Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE Security clicker agent


  • This topic is locked This topic is locked
2 replies to this topic

#1 tran91

tran91

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:40 AM

Posted 17 February 2009 - 12:19 AM

To whom this concerns,

The problem is on my laptop which I use wirelessly.

The problem is that I can not open, "My Computer, my documents or any kind of folder."

When I open any of those kinds of files, it opens Mozilla Firefox instead. "http://www.google.com/search?q=IE+Security+clicker+agent&btnG=Search&meta="

I reasearched this kinda, but couldn't do much to solve my problem.

In my task manger, I noticed that "Explorer.exe" is opened. Which is used for Internet Explorer, but I don't even have it opened.

When I try to "End Process" it, all my icons and taskbar all disappear. Thats about all I can tell you.

Thank you for your time and effort!


DDS (Ver_09-02-01.01) - NTFSx86
Run by Lana at 20:59:26.56 on Mon 02/16/2009
Internet Explorer: 7.0.6000.16809
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1014.237 [GMT -8:00]

AV: CyberDefender Internet Security *On-access scanning enabled* (Updated)
AV: avast! antivirus 4.8.1229 [VPS 090216-1] *On-access scanning enabled* (Updated)
AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxpers.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Nexon\MapleStory\npkcmsvc.exe
C:\TOSHIBA\IVP\ISM\pinger.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Opera\Opera.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Lana\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = www.toshibadirect.com/dpdstart
uSearch Bar = hxxp://safesearch.cyberdefender.com/smallsearch.html
mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
BHO: MyIdentityDefender: {a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6} - c:\users\lana\appdata\locallow\cyberdefender\cdmyidd.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Search.tbl: {df3c4feb-1be2-49f9-a393-a1fbe526e21e} - c:\windows\system32\fejokt.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
TB: MyIdentityDefender: {a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6} - c:\users\lana\appdata\locallow\cyberdefender\cdmyidd.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [VeohPlugin] "c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe"
uRun: [systeminit.exe] c:\users\lana\appdata\local\temp\systeminit.exe
uRun: [CyberDefender Early Detection Center] "c:\users\lana\appdata\local\cyberdefender internet security\antispyware\cdasf2c7.exe" /minimize
uRun: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [MSConfig] "c:\windows\system32\msconfig.exe" /auto
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [CyberDefender Early Detection Center] "c:\users\lana\appdata\local\cyberdefender internet security\antispyware\ISSIntro.exe"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\lana\appdata\roaming\mozilla\firefox\profiles\nddwgdj6.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - component: c:\users\lana\appdata\roaming\mozilla\firefox\profiles\nddwgdj6.default\extensions\{d02b1e87-a8c6-433f-9b5c-2cec4a072736}\components\susfox3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-10-6 78416]
R1 pctfw2;pctfw2;c:\windows\system32\drivers\pctfw2.sys [2009-2-16 160792]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-10-6 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2008-10-6 51280]
R2 CDAVFS;CDAVFS;c:\windows\system32\drivers\CDAVFS.sys [2009-2-16 67424]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-2-16 356920]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2007-11-6 7168]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187B.sys [2007-12-11 252416]
S3 cmusbser;%CMUSBSER%;c:\windows\system32\drivers\cmusbser.sys [2008-4-8 87040]

