Show Posts

1

Tech Clinic / problems with internet explorer

« on: August 16, 2006, 01:10:12 PM »

did the steps, still getting the same thing, page cannot be display. but this time i did the diagnose fot connections problems and this is the result:

Windows cannot connect to the internet using HTTP, HTTPS, or FTP. This is problably caused by firewall settings on the computer.

Check the firewall settingd for the HTTP port (80), HTTPS port (443) and FTP por (21).

Could that have something to do with my problem? i also notice that my Cipher Strent is 0-bit, isn't supposed to be 124? or something like that...

2

Tech Clinic / problems with internet explorer

« on: August 16, 2006, 01:12:23 AM »

no, nothing seems to work, i tried everything and got no results. i think its something wrong with my explorer....

3

Tech Clinic / problems with internet explorer

« on: August 15, 2006, 09:47:43 PM »

File:      upx.exe
Status:
MIGHT BE INFECTED/MALWARE (Sandbox emulation took a long time and/or runtime packers were found, this is suspicious. Normally programs aren't packed and don't force the sandbox into lengthy emulation. Do realize no scanner issued any warning, the file can very well be harmless. Caution is advised, however.)
MD5    9857f7401eff1ddfba4123ba9d5ee08a
Packers detected:
UPX
Scanner results
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
UNA
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

File:      RootkitRevealer.exe
Status:
MIGHT BE INFECTED/MALWARE (Sandbox emulation took a long time and/or runtime packers were found, this is suspicious. Normally programs aren't packed and don't force the sandbox into lengthy emulation. Do realize no scanner issued any warning, the file can very well be harmless. Caution is advised, however.)
MD5    053dc7bb3fae025e853d1f0f72763874
Packers detected:
UPX
Scanner results
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
UNA
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

ok. there are the results from the scan. and what i was saying is that i can't get in my messesnger or anything that has to do with hot mail. the only way i can check my mail is by fire fox.
wen i try to get in with explorer i get page can not be display

4

Tech Clinic / problems with internet explorer

« on: August 15, 2006, 02:33:15 AM »

first let me thank u for your help.

here are the results from the scan.

»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Product Name: Microsoft Windows XP Current Build: Service Pack 2 Current Build Number: 2600
Internet Explorer Version: 6.0.2900.2180

»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

Checking %SystemDrive% folder...

Checking %ProgramFilesDir% folder...

Checking %WinDir% folder...
aspack 10/16/2003 11:45:56 AM 180736 C:\WINDOWS\Lunarmedia Clock B..scr
UPX! 1/12/2006 11:51:04 PM 97792 C:\WINDOWS\RootkitRevealer.exe
UPX! 1/12/2006 11:38:26 PM 126464 C:\WINDOWS\upx.exe

Checking %System% folder...
aspack 3/18/2005 12:19:58 PM 2337488 C:\WINDOWS\SYSTEM32\d3dx9_25.dll
aspack 5/26/2005 10:34:52 AM 2297552 C:\WINDOWS\SYSTEM32\d3dx9_26.dll
aspack 7/22/2005 2:59:04 PM 2319568 C:\WINDOWS\SYSTEM32\d3dx9_27.dll
aspack 12/5/2005 1:09:18 PM 2323664 C:\WINDOWS\SYSTEM32\d3dx9_28.dll
aspack 2/3/2006 3:43:16 AM 2332368 C:\WINDOWS\SYSTEM32\d3dx9_29.dll
aspack 3/31/2006 7:40:58 AM 2388176 C:\WINDOWS\SYSTEM32\d3dx9_30.dll
PEC2 1/12/2006 11:44:04 PM 41397 C:\WINDOWS\SYSTEM32\dfrg.msc
FSG! 11/11/2003 11:00:22 AM 236544 C:\WINDOWS\SYSTEM32\DivXdec.ax
PTech 5/17/2006 6:23:38 AM 579888 C:\WINDOWS\SYSTEM32\LegitCheckControl.DLL
UPX! 5/15/2004 4:10:42 PM 75264 C:\WINDOWS\SYSTEM32\MACDec.dll
UPX! 6/19/2004 6:28:44 PM 177152 C:\WINDOWS\SYSTEM32\MonkeySource.ax
PECompact2 1/12/2006 11:54:54 PM 2368864 C:\WINDOWS\SYSTEM32\MRT.exe
aspack 1/12/2006 11:54:54 PM 2368864 C:\WINDOWS\SYSTEM32\MRT.exe
UPX! 1/12/2006 11:56:26 PM 62054 C:\WINDOWS\SYSTEM32\msnsc.exe
UPX! 1/12/2006 11:35:34 PM 55296 C:\WINDOWS\SYSTEM32\MSVirtualCD.cpl
aspack 1/12/2006 11:43:50 PM 708096 C:\WINDOWS\SYSTEM32\ntdll.dll
Umonitor 1/12/2006 11:51:10 PM 657920 C:\WINDOWS\SYSTEM32\rasdlg.dll
UPX! 1/12/2006 11:46:34 PM 55296 C:\WINDOWS\SYSTEM32\TweakUI.cpl
UPX! 1/12/2006 11:39:18 PM 12288 C:\WINDOWS\SYSTEM32\VCdControlTool.exe
UPX! 1/12/2006 11:58:20 PM 301056 C:\WINDOWS\SYSTEM32\VSFilter.dll
winsync 1/12/2006 11:57:54 PM 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu

Checking %System%\Drivers folder and sub-folders...

Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts

Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
8/14/2006 1:08:30 PM S 2048 C:\WINDOWS\bootstat.dat
8/14/2006 1:15:26 PM H 54156 C:\WINDOWS\QTFont.qfn
7/26/2006 6:18:44 PM RH 749 C:\WINDOWS\WindowsShell.Manifest
8/5/2006 12:03:20 PM RHS 227 C:\WINDOWS\assembly\Desktop.ini
8/5/2006 12:03:20 PM RH 0 C:\WINDOWS\assembly\PublisherPolicy.tme
8/5/2006 12:03:20 PM RH 0 C:\WINDOWS\assembly\pubpol1.dat
8/5/2006 1:15:06 PM RH 0 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\index1b.dat
8/5/2006 1:15:08 PM RH 0 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\index1c.dat
8/12/2006 10:56:58 PM S 64 C:\WINDOWS\CSC\00000001
8/12/2006 10:23:44 PM S 64 C:\WINDOWS\CSC\00000002
7/26/2006 6:18:50 PM H 65 C:\WINDOWS\Downloaded Program Files\desktop.ini
7/26/2006 6:19:44 PM HS 67 C:\WINDOWS\Fonts\desktop.ini
8/5/2006 12:49:28 PM H 0 C:\WINDOWS\inf\oem579.inf
7/26/2006 6:18:50 PM H 65 C:\WINDOWS\Offline Web Pages\desktop.ini
7/26/2006 6:19:10 PM RHS 727 C:\WINDOWS\pchealth\helpctr\PackageStore\package_1.cab
7/26/2006 6:19:10 PM RHS 19854 C:\WINDOWS\pchealth\helpctr\PackageStore\package_2.cab
7/26/2006 6:19:10 PM RHS 244933 C:\WINDOWS\pchealth\helpctr\PackageStore\package_3.cab
7/26/2006 6:21:00 PM H 262144 C:\WINDOWS\repair\ntuser.dat
8/7/2006 10:54:54 AM RHS 80 C:\WINDOWS\system32\55E92CEF8F.dll
7/26/2006 6:18:44 PM RH 749 C:\WINDOWS\system32\cdplayer.exe.manifest
7/26/2006 6:18:50 PM RH 488 C:\WINDOWS\system32\logonui.exe.manifest
7/26/2006 6:18:44 PM RH 749 C:\WINDOWS\system32\ncpa.cpl.manifest
7/26/2006 6:18:44 PM RH 749 C:\WINDOWS\system32\nwc.cpl.manifest
7/26/2006 6:18:44 PM RH 749 C:\WINDOWS\system32\sapi.cpl.manifest
7/26/2006 6:18:50 PM RH 488 C:\WINDOWS\system32\WindowsLogon.manifest
7/26/2006 6:18:44 PM RH 749 C:\WINDOWS\system32\wuaucpl.cpl.manifest
7/7/2006 3:03:30 AM S 10690 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB914440.cat
7/28/2006 5:23:10 AM S 8225 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\xact2_3_x86.CAT
7/28/2006 5:23:06 AM S 7927 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\xinput1_2_x86.CAT
8/14/2006 1:35:12 PM H 1024 C:\WINDOWS\system32\config\default.LOG
8/6/2006 8:26:10 PM H 0 C:\WINDOWS\system32\config\default_TU_23205.LOG
8/14/2006 1:08:32 PM H 1024 C:\WINDOWS\system32\config\SAM.LOG
8/6/2006 8:26:12 PM H 0 C:\WINDOWS\system32\config\SAM_TU_57276.LOG
8/15/2006 12:10:16 AM H 1024 C:\WINDOWS\system32\config\SECURITY.LOG
8/6/2006 8:26:10 PM H 0 C:\WINDOWS\system32\config\SECURITY_TU_62694.LOG
8/15/2006 3:30:50 AM H 20480 C:\WINDOWS\system32\config\software.LOG
8/6/2006 8:26:10 PM H 0 C:\WINDOWS\system32\config\software_TU_86488.LOG
8/15/2006 3:23:44 AM H 1024 C:\WINDOWS\system32\config\system.LOG
8/6/2006 8:26:10 PM H 0 C:\WINDOWS\system32\config\system_TU_11860.LOG
7/26/2006 7:10:46 PM H 1024 C:\WINDOWS\system32\config\TempKey.LOG
7/26/2006 7:10:46 PM H 1024 C:\WINDOWS\system32\config\userdiff.LOG
8/12/2006 9:08:32 PM H 1024 C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
7/26/2006 7:13:28 PM HS 62 C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini
8/12/2006 8:23:48 PM S 341 C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\303572DF538EDD8B1D606185F1D559B8
8/12/2006 8:23:50 PM S 413 C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\79841F8EF00FBA86D33CC5A47696F165
8/5/2006 12:18:56 PM S 574 C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\904590238400AD963F77FAAAADC9BAB5
7/26/2006 6:20:26 PM S 558 C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735
8/12/2006 8:23:48 PM S 126 C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\303572DF538EDD8B1D606185F1D559B8
8/12/2006 8:23:50 PM S 98 C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\79841F8EF00FBA86D33CC5A47696F165
8/5/2006 12:18:56 PM S 136 C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\904590238400AD963F77FAAAADC9BAB5
7/26/2006 6:20:26 PM S 144 C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735
7/26/2006 7:13:28 PM HS 62 C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini
7/26/2006 6:21:58 PM HS 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini
7/26/2006 6:21:58 PM HS 113 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini
7/26/2006 6:21:58 PM HS 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini
7/26/2006 6:21:58 PM HS 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini
7/26/2006 6:21:58 PM HS 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\1FSTB7AA\desktop.ini
7/26/2006 6:21:58 PM HS 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\1W54PZVW\desktop.ini
7/26/2006 6:21:58 PM HS 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\CCUFCWOF\desktop.ini
7/26/2006 6:21:58 PM HS 67 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OEHM83OS\desktop.ini
7/26/2006 6:18:52 PM HS 181 C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini
7/26/2006 7:13:28 PM HS 62 C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini
7/26/2006 6:20:00 PM HS 148 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini
7/26/2006 6:20:00 PM HS 421 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini
7/26/2006 6:20:00 PM HS 348 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini
7/26/2006 6:20:00 PM HS 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini
7/26/2006 6:20:00 PM HS 84 C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini
7/26/2006 6:22:00 PM HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\7f44d3a1-332b-4b32-ad7e-acbc477e092f
7/26/2006 6:22:00 PM HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred
8/14/2006 1:08:32 PM H 6 C:\WINDOWS\Tasks\SA.DAT

