Microsoft
Software
Hardware
Network
Question : windows/system32/shoch.dll<wbr />/dnserror after using lava soft ad-aware se
I loaded lava soft ad-aware se on my computer and after deleting the critical files it found my computer would connect to the internet but the internet explorer will not display any web page at all. I talked to the internet service provider and we checked all their settings and they were ok, I installed a different browser and it will not open a page. I get a error of windows/system32/shoclc.dl
l/dnserror
. I saw another question like this and tried every thing untill I got to the hijack this file and i don't know what to do with it
Logfile of HijackThis v1.98.2
Scan saved at 5:37:14 PM, on 10/24/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.e
xe
C:\WINDOWS\system32\winlog
on.exe
C:\WINDOWS\system32\servic
es.exe
C:\WINDOWS\system32\lsass.
exe
C:\WINDOWS\system32\svchos
t.exe
C:\WINDOWS\System32\svchos
t.exe
C:\WINDOWS\system32\LEXBCE
S.EXE
C:\WINDOWS\system32\spools
v.exe
C:\WINDOWS\Nhksrv.exe
C:\WINDOWS\System32\CTsvcC
DA.EXE
C:\WINDOWS\System32\nvsvc3
2.exe
C:\Program Files\ViRobotXP\vrmonsvc.e
xe
C:\WINDOWS\System32\MsPMSP
Sv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\DELLMMKB.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\devldr
32.exe
C:\WINDOWS\System32\spool\
DRIVERS\W3
2X86\3\pri
ntray.exe
C:\PROGRA~1\LEXMAR~1\ACMon
itor_X73.e
xe
C:\PROGRA~1\LEXMAR~1\AcBtn
Mgr_X73.ex
e
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATC
H Jukebox\mm_tray.exe
C:\Program Files\Common Files\Presentia\LSvr.exe
C:\Program Files\ViRobotXP\vrmonnt.ex
e
C:\Program Files\ViRobotXP\Vrres.exe
C:\Program Files\FarStone\HackerSmack
er\FireWal
l.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Yahoo!\Messenger\yms
gr_tray.ex
e
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\FarStone\HackerSmack
er\GetNetT
ime.exe
C:\Program Files\HijackThis.exe
R1 - HKCU\Software\Microsoft\In
ternet Explorer\Main,Default_Page
_URL =
http://www.dellnet.com
R0 - HKCU\Software\Microsoft\In
ternet Explorer\Main,Start Page =
http://www.dellnet.com/
R0 - HKCU\Software\Microsoft\In
ternet Explorer\Toolbar,LinksFold
erName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-7
84B7D6BE0B
3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEH
elper.ocx
O2 - BHO: Yahoo! Companion BHO - {13F537F0-AF09-11d6-9029-0
002B31F9E5
9} - (no file)
O2 - BHO: WindowsIE.clsIS - {2E12B523-3D4C-4FAC-9B04-0
376A8F5E87
9} - c:\windows\WindowsIE.dll
O2 - BHO: Farstone Url Blocker - {316AEF8D-3C37-423E-9E6E-1
3820A9DC37
A} - C:\PROGRA~1\FarStone\HACKE
R~1\IrlOnI
E.dll
O2 - BHO: LinkTracker Class - {6A6E50DC-BFA8-4B40-AB1B-1
59E03E829F
D} - C:\WINDOWS\System32\lmf32.
dll
O2 - BHO: Farstone Popup Blocker - {E22F9B9D-1A1F-473E-BED6-D
8BC152441F
4} - C:\PROGRA~1\FarStone\HACKE
R~1\FARPOP
~1.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-0
0A0C908246
7} - C:\WINDOWS\System32\msdxm.
