Solved Java dont work

[Resolved] Java dont work

The other day my antivirus notified me of a virus and I removed it. I ran a scan and then went to run an online scan only to find my Java did not work. I un-installed and re-installed Java, made sure the configuration was right ( enableing Java and Java scripting ) and I also re-istalled IE7 but it still does not work. I posted under windows xp and was told I should post here. I also posted yesterday at another forum http://www.theeldergeek.com/forum/index.php?showtopic=34605 but found no help. Can someone please help? Thanks Herb



DDS (Ver_09-02-01.01) - FAT32x86
Run by Sammypoo at 11:28:36.52 on Mon 02/16/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.512.263 [GMT -5:00]

AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
SVCHOST.EXE
C:\WINDOWS\System32\svchost.exe -k netsvcs
SVCHOST.EXE
SVCHOST.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Documents and Settings\Sammypoo\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.att.net/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\autorunsdisabled\exif launcher.lnk.disabled
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: Microsoft XML Parser for Java
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {13991839-0420-11D5-BDA3-00A0C982BA51} - hxxp://www.raxco.com/analyze/PDWeb.cab
DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - hxxp://w4s2.work4sure.com/c/ge/w4sgeen9.exe
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photo.walgreens.com/WalgreensActivia.cab
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scan8/oscan8.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1151798954040
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160674293046
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://dl8-cdn-01.sun.com/s/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab?e=1234659701087&h=d488db1b1e472cf60cda850ed2c9ebf4/&filename=jinstall-6u12-windows-i586-jc.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} - hxxp://offers.e-centives.com/cif/download/bin/actxcab.cab
DPF: {B49C4597-8721-4789-9250-315DFBD9F525} - hxxp://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} - hxxp://viewers.streamingfaith.com/common/mbrowser/MINIBrowser.CAB
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} - hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab
DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - hxxp://plugin.driveragent.com/files/driveragent.cab
DPF: {EA7F451B-94DD-4009-A8BF-8F977B0B2696} - hxxp://pbells.broadjump.com/wizlet/StandardInstall/static/controls/WebflowActiveXInstaller_4-2-0.cab
DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} - hxxp://67.19.107.18/DGTx.CAB
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - d:\program files\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\program files\avira\antivir personaledition classic\avgio.sys [2008-5-21 11840]
R1 SASDIFSV;SASDIFSV;d:\program files\sasdifsv.sys [2009-1-15 8944]
R1 SASKUTIL;SASKUTIL;d:\program files\SASKUTIL.SYS [2009-1-15 55024]
R1 SonyFanC;FAN Control Device Service;c:\windows\system32\drivers\SonyFanC.sys [2001-9-9 68116]
R2 AntiVirScheduler;Avira AntiVir Personal "“ Free Antivirus Scheduler;c:\program files\avira\antivir personaledition classic\sched.exe [2008-5-21 68865]
R2 AntiVirService;Avira AntiVir Personal "“ Free Antivirus Guard;c:\program files\avira\antivir personaledition classic\avguard.exe [2008-5-21 151297]
R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition classic\avgntflt.sys [2008-5-21 52032]
R3 Dot4Usb HPH09;Dot4Usb HPH09;c:\windows\system32\drivers\hphius09.sys [2001-8-3 18864]
R3 SASENUM;SASENUM;d:\program files\SASENUM.SYS [2009-1-15 7408]
S2 ioloFileInfoList;iolo FileInfoList Service; [x]
S2 ioloSystemService;iolo System Service; [x]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; [x]
S3 BCM42XX;Broadcom iLine10(tm) Network Adapter Driver;c:\windows\system32\drivers\bcm42xx5.sys [2001-9-8 54271]
S4 aawservice;Lavasoft Ad-Aware Service; [x]

=============== Created Last 30 ================

2009-02-15 20:20 <DIR> --d----- c:\program files\Java(2)
2009-02-15 19:20 <DIR> --d----- C:\cmdcons
2009-02-15 18:57 <DIR> --d----- c:\docume~1\sammypoo\applic~1\Malwarebytes
2009-02-15 18:57 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-02-15 18:57 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-15 18:57 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-02-15 18:57 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-02-15 15:34 <DIR> --d----- c:\program files\Trend Micro
2009-02-15 15:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-02-15 15:02 <DIR> --d----- c:\docume~1\sammypoo\applic~1\SUPERAntiSpyware.com
2009-02-15 15:01 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-02-14 20:01 73,728 a------- c:\windows\system32\javacpl.cpl
2009-02-14 18:06 410,984 a------- c:\windows\system32\deploytk.dll
2009-02-11 14:03 <DIR> --d----- c:\windows\system32\XPSViewer
2009-02-11 14:02 597,504 -------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-02-11 14:02 575,488 -------- c:\windows\system32\xpsshhdr.dll
2009-02-11 14:02 575,488 -------- c:\windows\system32\dllcache\xpsshhdr.dll
2009-02-11 14:02 117,760 -------- c:\windows\system32\prntvpt.dll
2009-02-11 14:02 89,088 -------- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-02-11 14:02 1,676,288 -------- c:\windows\system32\xpssvcs.dll
2009-02-11 14:02 1,676,288 -------- c:\windows\system32\dllcache\xpssvcs.dll
2009-02-11 14:01 <DIR> --d----- c:\windows\SxsCaPendDel
2009-02-04 12:04 <DIR> --d----- c:\program files\Canon
2009-02-04 12:04 <DIR> --d----- c:\docume~1\alluse~1\applic~1\ZoomBrowser

==================== Find3M ====================

2009-02-16 10:16 1,744 a------- c:\windows\system32\d3d9caps.dat
2009-01-31 14:21 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLdu.DAT
2009-01-16 21:35 3,594,752 a------- c:\windows\system32\dllcache\mshtml.dll
2008-12-19 04:10 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 04:10 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 00:25 634,024 -------- c:\windows\system32\dllcache\iexplore.exe
2008-12-19 00:23 161,792 -------- c:\windows\system32\dllcache\ieakui.dll
2008-12-16 16:18 4,212 a---h--- c:\windows\system32\zllictbl.dat
2008-12-11 05:57 333,952 -------- c:\windows\system32\dllcache\srv.sys
2008-12-07 18:34 25,992 a------- c:\windows\system32\pgdfgsvc.exe
2004-04-01 14:03 286,720 -------- c:\documents and settings\sammypoo\wcpuid.exe
2004-04-01 14:03 143,360 -------- c:\documents and settings\sammypoo\nrkctl32.dll
2004-04-01 14:03 45,056 -------- c:\documents and settings\sammypoo\wcpuclk.exe
2004-04-01 14:03 3,968 -------- c:\documents and settings\sammypoo\nrkctl32.sys
2001-08-18 05:00 94,784 ---sh--- c:\windows\twain.dll
2008-04-13 20:12 50,688 ---sh--- c:\windows\twain_32.dll

============= FINISH: 11:29:17.66 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 7/1/2006 8:03:00 PM
System Uptime: 2/16/2009 10:31:35 AM (1 hours ago)

Motherboard: ASUSTeK Computer INC. | | P4B-LX
Processor: Intel(R) Pentium(R) 4 CPU 1.50GHz | mPGA 478 | 1494/100mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (FAT32) - 16 GiB total, 7.882 GiB free.
D: is FIXED (NTFS) - 40 GiB total, 28.6 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 2/15/2009 7:09:59 PM - System Checkpoint
RP2: 2/15/2009 7:20:16 PM - ComboFix created restore point
RP3: 2/15/2009 8:00:12 PM - Removed Java(TM) 6 Update 12
RP4: 2/15/2009 8:10:13 PM - Installed Java(TM) 6 Update 12
RP5: 2/15/2009 8:19:36 PM - Removed Java(TM) 6 Update 12
RP6: 2/15/2009 8:19:59 PM - Installed Java(TM) 6 Update 12
RP7: 2/16/2009 10:30:15 AM - Restore Operation