Checking for CPL files...
1/12/2006 11:54:32 PM 180224 C:\WINDOWS\SYSTEM32\ac3filter.cpl
Microsoft Corporation 1/12/2006 11:47:28 PM 68608 C:\WINDOWS\SYSTEM32\access.cpl
Microsoft Corporation 1/12/2006 11:44:02 PM 549888 C:\WINDOWS\SYSTEM32\appwiz.cpl
Microsoft Corporation 1/12/2006 11:44:08 PM 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl
Logitech Inc. 6/8/2005 10:13:28 AM 282624 C:\WINDOWS\SYSTEM32\camcpl.cpl
Microsoft Corporation 1/12/2006 11:39:10 PM 135168 C:\WINDOWS\SYSTEM32\desk.cpl
1/12/2006 11:55:42 PM 4608 C:\WINDOWS\SYSTEM32\DirectVobSub.cpl
Microsoft Corporation 1/12/2006 11:46:52 PM 80896 C:\WINDOWS\SYSTEM32\firewall.cpl
Microsoft Corporation 1/12/2006 11:54:16 PM 155136 C:\WINDOWS\SYSTEM32\hdwwiz.cpl
Microsoft Corporation 1/12/2006 11:55:22 PM 358400 C:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation 1/12/2006 11:42:40 PM 129536 C:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation 1/12/2006 11:53:08 PM 380416 C:\WINDOWS\SYSTEM32\irprops.cpl
Microsoft Corporation 1/12/2006 11:40:42 PM 68608 C:\WINDOWS\SYSTEM32\joy.cpl
Sun Microsystems, Inc. 4/12/2005 10:48:52 PM 49265 C:\WINDOWS\SYSTEM32\jpicpl32.cpl
Microsoft Corporation 1/12/2006 11:54:08 PM 161792 C:\WINDOWS\SYSTEM32\main.cpl
Microsoft Corporation 1/12/2006 11:49:22 PM 618496 C:\WINDOWS\SYSTEM32\mmsys.cpl
1/12/2006 11:35:34 PM 55296 C:\WINDOWS\SYSTEM32\MSVirtualCD.cpl
Microsoft Corporation 1/12/2006 11:52:56 PM 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl
Microsoft Corporation 1/12/2006 11:36:10 PM 25600 C:\WINDOWS\SYSTEM32\netsetup.cpl
Microsoft Corporation 1/12/2006 11:51:46 PM 257024 C:\WINDOWS\SYSTEM32\nusrmgr.cpl
Microsoft Corporation 1/12/2006 11:51:46 PM 36864 C:\WINDOWS\SYSTEM32\nwc.cpl
Microsoft Corporation 1/12/2006 11:35:40 PM 32768 C:\WINDOWS\SYSTEM32\odbccp32.cpl
Microsoft Corporation 1/12/2006 11:46:02 PM 114688 C:\WINDOWS\SYSTEM32\powercfg.cpl
Microsoft Corporation 1/12/2006 11:38:32 PM 298496 C:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation 1/12/2006 11:40:44 PM 28160 C:\WINDOWS\SYSTEM32\telephon.cpl
Microsoft Corporation 1/12/2006 11:36:50 PM 94208 C:\WINDOWS\SYSTEM32\timedate.cpl
1/12/2006 11:46:34 PM 55296 C:\WINDOWS\SYSTEM32\TweakUI.cpl
Microsoft Corporation 1/12/2006 11:48:10 PM 148480 C:\WINDOWS\SYSTEM32\wscui.cpl
Microsoft Corporation 1/12/2006 11:47:30 PM 174360 C:\WINDOWS\SYSTEM32\wuaucpl.cpl

»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

Checking files in %ALLUSERSPROFILE%\Startup folder...
7/26/2006 6:20:00 PM HS 84 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini

Checking files in %ALLUSERSPROFILE%\Application Data folder...
7/26/2006 7:13:28 PM HS 62 C:\Documents and Settings\All Users\Application Data\desktop.ini
7/28/2006 10:01:56 AM 4 C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt

Checking files in %USERPROFILE%\Startup folder...
7/26/2006 6:20:00 PM HS 84 C:\Documents and Settings\User\Start Menu\Programs\Startup\desktop.ini

Checking files in %USERPROFILE%\Application Data folder...
7/26/2006 7:13:28 PM HS 62 C:\Documents and Settings\User\Application Data\desktop.ini

»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
   SV1    =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\CopyMoveTo
   {51131DA7-1D24-40e5-AE07-5E3750F5DE3C}    = C:\WINDOWS\system32\CopyToSendTo.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
   {750fdf0e-2a26-11d1-a3ea-080036587f03}    = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
   {09799AFB-AD67-11d1-ABCD-00C04FC30936}    = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
   {A470F8CF-A1E8-4f65-8335-227475AA5C46}    = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\TuneUp Shredder
   {00DF1F20-0849-A4D1-0239-00D0AF3E9CB0}    = "C:\Program Files\TuneUp Utilities 2006\sdshelex.dll"
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\UnlockerShellExtension
   {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}    = C:\Program Files\Unlocker\UnlockerCOM.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\VirusScan
   {cda2863e-2497-4c49-9b89-06840e070a87}    = C:\Program Files\Network Associates\VirusScan\shext.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR
   {B41DB860-8EE4-11D2-9906-E49FADC173CA}    = C:\Program Files\WinRAR\rarext.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
   Start Menu Pin    = %SystemRoot%\system32\SHELL32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\CopyMoveTo
   {51131DA7-1D24-40e5-AE07-5E3750F5DE3C}    = C:\WINDOWS\system32\CopyToSendTo.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\UnlockerShellExtension
   {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}    = C:\Program Files\Unlocker\UnlockerCOM.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\VirusScan
   {cda2863e-2497-4c49-9b89-06840e070a87}    = C:\Program Files\Network Associates\VirusScan\shext.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinRAR
   {B41DB860-8EE4-11D2-9906-E49FADC173CA}    = C:\Program Files\WinRAR\rarext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\CopyMoveTo
   {51131DA7-1D24-40e5-AE07-5E3750F5DE3C}    = C:\WINDOWS\system32\CopyToSendTo.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
   {A470F8CF-A1E8-4f65-8335-227475AA5C46}    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
   {750fdf0e-2a26-11d1-a3ea-080036587f03}    = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
   {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}    = ntshrui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\TuneUp Shredder
   {00DF1F20-0849-A4D1-0239-00D0AF3E9CB0}    = "C:\Program Files\TuneUp Utilities 2006\sdshelex.dll"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\UnlockerShellExtension
   {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}    = C:\Program Files\Unlocker\UnlockerCOM.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\VirusScan
   {cda2863e-2497-4c49-9b89-06840e070a87}    = C:\Program Files\Network Associates\VirusScan\shext.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR
   {B41DB860-8EE4-11D2-9906-E49FADC173CA}    = C:\Program Files\WinRAR\rarext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}
    = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
   AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
   &Tip of the Day = %SystemRoot%\system32\shdocvw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
   ButtonText    = Research   :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583}
   MenuText    = @xpsp3res.dll,-20001   :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}
   ButtonText    = Yahoo! Messenger   : C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
   ButtonText    = @C:\Program Files\Messenger\Msgslang.dll,-61144   : C:\Program Files\Messenger\msmsgs.exe

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
   {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address   : %SystemRoot%\system32\browseui.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
   {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address   : %SystemRoot%\system32\browseui.dll
   {0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links   : %SystemRoot%\system32\SHELL32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   ShStatEXE   "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
   McAfeeUpdaterUI   "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
   Network Associates Error Reporting Service   "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
   LVCOMSX   C:\WINDOWS\system32\LVCOMSX.EXE
   KernelFaultCheck   %systemroot%\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
   IMAIL   Installed = 1
   MAPI   Installed = 1
   MSFS   Installed = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   MSMSGS   "C:\Program Files\Messenger\Msmsgs.exe" /background

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KernelFaultCheck
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   dumprep 0 -k
   hkey   HKLM
   command   %systemroot%\system32\dumprep 0 -k
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state
   system.ini   0
   win.ini   0
   bootini   0
   services   0
   startup   2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
   NoRemoteRecursiveEvents   1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
   {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\Program Files\Common Files\Microsoft Shared\Web Folders\msonsext.dll
   {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
   {0DF44EAA-FF21-4412-828E-260A8728E7F1} =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
   dontdisplaylastusername   0
   legalnoticecaption
   legalnoticetext
   shutdownwithoutlogon   1
   undockwithoutlogon   1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
   NoDriveTypeAutoRun   145
   NoInternetIcon   0
   ClearRecentDocsOnExit   1
   NoLowDiskSpaceChecks   1
   NoSaveSettings   0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
   PostBootReminder    {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
   CDBurn    {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
   WebCheck    {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\system32\webcheck.dll
   SysTray     {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
   UserInit   = C:\WINDOWS\system32\userinit.exe,
   Shell      = Explorer.exe
   System      =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
    = crypt32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
    = cryptnet.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
    = cscdll.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
    = sclgntfy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
    = WlNotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
    = wlnotify.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
   Debugger = ntsd -d

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
   AppInit_DLLs

»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WinPFind v1.4.1   - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 8/15/2006 3:30:54 AM

5

Tech Clinic / problems with internet explorer

« on: August 14, 2006, 10:10:55 PM »

can someone help me? please! i really need it.

6

Tech Clinic / problems with internet explorer

« on: August 14, 2006, 01:57:35 PM »

Hi. Im having problems with internet explorer and msn messenger. i can't get in Email Removed using explorer, only by firefox. here i have a log of hijackthis, maybe that can help.

Logfile of HijackThis v1.99.1
Scan saved at 2:12:05 PM, on 8/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\User\My Documents\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Service Pack 3 Internet Explorer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://pablokobak.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

TheTechGuide Forum

News:

Messages - lissa

Tech Clinic / problems with internet explorer

Tech Clinic / problems with internet explorer

Tech Clinic / problems with internet explorer

Tech Clinic / problems with internet explorer

Tech Clinic / problems with internet explorer

Tech Clinic / problems with internet explorer