=============== Created Last 30 ================

2009-02-16 19:37 <DIR> --d----- c:\program files\Trend Micro
2009-02-16 18:08 <DIR> --d----- c:\users\lana\appdata\roaming\Uniblue
2009-02-16 18:08 <DIR> --d----- c:\program files\Uniblue
2009-02-16 18:07 <DIR> -cd-h--- c:\programdata\{92E7A367-8E12-4830-AA70-29C32E331A81}
2009-02-16 18:07 <DIR> -cd-h--- c:\progra~2\{92E7A367-8E12-4830-AA70-29C32E331A81}
2009-02-16 15:50 63 a------- c:\windows\av_affiliate.ini
2009-02-16 15:50 63 a------- c:\windows\as_affiliate.ini
2009-02-16 15:48 67,424 a------- c:\windows\system32\drivers\CDAVFS.sys
2009-02-16 15:18 160,792 a------- c:\windows\system32\drivers\pctfw2.sys
2009-02-16 15:18 <DIR> --d----- c:\program files\common files\PC Tools
2009-02-16 15:18 81,288 a------- c:\windows\system32\drivers\iksyssec.sys
2009-02-16 15:18 66,952 a------- c:\windows\system32\drivers\iksysflt.sys
2009-02-16 15:18 40,840 a------- c:\windows\system32\drivers\ikfilesec.sys
2009-02-16 15:18 29,576 a------- c:\windows\system32\drivers\kcom.sys
2009-02-16 15:18 <DIR> --d----- c:\programdata\PC Tools
2009-02-16 15:18 <DIR> --d----- c:\progra~2\PC Tools
2009-02-16 15:18 <DIR> --d----- c:\users\lana\appdata\roaming\PC Tools
2009-02-16 15:18 <DIR> --d----- c:\program files\Spyware Doctor
2009-02-16 14:54 <DIR> --d----- c:\program files\Enigma Software Group
2009-02-16 14:33 19,214 a------- c:\windows\system32\sf.ico
2009-02-16 14:33 13,942 a------- c:\windows\system32\m3.ico
2009-02-16 14:33 13,942 a------- c:\windows\system32\c.ico
2009-02-16 14:33 7,662 a------- c:\windows\system32\m.ico
2009-02-16 14:33 4,286 a------- c:\windows\system32\s.ico
2009-02-16 14:33 11,062 a------- c:\windows\system32\p.ico
2009-02-16 14:33 3,182 a------- c:\windows\ios.dat
2009-02-16 14:33 106,496 a------- c:\windows\system32\fejokt.dll
2009-02-15 23:25 428,032 a------- c:\windows\system32\EncDec.dll
2009-02-15 23:25 217,088 a------- c:\windows\system32\psisrndr.ax
2009-02-15 23:25 292,352 a------- c:\windows\system32\psisdecd.dll
2009-02-15 23:25 1,244,672 a------- c:\windows\system32\mcmde.dll
2009-02-15 23:25 177,152 a------- c:\windows\system32\mpg2splt.ax
2009-02-15 23:25 80,896 a------- c:\windows\system32\MSNP.ax
2009-02-15 23:25 68,608 a------- c:\windows\system32\Mpeg2Data.ax
2009-02-15 23:25 57,856 a------- c:\windows\system32\MSDvbNP.ax
2009-01-25 00:22 <DIR> --d----- C:\Nexon
2009-01-22 23:42 <DIR> --d----- c:\program files\Veoh Networks

==================== Find3M ====================

2009-01-14 20:16 826,368 a------- c:\windows\system32\wininet.dll
2009-01-14 20:16 56,320 a------- c:\windows\system32\iesetup.dll
2009-01-14 20:16 52,736 a------- c:\windows\apppatch\iebrshim.dll
2009-01-14 20:15 26,624 a------- c:\windows\system32\ieUnatt.exe
2008-12-16 17:52 1,071,243,792 a------- c:\program files\MSSetupv62N.exe
2008-12-11 03:20 174 a--sh--- c:\program files\desktop.ini
2008-09-30 18:45 256 a------- c:\users\lana\appdata\roaming\wklnhst.dat
2008-09-30 17:01 86,016 a------- c:\windows\inf\infstrng.dat
2008-09-30 17:01 51,200 a------- c:\windows\inf\infpub.dat
2008-09-30 16:54 86,016 a------- c:\windows\inf\infstor.dat
2008-06-30 18:37 7,496,920 a------- c:\users\lana\Firefox Setup 3.0.exe
2008-06-11 09:46 665,600 a------- c:\windows\inf\drvindex.dat
2006-11-02 04:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 04:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 04:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 04:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 01:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 01:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 01:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 01:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-01-19 21:11 4 ---shr-- c:\windows\system32\drivers\taishop.sys
2008-10-01 12:14 16,384 a--sh--- c:\windows\temp\cookies\index.dat
2008-10-01 12:14 16,384 a--sh--- c:\windows\temp\history\history.ie5\index.dat
2008-10-01 12:14 32,768 a--sh--- c:\windows\temp\temporary internet files\content.ie5\index.dat

============= FINISH: 21:03:07.33 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 tran91

tran91
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:40 AM

Posted 20 February 2009 - 08:02 PM

So i fixed my problem

End thread

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:10:40 AM

Posted 20 February 2009 - 10:14 PM

Thanks for informing us.

This thread is closed.

If you find other problems please start a new topic.

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users