I have tried everything and this is the 2nd time I've gotten this. The first time, I just erased my harddrive and reinstalled everything!!!! Too much work.

This problem first started out by not being able to open links on the web if it requires a new browser. I have (had)Norton Antivirus and SSD 1.4 both running. It tries to change my homepage, I can't drap and drop icons on my desktop. There is a new option under tools when you have IE opened... it says "reset web settings". Now there is a new icon on my startbar that says "Keep your computer up to date". SSD said it had been changed and to run it right away...nothing found...everything is up to date. I can't run windows updates because I guess it requires a new browser?? Norton told me to uninstall and reinstall but when I tried to reinstall it wouldn't let me.. and so on and so on. Here is my highjack log. Is there any hope?

-Diana

Logfile of HijackThis v1.99.1
Scan saved at 6:09:05 PM, on 1/20/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\wanmpsvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\America Online 8.0\aoltray.exe
C:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.1.exe
C:\Program Files\America Online 8.0\aol.exe
C:\Program Files\America Online 8.0\waol.exe
C:\Program Files\America Online 8.0\aolwbspd.exe
C:\WINNT\system32\ntvdm.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\WinZip\winzip32.exe
C:\Documents and Settings\Administrator\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AOL test browser
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R320 Series] C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R320 Series (Copy 2)] C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE /P39 "EPSON Stylus Photo R320 Series (Copy 2)" /O6 "USB002" /M "Stylus Photo R320"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe
O4 - Global Startup: EPSON CardMonitor.lnk = C:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.1.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) -
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) -
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1137356647367
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{5EC211C7-4A26-4BFE-B91C-1DBF2FACEAE5}: NameServer = 205.188.146.145
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINNT\wanmpsvc.exe

Hello and sorry for the wait.
Please go here and post a link back to this topic to flag a helper.

If you have waited three days for advice post here. (http://forums.spybot.info/showthread.php?p=4836#post4836)

Hello

" It tries to change my homepage" to what does it try to change it to ?

The Internet options > programs "reset web settings" is an option thats supposed to be there, so is a link to windows update on the start menue
Did you update the pc proir to these problems ?

For now disable SpybotSD's TeaTimer
To disable SpybotSD TeaTimer:
Open Spybot and click on Mode and check Advanced Mode
Check yes to next window.
Click on Tools in bottom left hand corner.
Click on Resident icon and Uncheck the box next to Teatimer.
"resident tea timer"protection of all-over system settings) active"
Close SpyBot.

Norton has a utility to remove its programs, i suggest you use it, then reinstall the program if you choose
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039?Open&src=&docid=2001092114452606&nsf=nav.nsf&view=docid&dtype=&prod=&ver=&osv=&osv_lvl=

Hi!

I really don't know what it tries to change my home page to because at the time SSD was running and I guess the string was too long for it to fit in the little box.

It's not Internet options > programs "reset web settings".

It's Tools > Reset Web Settings. Never been there before and the last time I had this, it did not open to anything.

And it's not a link to windows update on the start menue.
It's what looks similar to the Window update icon but is different colors and when you right click it , it just opens up. (I can't go to properties). It's also located not on the star menu but on the start bar next to the clock.

There was an update I did when I loaded Turbo Tax. To be honest, I forgot what it was. Turbo Tax wouldn't work correctly with out it. I think it was some kind of Java thing from Microsoft. I had to go find it on Microsoft and down load it.

Norton wouldn't work after that or would work intermitently. When I try to reinstall it, a box pops up that says my Windows Installer Serviced could not be accessed and then another box says I may have a virus. My IE now says on the top part: " Microsoft Internet Explorer provided by AOL test browser". Never seen that before. I can't drag and drop icons on my desktop (well at least I couldn't but just now I was able to). I can't open hyperlinks to a new browser. I can't open certain types of pages like when I try do banking online.

I will try what you said and let you know. I just want you to know everything that I can remember.

Thanks again!!!

