Solved

XP Explorer Crashes When Using: Right-click Send-To; Choosing 'Folders' in My Comp.; Typing in Address bar and pressing enter

Posted on 2004-09-19
19
388 Views
Last Modified: 2012-08-14
I have had this problem for some time but it is now affecting a new bit of software which requires the folder explorer bar to operate.

Explorer crashes (ie active window closes, screen goes blank, then all open apps return except the active window were the action occured) when doing any of the following:

- in My Computer if i click on the Folders icon, or choose View_ Explorer Bar_ Folders (breifly see folders before crashing)

- if i Right-Click an icon and choose the Send-To option (crashes before showing the sub categories)

- when right-clicking a folder and choosing "Explore" (this is a strange one and can sometimes work; but is hit and miss - Open which apears to be the same function works better)

- also when typing web addresses in the IE address bar - this also sometimes can be ok, but i tend to stick with the ever reliable google toolbar these days!

Can anyone see how these things are linked together and how they could be fixed!?

Thanks in advance.....

0
Comment
Question by:jamespyer
19 Comments
 
LVL 1

Expert Comment

by:mmbutt
Comment Utility
It could be a spyware.
try Start > Run > MSConfig
go to Startup tab and disable all
Reboot

or try any anti-spyware
or copy ur hijackthis log and paste it into http://www.hijackthis.de/index.php?langselect=english

if everything is fine then the possiblity is the iexplore.exe or explorer.exe are corrupt.

hopefully it'll help
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
Comment Utility
Hello jamespyer =)

Does this happen in Safemode also ??
If NO then this can be becoz of a background running application, do the msconfig step, but DONT Disable All, leave the ones for ur AntiVirus and Firewall, and disable all other programs :)

and if DOES happen in safemode also, then first thing to try will be a SFC Scan....
Goto START>RUN and type  sfc /scannow
u will need ur WinXP CD in order to fix the corrupted windows system files, if found by scan.

I was thinkng of a corrupted right click Context menu entry, but u said this also happens while typing addresses in IE, so i thought it cannot be related to context menu entries :)

Well Post Back and Good Luck :)
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
Comment Utility
abd btw u can Download hijackthis from here >> http://www.spychecker.com/program/hijackthis.html
and then post its Log in the above analyse site mentioned by mmbutt for its analysation :)
0
 
LVL 1

Expert Comment

by:poeticlykist
Comment Utility
just expanding on eveyrone else,

it sounds like u have a worm in particular (if it is indeed a virus).

i had a similar problem with send to, but it was when trying to read a cd that had bad sectors on it. could be something similar (u might have corruptions)

i second hijackthis :)
0
 

Author Comment

by:jamespyer
Comment Utility
Cheers, have tried the MS Config thing and still had the same problems, did look like there were some odd things in there though - some written in chinse style characters, when reopening it said those apps could not find files they were looking for.  Am running a SFC scan now...

Heres the output from the hijack this scan... does this give any clues?:


Logfile of HijackThis v1.97.7
Scan saved at 21:48:19, on 19/09/2004
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
C:\WINDOWS\System32\qttask.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\WLAN\Wireless LAN Utility\WlanMonitor.exe
C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\James\Local Settings\Temporary Internet Files\Content.IE5\HZF31DSE\HijackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.meshcomputers.com
R3 - URLSearchHook: (no name) -  - (no file)
F1 - win.ini: load=??? ???      ??? ? ? ?????
F1 - win.ini: run=??? ???      ??? ? ? ?????
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\downloaded program files\googletoolbar2.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [WebScan] C:\PROGRA~1\ACCELE~1\ANTI-V~1\DEFSCA~1.EXE -k
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\System32\qttask.exe
O4 - HKLM\..\Run: [PDF Converter Registry Controller] "C:\Program Files\ScanSoft\PDF Converter\RegistryController.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [KRY] C:\WINDOWS\KRY.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Configuration & Monitor Utility.lnk = ?
O4 - Global Startup: LG Sync Manager.lnk = ?
O4 - Global Startup: LG SyncManager.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open PDF in Word - res://C:\Program Files\ScanSoft\PDF Converter\IEShellExt.dll /100
O8 - Extra context menu item: Similar Pages - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Yahoo! Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O14 - IERESET.INF: START_PAGE_URL=http://www.meshcomputers.com
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.bitstream.com/wfplayer/tdserver.cab
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://activex.microsoft.com/activex/controls/macromedia/Swdir.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a224.g.akamai.net/7/224/52/20010620/qtinstall.info.apple.com/qt502/us/win/QuickTimeInstaller.exe
O16 - DPF: {5B27C20D-FFB6-4054-BA78-DE4A059BC75A} (Microsoft Office Template Downloader) - http://office.microsoft.com/uk/TemplateGallery/msotd.cab
O16 - DPF: {638AF6A2-81A1-4655-9FFA-9FC09CDE22CF} (CScanner Object) - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/en/filesharingctrl.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/en/deleon/1.1.48-deleon/GoogleNav.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {AC1509FE-73A4-426B-8A2C-A289903D1E61} (LuraDocument ActiveX) - file://C:\Program Files\Algo Vision LuraTech\ActiveX Controls Setup\ldfx.cab
O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\SuperCD\IntraLaunch.CAB
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {C9B08199-657A-468D-A26B-692137572131} (FFHostContainer Class) - http://www.focusfocus.com/download/windows/ffhost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D59931FE-DC91-11D2-88D5-000000000000} (FocusFocusChat Class) - http://www.focusfocus.com/download/windows/ffcall.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup145.cab
O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} - http://fdl.msn.com/public/chat/msnchat4.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4321/mcfscan.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://pv1fd.pav1.hotmail.msn.com/activex/HMAtchmt.ocx

0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
Comment Utility
First thing u are still using the OLD version,,,,, plzz download the new version from the link i provided and then run it to get the log, and post it here :)

and are u running a Chinese version of XP or only these files are appearing in chinese characters :-?
0
 

Author Comment

by:jamespyer
Comment Utility
Ok, will download the new version this evening and repost the log (this time +6 hours).
Definately a English version of XP (Home Edition), thats why those chinese chars are odd.. > something i didn't put on there!
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
Comment Utility
ok im waiting for the new log...... and those chinese characters are definately the BAD ones then,,,,, :-/
0
 

Author Comment

by:jamespyer
Comment Utility
That link took me to v1.97.7, enven though the title says 1.98.2, anyway found this one on download.com:  v1.98.2  hope this is the latest one?

