Possible Virus - Cannot Surf Web

By aegisrose
Sep 22, 2008
  1. Greetings TechSpot Forums!

    I am the proud heir of my friend's OLD pc. It is sick and was bogged down with old temp files (I cleaned out near 1GB worth of Temp Int Files!)

    Symptoms: PC boots up fine (albeit a little slow). After login, and as windows XP is loading, there is an error message about iernonce.dll missing/not found. I am able to click "ok" past it.

    Once on desktop, I click on internet explorer icon, and it goes to the homepage, then gets stuck... almost looks like the page is trying to finishing loading. Another "phantom page" opens, but I can't bring it up. Looking at the processor, it is obviously doing "something" since the processor spikes to 80 - 100%. Surfing the web is impossible. I tried going into Safe Mode (with networking) and it does the same.

    I've taken the steps per this post:

    AVG found the following infections: Win32/Heur, JS/Psyme, and VBS/Agent
    AVG found the following Spyware: Adware Generic2.DZT
    AVG also found several common tracking cookies
    These were succesfully healed.

    CCleaner cleared several files

    Malwarebytes discovered & removed 218 infected objects

  2. aegisrose

    aegisrose TS Rookie Topic Starter Posts: 69

    FYI - I'm trying to post the txt files, but the PC won't let me on the web. I'm typing this from my laptop. Do you think it's safe to move the txt files with a thumb drive into this laptop for posting??
  3. tw0rld

    tw0rld TS Maniac Posts: 572   +6

    That should be fine, but try this first, then see if you can get to internet.

    RIES(Reset Internet Explorer Settings)


    Tools > Internet Options > Programs tab > Click reset web Settings.


    Tools > Internet Options > Advance tab > Click reset Button
  4. aegisrose

    aegisrose TS Rookie Topic Starter Posts: 69

    My husb changed some settings on IE (unchecked reuse windows when launching internet shortcuts) and for whatever reason, that made IE work /shrug

    In addition (and without consulting with me) he ran Trend Micro's housecall... It cleaned a bunch of junk, but it did not yield a log.

    Anywho... here are some of the log files from the previous scans.

    PS: I couldn't find a log for superantispyware

    Attached Files:

  5. aegisrose

    aegisrose TS Rookie Topic Starter Posts: 69


    Hey Guys... any luck taking a peek at these logs?

    The PC is still pretty buggy. :stickout:

    Let me know if I need to run any additional scans since we've ran Trendmicro's Housecall..
  6. tw0rld

    tw0rld TS Maniac Posts: 572   +6

  7. aegisrose

    aegisrose TS Rookie Topic Starter Posts: 69

    Not having luck

    I can't update this PC to save my life! :mad:

    Windows is trying to apply an update, but then it says it cannot successfully install. I tried going to the MS updater website and I can't stay online long enough to check the system and apply new patches, etc (the pop up / hiccup window problem occurs). :confused:
  8. SpiritWind

    SpiritWind TS Rookie Posts: 164

    Windows Installer version ?

    Hi :

    Look in "Add or Remove Programs" for "Windows Installer" and tell us the
    Version "Number" and/or It's "KB" number .
  9. tw0rld

    tw0rld TS Maniac Posts: 572   +6

    Do the following
    Start > run > type services.msc

    Check to see if the Background Intelligent Transfer service is running(BITS), and Check to see if Cryptographic service is running. If not click start.
    If this fails, ther are other things i could suggest, but at this point I would suggest a repair Install.
  10. aegisrose

    aegisrose TS Rookie Topic Starter Posts: 69

    WOW! What a mess~~~

    OK~ The service was in fact started. I did not even bother with more. I used the eMachines "System Recovery" disc.

    It is running well; however, I noted that after the recovery, and updating Windows XP to SP3 and IE to v 7.0.5730.13 that Yahoo! toolbar suddenly appeared.

    I tried deleting it from Add/Remove programs and COMODO alerted me that "GLB3C.tmp" was trying to access the internet. I blocked it. Out of curiosity, I tried deleting the Yahoo! folder directly from Program Files and sure enough... it said I did not have rights to do so. I ran HJT and removed the yahoo entries that it found. It allowed me to remove the application via add/remove programs and I additionally deleted the folder from Program Files.

    SOOOO~~~ I'm posting my HJT findings after my adventures. I want to make sure no other "funk" is hiding on this machine!! THANK YOU!!! :wave:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2:30:56 PM, on 10/4/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    log removed, they must be attached
    End of file - 3550 bytes
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...