Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

C:\program Files\internet Explorer\iexplore.exe


  • This topic is locked This topic is locked
2 replies to this topic

#1 afy4ev4

afy4ev4

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:15 PM

Posted 21 April 2008 - 03:24 PM

Hi,

I am new to this forum so dont know if ive posted this problem in the right place.

I have been having many problems with my pc lately and have used a programme which has managed to get rid of most of the viruses on my pc.

I have read another post on this forum and i have a similar problem, except ALL of my pc programmes are bringing up the following error follwed by the programme name: ie; c:\program files\internet explorer\IEXPLORE.EXE. make sure you have typed in the name correctly and try again.

I have taken the advise from the other post and run a scan with HijackThis.
The log is follows:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:29:25, on 21/04/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.timecomputers.com
R3 - URLSearchHook: (no name) - {DD1BCA06-F674-424D-A08E-42DA97C4D5DD} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDO WS\System32\ntos.exe,
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {2B0B59B4-55A3-4737-9FD5-B93C6430BF75} - C:\WINDOWS\System32\jmqjrihh.dll
O2 - BHO: (no name) - {2E7434CD-1C98-40DB-9A3E-4FE25543EBD1} - C:\DOCUME~1\ĄDIS~1\LOCALS~1\Temp\ssqpm.dll (file missing)
O2 - BHO: (no name) - {98663E21-9CCE-4CF6-863C-911A9523A66F} - C:\WINDOWS\system32\qomkjjh.dll (file missing)
O2 - BHO: (no name) - {A97F0D6F-3605-4589-9110-85557BCED44E} - C:\WINDOWS\System32\regsv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-21-1451913462-1877227555-462883673-1006\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1451913462-1877227555-462883673-1006\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O14 - IERESET.INF: START_PAGE_URL=http://www.timecomputers.com
O16 - DPF: {1A26F07F-0D60-4835-91CF-1E1766A0EC56} - http://scanner2.malware-scan.com/setup/webinst.cab
O16 - DPF: {50BD5CDA-4BA8-4048-8FAA-763F222E41D8} - ms-its:mhtml:file://c:\\nores.mht!http://adxanet.net/code/chm/xpre.chm::/xpreload.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D4323A0-BEE4-4067-8024-B8400DC68F4A}: NameServer = 85.255.116.85,85.255.112.14
O17 - HKLM\System\CCS\Services\Tcpip\..\{2576D9E9-07A3-43DC-80EA-AFE077665A43}: NameServer = 85.255.116.85,85.255.112.14
O17 - HKLM\System\CCS\Services\Tcpip\..\{2DEB1BBB-AC6E-494F-A4B8-5715B42BD6E7}: NameServer = 85.255.116.85,85.255.112.14
O17 - HKLM\System\CCS\Services\Tcpip\..\{6169BF4F-C181-453E-82EB-00EDDB395E72}: NameServer = 85.255.116.85,85.255.112.14
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.85 85.255.112.14
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.85 85.255.112.14
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: ozdprfgs - ozdprfgs.dll (file missing)
O20 - Winlogon Notify: pozfpwzt - pozfpwzt.dll (file missing)
O20 - Winlogon Notify: pvzngyxq - pvzngyxq.dll (file missing)
O20 - Winlogon Notify: qomkjjh - qomkjjh.dll (file missing)
O20 - Winlogon Notify: tincfrhh - tincfrhh.dll (file missing)
O21 - SSODL: zip - {4e7c6748-365f-4055-92e3-f1d40e12e935} - C:\WINDOWS\Installer\{4e7c6748-365f-4055-92e3-f1d40e12e935}\zip.dll (file missing)
O21 - SSODL: WuTCOb - {3C600FA0-96CA-A50A-0EAC-114067C60AA2} - C:\WINDOWS\system32\qeqqw.dll
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 5214 bytes

Please, Please help! I am very stressed about this!

Thank you.

BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:02:15 PM

Posted 30 April 2008 - 11:02 AM

Hello afy4ev4,

Welcome to Bleeping Computer :blink:

Sorry about the delay.:thumbsup: If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:02:15 PM

Posted 10 May 2008 - 12:20 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users