Logfile of HijackThis v1.98.2
Scan saved at 21:28:31, on 20/09/2004
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\qttask.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\WLAN\Wireless LAN Utility\WlanMonitor.exe
C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe
C:\Program Files\JGsoft\EditPadLite\EditPad.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\unzipped\hijackthis[1]\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.meshcomputers.com
R3 - URLSearchHook: (no name) -  - (no file)
F3 - REG:win.ini: load=??? ???      ??? ? ? ?????
F3 - REG:win.ini: run=??? ???      ??? ? ? ?????
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\downloaded program files\googletoolbar2.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [WebScan] C:\PROGRA~1\ACCELE~1\ANTI-V~1\DEFSCA~1.EXE -k
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\System32\qttask.exe
O4 - HKLM\..\Run: [PDF Converter Registry Controller] "C:\Program Files\ScanSoft\PDF Converter\RegistryController.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [KRY] C:\WINDOWS\KRY.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Configuration & Monitor Utility.lnk = ?
O4 - Global Startup: LG Sync Manager.lnk = ?
O4 - Global Startup: LG SyncManager.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open PDF in Word - res://C:\Program Files\ScanSoft\PDF Converter\IEShellExt.dll /100
O8 - Extra context menu item: Similar Pages - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.meshcomputers.com
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.bitstream.com/wfplayer/tdserver.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://activex.microsoft.com/activex/controls/macromedia/Swdir.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a224.g.akamai.net/7/224/52/20010620/qtinstall.info.apple.com/qt502/us/win/QuickTimeInstaller.exe
O16 - DPF: {638AF6A2-81A1-4655-9FFA-9FC09CDE22CF} (CScanner Object) - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/en/filesharingctrl.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/en/deleon/1.1.48-deleon/GoogleNav.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {AC1509FE-73A4-426B-8A2C-A289903D1E61} (LuraDocument ActiveX) - file://C:\Program Files\Algo Vision LuraTech\ActiveX Controls Setup\ldfx.cab
O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\SuperCD\IntraLaunch.CAB
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {C9B08199-657A-468D-A26B-692137572131} (FFHostContainer Class) - http://www.focusfocus.com/download/windows/ffhost.cab
O16 - DPF: {D59931FE-DC91-11D2-88D5-000000000000} (FocusFocusChat Class) - http://www.focusfocus.com/download/windows/ffcall.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup145.cab
O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} - http://fdl.msn.com/public/chat/msnchat4.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4321/mcfscan.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://pv1fd.pav1.hotmail.msn.com/activex/HMAtchmt.ocx
O21 - SSODL: systemie - {2F5485D3-4AE5-42EC-82A7-6B7952BA1421} - sysie.dll (file missing)

0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 65

Expert Comment

by:SheharyaarSaahil
Comment Utility
>> That link took me to v1.97.7, enven though the title says 1.98.2,
exactly.... that's why i got confused,,, sorry abt that =(

and now here are some lines which u need to Fix !!
beore fixing make sure that all explorer and browser windows are closed and u are disconnected from internet !!

=============================================================
R3 - URLSearchHook: (no name) -  - (no file)
F3 - REG:win.ini: load=??? ???     ??? ? ? ?????
F3 - REG:win.ini: run=??? ???     ??? ? ? ?????
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [KRY] C:\WINDOWS\KRY.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {AC1509FE-73A4-426B-8A2C-A289903D1E61} (LuraDocument ActiveX) - file://C:\Program Files\Algo Vision LuraTech\ActiveX Controls Setup\ldfx.cab
O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\SuperCD\IntraLaunch.CAB
O21 - SSODL: systemie - {2F5485D3-4AE5-42EC-82A7-6B7952BA1421} - sysie.dll (file missing)
=================================================================

then can u see this line >> F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
it need a slight change, there shud be a "comma" in the end of this line, liek this >> C:\WINDOWS\System32\Userinit.exe,

so goto Start>Run>regedit and navigate to the following key

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

in the right pane, double click on the UserInit key, u can see the value data as >> C:\WINDOWS\System32\Userinit.exe
put a , in the end of this so that it looks like >> C:\WINDOWS\System32\Userinit.exe,
save the key and close regedit

now restart ur system and check if u are facing the same problems or not ??
Post Back and Good Luck :)
0
 

Author Comment

by:jamespyer
Comment Utility
thought you had it there! Still at least that a few problems fixed on the computer!  The ones of issue are still there though i'm afraid.

I re-ran the hijack this and the ones we were removed were gone.

Also ran Adaware and got this log if it helps ?  (have removed the objects it found)

Any other ideas!? :)


Lavasoft Ad-aware Personal Build 6.181
Logfile created on  :20 September 2004 22:31:51
Created with Ad-aware Personal, free for private use.
Using reference-file :01R341 14.09.2004
______________________________________________________

Reffile status:
=========================
Reference file loaded:
Reference Number : 01R303 08.05.2004
Internal build : 235
File location : C:\Program Files\Lavasoft\Ad-aware 6\reflist.ref
Total size : 1096786 Bytes
Signature data size : 1078166 Bytes
Reference data size : 18556 Bytes
Signatures total : 24182
Target categories : 10
Target families : 463
20-09-2004 22:31:24 Error retrieving update

20-09-2004 22:31:33 Performing Webupdate...

Installing Update...
Reference file loaded:
Reference Number : 01R341 14.09.2004
Internal build : 275
File location : C:\Program Files\Lavasoft\Ad-aware 6\reflist.ref
Total size : 1336435 Bytes
Signature data size : 1314779 Bytes
Reference data size : 21592 Bytes
Signatures total : 29077
Target categories : 10
Target families : 542

20-09-2004 22:31:46 Success.
Update successfully downlodaded and installed.


