Windows explore Common files and more...

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by chknptpie, Mar 18, 2006.

  1. chknptpie

    chknptpie Private E-2

    Okay, so my computer is really ****ed up and I'm just going to post it all here. Hopefully someone knows what the hell is wrong. Sorry that this is going to be so long, but the more info the better right?

    System info:
    HP Pavilion ze5300
    Intel(R) Pentium(R) 4 CPU 2.40GHz
    Microsoft Windows XP Home Edition version 5.1.2600

    I found this in the Help and Support Center, don't know if it means anything:
    The application, C:\Program Files\Norton AntiVirus\NAVW32.EXE, generated an application error The error occurred on 01/10/2006 @ 20:50:22.685 The exception generated was c0000094 at address 194D3C42 ()


    So this is a brand new Hard Drive, I installed it in Jan. My last one crashed horribly. So, I set up windows and everything, then tried to install Norton from the internet site they gave me. It didn't install correctly and messed up my registry. Windows explorer opens at start up to Common Files. There is nothing in the folder. So I tried to fix it in my registry- bad idea. ****ed up my computer and had to run the XP install disks to fix it.

    Everything was running fine, I havn't tried to install the Norton. But now its back. I don't know what happened but the windows explorer is opening up at start up. I also have a shit load of spyware, so I used Spybot and Ad aware, but still get a pop up when I open an IE. Its from clicktobegin.com or www4.popupsearches.com and I don't know how to get rid of them.

    There is also other problems. Every now and then a widow pops up on my taskbar that doesn't have a name, just a little square window. I don't know where or what its doing. When I shut down my computer I get errors. The one that do every time is Windows Forms Parking Window.

    So needless to say, there is a bunch of crap wrong with my computer. Here is a HJT log:

    Logfile of HijackThis v1.99.1
    Scan saved at 12:05:41 PM, on 3/18/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    C:\DOCUME~1\TRICIA~1\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe


    EDIT: Inline log attached
    Any help would be appreciated. Yet, keep in mind, last time I ****ed with my registry it made it worse. So, I'm a little leary with doing that kind of stuff.
     

    Attached Files:

    • HJT.txt
      File size:
      8.2 KB
      Views:
      0
    Last edited by a moderator: Mar 18, 2006
  2. Major Attitude

    Major Attitude Co-Owner MajorGeeks.Com Staff Member

    Try removing:

    C:\WINDOWS\system32\slk8x2peu.exe
    O2 - BHO: Yvakt Class - {98B9F201-C701-41F1-B338-7E5E0E6D768F} - C:\WINDOWS\system32\ejrwx8drl.dll
    O2 - BHO: (no name) - {E5E2A3E7-00FE-4D31-A030-A10799DDCA66} - (no file)
    O4 - HKLM\..\Run: [gjZC2XV] "C:\WINDOWS\system32\slk8x2peu.exe
    O4 - HKLM\..\Run: [BrowserUpdateSched] C:\WINDOWS\system32\kwintrag.exe FI002
    O4 - Startup: Zeno.lnk = C:\WINDOWS\system32\kwintrag.exe
    O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\system32\dmonwv.dll

    You have a bunch of trusted zones, you can remove these, but check your browser setting for any more, make sure there are no trusted sites, UNLESS you know and set them as trusted:

    O15 - Trusted Zone: *.elitemediagroup.net
    O15 - Trusted Zone: *.elitemediagroup.net
    O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
    O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)

    O18 - Filter: text/html - {0FA7FD6B-47C3-425B-AE30-36383F1C4503} - C:\WINDOWS\system32\ejrwx8drl.dll

    Also, skip Nortons, try AVG free. The error message can be ignored, it was a log of a crash from January. I hope you have anti-virus and a firewall running.

    http://majorgeeks.com/AVG_Free_Edition_d886.html

    I suggest you do the above from safe mode, followed by multiple scanners. Ad-Aware, Spybot, and one online virus scanner before rebooting. Anything else, please run our spyware tutorial, and post in that forum.

    http://forums.majorgeeks.com/forumdisplay.php?f=35
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds