Sorry for the delay in getting back to you.
We need to temporarily disable Spybot search & Destroy`s tea time, as it may interfere with any fix we are trying to run.
Disable Spybot's TeaTimer. This is a two step process.
First:
- Right click Spybot in the System Tray (looks like a calendar with a padlock symbol)
- Choose
Exit Spybot S&D Resident
Second:
- Open Spybot S&D
- Click
Mode, check
Advanced Mode
- Go To Left Panel, Click
Tools, then also in left panel, click
Resident
- If your firewall raises a question, say
OK
- Uncheck the box labeled
Resident Tea-Timer and OK any prompts.
- Use
File, Exit to terminate Spybot
- Reboot your machine for the changes to take effect.
Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
O14 - IERESET.INF: START_PAGE_URL=http://crmprdweb.com/my/start.swe?SWECmd=Start
O15 - Trusted IP range: 10.160.8.172 (HKLM)
O16 - DPF: {253A9D23-F982-11D4-8BE4-00D0B7E61414} (SiebelHTMLApplication Class) -
http://crmprdweb.com/callcenter/16279/applets/siebelhtml.cab
O16 - DPF: {472AD19B-8B7E-425C-ABCF-9DB605C4B96D} (AllowPopup.Action) - file://\\tahoe\revtools\winintel\allowpopup.dll
O16 - DPF: {6507C0E5-5621-49FE-8AEB-03B3F490F468} (UTCStub.Action) - file://\\tahoe\revtools\winintel\utcstub.dll
O16 - DPF: {68CDB19A-6305-4589-8C35-41E3502CD451} (Siebel Option Pack for IE 7.5.3) -
http://crmprdweb.com/callcenter/16279/applets/SiebelOptionPack.cab
O16 - DPF: {8F4F3368-54CA-4268-8225-0F4367472CF4} (MailClient Class) -
http://crmprdweb.com/callcenter/16279/applets/SiebExtMailClient.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = northamerica.net
O17 - HKLM\Software\..\Telephony: DomainName = northamerica.net
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = northamerica.net
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = northamerica.net
Only fix the above 017 entries if you don`t recognise the domain.
Click on the fix checked button.
Close HJT and reboot your computer.
Post a fresh HJT log and let me know how your system is running.
Regards Howard
This thread is for the use of DB2801 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.