• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
Freaky_1

Log post

4 posts in this topic

Hey folks,

 

Just managed to get this laptop under control. Daughter got into something and MUCH damage. Lost my exe's from Norton AV (all Norton progs actually) and killed my firewall. Luckily the firewall was an easy fix. Any suggestions on replacing the 'now missing' exe's from Norton? Had to use the online Trend one and a couple others to get it under control.

 

Anywho, after replacing ad-aware and S&D and running both, I then downloaded HJT again and copied to a new folder (just in case).

 

Here are the results (If I recall correctly, isn't 8.exe trash?)

 

Logfile of HijackThis v1.98.0

Scan saved at 9:33:40 PM, on 7/8/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Compaq\Compaq Advisor\bin\compaq-rba.exe

C:\WINDOWS\Cpqdiag\Cpqdfwag.exe

C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\atiptaxx.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Compaq\EAB\EabServr.exe

C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\documents and settings\frank hanby\local settings\temp\8.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://store.presario.net/scripts/redirect...&c=1c02&lc=0409

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://rd.yahoo.com/customize/yessentials_...//www.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aquaden.com/phpBB2/portal.php

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://store.presario.net/scripts/redirect...&c=1c02&lc=0409

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://rd.yahoo.com/customize/yessentials_...//www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/yessentials_.../search/ie.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://store.presario.net/scripts/redirect...&c=1c02&lc=0409

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://rd.yahoo.com/customize/yessentials_...unch.yahoo.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Compaq

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll

O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe

O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe

O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\Compaq\EAB\EabServr.exe /Start

O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe

O4 - HKLM\..\Run: [Cpqset] c:\compaq\cpqsetup\cpqset.exe

O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL

O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [8.exe] C:\documents and settings\frank hanby\local settings\temp\8.exe

O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\Cpqdiag\CpqDfwAg.exe

O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\Money Express.exe"

O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe

O8 - Extra context menu item: Download with Star Downloader - C:\PROGRA~1\STARDO~1\sdie.htm

O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll

O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll

O9 - Extra button: Advisor - {33BE86E8-B1DF-4CC4-B6A6-F15185BDEBEB} - C:\Program Files\COMPAQ\Compaq Advisor\bin\rbaLauncher.exe (HKCU)

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: START_PAGE_URL=http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=consumerfav&c=1c02&lc=0409

O16 - DPF: {50F65670-1729-11D2-A51F-0020AFE5D502} (ForumChat) - http://objects.compuserve.com/chat/RTCChat.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{9243C247-1D9C-45D4-8CF3-45502B788DD1}: NameServer = 65.127.50.2 65.127.50.3

Share this post


Link to post
Share on other sites

Hi,

Any suggestions on replacing the 'now missing' exe's from Norton?
Try reinstalling NAV over itself ...

 

First thing to do ...

 

Update Ad-aware's Reference File: instructions icon11.gifhere

 

Required Step: icon11.gifReconfigure Ad-Aware for Full Scan

 

Note: do not run Ad-Aware yet, just update and reconfigure.

 

Next:

 

Close all open windows, rescan with HijackThis

Place a check in each of the following then click "Fix checked".

 

O4 - HKLM\..\Run: [8.exe] C:\documents and settings\frank hanby\local settings\temp\8.exe

 

Then reboot, on restart, restart in Safe Mode [required step - see "How To" below]

 

Start | Run (type) "%temp%" (no quotes)

Completely delete the entire contents of that "temp" folder.

 

While still in Safe Mode run Ad-Aware and fix everything it finds.

 

Restart normally ...

 

Note: if you can not get NAV to run, try this:

Download icon11.gifAVG 6.0 Anti Virus [freeware]

Share this post


Link to post
Share on other sites
Update Ad-aware's Reference File: instructions icon11.gifhere

 

Required Step: icon11.gifReconfigure Ad-Aware for Full Scan

 

These were my first steps with the reinstall of adaware. Does it need done again?

 

Thanks for the help! I'd forgotten to use safe mode :eek: .

 

Thanks for the AV link too. NAV refuses to reinstall.

Edited by Freaky_1

Share this post


Link to post
Share on other sites

Hi,

Does it need done again?
It wouldn't hurt to verify the settings ...

 

Thanks for the AV link too. NAV refuses to reinstall.

No problem ... AVG is the one I use ...

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0