it says “Windows cannot find ‘vshost.exe’ Make sure you typed the name correctly, and then try again” what’s up with this?
Posts Tagged ‘Clicked’
I Started My Pc A While Ago. Clicked On Drive D… Poof! Vshost.exe Error?
Sunday, November 1st, 2009Yahoo And Google Links Hijacked To Webcry And Porno Sites When Clicked From Search Engine?
Monday, October 12th, 2009Hi all,
The computer I am writing from is a working ambulance dispatch computer. The latest problem is the links from search enjines being redirected to webcry, and another site not affiliated with the search result link desired.
This is causing issues with the bosses thinking employees are cruising porno on the job. I am a supervisor and keep telling them that this is not nessesarilly the case as it does it automaticly, and my poor crews cant use a good tool for fear of a write up.
I am ok wit the computer and I have got AVG and Panda running the problem is restarting the computer as it is a busy machine and is needed to dispatch and track ambulance units and the log in process for this is sometimes too long. I have run hijack this and will post the log below, but I am gonna need as minimal reboots as possible.
So without further ado:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:26:50 PM, on 2/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\Dispat…
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\4XQZOXAB\HiJackThis[1]…
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://miltonambulance.com/default.aspx
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul…rch/search.html
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.d… (file missing)
F2 – REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.ex…
O2 – BHO: &Yahoo! Toolbar Helper – {02478D38-C3F9-4efb-9B51-7695ECA05670} – C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.d… (file missing)
O2 – BHO: Adobe PDF Reader Link Helper – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper…
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} – C:\Program Files\Google\GoogleToolbarNotifier\2.1.6… (file missing)
O2 – BHO: (no name) – {C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} – C:\Program Files\Online Add-on\isfmdl.dll (file missing)
O2 – BHO: e404 helper – {F10587E9-0E47-4CBE-84AE-7DD20B8685CC} – C:\Program Files\Helper\1201539470.dll
O3 – Toolbar: IE Custom Tools – {8113B5DE-F7EB-4154-A311-497FB80D8BD0} – C:\Program Files\Online Add-on\ictmdl.dll
O4 – HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 – HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 – HKLM\..\Run: [PKVOLUME] C:\Program Files\PKVolume\PKVOLUME.exe
O4 – HKLM\..\Run: [poolsv] “C:\WINDOWS\poolsv.exe”
O4 – HKLM\..\Run: [LogMeIn GUI] “C:\Program Files\LogMeIn\x86\LogMeInSystray.exe”
O4 – HKLM\..\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 – HKLM\..\Run: [SSBkgdUpdate] “C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe” -Embedding -boot
O4 – HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 – HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 – HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe
O4 – HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.ex… /autorun
O4 – HKLM\..\Run: [SM_IAN] C:\Program Files\AdvancedCleaner Free\ian_monitor.exe
O4 – HKLM\..\Run: [!AVG Anti-Spyware] “C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” /minimized
O4 – HKCU\..\Run: [FSCBoss] C:\Program Files\FSCBoss\FSCBoss.exe
O4 – HKCU\..\Run: [DW4] “C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe”
O4 – HKCU\..\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 – HKCU\..\Run: [Internet Accelerator] “C:\Program Files\Pointstone\Internet Accelerator\InternetAccelerator.exe”
O4 – HKCU\..\Run: [AntiSpywareShield] C:\Program Files\AntiSpywareShield\AntiSpywareShiel…
O4 – HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 – HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Macromed\SHOCKW~2\SW… -Update -1020023 -IEXPLORE.EXE6.0
O4 – HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Online Add-on\icthis.exe
O4 – HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Online Add-on\isfmntr.exe
O4 – Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O8 – Extra context menu item: &eBay Search – res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 – Extra context menu item: Add to AMV Convert Tool… – C:\Program Files\AMV Convert Tool 3.70\AMVConverter\grab.html
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.d…
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.d…
O9 – Extra button: Create Mobile Favorite – {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} – C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 – Extra button: (no name) – {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} – C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 – Extra ‘Tools’ menuitem: Create Mobile Favorite… – {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} – C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 – Extra button: (no name) – {85d1f590-48f4-11d9-9669-0800200c9a66} – C:\WINDOWS\bdoscandel.exe
O9 – Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 – {85d1f590-48f4-11d9-9669-0800200c9a66} – C:\WINDOWS\bdoscandel.exe
O9 – Extra button: (no name) – {9034A523-D068-4BE8-A284-9DF278BE776E} – http://www.ietoolgate.com/redirect.php (file missing)
O9 – Extra ‘Tools’ menuitem: IE Anti-Spyware – {9034A523-D068-4BE8-A284-9DF278BE776E} – http://www.ietoolgate.com/redirect.php (file missing)
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O14 – IERESET.INF: START_PAGE_URL=http://www.yahoo.com
O16 – DPF: {15589FA1-C456-11CE-BF01-000000000000} – http://www.errornuker.com/products/errn200…erInstaller.exe
O16 – DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) – http://www.worldwinner.com/games/v47/share…GamesLoader.cab
O16 – DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} – http://cdn.drivecleaner.com/installdrivecleanerstart.cab
O16 – DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) – C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 – DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA499} – https://pbells.broadjump.com/wizlet/BellSou…aller_3-0-0.cab
O16 – DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) – http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 – DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) – http://update.microsoft.com/microsoftupdat…b?1175759534765
O16 – DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} – http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 – DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) – http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 – DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} – http://a532.g.akamai.net/f/532/6712/5m/vir…l/installer.exe
O16 – DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) – http://by132fd.bay132.hotmail.msn.com/activex/HMAtchmt.ocx
O22 – SharedTaskScheduler: esperantido – {67dc0736-075a-4647-95f5-d5421b838fed} – C:\WINDOWS\system32\svxmhpz.dll
O23 – Service: Adobe LM Service – Adobe Systems – C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 – Service: AVG Anti-Spyware Guard – GRISOFT s.r.o. – C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 – Service: LogMeIn Maintenance Service (LMIMaint) – LogMeIn, Inc. – C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 – Service: LogMeIn – LogMeIn, Inc. – C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 – Service: McAfee Network Agent (McNASvc) – Unknown owner – c:\program files\common files\mcafee\mna\mcnasvc.exe (file missing)
O23 – Service: SiSoftware Database Agent Service (SandraDataSrv) – SiSoftware – C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP4a\Win32\RpcDataSrv.exe
O23 – Service: SiSoftware Sandra Agent Service (SandraTheSrv) – SiSoftware – C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP4a\RpcSandraSrv.exe
–
End of file – 9484 bytes
Any help will be greatly appreciated.
Pyromedic