-Diana

Well I was able to finally install Norton AV again but it said "The integrity of Symantec product settings cannot be verified at the time. you may have a virus please uninstall and reintall Norton AV." I recall now that this is what is said before and is why I uninstalled Norton in the first place.

Anything else? Did you read my last post?

-Diana

Oh yeah, now my original windows update icon on the start menu has disappeared. (Not like I could have used it anyway) The fake one is still on my start bar.

I just figured out what I had downloaded just before all this started happening. It was scripten.exe (windows script 5.6). Glad I could find that.

Does that help at all?

-Diana

Hi

Could you post a screenshot's of this tools reset web settings and start menu windowsupdate links/options ?
sounds like something your aol did to me, maybe it updated itself

Here is the screenshot. I was able to get rid of the auto update icon on the startbar near the clock. I found the real update and put it on my startbar next to the start button.

I hope I'm doing this right...

-Diana

Well never mind... I am not able to to click the attatch files button here. (The one that says" Manage attatchments". Well I can click it but it just says error on page (on the bottom) and doesn't go anywhere. When I go to reset web settings under internet options and click ok then when I press manage attatchments it acts like it's downloading (__ items remaining ) but still doesn't go anywhere.

Any suggestions?

Now I can't drag and drop anymore either. I also have noticed that all this occurs intermitently. Every once in a while I can open links into new windows (even ones I had tried and failed at before). This is crazy.

I got it to work. Here is my screen shot.

Hi

When i expand it enough to see its to blury, can you zip up and send them to me
Send to submitlonny AT subratam.org
Replace AT and the spaces with @ and include a link back to this thread.

Hi dianab72
I think the symptoms you mention are only something AOL did
I suggest you contact there free support help line , i believe they have a free Bulletin board also

Ok, I think I found out what was going on. It seems that tea timer puts the "Reset Web Settings" option under toos for you. Anthe the strange Microsoft icon on my startbar is actually part of microsofts new automatic update.

I think what happened was that I went to download scripten.exe and when I did microsoft installed their new installer. Now I don't know who was responsible for changing my default access permissions but after I did this fix:

http://support.microsoft.com/?kbid=274696

It has solved all my problems. I still have to uninstall (again) and reinstall (again) Norton Antivirus and get that working but I am very hopeful since everything else is working now.

I hope other people don't have to suffer as long as me and find this fix. Good luck all and thanks for the help! THis is a super site and I'll be following some of the suggestions on how to make my computer safer.

-Diana

Great work finding KB 274696 :)

Ill Post the symtoms here for others

Actions such as search and drag and drop do not work because the default access permissions have been changed in the Dcomcnfg.exe tool

SYMPTOMS
When using your computer, you may experience one or more of the following symptoms:• Nothing happens when you click the hyperlinks on Web pages that are supposed to open a new window.
• Nothing happens when you right-click a hyperlink on a Web page, and then click Open in a new window.
• You select a hyperlink in Microsoft Outlook or Microsoft Outlook Express and it does nothing.
• In a drag-and-drop operation, when you attempt to drop an item to the Start menu or any folder on the system, the mouse cursor changes to a circle with a slash through it and it does not enable you to drop anything.
• In Microsoft Internet Explorer, on the Edit menu, when you click Find (on This Page), it may not work or it may only work once.
• If you point to Search, and then click For Files or Folders, it does not work.
• The Search On the Internet feature does not work.
• When you try to start Microsoft Office Assistant, you may receive the following error message:
Problem occurred using Office Assistant, Do you want to reinstall it?
• When you try to drag-and-drop a file from Outlook 2000 to a folder, you may receive the following error message:
Cannot create another system semaphore.
• You cannot print from in Internet Explorer.
• You cannot print HTML messages in Outlook.
• Nothing happens when you click the Windows Update command on the Start menu.
• If you visit the Windows Update Wet site, you can scan your system but when you try to download the file you see the "Preparing to Download" message but the progress indicator does not change

As the problem appears to be resolved this topic will be archived.
If you need it re-opened please pm me or Lonny.

Cheers.