User Name Password Register
DaniWeb IT Discussion Community
All
What is DaniWeb IT Discussion Community?
You're currently browsing the Viruses, Spyware and other Nasties section within the Tech Talk category of DaniWeb, a massive community of 456,234 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 3,745 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our Viruses, Spyware and other Nasties advertiser: 64-bit Windows Community
Views: 6486 | Replies: 3
Reply
Join Date: Aug 2004
Posts: 2
Reputation: piowaty is an unknown quantity at this point 
Rep Power: 0
Solved Threads: 0
piowaty piowaty is offline Offline
Newbie Poster

Help Help! Can't browse, use control panel or Explorer

  #1  
Aug 20th, 2004
Hello,
This is my first post on here, but I see that you have a few other people that you've helped in my predicament. I can not use IE, add printers, use windows explorer, or open control panel. I can use everything (except printers of course) inside of Safe Mode. I've tried downgrading to IE 5.5, reapplying SP4 on W2k, reloading and patching IE6, I've ran SFC, regsvr32 appwiz.cpl, and a few other things that I can't remember. I actively use and update spybot and adaware. I even renamed my profile and recreated it. Any help is very much appreciated. My HJT log is below. Originally I couldn't work at all as the shell would hang, but after using safe mode and disabling "show web content" on Active Desktop, I was able to atleast log in.

Logfile of HijackThis v1.98.2
Scan saved at 2:30:13 PM, on 8/20/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP1 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Citrix\ICA Client\ssonsvr.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://kpnet.kp.org/
O1 - Hosts file is located at: C:\WINNT\System32\drivers\etc\hosts
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe." /StartedFromRunKey
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [CPortPatch] C:\WINNT\DockQuickInstall\cppch.exe
O4 - Global Startup: Kaiser VPN Client.lnk = C:\Program Files\Kaiser\VPN Client\ipsecdialer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {60046ED9-8E77-11D0-9B21-0080C79EFE90} (VanGrid.VanGridCtrl) - file://C:\WINNT\TEMP\vangrid.cab
O16 - DPF: {BAF8BCAE-D9D1-11D0-9B21-0080C79EFE90} (VanTree.VanTreeCtrl) - file://C:\WINNT\TEMP\vantree.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = cs.msds.kp.org
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = cs.msds.kp.org
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = cs.msds.kp.org


Thank you!!!!!


-Tim
AddThis Social Bookmark Button
Reply With Quote  
Join Date: Feb 2004
Location: Oztralya
Posts: 8,016
Reputation: crunchie is a jewel in the rough crunchie is a jewel in the rough crunchie is a jewel in the rough 
Rep Power: 23
Solved Threads: 455
Moderator
Featured Poster
crunchie's Avatar
crunchie crunchie is offline Offline
Spyware Killer

Re: Help! Can't browse, use control panel or Explorer

  #2  
Aug 21st, 2004
Hi . You need to post a log that was scanned in normal mode.
Proud member of ASAP (Alliance of Security analysis Professionals).
Opera How you got infected AVAST anti-virus Comodo Firewall Spywareblaster

Please do not PM me for help. Instead, post in the public forum where others may benefit.
Reply With Quote  
Join Date: Aug 2004
Posts: 2
Reputation: piowaty is an unknown quantity at this point 
Rep Power: 0
Solved Threads: 0
piowaty piowaty is offline Offline
Newbie Poster

Re: Help! Can't browse, use control panel or Explorer

  #3  
Aug 26th, 2004
Hi Crunchie, Thanks for taking a look at this. It turns out that it was related to a mailbox migration that hadn't completed on lotus notes 6.5 on my office system. As soon as I redocked there, it completed the migration and the problem was resolved. In the case of people that can't get back to their network for it to finish, in the services.msc concole plugin, they can disable multi-user cleanup service and their system will then work off the network.

-Tim
Reply With Quote  
Join Date: Feb 2004
Location: Oztralya
Posts: 8,016
Reputation: crunchie is a jewel in the rough crunchie is a jewel in the rough crunchie is a jewel in the rough 
Rep Power: 23
Solved Threads: 455
Moderator
Featured Poster
crunchie's Avatar
crunchie crunchie is offline Offline
Spyware Killer

Re: Help! Can't browse, use control panel or Explorer

  #4  
Aug 27th, 2004
Thanks for getting back with that info. Hopefully it will help others with that problem.
Proud member of ASAP (Alliance of Security analysis Professionals).
Opera How you got infected AVAST anti-virus Comodo Firewall Spywareblaster

Please do not PM me for help. Instead, post in the public forum where others may benefit.
Reply With Quote  
Reply

Only community members can participate in forum threads. You must register or log in to contribute.

DaniWeb Viruses, Spyware and other Nasties Marketplace
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

 

Thread Tools Display Modes

Similar Threads
Other Threads in the Viruses, Spyware and other Nasties Forum

All times are GMT -4. The time now is 5:08 pm.
Forum system based on vBulletin Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
©2003 - 2008 DaniWeb® LLC