Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HELP! WINDOWS EXPLORER :((


  • Please log in to reply

#1
Jy2005

Jy2005

    New Member

  • Member
  • Pip
  • 3 posts
[FONT=Arial][SIZE=7][COLOR=blue]

HELP! I can't use my comp... :(

MY COMP: WINDOWS XP HOME EDITION WITH SP2
CAN'T GET ANYTHING ELSE...
EXCEPT THE FACT THAT I USE DIAL-UP WITH AOL



I start it up I put in my password and it logs onto NOTHING with an error message... Windows Explorer has encountered a problem and needs to close. We are sorry for the inconvenience. and then the ModName: deskbar.dll...I see no icons... I see no start menu... I am getting places using Windows Task Manager... But the weird thing is... I start it in safe-mode and I can log-in under an administrative name... and be just fine... But I can start ANY-mode under my name... And it does the Windows Explorer error EVERY TIME! I can't make a new name... Cause I have no start-menu... :tazz:

I have a CWShredder report...

**** Run Keys ****

RUN: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
RUN: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
RUN: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
RUN: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
RUN: []
RUN: [SearchNavVersion] C:\Program Files\MSN\MSNCoreFiles\searchnavversion.exe
RUN: [searchnav] C:\Program Files\MSN\MSNCoreFiles\searchnav.exe
RUN: [WFIPS] C:\Documents and Settings\THE COOL KIDS\My Documents\Yahoo! Progs\IPhider\ip hider.exe -autoboot
RUN: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
RUN: [BCMSMMSG] BCMSMMSG.exe
RUN: [HostManager] C:\Program Files\Common Files\AOL\1107291477\ee\AOLHostManager.exe
RUN: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
RUN: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
RUN: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
RUN: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
RUN: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
RUN: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
RUN: [Logitech Utility] Logi_MwX.Exe
RUN: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
RUN: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
RUN: [Sonic RecordNow!]
RUN: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
RUN: [Spyware Begone] "C:\spywarebegone\SpywareBeGone.exe" -FastScan
RUN: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
RUN: [AOL Fast Start] "C:\Program Files\America Online 9.0e\AOL.EXE" -b


**** Browser Helper Objects ****

BHO: [AcroIEHlprObj Class] C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: [UberButton Class] C:\Program Files\Yahoo!\Common\yiesrvc.dll
BHO: [YahooTaggedBM Class] C:\Program Files\Yahoo!\Common\YIeTagBm.dll
BHO: [AOL Toolbar Launcher] C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll


**** IE Toolbars ****

TOOLBAR: [McAfee VirusScan] c:\progra~1\mcafee.com\vso\mcvsshl.dll
TOOLBAR: [&Yahoo! Companion] C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
TOOLBAR: [&Yahoo! Companion] C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
TOOLBAR: [AOL Toolbar] C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
TOOLBAR: [AOL Toolbar] C:\Program Files\AOL Toolbar\toolbar.dll


**** IE Extensions ****

IEExt: []
IEExt: [Web Browser Applet Control] C:\WINDOWS\System32\msjava.dll
IEExt: [AOL Toolbar] C:\WINDOWS\System32\msjava.dll
IEExt: [AOL Toolbar] C:\WINDOWS\System32\msjava.dll
IEExt: [Yahoo! Services] C:\WINDOWS\System32\msjava.dll
IEExt: [Real.com] C:\WINDOWS\System32\msjava.dll
IEExt: [Messenger] C:\Program Files\Messenger\msmsgs.exe


**** Hosts File Entries ****

HOSTS: 127.0.0.1 localhost
HOSTS: 127.0.0.1 localhost


**** IE Settings ****

Default Page: http://www.msn.com/
Default Search: http://www.microsoft...=ie&ar=iesearch
Local Page: %SystemRoot%\system32\blank.htm
Search Bar: http://search.msn.com/spbasic.htm
Search Page: http://www.microsoft...=ie&ar=iesearch


**** IE Context Menu (Right click) ****

IEContext: [&AOL Toolbar search] res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IEContext: [&Yahoo! Search] file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
IEContext: [Yahoo! &Dictionary] file:///C:\Program Files\Yahoo!\Common/ycdict.htm
IEContext: [Yahoo! &Maps] file:///C:\Program Files\Yahoo!\Common/ycmap.htm
IEContext: [Yahoo! &SMS] file:///C:\Program Files\Yahoo!\Common/ycsms.htm


**** Layered Service Providers ****

LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E58D891C-7890-40B2-BDDD-DCBC83BB6310}] SEQPACKET 6
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E58D891C-7890-40B2-BDDD-DCBC83BB6310}] DATAGRAM 6
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{974EBB66-004D-4572-9EB0-E67AC63FBDE8}] SEQPACKET 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{974EBB66-004D-4572-9EB0-E67AC63FBDE8}] DATAGRAM 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B31B6220-32EE-4CBE-A4DC-D3F6C4DA627B}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B31B6220-32EE-4CBE-A4DC-D3F6C4DA627B}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{61820C7F-1F2D-4EC6-AC52-4AA4C5CE956B}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{61820C7F-1F2D-4EC6-AC52-4AA4C5CE956B}] DATAGRAM 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E5EC0A67-7EEA-48D6-BF30-90F5C13ABCA3}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E5EC0A67-7EEA-48D6-BF30-90F5C13ABCA3}] DATAGRAM 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{149F4F92-5896-4409-9992-82E7EB8A7F24}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{149F4F92-5896-4409-9992-82E7EB8A7F24}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C447123C-A882-43B8-9203-5CC01A151EEE}] SEQPACKET 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C447123C-A882-43B8-9203-5CC01A151EEE}] DATAGRAM 4


**** Blocked Control Panel Items ****

BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No


**** Downloaded Program Files ****

{00B71CFB-6864-4346-A978-C0A14556272C} [http://messenger.zon...y/msgrchkr.cab] C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
{02BCC737-B171-4746-94C9-0D8A0B2C0089} [http://office.micros...es/ieawsdc.cab]
{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} [http://static.windup...ridge-c336.cab]
{166B1BCA-3F9C-11CF-8075-444553540000} [http://fpdownload.ma...irector/sw.cab]
{17492023-C23A-453E-A040-C7C580BBF700} [http://go.microsoft....67&clcid=0x409] C:\WINDOWS\system32\LegitCheckControl.DLL
{2CAB81F6-1CBB-49FD-809E-B2D37D0CFFED} [http://www.popmonste...iefeatures.ocx]
{30528230-99F7-4BB4-88D8-FA1D4F56A2AB} [C:\Program Files\Yahoo!\Common\yinsthelper.dll]
{3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} [file://D:\content\include\XPPatchInstaller.CAB]
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} [http://office.micros...tent/opuc2.cab]
{4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} [http://aolcc.aol.com...up/qdiagcc.cab] C:\WINDOWS\System32\DProg.ini C:\WINDOWS\System32\DLPT.sys C:\WINDOWS\System32\DDMI.VXD C:\WINDOWS\System32\DLPT.VXD C:\WINDOWS\System32\DDMI2.sys C:\WINDOWS\System32\qdiagcc.ocx C:\WINDOWS\System32\DAntivirus.cfg
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} [http://groups.msn.co...C/MsnPUpld.cab]
{6414512B-B978-451D-A0D8-FCFDF33E833C} [http://update.micros...?1120338706390]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [http://update.micros...?1122216890093]
{72770C4F-967D-4517-982B-92D6B9015649} [http://photos.msn.co....cab?9,0,712,0]
{8714912E-380D-11D5-B8AA-00D0B78F3D48} [http://chat.yahoo.com/cab/yuplapp.cab]
{8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/...ndows-i586.cab]
{8B1BC605-C593-4865-8F5B-05517F0CD0BB} [file://D:\Content\include\msSecUcd.cab]
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} [http://messenger.zon...tatsClient.cab]
{A16E6189-A1DD-4696-9806-0324C145D794} [http://www.jraun.com...ctivexTest.ocx]
{A17E30C4-A9BA-11D4-8673-60DB54C10000} [http://us.dl1.yimg.c...ymmapi_416.dll]
{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} [http://messenger.msn...Downloader.cab]
{B9191F79-5613-4C76-AA2A-398534BB8999} [http://us.dl1.yimg.c...tocomplete.cab]
{BCC0FF27-31D9-4614-A68E-C18E1ADA4389} [http://download.av.a...20/mcgdmgr.cab]
{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} [http://java.sun.com/...ndows-i586.cab]
{D27CDB6E-AE6D-11CF-96B8-444553540000} [http://download.macr...sh/swflash.cab]
{F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} [http://chat.msn.com/bin/msnchat45.cab]


**** Windows Services ****

[Alerter] %SystemRoot%\System32\svchost.exe -k LocalService
[ALG] %SystemRoot%\System32\alg.exe
[AOL ACS] "C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe"
[AOL TopSpeedMonitor] C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
[AOLService] C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
[AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs
[aspnet_state] %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
[AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[BITS] %SystemRoot%\System32\svchost.exe -k netsvcs
[Browser] %SystemRoot%\System32\svchost.exe -k netsvcs
[CiSvc] %SystemRoot%\system32\cisvc.exe
[ClipSrv] %SystemRoot%\system32\clipsrv.exe
[COMSysApp] C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch
[Dhcp] %SystemRoot%\System32\svchost.exe -k netsvcs
[dmadmin] %SystemRoot%\System32\dmadmin.exe /com
[dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[Dnscache] %SystemRoot%\System32\svchost.exe -k NetworkService
[ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[Eventlog] %SystemRoot%\system32\services.exe
[EventSystem] C:\WINDOWS\System32\svchost.exe -k netsvcs
[FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs
[Fax] %systemroot%\system32\fxssvc.exe
[helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs
[HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter
[ImapiService] C:\WINDOWS\System32\imapi.exe
[KodakCCS] %SystemRoot%\system32\drivers\KodakCCS.exe
[lanmanserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[lanmanworkstation] %SystemRoot%\System32\svchost.exe -k netsvcs
[LmHosts] %SystemRoot%\System32\svchost.exe -k LocalService
[McShield] c:\PROGRA~1\mcafee.com\vso\mcshield.exe
[mcupdmgr.exe] C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
[MCVSRte] c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe /Embedding
[Messenger] %SystemRoot%\System32\svchost.exe -k netsvcs
[mnmsrvc] C:\WINDOWS\System32\mnmsrvc.exe
[MpfService] C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
[MSDTC] C:\WINDOWS\System32\msdtc.exe
[MSIServer] C:\WINDOWS\system32\msiexec.exe /V
[NetDDE] %SystemRoot%\system32\netdde.exe
[NetDDEdsdm] %SystemRoot%\system32\netdde.exe
[Netlogon] %SystemRoot%\System32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k netsvcs
[Nla] %SystemRoot%\System32\svchost.exe -k netsvcs
[NtLmSsp] %SystemRoot%\System32\lsass.exe
[NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[PlugPlay] %SystemRoot%\system32\services.exe
[PolicyAgent] %SystemRoot%\System32\lsass.exe
[ProtectedStorage] %SystemRoot%\system32\lsass.exe
[RasAuto] %SystemRoot%\System32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\System32\svchost.exe -k netsvcs
[RDSessMgr] C:\WINDOWS\system32\sessmgr.exe
[RemoteAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[RpcLocator] %SystemRoot%\System32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost -k rpcss
[RSVP] %SystemRoot%\System32\rsvp.exe
[SamSs] %SystemRoot%\system32\lsass.exe
[SCardSvr] %SystemRoot%\System32\SCardSvr.exe
[Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs
[ScsiAccess] C:\WINDOWS\System32\ScsiAccess.EXE
[seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[SharedAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
[Spooler] %SystemRoot%\system32\spoolsv.exe
[srservice] %SystemRoot%\System32\svchost.exe -k netsvcs
[SSDPSRV] %SystemRoot%\System32\svchost.exe -k LocalService
[stisvc] %SystemRoot%\System32\svchost.exe -k imgsvc
[SwPrv] C:\WINDOWS\System32\dllhost.exe /Processid:{DE61E575-936D-4718-B5A3-2E87E9D3916E}
[SysmonLog] %SystemRoot%\system32\smlogsvc.exe
[TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[TermService] %SystemRoot%\System32\svchost -k DComLaunch
[Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
[TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs
[UMWdf] C:\WINDOWS\system32\wdfmgr.exe
[upnphost] %SystemRoot%\System32\svchost.exe -k LocalService
[UPS] %SystemRoot%\System32\ups.exe
[VSS] %SystemRoot%\System32\vssvc.exe
[w32time] %SystemRoot%\System32\svchost.exe -k netsvcs
[WebClient] %SystemRoot%\System32\svchost.exe -k LocalService
[winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
[WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs
[WmiApSrv] C:\WINDOWS\System32\wbem\wmiapsrv.exe
[wscsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[wuauserv] %systemroot%\system32\svchost.exe -k netsvcs
[WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs
[xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs


**** Custom IE Search Items ****

SEARCH: []
SEARCH: [SearchAssistant] http://ie.search.msn...st/srchasst.htm
SEARCH: [Default_Search_URL] http://www.microsoft...=ie&ar=iesearch
SEARCH: [CustomizeSearch] http://ie.search.msn...st/srchcust.htm


**** Complete IE Options ****

IEOPT: [NoUpdateCheck]
IEOPT: [NoJITSetup]
IEOPT: [Disable Script Debugger] yes
IEOPT: [Show_ChannelBand] No
IEOPT: [Anchor Underline] yes
IEOPT: [Cache_Update_Frequency] Once_Per_Session
IEOPT: [Display Inline Images] yes
IEOPT: [Do404Search]
IEOPT: [Local Page] %SystemRoot%\system32\blank.htm
IEOPT: [Save_Session_History_On_Exit] no
IEOPT: [Show_FullURL] no
IEOPT: [Show_StatusBar] yes
IEOPT: [Show_ToolBar] yes
IEOPT: [Show_URLinStatusBar] yes
IEOPT: [Show_URLToolBar] yes
IEOPT: [Start Page] http://www.aol.com/
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [Default_Page_URL] http://www.dell4me.com/myway
IEOPT: [FullScreen] no
IEOPT: [FavChevron_Complete] 2
IEOPT: [FavChevron_Failed] 1
IEOPT: [FavChevron_Error] 30
IEOPT: [Error Dlg Displayed On Every Error] no
IEOPT: [Use Custom Search URL] no
IEOPT: [AutoSearch]
IEOPT: [Window_Placement] ,
IEOPT: [Save Directory] C:\Documents and Settings\THE COOL KIDS\My Documents\Bird Stuff\
IEOPT: [NotifyDownloadComplete] yes
IEOPT: [Use FormSuggest] yes
IEOPT: [Use Search Asst] no
IEOPT: [AddToFavoritesExpanded]
IEOPT: [ShowedCheckBrowser] Yes
IEOPT: [Check_Associations] no
IEOPT: [FormSuggest Passwords] yes
IEOPT: [FormSuggest PW Ask] yes
IEOPT: [Default_Search_URL] http://www.microsoft...=ie&ar=iesearch
IEOPT: [Search Page] http://www.microsoft...=ie&ar=iesearch
IEOPT: [Search Bar] http://search.msn.com/spbasic.htm
IEOPT: [Default_Page_URL] http://www.msn.com/
IEOPT: [Enable_Disk_Cache] yes
IEOPT: [Cache_Percent_of_Disk]
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Local Page] %SystemRoot%\system32\blank.htm
IEOPT: [Anchor_Visitation_Horizon]
IEOPT: [Use_Async_DNS] yes
IEOPT: [Placeholder_Width]
IEOPT: [Placeholder_Height]
IEOPT: [Start Page] http://www.microsoft...er=6&ar=msnhome
IEOPT: [CompanyName] Microsoft Corporation
IEOPT: [Custom_Key] MICROSO
IEOPT: [Wizard_Version] 6.0.2600.0000
IEOPT: [FullScreen] no
IEOPT: [IEWatsonEnabled]
IEOPT: []
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [Default_Search_URL] http://www.microsoft...=ie&ar=iesearch
IEOPT: [Search Page] http://www.microsoft...=ie&ar=iesearch
IEOPT: [Check_Associations] no


