Computer problem......can somebody help? - FMVperformance.com : The site for all your Ford Mazda and Volvo needs
Reply
 
LinkBack Thread Tools
post #1 of 22 (permalink) Old 07-01-2004, 05:35 AM Thread Starter
Le Mans: Prototype Class
 
Join Date: May 2004
Location: Ottawa, Canada
Posts: 1,582
Computer problem......can somebody help?

I just bought a new Dell desktop a couple weeks ago. It's a optiplex small form cpu connected to a wide screen hdtv/monitor. I am running xp professional.

The problem I am having is that every time I go to cnn.com or si.com, the search panel opens up on the left side. When I first got the computer the search panel would display ads (something to do with John Kerry). I figured it had something to do with a new kind of popup. I installed Ad muncher and the search panel kept opening except now it was blank. I deleted Ad muncher altogether and the search panel still opens and is still blank. The search bar opens up only on those two sites (i.e. CNN and SI) and never anywhere else. Is there anyway I can stop this search panel from opening? It gets really annoying.

I'd appreciate any help.

Titanium Grey Mazda3 GT w/ GFX, leather and Sparco pedals
Smokin is offline  
Sponsored Links
Advertisement
 
post #2 of 22 (permalink) Old 07-01-2004, 11:31 AM
F1 Driver
 
Join Date: Oct 2003
Location: BCMazda3.com
Posts: 6,290
Send a message via AIM to Absinthe Send a message via MSN to Absinthe
Computer problem......can somebody help?

What browser do you use? Did you install anything recently? I'm guessing there's a spyware and might have to do something with the registry. Install Ad Aware or Spybot Search&Destroy and do a scan.

[size=10px]·÷±‡± | 5-SPEED MAZDA3 SPORT GT - WINNING BLUE | ±‡±÷·


To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts.
|*
To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts.
|
To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts.
|
To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts.

[/size]
Absinthe is offline  
post #3 of 22 (permalink) Old 07-01-2004, 11:36 AM
F1 Driver
 
Join Date: Feb 2004
Location: Rochester, MI
Posts: 8,793
Send a message via AIM to holeydonut
Computer problem......can somebody help?

This is why I always immiediately format my computer and re-install my OS after getting a new Dell...


To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts.

How much of my soul is owned by DaimlerChrysler Financial Services: $ Bunches $
holeydonut is offline  
post #4 of 22 (permalink) Old 07-01-2004, 03:00 PM Thread Starter
Le Mans: Prototype Class
 
Join Date: May 2004
Location: Ottawa, Canada
Posts: 1,582
Computer problem......can somebody help?

I am using IE, ver 6. I didn't install anything before it started happening. I visit CNN and SI every single day and multiple times so I browsed with the new computer before starting to sit down and install stuff.

Also I have Ad-aware and ran it already. It came up clean (of course not including the silly cookies). I am not totally lost on computers and can fix just about everything. This particular problem though doesn't seem to make any logical sense.


Titanium Grey Mazda3 GT w/ GFX, leather and Sparco pedals
Smokin is offline  
post #5 of 22 (permalink) Old 07-01-2004, 03:42 PM
F1 Driver
 
Join Date: Jul 2003
Location: New Haven, CT
Posts: 14,337
Computer problem......can somebody help?

http://www.mazda6club.com/forums/read.php?TID=21136

That's all I have to say about IE
mz6zoomzoom is offline  
post #6 of 22 (permalink) Old 07-01-2004, 04:07 PM
Grand Am Series
 
Join Date: Mar 2004
Location: South Gate, CA
Posts: 365
Send a message via MSN to bendog
Computer problem......can somebody help?

SO about fixing this, what you can do is got to control panel and click on add or remove programs first and check if you have any extra programs that you don't recognize and that look like something that will cause this. This can come in many forms, and you should only uninstall something that you can tell is not supposed to be there.
If that doesn't do it, go download Ad-aware 6.0. The best at removing spyware, I think. It's a free download and it's fairly easy to use. Here is the link via Cnet. http://www.download.com/3000-2144-10...amp;tag=button

PEACE!!!!
------------
Mazda 3 HB - Titanium Grey
[900 watts sound system]
[Mini iPod PIE upgrade]
bendog is offline  
post #7 of 22 (permalink) Old 07-01-2004, 04:47 PM Thread Starter
Le Mans: Prototype Class
 
Join Date: May 2004
Location: Ottawa, Canada
Posts: 1,582
Computer problem......can somebody help?

