Active Explore.exe Failing Due to SideBySide Malware perhaps

[Active] Explore.exe Failing Due to SideBySide Malware perhaps

Here are DDS and Attach.txt file contents:

DDS (Ver_09-03-16.01) - NTFSx86
Run by HARRIS at 9:40:00.93 on Wed 04/01/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_12
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.894 [GMT -7:00]

AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Citrix\GoToMyPC\g2svc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Citrix\GoToMyPC\g2comm.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Program Files\Citrix\GoToMyPC\g2pre.exe
C:\Program Files\Citrix\GoToMyPC\g2tray.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\DfrgNtfs.exe
C:\Documents and Settings\HARRIS\Local Settings\Application Data\Citrix\GoToMyPC\gotomypc_428.exe
C:\DOCUME~1\HARRIS\LOCALS~1\Temp\G2_428\g2viewer.exe
C:\Documents and Settings\HARRIS\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://pro.edgar-online.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] "c:\windows\system32\ctfmon.exe "
mRun: [<NO NAME>]
mRun: [C-Media Mixer] "Mixer.exe" /startup
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [ToolBoxFX] "c:\program files\hp\toolboxfx\bin\HPTLBXFX.exe" /enumn /alertsn /notificationsn /fln /frn /appDatan
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe "
mRun: [GoToMyPC] "c:\program files\citrix\gotomypc\g2svc.exe" -logon
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe "
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [SpySweeper] "c:\program files\webroot\webrootsecurity\SpySweeperUI.exe" /startintray
StartupFolder: c:\docume~1\harris\startm~1\programs\startup\networ~1.lnk - c:\Network HarrisH.vbs
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1200591849786
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1200677269437
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Notify: GoToMyPC - c:\program files\citrix\gotomypc\G2WinLogon.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\harris\applic~1\mozilla\firefox\profiles\s4ski0fs.default\
FF - prefs.js: browser.startup.homepage - hxxp://finance.yahoo.com/p;_ylt=AnM5hPg_98_kIRRDjdGbFLC7YWsA?k=tpf_DoB2Vpq6jLN6FA--
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [2009-2-25 29808]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2007-12-21 33800]
R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2007-12-21 468224]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;c:\program files\webroot\webrootsecurity\SpySweeper.exe [2009-2-25 4048240]
R2 WRConsumerService;Webroot Client Service;c:\program files\webroot\webrootsecurity\WRConsumerService.exe [2009-3-18 1178728]
R3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfxfax.sys [2008-4-15 14336]
S2 spupdsvc;Windows Service Pack Installer update service;c:\windows\system32\spupdsvc.exe [2008-1-17 26488]
S3 ati2mpaa;ati2mpaa;c:\windows\system32\drivers\ati2mpaa.sys [2008-1-17 281856]
S3 GoogleDesktopManager-010108-205858;Google Desktop Manager 5.7.801.1629;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-1-17 29744]
S3 qic157;qic157;c:\windows\system32\drivers\qic157.sys [2008-1-17 6016]

=============== Created Last 30 ================

2009-04-01 09:16 142 a------- c:\windows\system32\spupdsvc.inf
2009-04-01 09:15 <DIR> --d----- C:\a88a8f94b31832572e
2009-04-01 09:11 <DIR> --d----- c:\windows\system32\KB905474
2009-04-01 09:04 <DIR> --d----- c:\windows\system32\XPSViewer
2009-04-01 09:02 117,760 -------- c:\windows\system32\prntvpt.dll
2009-04-01 09:02 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll
2009-04-01 09:02 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-04-01 09:02 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll
2009-04-01 09:02 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-04-01 09:02 1,676,288 -------- c:\windows\system32\xpssvcs.dll
2009-04-01 09:02 575,488 -------- c:\windows\system32\xpsshhdr.dll
2009-04-01 09:02 <DIR> --d----- C:\77919126582e1461727a8128d577a323
2009-03-18 13:07 <DIR> --d----- c:\program files\MSSOAP
2009-03-18 13:06 1,553,784 a------- c:\windows\WRSetup.dll
2009-03-18 13:06 <DIR> --d----- c:\program files\Webroot
2009-03-18 13:06 <DIR> --d----- c:\docume~1\harris\applic~1\Webroot
2009-03-18 13:06 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Webroot
2009-03-18 13:06 164 a------- c:\windows\install.dat
2009-03-10 22:18 239,496 -------- c:\windows\system32\SET24.tmp

==================== Find3M ====================

2009-03-18 09:02 410,984 a------- c:\windows\system32\deploytk.dll
2009-02-25 15:24 176,752 a------- c:\windows\system32\drivers\ssidrv.sys
2009-02-25 15:24 23,152 a------- c:\windows\system32\drivers\sshrmd.sys
2009-02-25 15:24 29,808 a------- c:\windows\system32\drivers\ssfs0bbc.sys
2009-02-09 04:13 1,846,784 a------- c:\windows\system32\win32k.sys
2008-08-11 13:18 3,902,784 a------- c:\documents and settings\harris\gosetup.exe
2008-04-15 16:21 608 a--sh--- c:\windows\system32\winzvprt5.sys
2008-08-28 03:07 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008082820080829\index.dat

============= FINISH: 9:43:41.31 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-03-16.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/17/2008 9:42:25 AM
System Uptime: 4/1/2009 9:13:11 AM (0 hours ago)

Motherboard: ASUSTeK Computer INC. | | P4B533
Processor: Intel(R) Pentium(R) 4 CPU 2.26GHz | PGA 478 | 1716/100mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 54.529 GiB free.
D: is CDROM ()
F: is NetworkDisk (NTFS) - 298 GiB total, 285.686 GiB free.
H: is NetworkDisk (NTFS) - 261 GiB total, 217.082 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP406: 1/1/2009 7:23:53 PM - System Checkpoint
RP407: 1/2/2009 7:33:17 PM - System Checkpoint
RP408: 1/3/2009 7:45:01 PM - System Checkpoint
RP409: 1/4/2009 8:01:35 PM - System Checkpoint
RP410: 1/5/2009 8:38:23 PM - System Checkpoint
RP411: 1/6/2009 8:43:53 PM - System Checkpoint
RP412: 1/7/2009 8:46:41 PM - System Checkpoint
RP413: 1/8/2009 8:58:00 PM - System Checkpoint
RP414: 1/9/2009 9:03:53 PM - System Checkpoint
RP415: 1/10/2009 9:05:59 PM - System Checkpoint
RP416: 1/11/2009 9:08:06 PM - System Checkpoint
RP417: 1/12/2009 9:09:09 PM - System Checkpoint
RP418: 1/13/2009 9:16:32 PM - System Checkpoint
RP419: 1/14/2009 3:51:55 PM - Software Distribution Service 3.0
RP420: 1/15/2009 4:16:57 PM - System Checkpoint
RP421: 1/16/2009 4:31:13 PM - System Checkpoint
RP422: 1/17/2009 4:35:59 PM - System Checkpoint
RP423: 1/18/2009 4:48:52 PM - System Checkpoint
RP424: 1/19/2009 5:02:15 PM - System Checkpoint
RP425: 1/20/2009 5:45:35 PM - System Checkpoint
RP426: 1/21/2009 5:52:40 PM - System Checkpoint
RP427: 1/22/2009 6:15:11 PM - System Checkpoint
RP428: 1/23/2009 6:17:46 PM - System Checkpoint
RP429: 1/24/2009 6:31:36 PM - System Checkpoint
RP430: 1/25/2009 6:44:54 PM - System Checkpoint
RP431: 1/26/2009 6:54:46 PM - System Checkpoint
RP432: 1/27/2009 7:08:24 PM - System Checkpoint
RP433: 1/28/2009 7:15:29 PM - System Checkpoint
RP434: 1/29/2009 8:03:18 PM - System Checkpoint
RP435: 1/30/2009 8:13:45 PM - System Checkpoint
RP436: 1/31/2009 8:30:05 PM - System Checkpoint
RP437: 2/1/2009 8:47:27 PM - System Checkpoint
RP438: 2/2/2009 9:49:05 PM - System Checkpoint
RP439: 2/3/2009 10:04:07 PM - System Checkpoint
RP440: 2/4/2009 10:08:37 PM - System Checkpoint
RP441: 2/5/2009 10:35:41 PM - System Checkpoint
RP442: 2/6/2009 11:16:06 PM - System Checkpoint
RP443: 2/7/2009 11:59:08 PM - System Checkpoint
RP444: 2/9/2009 12:44:05 AM - System Checkpoint
RP445: 2/10/2009 1:44:36 AM - System Checkpoint
RP446: 2/11/2009 2:18:32 AM - System Checkpoint
RP447: 2/11/2009 10:45:55 AM - Software Distribution Service 3.0
RP448: 2/12/2009 3:11:41 PM - System Checkpoint
RP449: 2/13/2009 4:45:13 PM - System Checkpoint
RP450: 2/14/2009 5:21:16 PM - System Checkpoint
RP451: 2/15/2009 6:21:16 PM - System Checkpoint
RP452: 2/16/2009 6:22:17 PM - System Checkpoint
RP453: 2/17/2009 6:56:16 PM - System Checkpoint
RP454: 2/18/2009 7:45:13 PM - System Checkpoint
RP455: 2/19/2009 7:53:39 PM - System Checkpoint
RP456: 2/20/2009 7:56:45 PM - System Checkpoint
RP457: 2/21/2009 8:15:40 PM - System Checkpoint
RP458: 2/22/2009 8:34:19 PM - System Checkpoint
RP459: 2/23/2009 8:44:09 PM - System Checkpoint
RP460: 2/24/2009 8:49:48 PM - System Checkpoint
RP461: 2/25/2009 3:00:18 AM - Software Distribution Service 3.0
RP462: 2/26/2009 3:21:50 AM - System Checkpoint
RP463: 2/27/2009 3:51:52 AM - System Checkpoint
RP464: 2/28/2009 4:09:53 AM - System Checkpoint
RP465: 3/1/2009 5:09:50 AM - System Checkpoint
RP466: 3/2/2009 6:09:50 AM - System Checkpoint
RP467: 3/2/2009 7:47:54 AM - Installed Java(TM) 6 Update 11
RP468: 3/2/2009 7:48:54 AM - Installed Java Runtime Environment
RP469: 3/3/2009 9:40:07 AM - System Checkpoint
RP470: 3/4/2009 11:47:04 AM - System Checkpoint
RP471: 3/5/2009 11:47:44 AM - System Checkpoint
RP472: 3/6/2009 6:08:16 PM - System Checkpoint
RP473: 3/7/2009 6:26:46 PM - System Checkpoint
RP474: 3/8/2009 6:56:36 PM - System Checkpoint
RP475: 3/9/2009 7:37:59 PM - System Checkpoint
RP476: 3/10/2009 7:39:06 PM - System Checkpoint
RP477: 3/11/2009 7:47:23 PM - System Checkpoint
RP478: 3/12/2009 2:02:52 AM - Software Distribution Service 3.0
RP479: 3/13/2009 2:00:17 AM - Software Distribution Service 3.0
RP480: 3/14/2009 2:55:10 AM - System Checkpoint
RP481: 3/15/2009 4:19:56 AM - System Checkpoint
RP482: 3/16/2009 4:44:36 AM - System Checkpoint
RP483: 3/17/2009 4:53:59 AM - System Checkpoint
RP484: 3/18/2009 4:55:43 AM - System Checkpoint
RP485: 3/18/2009 9:01:01 AM - Removed Java(TM) 6 Update 11
RP486: 3/18/2009 9:01:52 AM - Installed Java(TM) 6 Update 12
RP487: 3/19/2009 5:17:59 PM - System Checkpoint
RP488: 3/20/2009 5:50:48 PM - System Checkpoint
RP489: 3/21/2009 5:55:46 PM - System Checkpoint
RP490: 3/22/2009 6:17:29 PM - System Checkpoint
RP491: 3/23/2009 6:29:37 PM - System Checkpoint
RP492: 3/24/2009 6:56:19 PM - System Checkpoint
RP493: 3/25/2009 7:23:39 PM - System Checkpoint
RP494: 3/26/2009 7:28:16 PM - System Checkpoint
RP495: 3/27/2009 7:35:22 PM - System Checkpoint
RP496: 3/28/2009 7:49:49 PM - System Checkpoint
RP497: 3/29/2009 8:03:39 PM - System Checkpoint
RP498: 3/30/2009 8:13:29 PM - System Checkpoint
RP499: 3/31/2009 8:21:34 PM - System Checkpoint
RP500: 4/1/2009 8:17:49 AM - Removed iTunes
RP501: 4/1/2009 8:54:55 AM - Software Distribution Service 3.0
RP502: 4/1/2009 9:14:22 AM - Printer Driver Microsoft XPS Document Writer Installed
RP503: 4/1/2009 9:16:33 AM - Installed Windows XP WgaNotify.

