Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Broadcast Proxy

Options
  • 25-11-2005 2:01am
    #1
    Funkygreendogs
    Registered Users Posts: 207 ✭✭


    I keep getting an error with this 'Broadcast proxy' every time my computer boots up, i cant visit any websites ...etc computer is generally ****ed but if i could get online i wouldnt be so pissed off, can anyone shed some light on this since micro$oft are no where to be found in any google searches for help and im clutching at straws defragging and error scanning im down to at this stage,

    please help
    jay


Comments

  • Options
    #2
    aidan_walsh
    Closed Accounts Posts: 17,208 ✭✭✭✭aidan_walsh


    Full message please?


  • Options
    #3
    Funkygreendogs
    Registered Users Posts: 207 ✭✭Funkygreendogs


    wow speedy reply i was just comming back to edit in more information...

    Its one of those 'unhandled exceptions' doesnt really give much information, ill try give a fuller report tomorrow, its windowsxp and im using dialup was working fine at first but after a while i tried signing into msn and it said it couldnt find the default gateway and then thats when i couldnt connect to any websites

    [edit] I also suspect i could have been infected with some malicious code since i checked the hosts file and it was modified with a list of anti-virus websites pointing to 127.0.0.1 so i couldnt visit them (the cheeky bastids) and there was some traces of spyware, that seems to be fixed now all the currently running processes i recognize, however maybe there was some bad code somewhere that bollixed a registry setting?
    never heard of this happening before though...


  • Options
    #4
    Funkygreendogs
    Registered Users Posts: 207 ✭✭Funkygreendogs


    OK the full error message is:

    "The instruction at 0x46a13db4 referenced memory at 0x0000000. The memory could not be read"

    clicking on more gives:

    "Appname broadc~1.exe
    Modname ecengi~1.dll
    Modversion 1.0.0.1"


  • Options
    #5
    CapatalisimCod
    Closed Accounts Posts: 29 CapatalisimCod


    127.0.0.1 is local host address IE: your machine...can you a post a hijack this log...

    Download installation files from another machine too floppy, its about 250k if I remember or if you have a flash drive even better then install on your infected machine.

    Download from..
    http://tomcoyote.org/hjt


  • Options
    #6
    Funkygreendogs
    Registered Users Posts: 207 ✭✭Funkygreendogs


    ok here is the hijack this log:

    Logfile of HijackThis v1.99.1
    Scan saved at 17:59:39, on 28/11/2005
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Deerfield.com\VisNetic Firewall\DFW.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\RunDll32.exe
    C:\WINDOWS\mHotkey.exe
    C:\WINDOWS\CNYHKey.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Medion Home Cinema XL II\PowerCinema\PCMService.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\ChrisTV\ChrisTV_Agent.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\System32\ATWTUSB.EXE
    C:\WINDOWS\System32\PRISMSTA.EXE
    C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    C:\WINDOWS\Dit.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\DitExp.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
    C:\Program Files\GetRight\getright.exe
    C:\Program Files\GetRight\getright.exe
    C:\Program Files\Nokia\PC Suite for Nokia N-Gage\ConnMngmntBox.exe
    C:\WINDOWS\System32\TBLMOUSE.EXE
    C:\Program Files\UltraMon\UltraMon.exe
    C:\Program Files\UltraMon\UltraMonTaskbar.exe
    C:\Quake3\HijackThis.exe
    C:\PROGRA~1\Intuwave\Shared\MROUTE~1\MROUTE~2.EXE

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
    O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet3_88.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
    O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Medion Home Cinema XL II\PowerCinema\PCMService.exe"
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [ChrisTV Agent] "C:\Program Files\ChrisTV\ChrisTV_Agent.exe"
    O4 - HKLM\..\Run: [Atwtusb] RUNDLL32 FuncKey.DLL,ExtFuncCall AA
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
    O4 - HKLM\..\Run: [Microsoft System Checkup] libsys32.e1x1e
    O4 - HKLM\..\Run: [NT Logging Service] sys1og32.e1e
    O4 - HKLM\..\Run: [Microsoft Windows Automatic Games Updater] msgam1e321exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    O4 - HKLM\..\Run: [Dit] Dit.exe
    O4 - HKLM\..\Run: [saap] c:\program files\180search assistant\sa\saap.e12x1e
    O4 - HKLM\..\Run: [New.net Startup] 1rundll32 C:\P1ROGRA~1\NEW1DOT~1\NE1WDOT~1.DLL,NewDotNetStartup
    O4 - HKLM\..\RunServices: [Microsoft System Checkup] li11bsy11s32.exe
    O4 - HKLM\..\RunServices: [mouse] m11use.11exe
    O4 - HKLM\..\RunServices: [Microsoft Windows Automatic Games Updater] ms111game132.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: PCSuiteForNokiaN-Gage Detect.lnk = C:\Program Files\Nokia\PC Suite for Nokia N-Gage\ConnMngmntBox.exe
    O4 - Global Startup: PCSuiteForNokiaN-Gage TS.lnk = C:\Program Files\Nokia\PC Suite for Nokia N-Gage\ECTaskScheduler.exe
    O4 - Global Startup: UltraMon.lnk = C:\Program Files\UltraMon\UltraMon.exe
    O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
    O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie.htm
    O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet3_88.dll' missing
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125775193903
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125775152325
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
    O23 - Service: VisNetic Firewall (DeerfieldFirewall) - 8Signs Ltd. - C:\Program Files\Deerfield.com\VisNetic Firewall\DFW.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NT login service (ntlogin32) - Unknown owner - C:\WINDOWS\System32\libsys32.exe (file missing)
    O23 - Service: RadClock - Unknown owner - C:\Program Files\RadLinker\RadClock.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe


    btw those files: O4 - HKLM\..\Run: [Microsoft System Checkup] libsys32.e1x1e
    are old registry entries for spyware, ive just modified them so they cant find the path instead of removing them as most spyware will preform a check to see if the registry setting is there and wont re-install a second time, so you can ignore those basically.


  • Advertisement
  • Options
    #7
    Karoma
    Registered Users Posts: 19,396 ✭✭✭✭Karoma


    I presume you nuked 180search assistant also..?
    I also presume that you've checked firewall settings/config and ruled it out..?

    Post your HOSTS as it is now.

    Do you have SP2 installed? (..but using Sitecom btooth..?)


  • Options
    #8
    Funkygreendogs
    Registered Users Posts: 207 ✭✭Funkygreendogs


    Yea i nuked the 180 aswell, and im pretty sure its not firewall settings. It keeps comming up with a message box saying 'server busy' and when i click on 'switch to' the start menu comes up. The program that scans for errors wont startup when its supposed to run next time windows boots up that keeps crashing as well. its really wreakin me tits now


Advertisement