Tech Support Forum - View Single Post - Hijack this log (IE URL Address bar not working)

MoralTerror · 04-17-2006, 04:45 PM

Hi there scottv

No probs I hope you had a nice weekend

Yeah as I explained verclsid is conflicting with your HP Share to Web. Either disable Share to Web or uninstall the latest Windows Security Update(908531). Microsoft are working on a fix for this conflict.

Please print this page or copy it to Notepad in order to assist you while carrying out the following instructions.

Please download Cleanup! or use this (Alternate Link) if the main link does not work and install it. You will use this later.

Download fl.zip
Extract the contents to a new folder on Desktop.
Within the folder, locate & double-click fl.bat.
It should produce a report at c:\findlop.txt. Post the contents of the report in your next reply.

Open HijackThis and click Open the Misc Tools section, under System Tools click Open uninstall manager... and click Save list. Save it to HijackThis directory and post the entire contents of uninstall_list.txt here.

Go to Start > Control Panel double-click on the Java Icon (coffee cup) in the Control Panel.

Under Temporary Internet Files, click the Delete Files button.
There are three options in the window to clear the cache - Leave ALL 3 Checked

Downloaded Applets
Downloaded Applications
Other Files

Click OK on Delete Temporary Files Window
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
Click OK to leave the Java Control Panel.

Go to My Computer >Tools >Folder Options >View tab and select Show hidden files and folders. Uncheck the Hide protected operating system files (recommended) option. Also make sure there is no checkmark beside Hide file extensions for known file types. Click OK.

Reboot your system in Safe Mode (By repeatedly tapping the F8 key until the menu appears).

Delete the following Files indicated in RED and Folders in BLUE(If they still exist)

C:\WINDOWS\ounist.exe
C:\WINDOWS\pludll.exe
C:\WINDOWS\webdir.dll
C:\Documents and Settings\All Users\Application Data\curb second platform army

Empty the contents of the following Folders(Do not delete the folder)

C:\Documents and Settings\Compaq_Owner\Cookies
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp

Open Cleanup! by double-clicking the icon on your desktop (or from Start > All Programs). Set the program up as follows:

Click Options
Move the slider button down to Custom CleanUp!

Check the following:

Empty Recycle Bins
Delete Cookies
Delete Prefetch files
Cleanup! All Users

Uncheck the following :

Scan local drives for temporary files

Click OK, Press the CleanUp! button to start the program and reboot when prompted.

Reboot to Normal Mode

Perform an online scan with Internet Explorer with

Kaspersky WebScanner

Next Click on Launch Kaspersky Anti-Virus Web Scanner

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.

The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT
Now click on Scan Settings
In the scan settings make that the following are selected:
- Scan using the following Anti-Virus database:
- Extended Scan
- Scan Options:
- Scan Archives
  Scan Mail Bases
Click OK
Now under select a target to scan:
- Select My Computer
This will program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.
- Now click on the Save as Text button:
Save the file to your desktop.
Copy and paste that information in your next post.

Take note the names and locations of any file it detects but fails to clean.

* Turn off the real time scanner of any existing antivirus program while performing the online scan

Required Logs

findlop.txt
uninstall_list.txt
Kaspersky report
new HijackThis log

How is your Internet Explorer behaving now??

04-17-2006, 04:45 PM	#9 (permalink)
MoralTerror Analyst, Security Team Join Date: Nov 2005 Location: UK Posts: 1,968 OS: xp	Hi there scottv No probs I hope you had a nice weekend Yeah as I explained verclsid is conflicting with your HP Share to Web. Either disable Share to Web or uninstall the latest Windows Security Update(908531). Microsoft are working on a fix for this conflict. Please print this page or copy it to Notepad in order to assist you while carrying out the following instructions. Please download Cleanup! or use this (Alternate Link) if the main link does not work and install it. You will use this later. Download fl.zip Extract the contents to a new folder on Desktop. Within the folder, locate & double-click fl.bat. It should produce a report at c:\findlop.txt. Post the contents of the report in your next reply. Open HijackThis and click Open the Misc Tools section, under System Tools click Open uninstall manager... and click Save list. Save it to HijackThis directory and post the entire contents of uninstall_list.txt here. Go to Start > Control Panel double-click on the Java Icon (coffee cup) in the Control Panel. Under Temporary Internet Files, click the Delete Files button. There are three options in the window to clear the cache - Leave ALL 3 Checked Downloaded Applets Downloaded Applications Other Files Click OK on Delete Temporary Files Window Note: This deletes ALL the Downloaded Applications and Applets from the CACHE. Click OK to leave the Java Control Panel. Go to My Computer >Tools >Folder Options >View tab and select Show hidden files and folders. Uncheck the Hide protected operating system files (recommended) option. Also make sure there is no checkmark beside Hide file extensions for known file types. Click OK. Reboot your system in Safe Mode (By repeatedly tapping the F8 key until the menu appears). Delete the following Files indicated in RED and Folders in BLUE(If they still exist) C:\WINDOWS\ounist.exe C:\WINDOWS\pludll.exe C:\WINDOWS\webdir.dll C:\Documents and Settings\All Users\Application Data\curb second platform army Empty the contents of the following Folders(Do not delete the folder) C:\Documents and Settings\Compaq_Owner\Cookies C:\Documents and Settings\Compaq_Owner\Local Settings\Temp Open Cleanup! by double-clicking the icon on your desktop (or from Start > All Programs). Set the program up as follows: Click Options Move the slider button down to Custom CleanUp! Check the following: Empty Recycle Bins Delete Cookies Delete Prefetch files Cleanup! All Users Uncheck the following : Scan local drives for temporary files Click OK, Press the CleanUp! button to start the program and reboot when prompted. Reboot to Normal Mode Perform an online scan with Internet Explorer with Kaspersky WebScanner Next Click on Launch Kaspersky Anti-Virus Web Scanner You will be prompted to install an ActiveX component from Kaspersky, Click Yes. The program will launch and then begin downloading the latest definition files: Once the files have been downloaded click on NEXT Now click on Scan Settings In the scan settings make that the following are selected: Scan using the following Anti-Virus database: Extended Scan Scan Options: Scan Archives Scan Mail Bases Click OK Now under select a target to scan: Select My Computer This will program will start and scan your system. The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected. Now click on the Save as Text button: Save the file to your desktop. Copy and paste that information in your next post. Take note the names and locations of any file it detects but fails to clean. * Turn off the real time scanner of any existing antivirus program while performing the online scan Required Logs findlop.txt uninstall_list.txt Kaspersky report new HijackThis log How is your Internet Explorer behaving now??