ocx
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0
090271D4F8
8} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Prog
ram\AHQIni
t.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\
DRIVERS\W3
2X86\3\pri
ntray.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMon
itor_X73.e
xe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtn
Mgr_X73.ex
e
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe
" -atboottime
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATC
H Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [LSvr] C:\Program Files\Common Files\Presentia\LSvr.exe
O4 - HKLM\..\Run: [OSS] c:\windows\system32\osspro
xy.exe -boot
O4 - HKLM\..\Run: [Vrmon] C:\Program Files\ViRobotXP\vrmonnt.ex
e Main
O4 - HKLM\..\Run: [VrSchedule] C:\Program Files\ViRobotXP\Vrres.exe
O4 - HKLM\..\Run: [dwStart] C:\Program Files\FarStone\HackerSmack
er\FireWal
l.exe
O4 - HKLM\..\Run: [Jawa32] C:\WINDOWS\jawa32.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypa
ger.exe -quiet
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [WinMX] C:\Program Files\WinMX\WinMX.exe -m
O4 - Global Startup: Camio Viewer 2000.lnk = C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe
O4 - Global Startup: Forget Me Not.lnk = C:\Program Files\Broderbund\AG CreataCard\AGRemind.exe
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.h
tm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackLis
t.htm
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-0
06097DBED3
7} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-0
06097DBED3
7} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-0
06097DBED3
7} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-0
06097DBED3
7} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-0
0B0D0A1DE4
5} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-0
0C0F0318AF
E} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0
050045C3C9
6} - C:\PROGRA~1\Yahoo!\MESSEN~
1\YPager.e
xe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0
050045C3C9
6} - C:\PROGRA~1\Yahoo!\MESSEN~
1\YPager.e
xe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0
0C04F79568
3} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0
0C04F79568
3} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'osmim.dll' missing
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.
dll
O16 - DPF: Yahoo! Pool 2 -
http://download.games.yaho
o.com/game
s/clients/
y/potd_x.c
ab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1
E41684E07B
B} -
http://ak.imgfarm.com/imag
es/nocache
/funwebpro
ducts/
Smil
eyCentralI
nitialSetu
p1.0.0.6.e
xe
O16 - DPF: {34805D32-AD89-469E-8503-A
5666AEE433
3} (RdxIE Class) -
http://207.188.25.41/09f37
3839dd3822
afd00/netz
ip/RdxIE.c
ab
O16 - DPF: {41F17733-B041-4099-A042-B
518BB6A408
C} -
http://a1540.g.akamai.net/
7/1540/52/
20011217/
q
tinstall.i
nfo.apple.
com/qt505/
us/win/Qui
ckTimeInst
aller.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0
050DA18DE7
1} -
http://software-dl.real.co
m/01ba8912
db07440bb3
02/netzip/
RdxIE2.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-0
0105A1F0D6
8} (InstallShield International Setup Player) -
http://www.installengine.c
om/engine/
isetup.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-0
0104B06BDE
3} (CamImage Class) -
http://keys3.expr.net/axis
cam/Codeba
se/AxisCam
Control.oc
x
O16 - DPF: {CD17FAAA-17B4-4736-AAEF-4
36EDC304C8
C} (ContentAuditX Control) -
http://a840.g.akamai.net/7
/840/5805/
v1503/
www.
contentwat
ch.com/aud
it/include
s/ContentA
uditContro
l.cab
O16 - DPF: {D22AC3EF-B7D8-11D5-A281-0
05056BF010
1} (plug Class) -
http://dist02.chargitdial.
com/chargi
tplug.dll
O16 - DPF: {E2B2B5A1-B48C-4886-A318-7
23916A0102
4} (SBFullInst Control) -
http://www.spyblast.com/do
wnload/SBF
ullWU.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0
090271D4F8
8} -
http://us.dl1.yimg.com/dow
nload.yaho
o.com/dl/t
oolbar/
yie
bio5_0_2_4
.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-5
87CAF3EE8C
6} (MSN Chat Control 4.5) -
http://chat.msn.com/bin/ms
nchat45.ca
b
O18 - Filter: text/html - {E64E4E60-EF13-4C79-A159-1
19762E1818
1} - C:\WINDOWS\System32\lmf32.
dll
I would appreciate any help
Answer : windows/system32/shoch.dll<wbr />/dnserror after using lava soft ad-aware se
O10 - Broken Internet access because of LSP provider 'osmim.dll' missing ................could be your problem, try this to solve your problem
http://www.cexx.org/lspfix
.htm
Random Solutions
Server Replication.
SQL 2005 Rebuild Index Keep Index Online Option
Call a method on a child class when inherited in Ruby
tcgetattr
Transfer files between Mac and PC
Windows XP Home Edition does not store passwords
Rename Batch File does not work on Windows 2003 Server, but it does on Windows XP?
Pepervision3D classes problem
Javascript prompt boxes
Bring up SAN replicated RAC database from a Non-RAC instance