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:75 %
Total physical memory:1310240 kb
Available physical memory:972172 kb
Total page file size:1555696 kb
Available on page file:1365928 kb
Total virtual memory:2097024 kb
Available virtual memory:2047192 kb
OS:

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file


20-09-2004 22:31:51 - Scan started. (Smart mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [smss.exe]
    FilePath           : \SystemRoot\System32\
    ThreadCreationTime : 20-09-2004 21:25:53
    BasePriority       : Normal


#:2 [winlogon.exe]
    FilePath           : \??\C:\WINDOWS\system32\
    ThreadCreationTime : 20-09-2004 21:26:04
    BasePriority       : High


#:3 [services.exe]
    FilePath           : C:\WINDOWS\system32\
    ThreadCreationTime : 20-09-2004 21:26:09
    BasePriority       : Normal
    FileSize           : 99 KB
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    CompanyName        : Microsoft Corporation
    FileDescription    : Services and Controller app
    InternalName       : services.exe
    OriginalFilename   : services.exe
    ProductName        : Microsoft
    Created on         : 19/10/2001 00:30:17
    Last accessed      : 20/09/2004 21:26:09
    Last modified      : 18/08/2001 13:00:00

#:4 [lsass.exe]
    FilePath           : C:\WINDOWS\system32\
    ThreadCreationTime : 20-09-2004 21:26:09
    BasePriority       : Normal
    FileSize           : 11 KB
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    CompanyName        : Microsoft Corporation
    FileDescription    : LSA Shell (Export Version)
    InternalName       : lsass.exe
    OriginalFilename   : lsass.exe
    ProductName        : Microsoft
    Created on         : 19/10/2001 00:29:56
    Last accessed      : 20/09/2004 21:26:09
    Last modified      : 18/08/2001 13:00:00

#:5 [svchost.exe]
    FilePath           : C:\WINDOWS\system32\
    ThreadCreationTime : 20-09-2004 21:26:22
    BasePriority       : Normal
    FileSize           : 12 KB
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    CompanyName        : Microsoft Corporation
    FileDescription    : Generic Host Process for Win32 Services
    InternalName       : svchost.exe
    OriginalFilename   : svchost.exe
    ProductName        : Microsoft
    Created on         : 19/10/2001 00:30:21
    Last accessed      : 20/09/2004 21:26:22
    Last modified      : 18/08/2001 13:00:00

#:6 [svchost.exe]
    FilePath           : C:\WINDOWS\System32\
    ThreadCreationTime : 20-09-2004 21:26:22
    BasePriority       : Normal
    FileSize           : 12 KB
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    CompanyName        : Microsoft Corporation
    FileDescription    : Generic Host Process for Win32 Services
    InternalName       : svchost.exe
    OriginalFilename   : svchost.exe
    ProductName        : Microsoft
    Created on         : 19/10/2001 00:30:21
    Last accessed      : 20/09/2004 21:26:22
    Last modified      : 18/08/2001 13:00:00

#:7 [smc.exe]
    FilePath           : C:\Program Files\Sygate\SPF\
    ThreadCreationTime : 20-09-2004 21:26:22
    BasePriority       : Normal
    FileSize           : 2289 KB
    FileVersion        : 5.5.00.2525
    ProductVersion     : 5.5.00.2525
    Copyright          : Copyright  
    CompanyName        : Sygate Technologies, Inc.
    FileDescription    : Sygate Agent Firewall
    InternalName       : Smc
    OriginalFilename   : Smc.EXE
    ProductName        : Sygate
    Created on         : 24/12/2003 14:44:56
    Last accessed      : 20/09/2004 21:26:42
    Last modified      : 24/12/2003 14:44:56

#:8 [ccsetmgr.exe]
    FilePath           : C:\Program Files\Common Files\Symantec Shared\
    ThreadCreationTime : 20-09-2004 21:26:39
    BasePriority       : Normal
    FileSize           : 229 KB
    FileVersion        : 2.1.0.610
    ProductVersion     : 2.1.0.610
    Copyright          : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
    CompanyName        : Symantec Corporation
    FileDescription    : Common Client Settings Manager Service
    InternalName       : ccSetMgr
    OriginalFilename   : ccSetMgr.exe
    ProductName        : Common Client
    Created on         : 27/01/2004 21:30:50
    Last accessed      : 20/09/2004 21:26:39
    Last modified      : 10/11/2003 13:30:12

#:9 [ccevtmgr.exe]
    FilePath           : C:\Program Files\Common Files\Symantec Shared\
    ThreadCreationTime : 20-09-2004 21:26:42
    BasePriority       : Normal
    FileSize           : 249 KB
    FileVersion        : 2.1.0.610
    ProductVersion     : 2.1.0.610
    Copyright          : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
    CompanyName        : Symantec Corporation
    FileDescription    : Common Client Event Manager Service
    InternalName       : ccEvtMgr
    OriginalFilename   : ccEvtMgr.exe
    ProductName        : Common Client
    Created on         : 27/01/2004 21:30:49
    Last accessed      : 20/09/2004 21:26:42
    Last modified      : 10/11/2003 13:30:04

#:10 [spoolsv.exe]
    FilePath           : C:\WINDOWS\system32\
    ThreadCreationTime : 20-09-2004 21:26:46
    BasePriority       : Normal
    FileSize           : 50 KB
    FileVersion        : 5.1.2600.0 (XPClient.010817-1148)
    ProductVersion     : 5.1.2600.0
    CompanyName        : Microsoft Corporation
    FileDescription    : Spooler SubSystem App
    InternalName       : spoolsv.exe
    OriginalFilename   : spoolsv.exe
    ProductName        : Microsoft
    Created on         : 19/10/2001 00:30:20
    Last accessed      : 20/09/2004 21:26:46
    Last modified      : 18/08/2001 13:00:00

#:11 [rundll32.exe]
    FilePath           : C:\WINDOWS\system32\
    ThreadCreationTime : 20-09-2004 21:26:53
    BasePriority       : Normal
    FileSize           : 31 KB
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    CompanyName        : Microsoft Corporation
    FileDescription    : Run a DLL as an App
    InternalName       : rundll
    OriginalFilename   : RUNDLL.EXE
    ProductName        : Microsoft
    Created on         : 19/10/2001 00:30:16
    Last accessed      : 20/09/2004 21:28:48
    Last modified      : 18/08/2001 13:00:00

#:12 [navapsvc.exe]
    FilePath           : C:\Program Files\Norton AntiVirus\
    ThreadCreationTime : 20-09-2004 21:26:54
    BasePriority       : Normal
    FileSize           : 155 KB
    FileVersion        : 10.00.2
    ProductVersion     : 10.00.2
    Copyright          : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright (c) 2003 Symantec Corporation. All rights reserved.
    CompanyName        : Symantec Corporation
    FileDescription    : Norton AntiVirus Auto-Protect Service
    InternalName       : NAVAPSVC
    OriginalFilename   : NAVAPSVC.EXE
    ProductName        : Norton AntiVirus
    Created on         : 16/05/2004 08:26:36
    Last accessed      : 20/09/2004 21:24:33
    Last modified      : 23/04/2004 10:04:18

#:13 [nprotect.exe]
    FilePath           : C:\Program Files\Norton AntiVirus\AdvTools\
    ThreadCreationTime : 20-09-2004 21:26:54
    BasePriority       : Normal
    FileSize           : 132 KB
    FileVersion        : 16.00.0.22
    ProductVersion     : 16.00.0.22
    Copyright          : Copyright (C) 2003 Symantec Corporation
    CompanyName        : Symantec Corporation
    FileDescription    : Norton Protection Status
    InternalName       : NPROTECT
    OriginalFilename   : NPROTECT.EXE
    ProductName        : Norton Utilities
    Created on         : 31/01/2004 16:38:58
    Last accessed      : 20/09/2004 21:26:54
    Last modified      : 14/08/2002 06:03:00

#:14 [nvsvc32.exe]
    FilePath           : C:\WINDOWS\System32\
    ThreadCreationTime : 20-09-2004 21:26:55
    BasePriority       : Normal
    FileSize           : 56 KB
    FileVersion        : 5.13.01.2183
    ProductVersion     : 5.13.01.2183
    Copyright          : Copyright  
    CompanyName        : NVIDIA Corporation
    FileDescription    : NVIDIA Driver Helper Service, Version 21.83
    InternalName       : NVSVC
    OriginalFilename   : nvsvc32.exe
    ProductName        : NVIDIA Driver Helper Service, Version 21.83
    Created on         : 19/10/2001 00:54:15
    Last accessed      : 20/09/2004 21:26:55
    Last modified      : 14/09/2001 16:52:00

#:15 [tcpsvcs.exe]
    FilePath           : C:\WINDOWS\System32\
    ThreadCreationTime : 20-09-2004 21:26:58
    BasePriority       : Normal
    FileSize           : 19 KB
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    CompanyName        : Microsoft Corporation
    FileDescription    : TCP/IP Services Application
    InternalName       : TCPSVCS.EXE
    OriginalFilename   : TCPSVCS.EXE
    ProductName        : Microsoft
    Created on         : 19/10/2001 00:30:22
    Last accessed      : 20/09/2004 21:26:58
    Last modified      : 18/08/2001 13:00:00

#:16 [snmp.exe]
    FilePath           : C:\WINDOWS\System32\
    ThreadCreationTime : 20-09-2004 21:26:59
    BasePriority       : Normal
    FileSize           : 29 KB
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    CompanyName        : Microsoft Corporation
    FileDescription    : SNMP Service
    InternalName       : snmp.exe
    OriginalFilename   : snmp.exe
    ProductName        : Microsoft
    Created on         : 08/12/2003 13:21:59
    Last accessed      : 20/09/2004 21:26:59
    Last modified      : 18/08/2001 13:00:00

#:17 [svchost.exe]
    FilePath           : C:\WINDOWS\System32\
    ThreadCreationTime : 20-09-2004 21:27:00
    BasePriority       : Normal
    FileSize           : 12 KB
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    CompanyName        : Microsoft Corporation
    FileDescription    : Generic Host Process for Win32 Services
    InternalName       : svchost.exe
    OriginalFilename   : svchost.exe
    ProductName        : Microsoft
    Created on         : 19/10/2001 00:30:21
    Last accessed      : 20/09/2004 21:26:22
    Last modified      : 18/08/2001 13:00:00

#:18 [symlcsvc.exe]
    FilePath           : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
    ThreadCreationTime : 20-09-2004 21:27:01
    BasePriority       : Normal
    FileSize           : 572 KB
    FileVersion        : 1, 8, 48, 77
    ProductVersion     : 1, 8, 48, 77
    Copyright          : Copyright (C) 2003
    CompanyName        : Symantec Corporation
    FileDescription    : Symantec Core Component
    InternalName       : symlcsvc
    OriginalFilename   : symlcsvc.exe
    ProductName        : Symantec Core Component
    Created on         : 27/01/2004 20:37:46
    Last accessed      : 20/09/2004 21:27:01
    Last modified      : 27/01/2004 20:37:45

#:19 [mspmspsv.exe]
    FilePath           : C:\WINDOWS\System32\
    ThreadCreationTime : 20-09-2004 21:27:04
    BasePriority       : Normal
    FileSize           : 52 KB
    FileVersion        : 7.00.00.1956
    ProductVersion     : 7.00.00.1956
    Copyright          : Copyright (C) Microsoft Corp. 1981-2000
    CompanyName        : Microsoft Corporation
    FileDescription    : WMDM PMSP Service
    InternalName       : MSPMSPSV.EXE
    OriginalFilename   : MSPMSPSV.EXE
    ProductName        : Microsoft (R) DRM
    Created on         : 08/08/2000 12:32:12
    Last accessed      : 20/09/2004 21:27:04
    Last modified      : 08/08/2000 12:32:12

#:20 [explorer.exe]
    FilePath           : C:\WINDOWS\
    ThreadCreationTime : 20-09-2004 21:27:24
    BasePriority       : Normal
    FileSize           : 977 KB
    FileVersion        : 6.00.2600.0000 (xpclient.010817-1148)
    ProductVersion     : 6.00.2600.0000
    CompanyName        : Microsoft Corporation
    FileDescription    : Windows Explorer
    InternalName       : explorer
    OriginalFilename   : EXPLORER.EXE
    ProductName        : Microsoft
    Created on         : 19/10/2001 00:29:49
    Last accessed      : 20/09/2004 21:27:28
    Last modified      : 18/08/2001 13:00:00

#:21 [ccapp.exe]
    FilePath           : C:\Program Files\Common Files\Symantec Shared\
    ThreadCreationTime : 20-09-2004 21:27:59
    BasePriority       : Normal
    FileSize           : 69 KB
    FileVersion        : 2.1.0.610
    ProductVersion     : 2.1.0.610
    Copyright          : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
    CompanyName        : Symantec Corporation
    FileDescription    : Common Client User Session
    InternalName       : ccApp
    OriginalFilename   : ccApp.exe
    ProductName        : Common Client
    Created on         : 27/01/2004 21:30:49
    Last accessed      : 20/09/2004 21:27:59
    Last modified      : 10/11/2003 13:30:02

#:22 [wuauclt.exe]
    FilePath           : C:\WINDOWS\System32\
    ThreadCreationTime : 20-09-2004 21:28:11
    BasePriority       : Normal
    FileSize           : 111 KB
    FileVersion        : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
    ProductVersion     : 5.4.3790.2182
    CompanyName        : Microsoft Corporation
    FileDescription    : Automatic Updates
    InternalName       : wuauclt.exe
    OriginalFilename   : wuauclt.exe
    ProductName        : Microsoft
    Created on         : 19/10/2001 00:43:59
    Last accessed      : 20/09/2004 21:24:53
    Last modified      : 03/08/2004 13:02:20

#:23 [evntsvc.exe]
    FilePath           : C:\Program Files\Common Files\Real\Update_OB\
    ThreadCreationTime : 20-09-2004 21:28:27
    BasePriority       : Normal
    FileSize           : 143 KB
    FileVersion        : 0.1.0.880
    ProductVersion     : 0.1.0.880
    Copyright          : Copyright  
    CompanyName        : RealNetworks, Inc.
    FileDescription    : RealNetworks Scheduler
    InternalName       : schedapp
    OriginalFilename   : evntsvc.EXE
    ProductName        : RealOne Player (32-bit)
    Created on         : 05/01/2002 16:17:19
    Last accessed      : 20/09/2004 21:28:27
    Last modified      : 06/03/2002 20:40:57

#:24 [usrprmpt.exe]
    FilePath           : C:\Program Files\Common Files\Symantec Shared\Security Center\
    ThreadCreationTime : 20-09-2004 21:28:33
    BasePriority       : Normal
    FileSize           : 213 KB
    FileVersion        : 2005.1.00.111
    ProductVersion     : 2005.1
    Copyright          : Copyright (c) 1997-2004 Symantec Corporation
    CompanyName        : Symantec Corporation
    FileDescription    : Norton Security Center Helper
    InternalName       : UsrPrmpt.dll
    OriginalFilename   : UsrPrmpt.dll
    ProductName        : Norton Security Center
    Created on         : 05/08/2004 16:23:14
    Last accessed      : 20/09/2004 21:28:34
    Last modified      : 05/08/2004 16:23:14

#:25 [qttask.exe]
    FilePath           : C:\WINDOWS\System32\
    ThreadCreationTime : 20-09-2004 21:28:35
    BasePriority       : Normal
    FileSize           : 28 KB
    Created on         : 28/11/2001 20:59:19
    Last accessed      : 20/09/2004 21:28:35
    Last modified      : 28/11/2001 20:59:19

#:26 [lvcoms.exe]
    FilePath           : C:\Program Files\Common Files\Logitech\QCDriver\
    ThreadCreationTime : 20-09-2004 21:28:41
    BasePriority       : Normal
    FileSize           : 84 KB
    FileVersion        : 5.6.0.6109
    ProductVersion     : 5.6.0.6109
    CompanyName        : Logitech Inc.
    FileDescription    : LVCom Server
    InternalName       : LVComS.exe
    OriginalFilename   : LVComS.exe
    ProductName        : Logitech QuickCam
    Created on         : 19/11/2001 21:40:52
    Last accessed      : 20/09/2004 21:28:41
    Last modified      : 26/06/2001 18:49:58

#:27 [em_exec.exe]
    FilePath           : C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\
    ThreadCreationTime : 20-09-2004 21:28:44
    BasePriority       : Normal
    FileSize           : 34 KB
    FileVersion        : 9.41.4
    ProductVersion     : 9.41.2
    Copyright          : Copyright  
    CompanyName        : Logitech Inc.                    
    FileDescription    : Control Center
    InternalName       : EM_EXEC
    OriginalFilename   : EM_EXEC.CPP
    ProductName        : MouseWare
    Created on         : 27/11/2001 15:27:32
    Last accessed      : 20/09/2004 21:28:44
    Last modified      : 04/10/2001 09:41:00

#:28 [cfd.exe]
    FilePath           : C:\Program Files\BroadJump\Client Foundation\
    ThreadCreationTime : 20-09-2004 21:28:49
    BasePriority       : Normal
    FileSize           : 360 KB
    Created on         : 18/03/2004 14:48:27
    Last accessed      : 20/09/2004 21:28:49
    Last modified      : 10/09/2002 21:26:26

#:29 [msmsgs.exe]
    FilePath           : C:\Program Files\Messenger\
    ThreadCreationTime : 20-09-2004 21:28:57
    BasePriority       : Normal
    FileSize           : 1456 KB
    FileVersion        : 4.7.2009
    ProductVersion     : Version 4.7
    Copyright          : Copyright (c) Microsoft Corporation 1997-2003
    CompanyName        : Microsoft Corporation
    FileDescription    : Messenger
    InternalName       : msmsgs
    OriginalFilename   : msmsgs.exe
    ProductName        : Messenger
    Created on         : 14/04/2003 19:30:14
    Last accessed      : 20/09/2004 21:24:10
    Last modified      : 14/04/2003 19:30:14

#:30 [ctfmon.exe]
    FilePath           : C:\WINDOWS\System32\
    ThreadCreationTime : 20-09-2004 21:28:58
    BasePriority       : Normal
    FileSize           : 13 KB
    FileVersion        : 5.1.2600.0 (xpclient.010817-1148)
    ProductVersion     : 5.1.2600.0
    CompanyName        : Microsoft Corporation
    FileDescription    : CTF Loader
    InternalName       : CTFMON
    OriginalFilename   : CTFMON.EXE
    ProductName        : Microsoft
    Created on         : 19/10/2001 00:30:34
    Last accessed      : 20/09/2004 21:28:58
    Last modified      : 18/08/2001 13:00:00

#:31 [wlanmonitor.exe]
    FilePath           : C:\Program Files\WLAN\Wireless LAN Utility\
    ThreadCreationTime : 20-09-2004 21:29:07
    BasePriority       : Normal
    FileSize           : 448 KB
    FileVersion        : 3, 3, 4, 40
    ProductVersion     : 1, 0, 1, 2
    Copyright          : Copyright  
    CompanyName        : WLAN
    FileDescription    : Wireless LAN Monitor Utility
    InternalName       : WlanMonitor
    OriginalFilename   : WlanMonitor.exe
    ProductName        : Wireless LAN Monitor Utility
    Created on         : 16/10/2001 20:40:56
    Last accessed      : 20/09/2004 21:29:19
    Last modified      : 26/11/2002 14:09:56

#:32 [savscan.exe]
    FilePath           : C:\Program Files\Norton AntiVirus\
    ThreadCreationTime : 20-09-2004 21:30:14
    BasePriority       : Normal
    FileSize           : 189 KB
    FileVersion        : 9.2.1.14
    ProductVersion     : 9.2
    Copyright          : Copyright (c) 2003 Symantec Corporation
    CompanyName        : Symantec Corporation
    FileDescription    : Symantec AntiVirus Scanner
    InternalName       : SAVSCAN
    OriginalFilename   : SAVSCAN.EXE
    ProductName        : Symantec AntiVirus AutoProtect
    Created on         : 31/01/2004 16:55:32
    Last accessed      : 20/09/2004 21:27:47
    Last modified      : 04/12/2003 18:22:30

#:33 [ad-aware.exe]
    FilePath           : C:\Program Files\Lavasoft\Ad-aware 6\
    ThreadCreationTime : 20-09-2004 21:30:18
    BasePriority       : Normal
    FileSize           : 668 KB
    FileVersion        : 6.0.1.181
    ProductVersion     : 6.0.0.0
    Copyright          : Copyright  
    CompanyName        : Lavasoft Sweden
    FileDescription    : Ad-aware 6 core application
    InternalName       : Ad-aware.exe
    OriginalFilename   : Ad-aware.exe
    ProductName        : Lavasoft Ad-aware Plus
    Created on         : 11/01/2004 23:11:13
    Last accessed      : 20/09/2004 21:30:18
    Last modified      : 12/07/2003 22:00:20

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@2o7[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 04/08/2004 23:31:39
    Last accessed      : 20/09/2004 21:36:58
    Last modified      : 12/08/2004 21:53:01



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@adrevolver[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 09/05/2004 09:13:05
    Last accessed      : 20/09/2004 21:36:58
    Last modified      : 12/08/2004 22:02:57



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@ads.tripod.lycos.co[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 09/08/2004 21:48:00
    Last accessed      : 20/09/2004 21:36:58
    Last modified      : 09/08/2004 21:48:00



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@adserver.anm.co[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 19/09/2004 21:55:55
    Last accessed      : 20/09/2004 21:36:58
    Last modified      : 19/09/2004 21:55:56



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@adtech[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 04/08/2004 22:19:21
    Last accessed      : 20/09/2004 21:36:58
    Last modified      : 04/08/2004 22:19:21



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@advertising[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 12/08/2004 19:20:08
    Last accessed      : 20/09/2004 21:36:58
    Last modified      : 12/08/2004 22:02:58



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@adviva[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 19/09/2004 16:28:34
    Last accessed      : 20/09/2004 21:36:58
    Last modified      : 19/09/2004 16:28:36



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@atdmt[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 31/07/2004 12:50:22
    Last accessed      : 20/09/2004 21:36:59
    Last modified      : 31/07/2004 12:50:22



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@bluestreak[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 19/09/2004 21:56:00
    Last accessed      : 20/09/2004 21:36:59
    Last modified      : 19/09/2004 21:56:00



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@bravenet[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 23/08/2004 22:50:09
    Last accessed      : 20/09/2004 21:36:59
    Last modified      : 23/08/2004 22:50:22



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@cgi-bin[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 09/08/2004 21:46:40
    Last accessed      : 20/09/2004 21:36:59
    Last modified      : 09/08/2004 21:46:40



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@commission-junction[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 04/08/2004 20:57:14
    Last accessed      : 20/09/2004 21:37:00
    Last modified      : 04/08/2004 20:57:14



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@doubleclick[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 31/07/2004 12:48:06
    Last accessed      : 20/09/2004 21:37:00
    Last modified      : 31/07/2004 12:51:12



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@edge.ru4[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 24/08/2004 22:36:52
    Last accessed      : 20/09/2004 21:37:00
    Last modified      : 19/09/2004 22:03:15



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@ehg-nokiafin.hitbox[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 12/08/2004 19:08:59
    Last accessed      : 20/09/2004 21:37:00
    Last modified      : 12/08/2004 19:10:00



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@ehg-ufi.hitbox[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 17/08/2004 20:46:01
    Last accessed      : 20/09/2004 21:37:00
    Last modified      : 17/08/2004 20:46:01



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@etype.adbureau[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 31/07/2004 12:48:06
    Last accessed      : 20/09/2004 21:37:01
    Last modified      : 31/07/2004 12:48:06



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@fastclick[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 14/09/2004 00:11:24
    Last accessed      : 20/09/2004 21:37:01
    Last modified      : 19/09/2004 21:51:03



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@hc2.humanclick[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 11/08/2004 00:24:34
    Last accessed      : 20/09/2004 21:37:02
    Last modified      : 11/08/2004 00:24:34



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@hg1.hitbox[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 12/08/2004 19:25:09
    Last accessed      : 20/09/2004 21:37:02
    Last modified      : 12/08/2004 19:25:09



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@hitbox[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 12/08/2004 19:08:45
    Last accessed      : 20/09/2004 21:37:02
    Last modified      : 17/08/2004 20:46:01



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@kelkoo.co[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 22/07/2004 20:36:43
    Last accessed      : 20/09/2004 21:37:02
    Last modified      : 22/07/2004 20:36:43



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@mediaplex[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 04/08/2004 20:57:16
    Last accessed      : 20/09/2004 21:37:03
    Last modified      : 04/08/2004 20:57:16



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@overture[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 15/08/2004 10:58:06
    Last accessed      : 20/09/2004 21:37:04
    Last modified      : 15/08/2004 10:58:06



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@qksrv[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 04/08/2004 20:57:13
    Last accessed      : 20/09/2004 21:37:04
    Last modified      : 04/08/2004 20:57:13



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@questionmarket[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 17/08/2004 22:19:34
    Last accessed      : 20/09/2004 21:37:04
    Last modified      : 17/08/2004 22:19:37



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@realmedia[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 09/08/2004 21:48:44
    Last accessed      : 20/09/2004 21:37:04
    Last modified      : 09/08/2004 21:48:44



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@servedby.advertising[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\
    FileSize           : 1 KB
    Created on         : 14/08/2004 16:54:03
    Last accessed      : 20/09/2004 21:37:05
    Last modified      : 14/08/2004 16:54:03



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@server.iad.liveperson[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 17/08/2004 22:19:27
    Last accessed      : 20/09/2004 21:37:05
    Last modified      : 17/08/2004 22:19:27



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@statcounter[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 19/09/2004 16:55:55
    Last accessed      : 20/09/2004 21:37:06
    Last modified      : 19/09/2004 16:55:55



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@targetnet[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 10/08/2004 20:02:32
    Last accessed      : 20/09/2004 21:37:06
    Last modified      : 10/08/2004 20:03:36



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@tmpad[1].txt
    Category           : Data Miner
    Comment            : www.searchtraffic.com
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 12/08/2004 21:58:20
    Last accessed      : 20/09/2004 21:37:06
    Last modified      : 12/08/2004 21:58:20



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@trafficmp[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 12/08/2004 21:58:20
    Last accessed      : 20/09/2004 21:37:06
    Last modified      : 12/08/2004 21:58:20



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@tribalfusion[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 17/08/2004 20:46:00
    Last accessed      : 20/09/2004 21:37:07
    Last modified      : 17/08/2004 20:46:00



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@tripod[2].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 17/06/2004 22:19:46
    Last accessed      : 20/09/2004 21:37:07
    Last modified      : 17/06/2004 22:19:46



 Tracking Cookie Object recognized!
    Type               : File
    Data               : james@zedo[1].txt
    Category           : Data Miner
    Comment            :
    Object             : C:\Documents and Settings\James\Cookies\

    Created on         : 12/08/2004 21:57:03
    Last accessed      : 20/09/2004 21:37:12
    Last modified      : 12/08/2004 22:02:56


¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Hosts file scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
0 entries scanned.
New objects :0
Objects found so far: 36



 Possible Browser Hijack attempt Object recognized!
    Type               : File
    Data               : computer games.url
    Category           : Misc
    Comment            : Item referrs to blacklisted Site: http://www.lop.com/go/computer+games
    Object             : C:\Documents and Settings\James\Favorites\ Computers and Tech\

    Created on         : 21/04/2002 10:36:42
    Last accessed      : 20/09/2004 21:38:52
    Last modified      : 21/04/2002 10:36:42



 Possible Browser Hijack attempt Object recognized!
    Type               : File
    Data               : computer stores.url
    Category           : Misc
    Comment            : Item referrs to blacklisted Site: http://www.lop.com/go/computer+stores
    Object             : C:\Documents and Settings\James\Favorites\ Computers and Tech\

    Created on         : 21/04/2002 10:36:42
    Last accessed      : 20/09/2004 21:38:52
    Last modified      : 21/04/2002 10:36:42



 Possible Browser Hijack attempt Object recognized!
    Type               : File
    Data               : dedicated server.url
    Category           : Misc
    Comment            : Item referrs to blacklisted Site: http://www.lop.com/go/dedicated+server
    Object             : C:\Documents and Settings\James\Favorites\ Computers and Tech\

    Created on         : 21/04/2002 10:36:42
    Last accessed      : 20/09/2004 21:38:52
    Last modified      : 21/04/2002 10:36:42



 Possible Browser Hijack attempt Object recognized!
    Type               : File
    Data               : domain names.url
    Category           : Misc
    Comment            : Item referrs to blacklisted Site: http://www.lop.com/go/domain+names
    Object             : C:\Documents and Settings\James\Favorites\ Computers and Tech\

    Created on         : 21/04/2002 10:36:42
    Last accessed      : 20/09/2004 21:38:52
    Last modified      : 21/04/2002 10:36:42



 Possible Browser Hijack attempt Object recognized!
    Type               : File
    Data               : hardware.url
    Category           : Misc
    Comment            : Item referrs to blacklisted Site: http://www.lop.com/go/hardware
    Object             : C:\Documents and Settings\James\Favorites\ Computers and Tech\

    Created on         : 21/04/2002 10:36:42
    Last accessed      : 20/09/2004 21:38:52
    Last modified      : 21/04/2002 10:36:42



 Possible Browser Hijack attempt Object recognized!
    Type               : File
    Data               : laptops.url
    Category           : Misc
    Comment            : Item referrs to blacklisted Site: http://www.lop.com/go/laptops
    Object             : C:\Documents and Settings\James\Favorites\ Computers and Tech\

    Created on         : 21/04/2002 10:36:42
    Last accessed      : 20/09/2004 21:38:52
    Last modified      : 21/04/2002 10:36:42



 Possible Browser Hijack attempt Object recognized!
    Type               : File
    Data               : software.url
    Category           : Misc
    Comment            : Item referrs to blacklisted Site: http://www.lop.com/go/software
    Object             : C:\Documents and Settings\James\Favorites\ Computers and Tech\

    Created on         : 21/04/2002 10:36:42
    Last accessed      : 20/09/2004 21:38:52
    Last modified      : 21/04/2002 10:36:42



 Possible Browser Hijack attempt Object recognized!
    Type               : File
    Data               : web design.url
    Category           : Misc
    Comment            : Item referrs to blacklisted Site: http://www.lop.com/go/web+design
    Object             : C:\Documents and Settings\James\Favorites\ Computers and Tech\

    Created on         : 21/04/2002 10:36:42
    Last accessed      : 20/09/2004 21:38:52
    Last modified      : 21/04/2002 10:36:42



 Possible Browser Hijack attempt Object recognized!
    Type               : File
    Data               : web hosting.url
    Category           : Misc
    Comment            : Item referrs to blacklisted Site: http://www.lop.com/go/web+hosting
    Object             : C:\Documents and Settings\James\Favorites\ Computers and Tech\

    Created on         : 21/04/2002 10:36:42
    Last accessed      : 20/09/2004 21:38:52
    Last modified      : 21/04/2002 10:36:42



 Possible Browser Hijack attempt Object recognized!
    Type               : File
    Data               : mobile phones.url
    Category           : Misc
    Comment            : Item referrs to blacklisted Site: http://www.lop.com/go/mobile+phones
    Object             : C:\Documents and Settings\James\Favorites\ Computers and Tech\Telecommunication\

    Created on         : 21/04/2002 10:36:42
    Last accessed      : 20/09/2004 21:38:52
    Last modified      : 21/04/2002 10:36:42



 Possible Browser Hijack attempt Object recognized!
    Type               : File
    Data               : telecommunication.url
    Category           : Misc
    Comment            : Item referrs to blacklisted Site: http://www.lop.com/go/telecommunication
    Object             : C:\Documents and Settings\James\Favorites\ Computers and Tech\Telecommunication\

    Created on         : 21/04/2002 10:36:42
    Last accessed      : 20/09/2004 21:38:52
    Last modified      : 21/04/2002 10:36:42



 Possible Browser Hijack attempt Object recognized!
    Type               : File
    Data               : telephone.url
    Category           : Misc
    Comment            : Item referrs to blacklisted Site: http://www.lop.com/go/telephone
    Object             : C:\Documents and Settings\James\Favorites\ Computers and Tech\Telecommunication\

    Created on         : 21/04/2002 10:36:42
    Last accessed      : 20/09/2004 21:38:52
    Last modified      : 21/04/2002 10:36:42



 Possible Browser Hijack attempt Object recognized!
    Type               : File
    Data               : text sms messaging.url
    Category           : Misc
    Comment            : Item referrs to blacklisted Site: http://www.lop.com/go/text+message
    Object             : C:\Documents and Settings\James\Favorites\ Computers and Tech\Telecommunication\

    Created on         : 21/04/2002 10:36:42
    Last accessed      : 20/09/2004 21:38:52
    Last modified      : 21/04/2002 10:36:42




Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 49


22:38:57 Scan complete

Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:07:05:873
Objects scanned :54246
Objects identified :49
Objects ignored :0
New objects :49
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
Comment Utility
u mean all those problem u described in ur main question are still there or ..... ??
also u didn't tell me the results of safemode ??

also when explorer crashes, does it give u the warning of Send Error Report..... u shud see its error log.... can u copy that and post it here ??
0
 

Author Comment

by:jamespyer
Comment Utility
yes all problems still there, just spotted a IE update in add and remove programs, have tried removing that.... ah nope that didn't work!

No there is no Send Error Report when it crashes, which is odd, i'd not really noticed that before, i get them for other programs. The window closes, screen goes blank and then it thinks for a bit before giving me the other programs that are open back.

Tried a safe start again, disabling all... same old problems...!
0
 

Author Comment

by:jamespyer
Comment Utility
You giving up?! Someone help!  Whats the Service Pack 2? Should i try downloading that?

How do you fully uninstall IE and then reinstall?  Could this help?
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
Comment Utility
no im not giving up.... i was looged out and has just came now :)

And i was not talking abt the Safe start with all disabled services and applications... i was talking abt Safemode,,, u know when u start ur system and start tapping f8, u get the boot menu choice and u choose Safemode !!  :)

and its just a "Wild Test" ;-)
try swapping ur video card for some minutes to check if all same problems are still there or not !!  :-?
0
 

Author Comment

by:jamespyer
Comment Utility
Cool,
will try the safe mode start after work...
How would i swop my video card - do you mean physically remove it and put a different one in?
0
 
LVL 65

Accepted Solution

by:
SheharyaarSaahil earned 500 total points
Comment Utility
>> do you mean physically remove it and put a different one in?

yeps :)
0
 

Author Comment

by:jamespyer
Comment Utility
don't think i have time to pursue this problem - the computer works for most things, maybe i'll revisit it at some point! I'll give you the points SheharyaarSaahil as i think you managed to rid my computer of quite alot of stuff anyway even if not the main thing...
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
Comment Utility
btw when u goto IE>Tools>Internet Options>Advanced and under browsing, u untick Enable Third Party Browser Extensions(requres restart)..... does the problem go away or not ??
And have u installed any music convertor software on ur machine :-?
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

We have adopted the strategy to use Computers in Student Labs as the bulletin boards. The same target can be achieved by using a Login Notice feature in Group policy but it’s not as attractive as graphical wallpapers with message which grabs the att…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup". After a while, you have entered a loop for Auto repair which does not fix anything and you will be in a  panic as all your work w…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now