Microsoft
Software
Hardware
Network
Question : XP Search Companion & IE 6 Freeze Up MY System
About a month ago I had a rash or virus problems hit my machine. I am running XP SP1 and IE 6 SP1 on a High Speed DSL Line. I spent over a week getting rid of Home Search Assistant, Shopping Wizard, & Search Extender. Just when I thought all was well or better it seems now I have a system that is nothing but trouble.
· Search Companion doesnt open from the Start bar, when selected the action just freezes the system for 30 seconds. Search companion does work however from the My Computer icon.
· When I open IE it either doesnt open or takes over 60 seconds to open.
· Hyper links wont open. They, like Search Companion just freeze up the system for 30 seconds.
· I have Ad-aware 6, Spybot Search & Destroy 1.3, NoAdware v2.0, CWShredder v1.59.1, and Im running Norton SystemWorks. All are updated and when I run them they seem to be picking up things but still I have problems.
· When I run Netscape Communicator 7 (by backup browser) it seems to work ok.
Spybot always returns the same info:
DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Softwa
re\Microso
ft\Windows
\CurrentVe
rsion\Inte
rnet Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-21-839522
115-214203
8339-10602
84298-1003
\Software\
Microsoft\
Windows\Cu
rrentVersi
on\Interne
t Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-20\Softwa
re\Microso
ft\Windows
\CurrentVe
rsion\Inte
rnet Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-19\Softwa
re\Microso
ft\Windows
\CurrentVe
rsion\Inte
rnet Settings\Zones\0\1004!=W=3
DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Softwa
re\Microso
ft\Windows
\CurrentVe
rsion\Inte
rnet Settings\Zones\0\1004!=W=3
--- Spybot - Search && Destroy version: 1.3 ---
2004-07-09 Includes\Cookies.sbi
2004-07-28 Includes\Dialer.sbi
2004-07-27 Includes\Hijackers.sbi
2004-07-27 Includes\Keyloggers.sbi
2004-05-12 Includes\LSP.sbi
2004-07-27 Includes\Malware.sbi
2004-07-09 Includes\Revision.sbi
2004-07-02 Includes\Security.sbi
2004-07-27 Includes\Spybots.sbi
2004-07-28 Includes\Tracks.uti
2004-07-27 Includes\Trojans.sbi
HiJACKTHIS LOG FOLLOWS: It seems to have found a lot of things but I don't know what I should select to fix?
Logfile of HijackThis v1.98.2
Scan saved at 11:18:53 AM, on 8/13/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.e
xe
C:\WINDOWS\system32\winlog
on.exe
C:\WINDOWS\system32\servic
es.exe
C:\WINDOWS\system32\lsass.
exe
C:\WINDOWS\System32\Ati2ev
xx.exe
C:\WINDOWS\system32\svchos
t.exe
C:\WINDOWS\System32\svchos
t.exe
C:\WINDOWS\system32\Ati2ev
xx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spools
v.exe
C:\WINDOWS\System32\driver
s\CDAC11BA
.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.
exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~2\SPEED
D~1\nopdb.
exe
C:\WINDOWS\System32\spool\
DRIVERS\W3
2X86\3\E_S
0EIC1.EXE
C:\PROGRA~1\NORTON~2\NORTO
N~2\navapw
32.exe
C:\Program Files\Logitech\MouseWare\s
ystem\em_e
xec.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe
C:\WINDOWS\system32\ntvdm.
exe
C:\WINDOWS\System32\svchos
t.exe
C:\PROGRA~1\WINZIP\wzqkpic
k.exe
C:\Documents and Settings\Len Holmes\Desktop\VIRUS SOFTWARE\HijackThis.exe
R1 - HKCU\Software\Microsoft\In
ternet Explorer\Main,Search Bar =
http://g.msn.com/0SEENUS/S
AOS10
R1 - HKLM\Software\Microsoft\In
ternet Explorer\Main,Search Bar =
http://rd.yahoo.com/custom
ize/sbcyds
l/defaults
/sb/*http:
//
www.yaho
o.com/sear
ch/ie.html
R0 - HKLM\Software\Microsoft\In
ternet Explorer\Main,Start Page =
http://rd.yahoo.com/custom
ize/sbcyds
l/defaults
/*http://
y
ahoo.sbc.c
om/dsl
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-2
06D7942484
F} - C:\PROGRA~1\SPYBOT~1\SDHel
per.dll
O2 - BHO: (no name) - {8403CB53-12B3-4537-9DEC-4
F12F70A883
D} - C:\WINDOWS\System32\anti-p
p.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-F
ADC6B08487
2} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7
859DF00B1D
6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-0
0A0C908246
7} - C:\WINDOWS\System32\msdxm.
ocx
O4 - HKLM\..\Run: [EPSON Stylus Photo 820 Series] C:\WINDOWS\System32\spool\
DRIVERS\W3
2X86\3\E_S
0EIC1.EXE /P29 "EPSON Stylus Photo 820 Series" /O6 "USB001" /M "Stylus Photo 820"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~2\NORTO
N~2\navapw
32.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMo
n.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.LNK = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\
drivers\w3
2x86\3\E_S
RCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-0
0B0D0A1DE4
5} - C:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0
0C04F79568
3} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0
0C04F79568
3} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.d
ll
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-C
B745876622
0} - (no file)
Any HELP would really be appreciated I have far too many hours into this...
Answer : XP Search Companion & IE 6 Freeze Up MY System
>> YEAH BABY! They work fine now...
reallyyyyyyyyyyyyyyyyy :-o
can u see my BigMac Smile :D
lol...... leave those repair tools.... if they are working fine now, then go and Partyyyyyyyyyyyyyyyyyyyyyy
yy :D
Random Solutions
Cursor problem when running Oracle stored procedure in TOAD
tempdb question / transaction log
Oracle - replace union query
Exchange 2003 as Backup Domain Controller
OWA 2000 Some Users Get HTTP 403 Forbidden Error
Questions/problems using Skype with Windows Mobile smartphone
Printing with TCP/IP with HP Jet Direct
Need to query and change the format output of a date column. Currently comming out as yyyy-mm-dd : 00:00:00.000
Mounting CDROM
2 Linux Machines, 2 setups, whats the difference?