==== Installed Programs ======================


CD-R Writing Module
A1Click Ultra PC Cleaner 1.01 (Registered Version)
Adobe Photoshop Elements
Adobe Reader 8.1.2
AnalogX FastCache
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Spyware Protection
AOL Uninstaller (Choose which Products to Remove)
ArcSoft Panorama Maker 4
ArcSoft PhotoFantasy
Avira AntiVir Personal - Free Antivirus
BlackBerry Desktop Software 4.2
Canon Camera Access Library
Canon Camera Support Core Library
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CCleaner (remove only)
Clean Disk Security 7.66
CleanUp!
Corel Applications
DigitalPrint 1.0
EasyCleaner
Eraser 5.82
FinePixViewer Ver.3.2
FUJIFILM USB Driver
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB954550-v5)
HP Photo Printing Software
hp photosmart printer series (Remove only)
ImageMixer VCD for FinePix
Intel Application Accelerator
iPod for Windows 2005-06-26
iTunes
Java(TM) 6 Update 12
LimeWire 4.18.8
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Bootvis
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
MicroStaff WINASPI
ModemMAX 3.0
Motion JPEG Software Decoder
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Music Visualizer Library 1.1
Nikon Message Center
Nikon Transfer
NVIDIA Windows 2000/XP Display Drivers
OpenMG Secure Module
PictureGear 5.1
QuickTime
RealPlayer
REALTEK GbE & FE Ethernet PCI NIC Driver
Registry Mechanic 7.0
RegistryWizard
RegScrubXP 3.25
Rhapsody Player Engine
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB952069)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960715)
Sony Certificate PCH
Sony DV Shared Library
Spybot - Search & Destroy
SUPERAntiSpyware Free Edition
Support Actions Win2K,WinXP
Uniblue SpeedUpMyPC 3
Uniblue System Tweaker
Update for Windows XP (KB955839)
User Profile Hive Cleanup Service
VAIO Action Setup
VAIO Grid Wallpaper
VAIO Help & Support
VAIO Registration
VAIO Support
VAIOWorld
VC 9.0 Runtime
Viewpoint Media Player
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows Resource Kit Tools - SubInAcl.exe
Windows XP Service Pack 3

==== Event Viewer Messages From Past Week ========

2/14/2009 6:13:54 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The system cannot find the file specified.
2/14/2009 5:05:26 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service upnphost with arguments " " in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
2/14/2009 8:57:37 AM, error: Service Control Manager [7000] - The iolo System Service service failed to start due to the following error: The system cannot find the path specified.
2/14/2009 8:57:37 AM, error: Service Control Manager [7000] - The iolo FileInfoList Service service failed to start due to the following error: The system cannot find the path specified.
2/15/2009 8:00:19 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
2/16/2009 10:32:11 AM, error: Service Control Manager [7024] - The Java Quick Starter service terminated with service-specific error 1 (0x1).

==== End Of File ===========================

 

Hi Herb
Please do the following.

Download a copy of HijackThis installer from here and save it to your Desktop.

1. Save HJTInstall.exe to your desktop.
2. Double-click on the HJTintall.exe icon on your desktop.
   (Let it install to the default location C:\Program Files\Hijackthis)
3. Continue to click Next in the setup dialogue boxes until you get to the Select Additional Tasks dialogue.
4. Put a check by Create a desktop icon and then click Next again.
5. Continue to follow the rest of the prompts from there.
6. At the final dialogue box click Finish and it will launch HijackThis.
7. Click on the Do a system scan and save a log file button.
   (It will scan and the log should open in Notepad.)
8. Click on "Edit" > "Select All" to highlight the entire Notepad contents.
9. Then click on "Edit" > "Copy ".
10. Come back here to this thread and Paste the log in your next reply.
    (Right-click in the message body field and select "Paste ".)

CAUTION: DO NOT have HijackThis "fix" anything without carefully following expert guidance. Otherwise, you might render your computer unstable or even unbootable. Most of what HijackThis finds will be harmless or even required.

Thanks
Geri

 

In my above post I stated that I had posted in another forum ( with a link to the post - a lofile of HJT is there also ) . Scanned again:



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:21:56 AM, on 2/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - Global Startup: AutorunsDisabled
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {13991839-0420-11D5-BDA3-00A0C982BA51} (PDAnalyzeCtrl Class) - http://www.raxco.com/analyze/PDWeb.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - http://w4s2.work4sure.com/c/ge/w4sgeen9.exe
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1151798954040
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160674293046
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.e-centives.com/cif/download/bin/actxcab.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
O16 - DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} (CBrowser Class) - http://viewers.streamingfaith.com/common/mbrowser/MINIBrowser.CAB
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
O16 - DPF: {EA7F451B-94DD-4009-A8BF-8F977B0B2696} - http://pbells.broadjump.com/wizlet/StandardInstall/static/controls/WebflowActiveXInstaller_4-2-0.cab
O16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} (DGTx.uc1) - http://67.19.107.18/DGTx.CAB
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
O23 - Service: Avira AntiVir Personal "“ Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal "“ Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\System32\HPHipm09.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

--
End of file - 6177 bytes

 

Hi

Please go to Start > Control Panel > Add/Remove Programs (Windows Vista it’s Programs and Features) and remove the following (if present):


Java(TM) 6 Update 12


Please note any other programs that you dont recognize in that list and post them in your next response

Please re-open HiJackThis and scan only. Check the boxes next to all the entries listed below.

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

Now close all windows other than HiJackThis, then click Fix Checked.

Close HJT.


Using Windows Explorer (to get there right-click your Start button and go to "Explore "), please delete these folders (if present):

C:\Program Files\Java

Click Start> Run and type (or paste) the following lines one at a time into the run box. hit enter.

sc delete JavaQuickStarterService


After that, Reboot.


Then, go to Sun and download then install the Java Runtime Environment (JRE) 6 Update 12.


I see you have P2P software ( Limewire, BitTorrent uTorrent etc… ) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares and their infections.

References for the risk of these programs are here, and here.

I would strongly recommend that you uninstall them,

Note: Please be advised that continued use of these programs after being warned of the danger of infections from them, may result in the discontinued help of future cleaning of your system here at WindowsBBS Malware and Virus removal.

Let me know that Java installed.

Thanks
Geri

 

Java now works. Thank you!! , Herb

 

Hi Herb

OK please do this.

Please re-open HiJackThis and scan only. Check the boxes next to all the entries listed below.

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - http://w4s2.work4sure.com/c/ge/w4sgeen9.exe
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.e-centives.com/cif/dow...in/actxcab.cab
O16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} (DGTx.uc1) - http://67.19.107.18/DGTx.CAB

Now close all windows other than HiJackThis, then click Fix Checked.

Close HJT.

Now lets get a on line scan.

Download ATF Cleaner by Atribune and save it to your Desktop.
This is a good tool to get rid of the temporary garbage you pick up while surfing the net.
Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:

Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
Recycle bin

The rest are optional - if you want it to remove everything check "Select All ".
Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.

Now the scan.

Please do an online scan with Kaspersky WebScanner

It's best to disable real time protection applications as they sometimes interfere with the scan.
Check this link for any applicable programs you may have.

Click on “Accept” If your pop –up blocker blocks any windows from opening.

Click Run on the window that opens.
Windows Vista users you must open the web browser using the Run as Administrator command.

• The program will launch and then begin downloading the latest definition files:
• Under Scan on the left side.Click on My Computer
• This will start the program and scan your system.
• Click the “Scan Report” On the left side.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  • Click the Save Report As button, and in the Browse dialog box, type a name for the scan report file that you want to create and select its type Text file. Click OK to save the file.:
• Save the text file to your desktop.
• Copy and paste that information in your next post.

Please post the Kaspersky results.

Thanks
Geri

 

Hi Geri,
Followed all directions, my pc is clean and running great!!! Thanks for the excellent help, very much appreciated, Herb

here is Kapersky's scan report:

KASPERSKY ONLINE SCANNER 7 REPORT
Friday, February 20, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Friday, February 20, 2009 14:39:03
Records in database: 1821597


Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes

Scan area My Computer
A:\
C:\
D:\
E:\
F:\
G:\

Scan statistics
Files scanned 50350
Threat name 0
Infected objects 0
Suspicious objects 0
Duration of the scan 01:18:28

No malware has been detected. The scan area is clean.
The selected area was scanned.

 

Hi Herb
OK very good. You're welcome.

Please do this.

Delete DDS from your desktop.

Please look at this link for some preventive recommendations, It could keep you from ending up back here to the Malware and Virus Removal Forums.
http://www.windowsbbs.com/showthread.php?t=67958

Again, I want to warn you about P2P file sharing, It will get you infected, I've seen it over and over, and I've heard all the "but I'm carefulls" It will get you.

I'll mark this one resolved.

Surf Safely.
Geri

 

Thanks! Already decided to uninstall Limewire. Thanks again, Herb