 |  |  |  |  |  |  |  |
SPYBOT error when booting XP
 |
I recently removed SPYBOT from my system. However, when I boot up my system, I receive the following error message: "Error while creating the log: Class not registered".
Everything on my system seems to be working on OK except I can no longer log on to AOL IM.
Any suggestions, please!
Everything on my system seems to be working on OK except I can no longer log on to AOL IM.
Any suggestions, please!
1. Do you mean that you removed the infection called "spybot", or the utility program called SpyBot?
2. You might want to run HijackThis and post the log file it generates. A download link for the program is in my sig below; instructions for using the program are listed in numerous previous threads in this forum.
2. You might want to run HijackThis and post the log file it generates. A download link for the program is in my sig below; instructions for using the program are listed in numerous previous threads in this forum.
"May the Wombat of Happiness snuffle through your underbrush."
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
•
•
•
•
Originally Posted by DMR
1. Do you mean that you removed the infection called "spybot", or the utility program called SpyBot?
2. You might want to run HijackThis and post the log file it generates. A download link for the program is in my sig below; instructions for using the program are listed in numerous previous threads in this forum.
I meant that I removed the utility program called SpyBot. Should I continue and run the HiJack This?
Thank you very much.
•
•
•
•
Originally Posted by CCG
I meant that I removed the utility program called SpyBot. Should I continue and run the HiJack This?
Thank you very much.
Thanks again.
Logfile of HijackThis v1.97.7
Scan saved at 11:30:29 AM, on 12/5/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Utilities\NPROTECT.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Speed Disk\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\WINDOWS\system32\RUNDLL32.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\Nortel Networks\AutoExt.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Norton Utilities\SYSDOC32.EXE
C:\Program Files\Outlook Express\MSIMN.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\CARLGL~1\LOCALS~1\Temp\Temporary Directory 1 for hjt[1].zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Extranet AutoDial] C:\Program Files\Nortel Networks\AutoExt.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton Utilities\SYSDOC32.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O9 - Extra button: WeatherBug (HKCU)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeup...ntent/opuc.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.co...031.4011921296
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) - http://www.microsoft.com/security/controls/SassCln.CAB
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/tech...a/SymAData.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/get...sh/swflash.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/tech...ActiveData.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} (MsnMusicAx Class) - https://music.msn.com/client/msnmusax2228.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AAEBB46F-8352-4308-BAF6-ECADD6191D5F}: NameServer = 198.190.226.3,198.190.226.30
You wasted your time with the log. I run a group called ITAD, we help neigbors etc with there PC problems.
We install all the essential tools that come free.
I gave most of them spybot and ad-aware, and on XP after a few reboots spybot wont load and you recieve a nice nasy error. First you have to uninstall the program. Run any updated needed on windows XP. Run all scan's (virus, scandisk etc) then reboot and reinstall. If this nice problem persist's please contact me.
We install all the essential tools that come free.
I gave most of them spybot and ad-aware, and on XP after a few reboots spybot wont load and you recieve a nice nasy error. First you have to uninstall the program. Run any updated needed on windows XP. Run all scan's (virus, scandisk etc) then reboot and reinstall. If this nice problem persist's please contact me.
is this a dream
We should all respect Dani, shes the admin and she does a damn good job!. Not to forget the rest of the mod's =)
http://img.photobucket.com/albums/v5...46/Sphyenx.jpg
We should all respect Dani, shes the admin and she does a damn good job!. Not to forget the rest of the mod's =)
http://img.photobucket.com/albums/v5...46/Sphyenx.jpg
•
•
•
•
Originally Posted by Sphyenx
You wasted your time with the log. I run a group called ITAD, we help neigbors etc with there PC problems.
We install all the essential tools that come free.
I gave most of them spybot and ad-aware, and on XP after a few reboots spybot wont load and you recieve a nice nasy error. First you have to uninstall the program. Run any updated needed on windows XP. Run all scan's (virus, scandisk etc) then reboot and reinstall. If this nice problem persist's please contact me.
You are welcome. I hope all works's.
is this a dream
We should all respect Dani, shes the admin and she does a damn good job!. Not to forget the rest of the mod's =)
http://img.photobucket.com/albums/v5...46/Sphyenx.jpg
We should all respect Dani, shes the admin and she does a damn good job!. Not to forget the rest of the mod's =)
http://img.photobucket.com/albums/v5...46/Sphyenx.jpg
•
•
•
•
Originally Posted by Sphyenx
You wasted your time with the log. I run a group called ITAD, we help neigbors etc with there PC problems.
We install all the essential tools that come free.
I gave most of them spybot and ad-aware, and on XP after a few reboots spybot wont load and you recieve a nice nasy error. First you have to uninstall the program. Run any updated needed on windows XP. Run all scan's (virus, scandisk etc) then reboot and reinstall. If this nice problem persist's please contact me.
Thanks in advance for any help.
I would say its a registry error. Other then that i was unfamilair with the log error, Ive never seen that one. Or at least I dont remeber it. Email Spybot them selves.
is this a dream
We should all respect Dani, shes the admin and she does a damn good job!. Not to forget the rest of the mod's =)
http://img.photobucket.com/albums/v5...46/Sphyenx.jpg
We should all respect Dani, shes the admin and she does a damn good job!. Not to forget the rest of the mod's =)
http://img.photobucket.com/albums/v5...46/Sphyenx.jpg
•
•
•
•
Originally Posted by Sphyenx
You wasted your time with the log...
1. "Logfile of HijackThis v1.97.7" - That is an outdated version of HJT. The current release version is 1.98.2; CCG should download (the link is in my sig below) and run the newer version and post the log that version generates.
2. " C:\DOCUME~1\CARLGL~1\LOCALS~1\Temp\Temporary Directory 1 for hjt[1].zip\HijackThis.exe" - HJT is being run from a Temp/Temporary directory, which is not advised; here's the explanation:
"The contents of Temp folders aren't permanent, and often get deleted in the course of routine system clean-up and/or troubleshooting. Create a new folder such as C:\HijackThis, C:\Downloads\HijackThis, or C:\Spyware Tools\HijackThis and move the program to that folder."
3. " O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain" - indicative of an infection by a variant of the WildTanget spyware.
4. " O9 - Extra button: WeatherBug (HKCU)" - indicates the presence (or previous presence) of the "WeatherBug" spyware component.
5.
•
•
•
•
Originally Posted by Sphyenx
....I gave most of them spybot and ad-aware, and on XP after a few reboots spybot wont load and you recieve a nice nasy error. First you have to uninstall the program....
"May the Wombat of Happiness snuffle through your underbrush."
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
|
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: No internet connection
- Next Thread: Hi can some1 tack a look at my highjack log for me
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Viruses, Spyware and other Nasties Posts
adware anti-malware anti-virussitesaccessissue antivirus apple attack avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial commercials conficker connect control crosssitescripting cyber cybercrime cyberwarfare ddos domains e-mafia education email europe exam exploit fake fancheckvirus gaming gtaiv gumblar halloween herss.exe hijack hosting internet iphone kaspersky legal mail malware mcafee mega-d messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile parents patch phishing police policeprovirusmba-mblockedinternetaccess president pro problem redirect reliability report research risk rogueantivirus samhain sans school search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista war windows worm yahoo zeroday
