• Welcome to Tux Reports: Where Penguins Fly. We hope you find the topics varied, interesting, and worthy of your time. Please become a member and join in the discussions.

Internet Explorer add-on "D"

C

Craig Wenger

Flightless Bird
I have noticed a lot of people running Internet Explorer 8 on Windows
XP and Windows 7 (32-bit) having problems with an add-on called simply
"D". For one person, every time they would do a Google search it would
crash. For another, IE would never load but continually spawn new
iexplore.exe processes every few seconds--it would pop up the
"Internet Explorer has restored lost tabs" dialog on the desktop. In
both cases, after disabling the add-on, everything worked perfectly.

Here is the add-on information:

Name: D
Publisher: (Not verified) Microsoft Corporation
Type: Browser Helper Object
Version: 2.1.0.0
File date:
Date last accessed: Today, July 20, 2010, 10 minutes ago
Class ID: {095E5AD9-EA5B-3E5F-B428-0D8E68827892}
Use count: 14
Block count: 6895
File: xcw84981.dll
Folder: C:/Windows\System32

I can't find anything about this online, probably because it is so
hard to search for something called simply "D". Does anybody know
anything about this, and how to permanantly remove it as opposed to
just disabling it?

Thanks.
 
A

Alan Edwards

Flightless Bird
Searching for xcw84981.dll revealed a little more than "D" but not
much more. See if you can glean anything from it.
http://forums.spybot.info/showthread.php?p=274849
Whatever it is, it does not look nice.

....Alan
--
Alan Edwards, MS MVP Windows - Internet Explorer
http://dts-l.com/index.htm



On Tue, 20 Jul 2010 11:08:17 -0700 (PDT), in
microsoft.public.internetexplorer.general, Craig Wenger
<craig.wenger@gmail.com> wrote:

>I have noticed a lot of people running Internet Explorer 8 on Windows
>XP and Windows 7 (32-bit) having problems with an add-on called simply
>"D". For one person, every time they would do a Google search it would
>crash. For another, IE would never load but continually spawn new
>iexplore.exe processes every few seconds--it would pop up the
>"Internet Explorer has restored lost tabs" dialog on the desktop. In
>both cases, after disabling the add-on, everything worked perfectly.
>
>Here is the add-on information:
>
>Name: D
>Publisher: (Not verified) Microsoft Corporation
>Type: Browser Helper Object
>Version: 2.1.0.0
>File date:
>Date last accessed: Today, July 20, 2010, 10 minutes ago
>Class ID: {095E5AD9-EA5B-3E5F-B428-0D8E68827892}
>Use count: 14
>Block count: 6895
>File: xcw84981.dll
>Folder: C:/Windows\System32
>
>I can't find anything about this online, probably because it is so
>hard to search for something called simply "D". Does anybody know
>anything about this, and how to permanantly remove it as opposed to
>just disabling it?
>
>Thanks.
 
P

PA Bear, MS MVP

Flightless Bird
There is a very good chance that you are seeing the effects of a
hijackware infection!

NB: If you had no anti-virus application installed or the subscription
had expired *when the machine first got infected* and/or your
subscription has since expired and/or the machine's not been kept
fully-patched at Windows Update, don't waste your time with any of the
below: Format & reinstall Windows. A Repair Install will NOT help!

Microsoft PCSafety provides home users (only) with no-charge support
in dealing with malware infections such as viruses, spyware (including
unwanted software), and adware.
https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1

Also available via the Consumer Security Support home page:
https://consumersecuritysupport.microsoft.com/

Otherwise...

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/malwareremove/default.mspx

NB: Run the FULL scan, not the QUICK scan! You may need to download
the MSRT on a non-infected machine, then transfer MRT.EXE to the
infected machine and rename it to SCAN.EXE before running it.

2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan
(only!) in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

2b. Vista or Win7=> Run this scan instead: http://onecare.live.com/site/en-us/center/whatsnew.htm

3. Now post the requested logs in an appropriate forum for assistance
by an expert in such matters. DO NOT SKIP THIS STEP!!

I can recommend the expert assistance offered in these forums:
http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5, http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php, and http://aumha.net/viewforum.php?f=30

If these procedures look too complex - and there is no shame in
admitting this isn't your cup of tea - take the machine to a local,
reputable and independent (i.e., not BigBoxStoreUSA or Geek Squad)
computer repair shop.

On Jul 20, 2:08 pm, Craig Wenger <craig.wen...@gmail.com> wrote:
> I have noticed a lot of people running Internet Explorer 8 on Windows
> XP and Windows 7 (32-bit) having problems with an add-on called simply
> "D". For one person, every time they would do a Google search it would
> crash. For another, IE would never load but continually spawn new
> iexplore.exe processes every few seconds--it would pop up the
> "Internet Explorer has restored lost tabs" dialog on the desktop. In
> both cases, after disabling the add-on, everything worked perfectly.
>
> Here is the add-on information:
>
> Name:                   D
> Publisher:              (Not verified) Microsoft Corporation
> Type:                   Browser Helper Object
> Version:                2.1.0.0
> File date:
> Date last accessed:     Today, July 20, 2010, 10 minutes ago
> Class ID:               {095E5AD9-EA5B-3E5F-B428-0D8E68827892}
> Use count:              14
> Block count:            6895
> File:                   xcw84981.dll
> Folder:                 C:/Windows\System32
>
> I can't find anything about this online, probably because it is so
> hard to search for something called simply "D". Does anybody know
> anything about this, and how to permanantly remove it as opposed to
> just disabling it?
 
Top