I NEED MY COMP RUNNING FAST... PLEASE HELP :(

;)

THANKS... BYE-BYE NOW :)
  • 0

Advertisements


#2
GeneralAres

GeneralAres

    Member

  • Banned
  • PipPipPip
  • 244 posts
Removed -- spam!
  • 0

#3
Murray S.

Murray S.

    Trusted Tech

  • Member
  • PipPipPipPipPipPipPip
  • 4,513 posts
  • MVP
Howdy and welcome to G2G:

Please go to the malware forum in my signature and follow the instructions at the top....Especially the CLICK HERE .

That will give you several steps that will help you clean up 70 percent of all problems by yourself. If at the end of the process you are still having difficulty--and you may not be-- then post a hijackthis log in THAT forum.

If you are still having problems after getting a clean bill of health from the malware expert, please return to this thread

Murray
  • 0

#4
Jy2005

Jy2005

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Murray,

THAT NEVER FIXED A THING :(

HERE'S MY REPORTS:


---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 4:25:24 PM, 8/1/2005
+ Report-Checksum: F3076AE9

+ Scan result:

HKLM\SOFTWARE\Classes\Interface\{04D7391C-AB32-4921-84F3-B63FC0EEDF43} -> Spyware.CometCursor : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{09F19D39-3084-47B0-B1CE-26581074BC36} -> Spyware.CometCursor : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{2CEC1D83-1F31-41A7-B2BC-A2FE25E3BF34} -> Spyware.CometCursor : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{41943AC1-46DC-41EF-A365-713C14C50A06} -> Spyware.CometCursor : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{439508F6-E48B-4095-B000-ADC7A02AB29E} -> Spyware.CometCursor : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{4E86A93F-4E89-45FD-866B-80D25B0F21A6} -> Spyware.CometCursor : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{C7E7863D-2EF7-46F9-A2C2-DD08B2B3C0A5} -> Spyware.CometCursor : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{CA74A032-869B-4752-927E-D0DA5677DC23} -> Spyware.CometCursor : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2CAB81F6-1CBB-49FD-809E-B2D37D0CFFED} -> Spyware.180Solutions : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\AUI -> Spyware.WebSearch : Cleaned with backup
HKU\S-1-5-21-3078723080-3201844587-3947560222-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA2325ED-F9EB-4830-8FCE-0BC35B16969B} -> Spyware.SaveNow : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP292\A0242853.dll -> TrojanSpy.Delf.fk : Cleaned with backup
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP292\A0242862.exe -> Spyware.WinAD : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\MediaGatewayX.dll -> Spyware.WinAD : Cleaned with backup
C:\WINDOWS\NDNuninstall6_38.exe -> Spyware.NewDotNet : Cleaned with backup


::Report End


AND OF COURSE A HJT report:

Logfile of HijackThis v1.99.1
Scan saved at 5:36:59 PM, on 8/1/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\America Online 9.0e\waol.exe
C:\Program Files\Common Files\AOL\1107291477\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\Common Files\AOL\1107291477\ee\AOLServiceHost.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\Common Files\AOL\1107291477\ee\AOLServiceHost.exe
C:\Program Files\America Online 9.0e\shellmon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\THE COOL KIDS\Local Settings\Temporary Internet Files\Content.IE5\CTMZOPQB\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-D0EE-E86FA787AD2D} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SearchNavVersion] C:\Program Files\MSN\MSNCoreFiles\searchnavversion.exe
O4 - HKLM\..\Run: [searchnav] C:\Program Files\MSN\MSNCoreFiles\searchnav.exe
O4 - HKLM\..\Run: [WFIPS] C:\Documents and Settings\THE COOL KIDS\My Documents\Yahoo! Progs\IPhider\ip hider.exe -autoboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1107291477\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [AOL Tray Control] "C:\Program Files\AOL File Backup\AOLControl.exe"
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Spyware Begone] "C:\spywarebegone\SpywareBeGone.exe" -FastScan
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0e\AOL.EXE" -b
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HPAiODevice(hp officejet k series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet k series\Bin\hpoorn07.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...ry/msgrchkr.cab
O16 - DPF: {0674023E-6F18-4FA5-BE8C-BBC3E9706DEB} (AWBR Control) - http://ftp.newaol.co...ebackup/wbr.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup...bridge-c336.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://D:\content\include\XPPatchInstaller.CAB
O16 - DPF: {478F14E4-6CD2-4847-888C-AAED6B4FE93F} (AOLNSCHECKER Control) - https://objects.aol....OLNSCHECKER.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.co...UC/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1120338706390
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1122216890093
O16 - DPF: {72770C4F-967D-4517-982B-92D6B9015649} (DigWebHelper Class) - http://photos.msn.co...X.cab?9,0,712,0
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {8B1BC605-C593-4865-8F5B-05517F0CD0BB} (MSSecurityAdvisorCD Class) - file://D:\Content\include\msSecUcd.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...StatsClient.cab
O16 - DPF: {A16E6189-A1DD-4696-9806-0324C145D794} - http://www.jraun.com...ActivexTest.ocx
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.c.../ymmapi_416.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.a...,20/mcgdmgr.cab
O16 - DPF: {BDF9A7C7-F4DC-455D-B5C2-045D74788295} (AOLRegistrationWizard Control) - https://objects.aol....ationWizard.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C447123C-A882-43B8-9203-5CC01A151EEE}: NameServer = 205.188.146.145
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE


TELL ME WHAT TO DO... I'm thinking about :tazz: giving in... And starting from the beginning... But that would erase my song lyrics and my pictures... Of course there are ways of backing them up... But BURNING doesn't want to work... Keeps saying no CD-RW in the drive... even though there is... I think I'll have to do a net back-up which can take up to 4 days... :)

Thanks ;)
  • 0

#5
Murray S.

Murray S.

    Trusted Tech

  • Member
  • PipPipPipPipPipPipPip
  • 4,513 posts
  • MVP

Howdy and welcome to G2G:

Please go to the malware forum in my signature and follow the instructions at the top....Especially the CLICK HERE .

That will give you several steps that will help you clean up 70 percent of all problems by yourself. If at the end of the process you are still having difficulty--and you may not be-- then post a hijackthis log in THAT forum.

If you are still having problems after getting a clean bill of health from the malware expert, please return to this thread

Murray

View Post


If you had read my post, you would have seen this..

If at the end of the process you are still having difficulty--and you may not be-- then post a hijackthis log in THAT forum.

THAT FORUM being the Malware Forum.. They have the expertise to help you there!!!!!

Murray

Edited by Murray S., 01 August 2005 - 10:17 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP