-1 protection, another $39.99 for a year 3-in-1 I believe, and $39.99 for another option. I always thought you just bought it as a suite together as one but now that I see there’s more than one thing to install I’m confused as to what I really need from McAfee??

Cheers.

EE

P.S. I’ll try to check the page as soon as possible (net willing)!

englisheeyore

116 Posts

February 20th, 2007 18:00

Ron -
 
It has a floppy drive so I went to the first link you provided to make a bootup floppy and both the links it suggested were for Windows 98 and Windows ME.  I formatted a blank floppy disk and tried using their directions for my XP anyway but it said go C:\Windows\Command\EBD\Command.com and I don't have that path.
 
I've never made a boot disk, partitioned, or reformatted before so I could be missing something obvious right in front of me.
 
EE

RKinner

2 Intern

 • 

5.9K Posts

February 20th, 2007 19:00

We need to delete the Primary partition since that's where XP lives.  It should be safe to leave the rest.
 
Ron
 

englisheeyore

116 Posts

February 20th, 2007 19:00

Ron - it says:
 
Current fixed disk drive: 1
 
Choose one of the following:
1. Delete Primary DOS Partition
2. Delete Extended DOS Partition
3. Delete Logical DOS Drive(s) in the Extended DOS Partition
4. Delete Non-DOS Partition
 
Do I delete just 1 (the primary) or all of them?

RKinner

2 Intern

 • 

5.9K Posts

February 20th, 2007 19:00

 
Download the above file and run it and it will create a boot disk for you.
 
Then reboot with the floppy in the drive (If it doesn't see the floppy on your next boot you will have to reboot and go into Setup (usually F1 or F2 - it should tell you - then find where it lets you set the boot order and change it to boot from the floppy first then the CD then the harddrive Save and Exit and it should read the floppy the next time.)
 
Once it boots up it should take you to the A:\ prompt.
 
Type with an Enter after the line:
 
fdisk
 
Depending on what version of fdisk it is you may get some questions about large drive support and NTFS first (answer Y) then it should come to a menu.  Probably a good idea to display the partitions first then delete.  Once you delete the partition all you have to do is pull the floppy and reboot with the Recovery CD and it should be familiar from there on in.
 
Ron

RKinner

2 Intern

 • 

5.9K Posts

February 20th, 2007 20:00

OK.  Try this one.
 
 
It will also want to make a bootable disk.  Should be able to clean the disk for you.
 
Ron

englisheeyore

116 Posts

February 20th, 2007 20:00

Says: No Primary DOS Partition to delete.
 
Therefore I guess the "Current Fixed disk drive: 1" above is referring to it already being fixed/deleted? :smileyindifferent:

englisheeyore

116 Posts

February 20th, 2007 20:00

Said: "No Extended DOS Partition to delete" also.... :smileysad:
 
 

RKinner

2 Intern

 • 

5.9K Posts

February 20th, 2007 20:00

OK Delete the Extended partition then.
 
Ron

englisheeyore

116 Posts

February 20th, 2007 22:00

Cute Partition Manager starts to burn the cd then gives me the message "Error creating boot disc."  I tried going to "Help" on the program but it says "failed."  (Thought maybe it was the cd so I tried another blank cd and same thing.
 
Third time's a charm? :-/ :smileyindifferent:

RKinner

2 Intern

 • 

5.9K Posts

February 21st, 2007 10:00

Maybe super fdisk?

 

http://www.ptdd.com/manual2.htm

 

Ron

RKinner

2 Intern

 • 

5.9K Posts

February 21st, 2007 17:00

I think it's just telling you that there is some free space on the drive that hasn't been partitioned.  Don't worry about it.  Main thing is to make sure the partition with XP on it is gone.
 
Ron

englisheeyore

116 Posts

February 21st, 2007 17:00

Do I insert the Windows XP cd now and continue on as usual?

englisheeyore

116 Posts

February 21st, 2007 17:00

Ron-
 
Was able to make a bootup disk (floppy) and rebooted and have just deleted partition 1 using PTDD Super Fdisk 1.0.
 
It originally said (before I deleted it):
 
 
Partition        Active       System       Label    Start      Space (MB)
     1                YES                                            C H S         
                        NO          [Free]                        0  1  1       39205
 
It looked about like that, and now the first partition is deleted (blank) and the bottom is the only one left. Do I delete the bottom partition as well? or no?
 


Message Edited by englisheeyore on 02-21-2007 01:47 PM

RKinner

2 Intern

 • 

5.9K Posts

February 21st, 2007 18:00

Yes.  Just remember to install the firewall before you connect to the network then only go to the Windows update site until you get all your updates installed.
 
Then uninstall whatever version of Java that HP gave you.  You should then be safe enough.

Ron
 
 

englisheeyore

116 Posts

February 21st, 2007 20:00

1) installed XP
2) installed Dell Resource CD (Device Drivers, Diagnostics and Utilities)...I couldn't remember exactly which drivers they had me install last time but I believe it was just the Audio, Video, Network (NIC), and Controller -- in other words (the ones that had a check mark next to them) -- so I only installed those drivers
3) rebooted and installed Zone Alarm (from a cd)
 
Am going to restart and will post as soon as I get updates from microsoft...

Was this post helpful?

View All

No Events found!

Top