Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help Please [CLOSED]

Started by Khakiblue13 , Nov 06 2005 12:09 AM

  • This topic is locked This topic is locked

#1
Khakiblue13
Posted 06 November 2005 - 12:09 AM

Khakiblue13

    Member

  • Member
  • PipPip
  • 15 posts
Logfile of HijackThis v1.99.1
Scan saved at 10:12:26 PM, on 11/5/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\crtn32.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE
C:\WINNT\system32\hidserv.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSMB32.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.exe
C:\WINNT\loadqm.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE
C:\Program Files\Charter High-Speed Security Suite\FSGUI\ispnews.exe
C:\DOCUME~1\WESSOR~1\LOCALS~1\Temp\785.tmp.exe
C:\WINNT\system32\ntjo32.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINNT\System32\drwtsn32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\eBlocs\SpyBlocs\GLFCC.exe
C:\WINNT\regedit.exe
C:\Program Files\PC Health Plan\PC Health Plan.exe
C:\Documents and Settings\Wess Orso\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\system32\payyd.dll/sp.html#17702
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\payyd.dll/sp.html#17702
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\system32\payyd.dll/sp.html#17702
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\system32\payyd.dll/sp.html#17702
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\payyd.dll/sp.html#17702
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\system32\payyd.dll/sp.html#17702
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\system32\payyd.dll/sp.html#17702
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_5_7_0.dll
O2 - BHO: Class - {462A9317-830B-5F4A-F8F4-13D2DA424D28} - C:\WINNT\system32\javacu32.dll
O2 - BHO: Class - {4CEC2F94-A95D-2D77-391C-69844CED2A96} - C:\WINNT\system32\javaee32.dll
O2 - BHO: Security Toolbar - {68FF9E0F-2E96-4467-87FA-1A8B9734C7E7} - C:\Documents and Settings\Wess Orso\Local Settings\Application Data\ssstbar\sssTbar.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_5_7_0.dll
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Security Toolbar - {68FF9E0F-2E96-4467-87FA-1A8B9734C7E7} - C:\Documents and Settings\Wess Orso\Local Settings\Application Data\ssstbar\sssTbar.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Charter High-Speed Security Suite\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [785.tmp.exe] C:\DOCUME~1\WESSOR~1\LOCALS~1\Temp\785.tmp.exe
O4 - HKLM\..\Run: [ntjo32.exe] C:\WINNT\system32\ntjo32.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [mcappins.exe] "C:\DOCUME~1\WESSOR~1\LOCALS~1\Temp\vsp9enus.tmp\vs\mcappins.exe" vsocfg.ini
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\WESSOR~1\LOCALS~1\Temp\2005115181030_mcinfo.exe /insfin
O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\WESSOR~1\LOCALS~1\Temp\2005115181543_mcappins.exe /v=3 /cleanup
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKCU\..\Run: [SpyBlocs] C:\Program Files\eBlocs\SpyBlocs\GLFCC.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://cgi.verizon.net/bookmarks/bmredir.asp?region=west&bw=dsl&cd=4.0&bm=ho_home
O16 - DPF: {04BEAB9D-5C42-4C40-BBF0-C6C7470AD2B2} (CupidBar) - http://www.cupidusa....pidstoolbar.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {2BFEED4A-C72C-4C38-820B-29384891E882} - http://www.snap.emcp...tubpack1.10.CAB
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zone...ctor/WebAAS.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - http://www.disney.go...GameManager.cab
O23 - Service: Remote Procedure Call (RPC) Helper ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINNT\crtn32.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - (no file)
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE
O23 - Service: Hardware Clock Driver (hwclock) - HP - (no file)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe
  • 0

Advertisements

#2
OwNt
Posted 06 November 2005 - 12:15 AM

OwNt

    Malware Expert

  • Retired Staff
  • 7,457 posts
Hello, Khakiblue13.

Please go Here, and run Option #1.

Please copy and paste back what it says.

Also, please DELETE your current HJT program from its present location.

Download and run the following HijackThis autoinstall program from Here . Please choose the default location of C:\Program Files\ as the destination. HJT needs to be in its own folder so that the program itself isn't deleted by accident

Run HijackThis

Click SCAN and SAVE LOG. (a notepad window will open with the log in it when you click Save Log) (Ctrl-A to'select all', Ctrl-C to 'copy')

POST the log into this thread using 'Add Reply' (Ctrl-V to 'paste')
  • 0

#3
Khakiblue13
Posted 06 November 2005 - 12:38 AM

Khakiblue13

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
You are unable to run the Windows Validation Assistant.
The Windows Validation Assistant requires you to be running Windows XP or Windows Server 2003. The Windows Validation Assistant also must be run in Internet Explorer.

Since you are unable to run the Windows Validation Assistant, you may visually determine whether your operating system is genuine in the next section.




Hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 10:47:00 PM, on 11/5/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\crtn32.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE
C:\WINNT\system32\hidserv.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSMB32.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.exe
C:\WINNT\loadqm.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE
C:\Program Files\Charter High-Speed Security Suite\FSGUI\ispnews.exe
C:\DOCUME~1\WESSOR~1\LOCALS~1\Temp\785.tmp.exe
C:\WINNT\system32\ntjo32.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINNT\System32\drwtsn32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINNT\regedit.exe
C:\Program Files\PC Health Plan\PC Health Plan.exe
C:\WINNT\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\system32\payyd.dll/sp.html#17702
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\payyd.dll/sp.html#17702
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\system32\payyd.dll/sp.html#17702
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\system32\payyd.dll/sp.html#17702
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\payyd.dll/sp.html#17702
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\system32\payyd.dll/sp.html#17702
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\system32\payyd.dll/sp.html#17702
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_5_7_0.dll
O2 - BHO: Class - {462A9317-830B-5F4A-F8F4-13D2DA424D28} - C:\WINNT\system32\javacu32.dll
O2 - BHO: Class - {4CEC2F94-A95D-2D77-391C-69844CED2A96} - C:\WINNT\system32\javaee32.dll
O2 - BHO: Security Toolbar - {68FF9E0F-2E96-4467-87FA-1A8B9734C7E7} - C:\Documents and Settings\Wess Orso\Local Settings\Application Data\ssstbar\sssTbar.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0\ycomp5_5_7_0.dll
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Security Toolbar - {68FF9E0F-2E96-4467-87FA-1A8B9734C7E7} - C:\Documents and Settings\Wess Orso\Local Settings\Application Data\ssstbar\sssTbar.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Charter High-Speed Security Suite\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [785.tmp.exe] C:\DOCUME~1\WESSOR~1\LOCALS~1\Temp\785.tmp.exe
O4 - HKLM\..\Run: [ntjo32.exe] C:\WINNT\system32\ntjo32.exe
O4 - HKLM\..\Run: [mcappins.exe] "C:\DOCUME~1\WESSOR~1\LOCALS~1\Temp\vsp9enus.tmp\vs\mcappins.exe" vsocfg.ini
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\WESSOR~1\LOCALS~1\Temp\2005115181030_mcinfo.exe /insfin
O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\WESSOR~1\LOCALS~1\Temp\2005115181543_mcappins.exe /v=3 /cleanup
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://cgi.verizon.net/bookmarks/bmredir.asp?region=west&bw=dsl&cd=4.0&bm=ho_home
O16 - DPF: {04BEAB9D-5C42-4C40-BBF0-C6C7470AD2B2} (CupidBar) - http://www.cupidusa....pidstoolbar.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {2BFEED4A-C72C-4C38-820B-29384891E882} - http://www.snap.emcp...tubpack1.10.CAB
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zone...ctor/WebAAS.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - http://www.disney.go...GameManager.cab
O23 - Service: Remote Procedure Call (RPC) Helper ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINNT\crtn32.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - (no file)
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE
O23 - Service: Hardware Clock Driver (hwclock) - HP - (no file)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe
  • 0

#4
OwNt
Posted 06 November 2005 - 12:51 AM

OwNt

    Malware Expert

  • Retired Staff
  • 7,457 posts
Hello, Khakiblue13.

You may want to print out these instructions or save them to your desktop as a text file with Notepad because we will be restarting into Safe Mode later on in the fix and you might not be able to access the Internet.
  • Prepare CWShredder for use:
    • Download CWShredder.
    • Save CWShredder.exe to a convenient location.
    • Please do not do anything with it yet.
  • Prepare AboutBuster for use:
    • Download AboutBuster.
    • Unzip the contents of AboutBuster.zip and an AboutBuster directory will be created.
    • Navigate to the AboutBuster directory and double-click on AboutBuster.exe.
    • Click "OK" at the prompt with instructions.
    • Click "Update" and then "Check For Update" to begin the update process.
    • If any updates exist please download them by clicking "Download Update".
    • You should not run the program yet so click "Exit".
  • Prepare cwsserviceremove.reg for use:
    • Download cwsserviceremove.zip.
    • Unzip the contents of cwsserviceremove.zip (cwsserviceremove.reg) to your desktop.
    • Please do not do anything with it yet.
Reconfigure Windows XP to show hidden files:
Click Start. Open My Computer.
Select the Tools menu and click Folder Options. Select the View Tab.

Under the Hidden files and folders heading select "Show hidden files and folders".
Uncheck the "Hide protected operating system files (recommended)" option.
Uncheck the "Hide file extensions for known file types" option.
Click Yes to confirm. Click OK.

Boot into Safe Mode:
Restart your computer and immediately begin tapping the F8 key on your keyboard.
If done right a Windows Advanced Options menu will appear. Select the Safe Mode option and press Enter.
To return to normal mode just restart your computer as you normally would.
  • Run CWShredder:
    • Double-click on CWShredder.exe.
    • Click "Fix ->" and click "OK" at the prompt.
    • CWShredder will scan and clean your system of CWS files.
    • Click "Next->" and then "Exit".
  • Remove the offending service:
    • Double-click on cwsserviceremove.reg you downloaded earlier.
    • When it asks you to merge the information to the registry click "Yes".
  • Run AboutBuster and save the logs:
    • Browse to where you saved AboutBuster and run AboutBuster.exe.
    • Click OK at the directions prompt.
    • Click Start and then OK to allow AboutBuster to scan for Alternate Data Streams.
    • Click Yes to allow it to shutdown explorer.exe.
    • It will begin to your computer for malicious files. If it asks if you would like to do a second pass, allow it to do so.
    • When it has finished, click Save Log. Make sure you save it as I need a copy of it.
  • Clean out temporary files:
    • Start | Run | type cleanmgr | OK
    • Let it scan your system for files to remove.
    • Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
    • Click "OK" to remove them.
    • Click "Yes" to confirm the deletion.
  • Restart your computer normally to return to normal mode.
  • Free TrendMicro Housecall scan:
    • Vist the TrendMicro Housecall website.
    • Select your country from the drop-down list and click "Go".
    • Choose "Yes" at the ActiveX Security Warning prompt.
    • Please wait while the Housecall engine is updated.
    • Select the drives to be scanned by placing a check in their respective boxes.
    • Check the "Auto Clean" box.
    • Click "SCAN" in order to begin scanning your system.
    • Please be patient while Housecall scans your system for malicious files.
    • If not auto-cleaned, remove anything it finds.
    • Click "Close" to exit the Housecall scanner.
    • Choose "Yes" at the HouseCall message prompt.
  • Prepare your reply:
    • Please post a fresh HijackThis log
    • Please post the AboutBuster log.
    • Please note any complications you had.

  • 0

#5
Khakiblue13
Posted 06 November 2005 - 12:59 AM

Khakiblue13

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Thank you so much doing it now :tazz:
  • 0

#6
Khakiblue13
Posted 06 November 2005 - 02:04 AM

Khakiblue13

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Okay I went to safe mode and did everything except Aboutbuster it kept saying when I tried to run it said (Run_time error '339' Component ' comct132. ocx or one of its dependencies not correctly registered a file is missing or invalid

when i tried to use Trendmicro I got IEXPLORE.exe has generated errors and will be closing an error log is being created

I am at lost here please help me.
  • 0

#7
Khakiblue13
Posted 06 November 2005 - 02:58 AM

Khakiblue13

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
OwNt need your help or someone please
  • 0

#8
Khakiblue13
Posted 06 November 2005 - 05:46 AM

Khakiblue13

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
please help
  • 0

#9
OwNt
Posted 06 November 2005 - 07:27 AM

OwNt

    Malware Expert

  • Retired Staff
  • 7,457 posts
Hello, Khakiblue13.

Please download missingfilesetup here and install it.

Then follow the steps I outlined again. Nevermind Housecall for now.
  • 0

#10
Khakiblue13
Posted 06 November 2005 - 10:55 AM

Khakiblue13

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
The program is installed but there is no information coming up when I push finish installtion. There nothing happing all I see is the setup icon on desktop
  • 0

Advertisements

#11
OwNt
Posted 06 November 2005 - 11:22 AM

OwNt

    Malware Expert

  • Retired Staff
  • 7,457 posts
Hello, Khakiblue13.

Please see if About:Buster will run now.

If it does, please follow my original instructions.
  • 0

#12
Khakiblue13
Posted 06 November 2005 - 11:42 AM

Khakiblue13

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
no didnt work
  • 0

#13
OwNt
Posted 06 November 2005 - 11:55 AM

OwNt

    Malware Expert

  • Retired Staff
  • 7,457 posts
Is it still the exact same error? If it is a different one, when does it appear?
  • 0

#14
Khakiblue13
Posted 06 November 2005 - 12:00 PM

Khakiblue13

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
it the same error
  • 0

#15
OwNt
Posted 06 November 2005 - 12:42 PM

OwNt

    Malware Expert

  • Retired Staff
  • 7,457 posts
Hello, Khakiblue13.

Please download MSCOMCTL.OCX Here and save it to your desktop.

Copy it to C:\WINNT\system32\MSCOMCTL.OCX If asked if you want to replace the current one, answer yes.

Go to Start > Run

Type regsvr32 \WINNT\system32\MSCOMCTL.OCX

You should see a message saying something like DllRegisterServer ... succeeded

Please reboot and try running About:Buster in safe mode, will it open at all yet?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP