Hello all,

First of all, great site. This forum helped me get rid of ISearch easily. Thanks.

Well, I'm back again. Something is struggling to take over my computer. I have noticed that my Windows Media stopped working, and works only now that I've reinstalled it. In addition, my homepage keeps launching as "about:blank" no matter what I do (Adware 6.0, McAfee Online Virus Scan, System Restore). Then also, there have been moments where my computer sounds busy and then I get a warning that it's running low on virtual memory.

I've installed HijackThis, and get what's at the bottom of this post. BTW, I tried moving "ccflja.dll," which is why it's listed as "missing" below. Still, my homepage remains hijacked. ...Sounds like some kind of virus???
:confused:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\ccflja.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\System32\ccflja.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\System32\ccflja.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\System32\ccflja.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\System32\ccflja.dll/sp.html (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\System32\ccflja.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {DE9A4A29-31E2-4977-B5C9-C5F0B0A7F89E} - C:\WINDOWS\System32\ccflja.dll (file missing)
O3 - Toolbar: Updated.Toolbar - {9F6A22E6-1682-4F82-9B72-6314794CB253} - C:\Program Files\Pop Blocker\Updated.dll
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpyBlocker] C:\Program Files\SpyBlocker Software\spyblocker.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkVwMon.exe.lnk = C:\Program Files\Nikon\NkView4\NkVwMon.exe
O4 - Global Startup: Wireless-G Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\Startup.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

:) I know that nobody's had a moment yet to respond, but I seem to have found the problem. My computer was infected with "coolweb software." Hijack This brought to light that there was a problem (outlined in the previous post). Another sign was the obvious fact that launching IE took forever and ate up tons of virtual memory. So I ran Ad-aware again (after rebooting), and it found a registry key from coolweb. With that lead, I got on this website and searched. Downloading "CWSShredder" must have worked, b/c now my computer is back to normal.

Once again, I'm glad to have this site handy! THANKS!!!

I didn't see the coolweb in your original Hijackthis log, am I missing it?

...I dunno. I was looking for anything, and coolweb was the first to pop up. Well, not all is perfect, apparently. My Yahoo webpage doesn't display any ads, and many pictures don't post also. The same is true for CNN.com and Hotmail.com, though to a lesser degree.

Did I not correctly fix the original problem, or, do I have a second problem now? Oh, I did add the windows hotfixes. I wonder if they could be affecting my IE adversely?

Yea sorry we didn't get a chance to look at your log file. I am glad that you figured it out. Thanks very much for giving us feedback as to how you fixed it. That will be very helpful for other people who have a similar problem.

If its working how you want it to be and the spy catching programs can't find anything than I would have to say that your computer is fixed.