LOL..........thanks anyway guys. I am pretty sure I don't have any spyware/adwares running. I don't think I have been hacked simply cause my LAN is very well protected. I have a full registered version of adaware 6.0 and it scans clean.

This lil annoying issue has been ongoing since I got the computer so I don't see how I could have acquired a spyware. Maybe, just maybe, dell sent me a bum computer!

Either way.........I'll figure it out.

Thanks again.

Titanium Grey Mazda3 GT w/ GFX, leather and Sparco pedals
Smokin is offline  
post #8 of 22 (permalink) Old 07-01-2004, 04:55 PM
Moped Rider
 
Join Date: May 2004
Location: Round Rock, Tx
Posts: 18
Computer problem......can somebody help?

What does it show as your default search site? That may be a clue as to what's going on. There is a free program called Hijackthis that scans the registry for anything odd and lets you delete it. I use it all the time to clear crap off my computer. Might try that but use with caution when deleting from the registry.
rawag77 is offline  
post #9 of 22 (permalink) Old 07-01-2004, 07:49 PM Thread Starter
Le Mans: Prototype Class
 
Join Date: May 2004
Location: Ottawa, Canada
Posts: 1,582
Computer problem......can somebody help?

Ok....I think I found it. I was looking thru my running processes list and I came onto something called loader.exe. This is apparently a nuisance that has many many variants. None of the symptoms match mine but I was hoping I have a super morphed version of it :P

I then dled and ran hijackthis as per rawag77's suggestion and here is the log.
________________

Logfile of HijackThis v1.98.0
Scan saved at 6:40:42 PM, on 01/07/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\WINDOWS\System32\PRISMSVR.EXE
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\ClearSearch\Loader.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S09IC 1.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Omer Elahi\Desktop\HijackThis.exe
C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
F0 - system.ini: Shell=
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\Program Files\ClearSearch\CSIE.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\System32\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ClrSchLoader] C:\Program Files\ClearSearch\Loader.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [EPSON Stylus C44 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S09IC 1.EXE /P23 "EPSON Stylus C44 Series" /O6 "USB001" /M "Stylus C44"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - (no file)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
_____________

This pretty much confirms at least one spyware. It might not be the reason for the search bar popup but it's a problem nevertheless. Ad-aware does not detect this. In fact it just shows it as a normal process and instead keeps picking on harmless cookies. So any ideas how I could go about safely removing this without having to resort to a direct del? Also if some of the computer gurus over here could maybe go over the log file and let me know if there is something else I should be looking at.

Thanks in advance.

Titanium Grey Mazda3 GT w/ GFX, leather and Sparco pedals
Smokin is offline  
post #10 of 22 (permalink) Old 07-01-2004, 08:00 PM
F1 Driver
 
Join Date: Feb 2004
Location: Rochester, MI
Posts: 8,793
Send a message via AIM to holeydonut
Computer problem......can somebody help?

Simple - just delete the registry key from your machine.

** WARNING ** I TAKE NO RESPONSIBILITY IF BAD SHIT HAPPENS AS A RESULT OF THIS ** Bad shit is defined as "anything that is not good shit" **

Anyway,

hit your start button

choose "run"

in the popup box, type "regedit" (but without the quotes). Hit [ok]

The windows registry editor will load.

Using the left-hand branching tree, navigate to:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run

Once you're in the right registry path, you will see some entries in the right-hand column. These programs will run every single time you load up your computer.

You can delete an entry (also known as a key) by clicking on the key and hitting the [del] key on your keyboard.

A box will popup asking you to confirm your action.

There are many programs that Windows needs though - so don't opt to delete them all (unless you're bored). I believe Windows will restore any required registry entries here that are accidentally deleted. But I don't have an MSCE - so don't quote me on it.

Happy browsing!


To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts.

How much of my soul is owned by DaimlerChrysler Financial Services: $ Bunches $
holeydonut is offline  
Sponsored Links
Advertisement
 
Reply

  FMVperformance.com : The site for all your Ford Mazda and Volvo needs > Misc > Lounge

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the FMVperformance.com : The site for all your Ford Mazda and Volvo needs forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in










Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page



Posting Rules  
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome