Ad:

Viruses, Spyware and other Nasties Discussion Thread
Unsolved
Views: 3994

Page 1
2
Next

You are currently viewing page 1 of this multi-page discussion thread

Aug 20th, 2006

IE and Folders won't open

Expand Post »

Hello, i'm new to the forums, i stumbled across some of your threads fixing peoples computers with similar problems. i tried some of processes to no avail. So far programs i've tried include Ad-Aware. Spy Bot, Cleanup!, Ewido anti spy-ware, and the anti virus i tried were AVG and Drweb cureit. Also i've tried system restore to no avail, and safemode will not load up, it lets me log into an account then everythign dissapears.

heres my hijack this log

Logfile of HijackThis v1.99.1
Scan saved at 12:47:24 AM, on 8/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Dan\Desktop\MOZILLA\firefox.exe
C:\WINDOWS\TEMP\win46A.tmp.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Dan\LOCALS~1\Temp\Rar$EX00.984\HijackThis.exe
C:\DOCUME~1\Dan\LOCALS~1\Temp\Rar$EX00.062\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.mrfindalot.com/search.asp?si=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.mrfindalot.com/search.asp?si=
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3D1D2C54-C513-4D4A-BADA-14A2256A92C5} - C:\WINDOWS\system32\pmnll.dll
O2 - BHO: (no name) - {57B28C16-87D7-4500-AC5B-22775BF95C38} - C:\WINDOWS\system32\pmnll.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ed794649.exe] C:\Documents and Settings\Dan\Local Settings\Application Data\ed794649.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.elitemediagroup.net
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O15 - Trusted Zone: *.mmohsix.com
O15 - Trusted Zone: http://www.popcap.com
O15 - Trusted Zone: http://www.runescape.com
O15 - Trusted Zone: http://scanner.sysprotect.com
O15 - Trusted Zone: http://*.systemdoctor.com
O15 - Trusted Zone: http://www.winantivirus.com
O15 - Trusted Zone: http://www.winantiviruspro.com
O15 - Trusted Zone: http://download.cdn.winsoftware.com
O15 - Trusted IP range: http://202.67.220.225
O15 - Trusted IP range: http://59.148.220.121
O15 - Trusted IP range: http://62.4.84.53
O15 - Trusted IP range: http://82.98.235.58
O15 - Trusted IP range: http://85.12.25.90
O16 - DPF: {00000000-0000-0000-0000-100005000004} - http://code.trasferimento.biz/l/0e7817e003ea93d4a5b9cb93f3a29df9_35.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/pcpitstop.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgUS2404.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup161.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: pmnll - C:\WINDOWS\system32\pmnll.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winrir32 - C:\WINDOWS\SYSTEM32\winrir32.dll
O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - C:\WINDOWS\system32\urroxtl.dll (file missing)
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Any help would be greatly appreciated. i've been trying for days to fix this and my mum's none to pleased about it...

Similar Threads

Can I recover deleted items after recycle bin has been emptied? in Windows NT / 2000 / XP
locked folders doesnt open in Windows NT / 2000 / XP
Removal of "Home Search Assistant", "Search Extender", & "Shopping Wizard" in Viruses, Spyware and other Nasties
Search Extender, spyware help... in Viruses, Spyware and other Nasties
PC shuts itself down :restart: recovered from serious error in Viruses, Spyware and other Nasties

super_he_man

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

11 posts
since Aug 2006

Permalink

Aug 20th, 2006

Re: IE and Folders won't open

I've also as a last resort tried Norton, but i try to avoid it like the plaque, its ran out of renewl, so its out of date for a few months

super_he_man

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

11 posts
since Aug 2006

Permalink

Aug 20th, 2006

Re: IE and Folders won't open

alright... um.. still need some help, nothing i've tried has done anything, i re ran ewido and ad aware and it found alot more stuff.. so i'm guessing what evers causeing the problem is still doing stuff. heres my hijack log after the new scans

Logfile of HijackThis v1.99.1
Scan saved at 1:48:29 PM, on 8/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Dan\Desktop\MOZILLA\firefox.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Dan\LOCALS~1\Temp\Rar$EX00.640\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.mrfindalot.com/search.asp?si=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.mrfindalot.com/search.asp?si=
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R3 - Default URLSearchHook is missing
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ed794649.exe] C:\Documents and Settings\Dan\Local Settings\Application Data\ed794649.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.elitemediagroup.net
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O15 - Trusted Zone: *.mmohsix.com
O15 - Trusted Zone: http://www.popcap.com
O15 - Trusted Zone: http://www.runescape.com
O15 - Trusted Zone: http://scanner.sysprotect.com
O15 - Trusted Zone: http://*.systemdoctor.com
O15 - Trusted Zone: http://www.winantivirus.com
O15 - Trusted Zone: http://www.winantiviruspro.com
O15 - Trusted Zone: http://download.cdn.winsoftware.com
O15 - Trusted IP range: http://202.67.220.225
O15 - Trusted IP range: http://59.148.220.121
O15 - Trusted IP range: http://62.4.84.53
O15 - Trusted IP range: http://82.98.235.58
O15 - Trusted IP range: http://85.12.25.90
O16 - DPF: {00000000-0000-0000-0000-100005000004} - http://code.trasferimento.biz/l/0e7817e003ea93d4a5b9cb93f3a29df9_35.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/pcpitstop.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgUS2404.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup161.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - C:\WINDOWS\system32\urroxtl.dll (file missing)
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

super_he_man

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

11 posts
since Aug 2006

Permalink

Aug 21st, 2006

Re: IE and Folders won't open

I definitely see infections in that log, but I'd like to see a report from an ewido scan as well before digging in to the fixes.

Please configure and run ewido as follows:

* Open ewido and click the Update button to make sure that you have the absolutely most current updates installed. Close the program once the updates are installed.

* * Reboot your computer in Safe Mode by doing the following :

Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, a menu with options should appear;
Select the first option, to run Windows in Safe Mode, then press "Enter".
Log in to the Administrator account.

Once booted in to Safe Mode:

* Open ewido

Click on scanner at the top of the Ewido sceen
Click on Settings
Under How to Act click on Recommended Action choose Delete.
Under How to scan, all boxes should be selected
Under Possibly unwanted software, all boxes should be selected
On right side under Reports: click on Automatically generate report after every scan.
Under What to scan, select scan every file
Clickon the Scan Tab
Click on Complete system scan
Let the program scan the machine It can take awhile give it time.
When scan has finished At bottom of screen click Apply all Actions
Click Save report
Click Save Report as (Save as window's screen should pop up.)
Click desktop
Click Save
Exit ewido

* Reboot normally and then run HijackThis again.

* Post the contents of the new HijackThis log and the ewido log.

DMR

Team Colleague

Reputation Points: 221

Solved Threads: 369

Wombat At Large

Offline

6,439 posts
since Dec 2003

Permalink

Aug 22nd, 2006

Re: IE and Folders won't open

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 8:57:35 PM 8/21/2006

+ Scan result:

C:\WINDOWS\g2318828.dll -> Downloader.Delf.aeo : No action taken.
C:\WINDOWS\g6523046.dll -> Downloader.Delf.aeo : No action taken.
:mozilla.10:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.15:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.36:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.10:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.6:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.7:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Adjuggler : No action taken.
:mozilla.100:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.93:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.96:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.97:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.98:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.101:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.94:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.95:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.99:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Dan\Cookies\dan@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
:mozilla.9:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.44:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Bill & Trish\Cookies\bill & trish@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.25:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Dan\Cookies\dan@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.104:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.105:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.26:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.85:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.86:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.87:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.88:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.89:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.90:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.91:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.92:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Bill & Trish\Cookies\bill & trish@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.40:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.42:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.43:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.47:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.48:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.49:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.50:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.51:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.18:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.19:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.20:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.21:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.22:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.23:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.24:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.9:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.102:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.103:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Bill & Trish\Local Settings\Temporary Internet Files\Content.IE5\45EZ4TE3\bgates[1].exe -> Trojan.Dialer.pz : No action taken.
C:\WINDOWS\Temp\idd4B0.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\WINDOWS\Temp\idd4B2.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\WINDOWS\Temp\idd4D7.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\WINDOWS\Temp\idd83D.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\WINDOWS\Temp\idd880.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\WINDOWS\Temp\idd8C8.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\WINDOWS\Temp\idd9BE.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\WINDOWS\Temp\iddAA9.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\WINDOWS\Temp\iddB63.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\WINDOWS\Temp\iddBC4.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\WINDOWS\Temp\iddCE5.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\WINDOWS\Temp\iddCE6.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\WINDOWS\Temp\iddD5B.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\WINDOWS\Temp\iddD8F.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\WINDOWS\Temp\iddDC4.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\WINDOWS\Temp\iddDF7.tmp.exe -> Trojan.Dialer.qy : No action taken.
C:\Documents and Settings\Bill & Trish\Local Settings\Temporary Internet Files\Content.IE5\45EZ4TE3\srvydf[1].exe -> Trojan.Pakes : No action taken.
C:\Documents and Settings\Bill & Trish\Local Settings\Temporary Internet Files\Content.IE5\AZYB4ZGF\srvfty[1].exe -> Trojan.Pakes : No action taken.
C:\WINDOWS\Temp\win495.tmp.exe -> Trojan.Pakes : No action taken.
C:\WINDOWS\Temp\win4AF.tmp.exe -> Trojan.Pakes : No action taken.

::Report end

Logfile of HijackThis v1.99.1
Scan saved at 12:17:00 AM, on 8/22/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Dan\Local Settings\Application Data\ed794649.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Documents and Settings\Dan\Desktop\MOZILLA\firefox.exe
C:\Documents and Settings\Dan\Desktop\Ventrilo.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Dan\LOCALS~1\Temp\Rar$EX00.437\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.mrfindalot.com/search.asp?si=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.mrfindalot.com/search.asp?si=
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R3 - Default URLSearchHook is missing
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [ed794649.exe] C:\WINDOWS\system32\ed794649.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ed794649.exe] C:\Documents and Settings\Dan\Local Settings\Application Data\ed794649.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.elitemediagroup.net
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O15 - Trusted Zone: *.mmohsix.com
O15 - Trusted Zone: http://www.popcap.com
O15 - Trusted Zone: http://www.runescape.com
O16 - DPF: {00000000-0000-0000-0000-100005000004} - http://code.trasferimento.biz/l/0e7817e003ea93d4a5b9cb93f3a29df9_35.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/pcpitstop.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgUS2404.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup161.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - C:\WINDOWS\system32\urroxtl.dll (file missing)
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Safemode won't start, i had to start the scan through safemode with command promt

super_he_man

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

11 posts
since Aug 2006

Permalink

Aug 22nd, 2006

Re: IE and Folders won't open

I'm sorry about that last post, my step dad finished the scan for me and i just noticed that he didn't apply the actions, so heres the reports after doing so. And normal safemode still won't open

Logfile of HijackThis v1.99.1
Scan saved at 5:21:26 PM, on 8/22/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\ed794649.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\DOCUME~1\Dan\LOCALS~1\Temp\Rar$EX02.703\HijackThis.exe
C:\Program Files\Windows Media Player\wmplayer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.mrfindalot.com/search.asp?si=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.mrfindalot.com/search.asp?si=
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R3 - Default URLSearchHook is missing
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [ed794649.exe] C:\WINDOWS\system32\ed794649.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ed794649.exe] C:\Documents and Settings\Dan\Local Settings\Application Data\ed794649.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.elitemediagroup.net
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O15 - Trusted Zone: *.mmohsix.com
O15 - Trusted Zone: http://www.popcap.com
O15 - Trusted Zone: http://www.runescape.com
O16 - DPF: {00000000-0000-0000-0000-100005000004} - http://code.trasferimento.biz/l/0e7817e003ea93d4a5b9cb93f3a29df9_35.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/pcpitstop.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgUS2404.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup161.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - C:\WINDOWS\system32\urroxtl.dll (file missing)
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 5:18:30 PM 8/22/2006

+ Scan result:

:mozilla.37:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.12:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.18:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.17:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.45:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.46:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.48:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.49:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.42:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.47:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Dan\Cookies\dan@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.67:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.68:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.69:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.46:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.11:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.47:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.55:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Dan\Cookies\dan@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.32:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.34:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.35:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.30:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.31:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.59:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.60:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.61:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.62:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.48:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.49:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.10:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.12:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.6:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.51:C:\Documents and Settings\Dan\Application Data\Mozilla\Firefox\Profiles\8mynm1v3.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.9:C:\Documents and Settings\Bill & Trish\Application Data\Mozilla\Firefox\Profiles\zwi2v1dh.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.

::Report end

super_he_man

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

11 posts
since Aug 2006

Permalink

Aug 23rd, 2006

Re: IE and Folders won't open

[Additional info from super_he_man sent to me via PM]:

The computer has gotten much worse. We can't even load it up into windows now.
IT goes past the windows xp screen and goes to a blue screen that says windoes
is loading and stays there for ever. So far i've tried going in through safe
mode, last known configuration, and even tried to reinstall windows xp but when
i tried to install it, it says there is no harddrive hooked up. Any and all
help is greatly appreciated. I have an external hard drive and another computer
to work with if i can. Its looking like we're just going to have to take it to
a computer doctor if we don't get any help.

DMR

Team Colleague

Reputation Points: 221

Solved Threads: 369

Wombat At Large

Offline

6,439 posts
since Dec 2003

Permalink

Aug 23rd, 2006

Re: IE and Folders won't open

If the sytem is corrupting itself badly and quickly enough that the Windows installation CD doesn't even find the drive, you need to:

1. Go in to the computer's BIOS setup utility and determine whether or not the BIOS recognizes the drive.
To enter the BIOS, hit F1, Del, F2 (or whatever BIOS access is used on your particular make/model of computer) just after you turn on/reboot the computer; that is- well before you see the Windows loading screen.
In the BIOS setup, look for a page/section which relates to your installed IDE devices and make sure that the correct information (make, model #, size, etc.) for your drive is listed under the Primary Master IDE device section.

Let us know what you find there.

3. If the BIOS does not see the drive, remove the drive from the computer, install it as a slave drive (making sure to set the drive's Master/Slave jumpers to "Slave"), and see if that computer can access the drive. If so, copy all of your critical data off of the problematic drive and on to the external drive ASAP.

DMR

Team Colleague

Reputation Points: 221

Solved Threads: 369

Wombat At Large

Offline

6,439 posts
since Dec 2003

Permalink

Aug 23rd, 2006

Re: IE and Folders won't open

The correct info is there, and its Sata, not sure if that matters or not. its under Sata-0. Do you need make and model and other info?

super_he_man

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

11 posts
since Aug 2006

Permalink

Aug 24th, 2006

Re: IE and Folders won't open

Click to Expand / Collapse Quote originally posted by super_he_man ...

Do you need make and model and other info?

No, not as long as you have verified that the BIOS correctly reports it.

Does the Windows installation CD message say no drive found, or no operating system found?

DMR

Team Colleague

Reputation Points: 221

Solved Threads: 369

Wombat At Large

Offline

6,439 posts
since Dec 2003

Page 1
2
Next

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.

Previous Thread in Viruses, Spyware and other Nasties Forum Timeline: Check my log please

Next Thread in Viruses, Spyware and other Nasties Forum Timeline: Generic Host Crashing

DaniWeb Message

Cancel Changes

User Name
Password