What is going on--is this a virus/spyware problem, or what?

Hey, how`s it going everyone!

I have just registered in order to try and find help for my problem[ and hopefully learn a few things along the way].

The problem:
I can`t run\open: IE, control panel, my network places, my

computer/documents/music/pictures, 'search' and 'run'. I figured that it was a

virus/spyware because after clicking each of the above mentioned icons

[from the start-up menu] what happens is that applications

appear only for a blink of an eye and then disappear together with all the

items/icons from the desktop. I see only desktop theme for 2

seconds and then all of the items/icons reappear. After I restarted the

comp. in safe mode everything was ok. I ran antivirus[e Trust EZ] and

antispyware[Spybot-S&D] scans [ while in safe mode] , but to no avail--the

problem remains.

Any ideas?

Thanx!


My comp. info: OS : Win Home Edition, version - 5.1.2600
Processor: amd athlon(tm) XP 2200+
Memory : 256 MB RAM

 

Hi chaslang.

Hmmm, well I went through the thread carefully, but I had already done most of the stuff suggested there exepct for the CCcleaner scan, which I downloaded, and HijackThis, which I also downloaded and have the logfile.

 

It seems that I don`t know how to upload it. I can save it either in rtf. format, or as it is with a .log extension, but I can`t upload either of those...

 

Damn, I just don`t know how to save it to a .txt file; it always comes out as a rtf. document!

Yes I ran everything that you said[actually I did it a lot of times in the last couple of days: I have been scaning it with updated versions of antivirus and antispyware software while in safe mode. Today I added scanes with Pandasoftware and CCcleaner. Panda actually found 25 viruses[I was really surprised because I thought that constantly updated EZ AV was doing a good job] and cleaned it from the computer, but after I restarted the comp. I still couldn`t open IE, control panel, my network places, my computer/documents/music/pictures, 'search' and 'run'.

 

////

 

The problem with IE may not be a spyware/virus problem. I had the same problem and ended up reinstalling IE and then Service Pack 1 before installing Mcafee's Internet Security. Once I did that it cleared up. I had orginally installed Mcafee's and then Service Pack 1 and nothing that used IE would work.

However, I need to post a different issue. After installing Service Pack 1 to IE I ended up with an authentication problem that is described in one of Microsoft's KB articles. Now I can't authenticate on secured sites like banks and MS netpassport. Go figure.

 

Right-click on the Hijack This log and select rename then enter "hijackthis.txt"-without the quotes.

 

That`s what I did the first time but what comes up after I click 'upload' is hijackthis.txt.log...

 

ok...Well, I have it becuse it comes with the internet service that I have...

I ran HijackThis again[in safe mode] and saved and renamed another logfile...

So here you go...thanx.

 

Ok, I downloaded the ver 1.98.2 and put it in a folder of it`s own[instead of the desktop], but I couldn`t open it after a normal boot[just like IE and other stuff], so I had to ran it in a safe mode.

I stoped using AOL (9.0) 9-10 months ago.

Should I copy HJT to the desktop?

 

It seems that the problem is solved. Yesterday I fixed the things you mentioned HJT found that could present harm, but I still had the problem. Today I ran HJT again in safe mode and saw that 'O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)' was still in the comp., so I fixed it again and after a restart, the problem was gone. However, today, HJT`s logfile wouldn`t register 'running processes' on the beginning of the log; instead it was starting with R1`s. That means that I still didn`t get rid of that AOL thing [C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe]. I typed it in 'search' but I couldn`t delete it from there. Any thoughts?

Once again, thanx for your help!

 

I unisnstalled AOL, and HJT doesn`t seem to detect these:

C:\WINDOWS\System32\MTC.dll
C:\Program Files\America Online 9.0 <---- the whole directory
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe

However, I can find bunch of AOL components still in the computer. In the registry, under HKEY_CLASSES_ROOT there are a lot of files that start with
AOL, for example:

-AOL.MimeController
-AOL.Instant Messenger.Config.File
-AOL_Publish.AOL_Publish
-AolCalSvr.ACApptTypeCombo

and others. Is it safe to delete those?

" Questions:
1) Do you really want to keep Kazaa?
2) Do you use ICQ? "

I don`t use those programs a lot. ICQ was on the comp. when I bought it[I beleive I opened it twice alltogether], and I`ll probably take your advice and ininstall Kazaa--I stoped using it some time ago. How big a threat is ICQ?

Here is the log...

 

I`ll take your advice.

thank you chaslang, keep up the good work...

 

Hello All,
I had exactly the same problem (no explorer, my computer, control panel and i-explorer etc) and struggled with it. Tried all the usual stuff and more, get to internet options, (you will have to take a round about route to get there), then the programs tab, click manage Add-ons and disable the ones using MTC.dll
That sorted it all out. Computers now running sweet, clean and I can sleep again.

Hope that helps.

 

I haven't run (don't have) Hijack this. But I am fairly sure that I was clean before I disabled and deleted the unsigned "browser helper element" and "toolbar" which were using the MTC.dll
I had run Adware, Spy sweeper, Virus removal tools and Virus scans (all current and updated, which did find and remove various elements), had then run sfc /scannow trying to replace any damaged / lost files, and had fully updated (SP2 etc). None of which helped with the explorer problem, which was exactly as described at the start of this thread.

I found this forum while looking for info on MTC.dll (of which there isn't much). So just thought I'd post with what I did as a relevant suggestion, as it worked for me when I was having exactly the same issue. Think the unwanted browser elements didn't install properly (after all they defeated their own objective) and just left the PC slightly f**ked up

So now the PC is running Ok and I can sleep.
Cheers.