Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Right Click & Delete locks Windows Drwatson Post


  • Please log in to reply

#1
DJSTYLES

DJSTYLES

    New Member

  • Member
  • Pip
  • 2 posts
The Drwatson32 seems to load in processes after I right click or use delete any file. Folders seem to work with right click mouse but not on individual files. Windows Xp SP2 then freezes and restarts explorer.exe Ugh! :tazz: I believe the Drwatson Post Mortem started this mess and ran ewido and several other Spyware proggies listed here.

I have attached my Hijackthis file below And the Uninstall programs as well:

Thanks
DJSTYLES






Logfile of HijackThis v1.99.1
Scan saved at 6:46:31 PM, on 08/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Common Files\Symantec Shared\ccProxy.exe
D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Dynu Systems\Basic\basicsvc.exe
D:\Program Files\ewido\security suite\ewidoctrl.exe
D:\Program Files\ewido\security suite\ewidoguard.exe
D:\WINDOWS\system32\gearsec.exe
D:\Program Files\Norton Internet Security\ISSVC.exe
D:\WINDOWS\system32\drivers\KodakCCS.exe
D:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\WINDOWS\system32\hkcmd.exe
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
D:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
C:\PROGRA~1\Webshots\webshots.scr
D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Azureus\Azureus.exe
D:\Program Files\Java\jre1.5.0_03\bin\javaw.exe
D:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
C:\Agent\agent.exe
C:\Program Files\Winamp\Winamp.exe
C:\Myriad\mirc.exe
D:\Documents and Settings\DJSTYLES\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F2 - REG:system.ini: Shell=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CCHelper - {0CF0B8EE-6596-11D5-A98E-0003470BB48E} - D:\Program Files\Panicware\Pop-Up Stopper Companion\CCHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - D:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - D:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IgfxTray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] D:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [PPMemCheck] c:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] c:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] c:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [RoxioDragToDisc] "D:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [SM1BG] D:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [AWMON] "D:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe"
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: MailWasherPro.lnk = D:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - D:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - D:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O10 - Broken Internet access because of LSP provider 'd:\program files\newdotnet\newdotnet6_38.dll' missing
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell....iler/SysPro.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....009/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart...ploadClient.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15009/CTPID.cab
O20 - Winlogon Notify: igfxcui - D:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Dynu Basic Dynamic DNS Client v3.24 (DynuBasic) - Unknown owner - C:\Program Files\Dynu Systems\Basic\basicsvc.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: gearsec - GEAR Software - D:\WINDOWS\system32\gearsec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - D:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - D:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - D:\Program Files\SiSoftware\SiSoftware Sandra Professional 2005\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - D:\Program Files\SiSoftware\SiSoftware Sandra Professional 2005\RpcSandraSrv.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - D:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe


Here is a Unistall from Hijack This

Some of these are unknown or not shown in Add and Remove
Anything that looks like it should go to help my problem I will gladly remove!

Active@ Password Changer
Ad-Aware SE Professional
Adobe Acrobat 7.0 Professional
Adobe Acrobat 7.0.1 and Reader 7.0.1 Update
Adobe Acrobat 7.0.2 and Reader 7.0.2 Update
Advanced Uninstaller PRO 2004 - version 6
Advanced Zip Repair v1.6
Auction Messenger Professional
Audacity 1.2.3
Auto MP3 Renamer 2.2
AV Voice Changer Software 3.0
AVI DivX to DVD SVCD VCD Converter 1.2.0
Azureus
Backspin Billiards
Band-in-a-Box 2005
BarGenie 8.7
BBE Sonic Maximizer Plugin v2.0
BCM V.92 56K Modem
Broadcom 440x 10/100 Integrated Controller
Calendar Creator 8.0
CC_ccProxyExt
ccCommon
CCHelp
ccPxyCore
CCScore
CD+G AutoName
CD+G Disc Player Plug-In for Winamp
CDGFix 1.3
CDRWIN
CleanUp!
CloneCD
CR2
Creative Diagnostics
Creative Mixer 3
Creative Restore Defaults
CuteFTP 6 Professional
DART Karaoke Studio CDG
dBpowerAMP Mp4 & AAC Decode Codec
dBpowerAMP Music Converter
dBpowerAMP WMA V9 Codec
Dell Digital Jukebox Driver
Dell DJ Explorer
Dell ResourceCD
DFX for Winamp
DietPower 4.0
DiscJuggler
Diskeeper Professional Edition
DivX Player
Dolby for Winamp5
Dr. DivX Trial
Driver Genius Porfessional Edition 2004 3.1.621
DVD Decrypter (Remove Only)
DVD43 v3.5.0.110
DVD-lab PRO 1.00
dvdSanta 3.44
dvdSanta 4.00
Dynu Basic Dynamic DNS Client
Error Doctor
ESSAdpt
ESSANUP
ESSBrwr
ESSCAM
ESSCDBK
ESScore
ESSCT
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSvpaht
ESSvpot
ewido security suite
FaceMorpher 1.0
FastTracks V2 SongBook Viewer 1.0
Forté Agent
Google Earth Pro
Guitar Pro 4
Hero Video Convert
HijackThis 1.99.1
HLPCCTR
HLPIndex
HLPPDOCK
HLPRFO
HP PSC & OfficeJet 3.5
IncrediMail Xe
InkSaver
Intel® Extreme Graphics Driver
J2SE Runtime Environment 5.0 Update 3
Karaoke Builder Studio 3.x
Karaoke Chooser (PcBristol)
Karaoke for DirectX (remove only)
Karaoke for DirectX (remove only)
Kinetic
KJ Pro
Kodak EasyShare software
KSU
LimeWire PRO 4.8.0
ListGen 1.0.6
ListMaker Full
LiveReg (Symantec Corporation)
LiveUpdate 2.5 (Symantec Corporation)
Macromedia Shockwave Player
Media Library Management Wizard
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Encarta Reference Library 2005
Microsoft Office Professional Edition 2003
Microsoft Photo Premium 10
Microsoft Plus! Digital Media Edition
Microsoft Plus! for Windows XP
Microsoft SQL Server Desktop Engine
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Web Publishing Wizard 1.52
mIRC
MixMeister Pro 6
Movie Maker Background Music Files
Movie Maker Sound Effects
Movie Maker Title Images
MovieJack 3.5
Mozilla Firefox (1.0.4)
Mozilla Thunderbird (1.0.2)
MP3+G Toolz .NET 4
Mp3-Tag Studio 3.05
MSN Music Assistant
MSRedist
MSXML 4.0 SP2 Parser and SDK
MTU Vogone Vocal Elimination Workstation v2.014
Native Instruments Absynth v3.0
Native Instruments Guitar Rig v1.2
Native Instruments Traktor DJ Studio 2
Native Instruments Traktor DJ Studio v2.5.3
Nero Mega Plugin Pack
Nero Suite
NeroVision Express Content
Norton AntiSpam
Norton AntiSpam
Norton AntiVirus 2005
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security 2005 (Symantec Corporation)
Norton WMI Update
Norton WMI Update
Notifier
OTtBP
OTtBPSDK
Panicware Pop-Up Stopper Companion
PC Inspector File Recovery
PCDLNCH
PcMedik
Personal License Update Wizard for Windows Media Player
PG Music DirectX Plugins 1.3.3.1
Photodex Presenter
Plus! MP3 Audio Converter LE
Pop-Up Stopper Professional
Project64 1.6
ProShow Gold
Quicken 2005
Quicken WillMaker Plus 2005
QuickPar 0.9
QuickTime
ReadPlease 2003/ReadPlease PLUS 2003
River Past Audio Converter
Roxio Easy Media Creator 7
Salon Styler Pro
Sax & Dottys Karaoke Utilities
Sax & Dottys Karaoke Zip Player
Sax & Dottys Show Hoster
Sax & Dottys Show Presenter
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB903235)
Serials 2000 7.1+
Serv-U
SFR
SFR2
Shockwave
SiSoftware Sandra Professional 2005 (Win64/32/CE)
Sony Sound Forge 8.0
Sound Blaster Live!
SP2 Connection Patcher
SP2 Connection Patcher
SPBBC
Startnow Navigation Helper (v1.0.1.1)
Steinberg Cubase SX v2.2.0.33
Super DVD Copy (remove only)
Symantec Script Blocking Installer
SymNet
Tag&Rename 3.0
The Logo Creator v3
Torrent Searcher 3.0
Total Recorder 4.1b
Triscape FxFoto
Troubadour Karaoke Lite Home Edition 1.1 (remove only)
Update for Windows XP (KB898461)
VCAMCEN
VPRINTOL
Webshots Desktop
Winamp (remove only)
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Bonus Pack for Windows XP
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player Playlist Import to Excel Wizard
Windows Media Player Skin Importer
Windows Media Player Tray Control
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinISO 5.3
WinPure ListCleaner Pro
WinZip
WinZip Command Line Support Add-On 1.1 BETA
XoftSpy
YoGen Vocal Remover

Edited by DJSTYLES, 11 August 2005 - 04:54 PM.

  • 0

Advertisements


#2
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,676 posts
Hi DJStyles,

Uninstall all the 3rd party Codecs you have installed. That should fix the errors.

Regards,
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP