[rylee]

When i try to analyze it says not connected to the internet ???????

[Advertisements]

Hijack this will not tell you much about your machine what issues are you having?

[rockmilk]

Hijack this will not tell you much about your machine what issues are you having?

[rylee]

shockwave flash keeps crashing

[rockmilk]

Please download MINITOOLBOX and run it.
http://download.blee...MiniToolBox.exe

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.


Download Autoruns and Autorunsc
http://download.sysi...es/Autoruns.zip
Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

[rylee]

MiniToolBox by Farbar Version:10-01-2013
Ran by Owner (administrator) on 01-02-2013 at 07:30:39
Running from "C:\Documents and Settings\Owner\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================


WARNING: Could not obtain host information from machine: [JAE-7386725313B]. Some commands may not be available.
The RPC server is unavailable.



# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : jae-7386725313b

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

Physical Address. . . . . . . . . : 00-0D-56-68-49-A9

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.5

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 208.104.244.45

208.104.2.36

208.104.2.85

Lease Obtained. . . . . . . . . . : Friday, February 01, 2013 7:30:00 AM

Lease Expires . . . . . . . . . . : Friday, February 01, 2013 8:30:00 AM

Server: ns1.comporium.net
Address: 208.104.244.45

Name: google.com
Addresses: 74.125.137.100, 74.125.137.101, 74.125.137.102, 74.125.137.113
74.125.137.138, 74.125.137.139



Pinging google.com [74.125.137.138] with 32 bytes of data:



Reply from 74.125.137.138: bytes=32 time=32ms TTL=46

Reply from 74.125.137.138: bytes=32 time=32ms TTL=46



Ping statistics for 74.125.137.138:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 32ms, Maximum = 32ms, Average = 32ms

Server: ns1.comporium.net
Address: 208.104.244.45

Name: yahoo.com
Addresses: 98.138.253.109, 98.139.183.24, 206.190.36.45



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=97ms TTL=45

Reply from 206.190.36.45: bytes=32 time=128ms TTL=45



Ping statistics for 206.190.36.45:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 97ms, Maximum = 128ms, Average = 112ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0d 56 68 49 a9 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.5 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.5 192.168.0.5 20
192.168.0.5 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.5 192.168.0.5 20
224.0.0.0 240.0.0.0 192.168.0.5 192.168.0.5 20
255.255.255.255 255.255.255.255 192.168.0.5 192.168.0.5 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/23/2013 08:58:12 PM) (Source: Application Hang) (User: )
Description: Hanging application Photoshop.exe, version 12.1.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/23/2013 00:03:38 PM) (Source: Google Update) (User: JAE-7386725313B)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7

Error: (01/23/2013 05:07:55 AM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.

Error: (01/23/2013 05:07:45 AM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.

Error: (01/23/2013 05:07:07 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/23/2013 05:07:05 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/23/2013 01:43:37 AM) (Source: Application Hang) (User: )
Description: Hanging application AcroRd32.exe, version 11.0.1.36, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/21/2013 11:20:06 PM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.

Error: (01/21/2013 11:12:35 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/20/2013 11:38:58 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The specified server cannot perform the requested operation.


System errors:
=============
Error: (01/23/2013 02:33:04 PM) (Source: Schedule) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942402

Error: (01/21/2013 11:25:02 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {03E0E6C2-363B-11D3-B536-00902771A435} did not register with DCOM within the required timeout.

Error: (01/21/2013 11:22:33 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {03E0E6C2-363B-11D3-B536-00902771A435} did not register with DCOM within the required timeout.

Error: (01/21/2013 07:23:20 AM) (Source: PlugPlayManager) (User: )
Description: The device Root\LEGACY_CCSET_NST\0000 disappeared from the system without first being prepared for removal.

Error: (01/21/2013 07:11:42 AM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Norton AntiVirus service, but this action failed with the following error:
%%1056

Error: (01/21/2013 07:09:36 AM) (Source: Service Control Manager) (User: )
Description: The Common Client Job Manager Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (01/21/2013 07:09:36 AM) (Source: Service Control Manager) (User: )
Description: The Norton AntiVirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (01/21/2013 07:09:36 AM) (Source: Service Control Manager) (User: )
Description: The Norton Identity Safe service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (01/21/2013 06:56:47 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (01/18/2013 01:26:20 AM) (Source: Service Control Manager) (User: )
Description: The Kodak AiO Network Discovery Service service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (01/23/2013 08:58:12 PM) (Source: Application Hang)(User: )
Description: Photoshop.exe12.1.0.0hungapp0.0.0.000000000

Error: (01/23/2013 00:03:38 PM) (Source: Google Update)(User: JAE-7386725313B)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7

Error: (01/23/2013 05:07:55 AM) (Source: Application Hang)(User: )
Description: 1180947459

Error: (01/23/2013 05:07:45 AM) (Source: Application Hang)(User: )
Description: 1180947459

Error: (01/23/2013 05:07:07 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (01/23/2013 05:07:05 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (01/23/2013 01:43:37 AM) (Source: Application Hang)(User: )
Description: AcroRd32.exe11.0.1.36hungapp0.0.0.000000000

Error: (01/21/2013 11:20:06 PM) (Source: Application Hang)(User: )
Description: 1180947459

Error: (01/21/2013 11:12:35 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (01/20/2013 11:38:58 PM) (Source: crypt32)(User: )
Description: http://www.download....hrootseq.txtThe specified server cannot perform the requested operation.


=========================== Installed Programs ============================

Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Photoshop CS5.1 (Version: 12.1)
Adobe Reader XI (11.0.01) (Version: 11.0.01)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
aioprnt (Version: 5.3.1.0)
aioscnnr (Version: 6.2.3.10)
aioscnnr (Version: 7.3.4.0)
Anti-phishing Domain Advisor (Version: 1.0.0.0)
avast! Internet Security (Version: 6.0.1367.0)
Broadcom 440x 10/100 Integrated Controller (Version: 3.29)
C4USelfUpdater (Version: 1.00.0000)
center (Version: 6.2.5.0)
couponamazing (Version: 1.1358978120)
DefaultTab (Version: 1.3.1.0)
Dell ResourceCD
essentials (Version: 6.0.14.0)
ExpressFiles (Version: 1.4.4)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Flying Valentine Screensaver 1.0
Google Chrome (Version: 24.0.1312.56)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
Intel® Extreme Graphics Driver
Internet Explorer Toolbar 4.7 by SweetPacks (Version: 4.7.0002)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 38 (Version: 6.0.380)
Kodak AIO Printer (Version: 7.0.3.0)
KODAK AiO Software (Version: 7.6.12.20)
ksDIP (Version: 3.20.0000.0001)
LiveReg (Symantec Corporation) (Version: 2.4.2.2295)
LiveUpdate 1.90 (Symantec Corporation) (Version: 1.90.15.0)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Home Publishing 2000 (Version: 4.0.0000)
Microsoft Picture It! Photo Premium 9 (Version: 9.0.0.0000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
MSRedist (Version: 1.0.0.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
Norton GoBack Personal Edition (Symantec Corporation)
Norton Password Manager (Version: 1.00.00)
Norton PC Checkup (Version: 2.0.17.20)
Norton PC Checkup (Version: 3.0.2.122.0)
Norton SystemWorks 2004 (Symantec Corporation) (Version: 7.02.00)
Norton SystemWorks 2004 (Version: 7.02.00)
Norton Utilities (Version: 16.0.0)
NSW_DRM_COLLECTION (Version: 1.0.0)
ocr (Version: 6.2.3.50)
P2P_Energy Toolbar (Version: )
PC Cleaners
PDF Creator
PDF Creator Packages
PDF Creator Packages 87
PDF Settings CS5 (Version: 10.0)
PlayBryte
PreReq (Version: 6.2.4.0)
PrintProjects (Version: 1.0.0.9282)
SoundMAX (Version: 5.12.01.5246)
SweetIM for Messenger 3.7 (Version: 3.7.0007)
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Manager for SweetPacks 1.1 (Version: 1.1.0008)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR 4.00 (32-bit) (Version: 4.00.0)
WinZip 15.0 (Version: 15.0.9302)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Devices: ================================


**** End of log ****

[rockmilk]

The autoruns log please.

[rockmilk]

Any luck with the autoruns log?

[rylee]

auto run

[rylee]

ar

[rockmilk]

Download Autoruns and Autorunsc
http://download.sysi...es/Autoruns.zip
Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

[rylee]

you know what i think i have a bigger problem to address first when i restart i get CAN'T FIND SCRIPT ENGINE FOR SCRIPT C:\documents and settings\all users\application\data\jre6\bin\comcat.js script
any thoughts on this ty

[rockmilk]

Remove the item below.

Java™ 6 Update 38 (Version: 6.0.380)

Reboot the machine.

Are you having trouble with the autoruns

[rylee]

yes

[rylee]

wont let me remove java "The windows installer service could not be accessed. this can occur if in safe mode or if windows installer is not correctly installed

[rockmilk]

Please post a new thread in the malware removal area and once cleared and you still have issues then please come back here so we can settle this.

http://www.geekstogo...cleaning-guide/