Can't Open Internet Explorer

I hadn't disabled anything in msconfig - and actually, when I checked there were more McAfee files in there enabled than I had before. As far as the spyware program mentioned, I already have AdAware on that machine and the kids run it each time they are finished on the computer. We keep it up to date - do I need to have Spywareblaster as well ? For the StartDreck, I ran the program and here is the log.

StartDreck (build 2.1.5 public BETA) - 2004-07-07 @ 10:54:59
Platform: Windows ME (Win 4.90.3000 )

»Registry
»Run Keys
»Current User
»Run
»RunOnce
»Default User
»Run
»RunOnce
»Local Machine
»Run
*SystemTray=SysTray.Exe
*Installed=1
*NoChange=1
*Installed=1
*Installed=1
»RunOnce
»RunServices
*McAfeeVirusScanService=C:\Program Files\McAfee\McAfee VirusScan\AVSYNMGR.EXE
**StateMgr=C:\WINDOWS\System\Restore\StateMgr.exe
*TrueVector=C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
»RunServicesOnce
»RunOnceEx
»RunServicesOnceEx
»Files
»Autostart Folders
»Current User
*C:\WINDOWS\Start Menu\Programs\StartUp\Corel Family & Friends Reminders.LNK
»Default User
*C:\WINDOWS\Start Menu\Programs\StartUp\Corel Family & Friends Reminders.LNK
»Local Machine
*C:\WINDOWS\All Users\Start Menu\Programs\StartUp\ZoneAlarm.lnk
»System/Drivers
»Running Processes
*FFCF7BA7=C:\WINDOWS\SYSTEM\KERNEL32.DLL
*FFFFB073=C:\WINDOWS\SYSTEM\MSGSRV32.EXE
*FFFFD3B3=C:\WINDOWS\SYSTEM\mmtask.tsk
*FFFFD5FF=C:\WINDOWS\SYSTEM\MPREXE.EXE
*FFFE11CB=C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
*FFFEE86F=C:\WINDOWS\EXPLORER.EXE
*FFFDC67F=C:\WINDOWS\SYSTEM\SYSTRAY.EXE
*FFFC6AA7=C:\WINDOWS\SYSTEM\WMIEXE.EXE
*FFFC7143=C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZONEALARM.EXE
*FFFE0F07=C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
*FFFB1D6F=C:\WINDOWS\SYSTEM\STIMON.EXE
*FFFA2A9B=C:\DREG OR SOMETHIN\STARTDRECK.EXE
»Application specific

 

cone--

The functioning of SWB and AA are entirely different. SWB proactively neutralizes ActiveX controls that its reference files (which have to be updated once every ten days or so) detect as being related to spyware and other malware.
You do not scan with SWB. It does its job without messages to you and does not allow the spyware on the PC. It also neutralizes undesireable ActiveX controls already on your PC. The latter is why I think you should use it, since you have several ActiveX controls (BHO's) which I think are spyware.

 

Okay - I have installed SpywareBlaster on that machine. When I did a quick search on Add\Remove programs there are three items in there that I cannot delete (I also can't find them located anywhere on my computer) They are:
Home Search Assistant
Search Extender
Shopping Wizard
I have not ever installed those programs so I'm guessing they came with some music or something my kids downloaded. Could they be part of the problem?
I'm thinking that the only solution I have left is to completely wipe out my harddrive, reformat and then reinstall everything. Is that too drastic or do you think you can still solve my problem in a simpler way ? I really appreciate all the help so far.

 

Absolutely correct. I had a machine with the same problem a while back. Different files but same idea. But I was also LUCKY that the kids invloved were honest enough to tell me where they had been. And now they do not go back there any more. It was some music site.

I believe that that is way too much and too drastic an approach for the problem. It would only last until someone ( OR SOMETHING ) went back on the Web again.

I think you would be better off to wait for help in getting rid of those things. I myself am betting on the fact that they ( or something to do with them ) is loading at startup. And that may well be why you cannot delete them.

I am also willing to bet that someone here can tell you where they came from and how to stay away from them again.

BillyBob

 

Hello

I'm not seeing what I had hoped for in the startdrek log.

have you fixed what Jim suggested ?
Run hijackthis closes all open windows and fix these
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.search-explorer.net/search_page.php
R3 - Default URLSearchHook is missing
O2 - BHO: DOMPeek Class - {834261E1-DD97-4177-853B-C907E5D5BD6E} - C:\WINDOWS\DPE.DLL (file missing)
O2 - BHO: ICOO Loader BHO - {B9D90B27-AD4A-413a-88CB-3E6DDC10DC2D} - C:\WINDOWS\MSOPT.DLL (file missing)
O2 - BHO: Class - {BCBA74D3-3FC4-AC2D-B113-88541C09346B} - C:\WINDOWS\SYSTEM\MFCIL.DLL
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINDOWS\MSOPT.DLL
O13 - WWW. Prefix: http://
================

well someone has, maybe with a third party startup manger ?
scanregw is missing, taskmon,two load power profiles

scanreg is the important one.

make this reg file and merge it ,open a new notepad document copy this into it, the regedit4 needs to be in the top left corner.

(take the space out of CurrentVersion)
Under save as chose any, name it (keep the quotes) "fixscanreg.reg "
save, then exit and double-click to merge, say OK then there should be a succeed message, was there ?

Then restart the PC

Use the PC and IE if possible for a few hours then make and post another hijackthis log.

we can fix those items in add remove that wont uninstall later

you might want to attempt uninstalling ZA, rebooting then install again also.

Try this run command

Click Start, and then click Run.
copy paste this into the run box and hit OK

its a little long for our forum posts, do one line then the other then hit ok

then choose repair,, and take note for us any errors there might be

 

I did everything you said and IT'S WORKING !!! I can't tell you how much I appreciate all your help. Should I still send you a Hijack log after we've been using IE for the rest of tonight ?
I have installed SpywareBlaster on that machine as you suggested - is there anything else I should do to avoid this in the future. The site that the kids are on is predominantly KaZaa Lite (which doesn't seem to come with the spyware that the old KaZaa came with) and of course MSN for their instant messaging.
Also, you said there was a way to remove those three programs from my Add\Remove list that won't uninstall ?

 

Yes post a log after using the pc for a day or so..

Kazza of any flavor is not a good thing. best to use if you have to, an alternative, there are several mentioned here.

Clean and Infected File Sharing Programs: http://www.spywareinfo.com/articles/p2p/
If you have SpyBot 1.3. open it, switch to advanced mode >tools uninstall info we can uninstall or if they wont co-operate delete them there.
Regards

 

Hey guys. I'm having a similiar problem. Whenever I click on IE, I get the 'caused fault in unknown' message. I have windows me. I wasn't sure if my situation was the same as the other guy, so I was scared to do the same changes. Plus, he's a little sharper than me when it comes to comps, or so it seems. Should I do the hijack this program and paste the results. Oh, another thing. I'm on the same computer, but I'm running netscape now since IE doesn't work. Thanks.