Thread: explorer dl.html windows freeze?!
View Single Post
  #4  
Old June 17th 04, 06:21 AM
Noel Paton
external usenet poster
  
Posts: n/a
Default explorer dl.html windows freeze?!
Steven
Please post the log to a more appropriate newsgroup - this one is for
Windows Millennium, and you're running Windows XP!!

--
Noel Paton (MS-MVP 2002-2004, Win9x)

Nil Carborundum Illegitemi
http://www.btinternet.com/~winnoel/millsrpch.htm

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's
or
http://www.microsoft.com/presspass/f.../Mar27pmvp.asp

"steven" wrote in message
m...
My computer keeps having dl.html stuff up the internet connect, it
cascades many IE pages onto my screen, it then disconnects me from the
internet and tries to reconnect me withs TIBS41.
My VET sees that dl.html is HarnigJS Trojan or something similar and
deletes it but dl.html keeps coming back and doing it all over again.
I have all the newest versions of VET, Adaware and Spybot and cant get
rid of it.

On Hijackthis I get:
Logfile of HijackThis v1.97.7
Scan saved at 2:43:43 PM, on 6/17/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\VetMsgNT.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Vet\VetTray.exe
C:\WINDOWS\system32\wintime.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Admin\Local Settings\Temp\Temporary
Directory 1 for hijackthis.zip\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.altavista.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.altavista.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
= http://www.altavista.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch
= http://www.altavista.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant
= http://www.altavista.com/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE"
/Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002]
C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync]
C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A]
C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VetTray] C:\Vet\VetTray.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [Upgrade Service] C:\WINDOWS\winupd.exe
O4 - HKLM\..\Run: [WinTime] C:\WINDOWS\system32\wintime.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common
Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -

http://v4.windowsupdate.microsoft.co...8129.399525463
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) -
http://www.microsoft.com/security/co...20/SassCln.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash
Object) -
http://download.macromedia.com/pub/s...sh/swflash.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{2C01BB89-EE64-48F7-BAE2-4A4A21D2E8AF}:
NameServer = 203.134.64.66 203.134.65.66
O17 -
HKLM\System\CS1\Services\Tcpip\..\{2C01BB89-EE64-48F7-BAE2-4A4A21D2E8AF}:
NameServer = 203.134.64.66 203.134.65.66

CAN ANYONE HELP ME!!!!!!!!!!!!!