==== Installed Programs ======================

Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 8 Professional
Adobe Acrobat 8.1.4 Professional
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Apple Mobile Device Support
Apple Software Update
Bonjour
Citrix Presentation Server Client - Web Only
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
ESET NOD32 Antivirus
Google Desktop
GoToMyPC
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
HP Customer Participation Program 9.0
HP LaserJet 3050/3052/3055/3390/3392 2.0
HP LaserJet M2727 MFP Series 1.0
HP Update
hpp3390usg
hppFaxDrv3390
hppFaxDrvM2727
hppFaxUtility
hppFonts
hppIOFiles
hppLJ3390
hppLJM2727
hppManuals3390
hppManualsM2727
hppscan3390
hppscanM2727
hppScanTo
hppSendFax
hppTLBXFXM2727
hppTooCool
hppToolBoxFX
hppusgM2727
HPSSupply
hpzTLBXFX
Java(TM) 6 Update 12
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft MSN MoneyCentral Stock Quotes Add-In for Excel
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Premium
Microsoft Office Standard Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mozilla Firefox (3.0.8)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
OpenOffice.org Installer 1.0
PCI Audio Driver
QFolder
QuickTime
Research Insight
Scan
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Shop for HP Supplies
Spelling Dictionaries Support For Adobe Reader 8
Spy Sweeper
Spy Sweeper Core
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Value Line Investment Analyzer v3.0
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! Install Manager
YouSendIt Plug-in for Outlook

==== Event Viewer Messages From Past Week ========

3/26/2009 9:27:57 AM, error: EventLog [6004] - A driver packet received from the I/O subsystem was invalid. The data is the packet.
3/26/2009 9:27:51 AM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\MFC80U.DLL. Reference error message: The operation completed successfully. .
3/26/2009 9:27:51 AM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. .
3/26/2009 9:27:51 AM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.

==== End Of File ===========================

Any help appreciated.

 

Hi harrisc1
Sorry for the wait.
Please do this.

Download RootRepeal.zip to your Desktop.

• Extract the compressed file to it's own folder.
• Open the folder and doubleclick on RootRepeal.exe to run it.
• Click on the Report tab, and then click on: Scan
• A window opens asking what to include in the scan.
• Check the following boxes then click OK:
  • Drivers
  • Files
  • Processes
  • SSDT
  • Stealth Objects
  • Hidden Services
• You will then be asked which drive to scan.
• Check C: (or the drive your operating system is installed on, if not C)
• Click OK once again.

The tool will begin scanning and may take a while to complete, so please be patient.

When the scan finishes, click on: Save Report
Name the log RootRepeal.txt and save it to your Documents folder (it should default there).

Post the contents of the report in a reply here

Thanks
Geri

 

ROOTREPEAL (c) AD, 2007-2008
==================================================
Scan Time: 2009/04/08 07:46
Program Version: Version 1.2.3.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xB6CAA000 Size: 98304 File Visible: No
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF79C1000 Size: 8192 File Visible: No
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB51FD000 Size: 45056 File Visible: No
Status: -

SSDT
-------------------
#: 017 Function Name: NtAllocateVirtualMemory
Status: Hooked by "<unknown>" at address 0x898cd9e0

#: 041 Function Name: NtCreateKey
Status: Hooked by "<unknown>" at address 0x898edc48

#: 047 Function Name: NtCreateProcess
Status: Hooked by "<unknown>" at address 0x89919940

#: 048 Function Name: NtCreateProcessEx
Status: Hooked by "<unknown>" at address 0x898e81b8

#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0x898cdcb0

#: 063 Function Name: NtDeleteKey
Status: Hooked by "<unknown>" at address 0x898edbd0

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "<unknown>" at address 0x898d61f8

#: 180 Function Name: NtQueueApcThread
Status: Hooked by "<unknown>" at address 0x898cda58

#: 186 Function Name: NtReadVirtualMemory
Status: Hooked by "<unknown>" at address 0x898cd8f0

#: 192 Function Name: NtRenameKey
Status: Hooked by "<unknown>" at address 0x898e7020

#: 213 Function Name: NtSetContextThread
Status: Hooked by "<unknown>" at address 0x898cdb48

#: 226 Function Name: NtSetInformationKey
Status: Hooked by "<unknown>" at address 0x8991ea90

#: 228 Function Name: NtSetInformationProcess
Status: Hooked by "<unknown>" at address 0x898cdda0

#: 229 Function Name: NtSetInformationThread
Status: Hooked by "<unknown>" at address 0x898cdbc0

#: 247 Function Name: NtSetValueKey
Status: Hooked by "<unknown>" at address 0x8991a020

#: 253 Function Name: NtSuspendProcess
Status: Hooked by "<unknown>" at address 0x898cdd28

#: 254 Function Name: NtSuspendThread
Status: Hooked by "<unknown>" at address 0x898cdad0

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0x898cde18

#: 258 Function Name: NtTerminateThread
Status: Hooked by "<unknown>" at address 0x898cdc38

#: 277 Function Name: NtWriteVirtualMemory
Status: Hooked by "<unknown>" at address 0x898cd968

Stealth Objects
-------------------
Object: Hidden Module [Name: System.Windows.Forms.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x00d90000 Size: 5033984

Object: Hidden Module [Name: System.Drawing.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x012c0000 Size: 634880

Object: Hidden Module [Name: HPTools.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x033b0000 Size: 77824

Object: Hidden Module [Name: AppConstants.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x038c0000 Size: 77824

Object: Hidden Module [Name: HPAppTools.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x03990000 Size: 446464

Object: Hidden Module [Name: System.XML.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x03a50000 Size: 2060288

Object: Hidden Module [Name: System.configuration.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x03c80000 Size: 438272

Object: Hidden Module [Name: HPToolkit.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x03e40000 Size: 135168

Object: Hidden Module [Name: System.Deployment.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x03f10000 Size: 978944

Object: Hidden Module [Name: Accessibility.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x03f00000 Size: 28672

Object: Hidden Module [Name: System.Runtime.Serialization.Formatters.Soap.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x04060000 Size: 143360

Object: Hidden Module [Name: Enumeration.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x04040000 Size: 53248

Object: Hidden Module [Name: HPFaxUtilities.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x04100000 Size: 110592

Object: Hidden Module [Name: Alerts.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x041b0000 Size: 585728

Object: Hidden Module [Name: HPStreamsInterface.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x04770000 Size: 28672

Object: Hidden Module [Name: NamedPipeChannel.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x047d0000 Size: 45056

Object: Hidden Module [Name: System.Runtime.Remoting.dll]
Process: HPTLBXFX.exe (PID: 2112) Address: 0x047e0000 Size: 307200

Object: Hidden Module [Name: WiseApi.dll]
Process: SpySweeperUI.exe (PID: 2464) Address: 0x04ca0000 Size: 102400

Object: Hidden Module [Name: SOSClientApi.dll]
Process: SpySweeperUI.exe (PID: 2464) Address: 0x05850000 Size: 36864

Object: Hidden Module [Name: SOSLibrary.dll]
Process: SpySweeperUI.exe (PID: 2464) Address: 0x05970000 Size: 995328

Object: Hidden Module [Name: TaskScheduler.dll]
Process: SpySweeperUI.exe (PID: 2464) Address: 0x05a90000 Size: 61440

Object: Hidden Module [Name: SOSClientApi.dll]
Process: EXCEL.EXE (PID: 1900) Address: 0x0f040000 Size: 36864

Object: Hidden Module [Name: SOSTools.dll]
Process: EXCEL.EXE (PID: 1900) Address: 0x102d0000 Size: 126976

Object: Hidden Module [Name: System.XML.dll]
Process: EXCEL.EXE (PID: 1900) Address: 0x10310000 Size: 2060288

Object: Hidden Code [Driver: Tcpip, IRP_MJ_CREATE]
Process: System Address: 0x893db828 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x89413828 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_CLOSE]
Process: System Address: 0x89434828 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_READ]
Process: System Address: 0x8946f828 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_WRITE]
Process: System Address: 0x89480828 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x89698af0 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x896e1340 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_QUERY_EA]
Process: System Address: 0x8955c268 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_SET_EA]
Process: System Address: 0x897b1390 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x894d91c0 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x896b91d0 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x89425130 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x89496128 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x897e30f0 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x896ba220 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x89629220 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8961e220 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x8960b2b8 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_CLEANUP]
Process: System Address: 0x894d2ac0 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x894edae8 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x894d65d0 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_SET_SECURITY]
Process: System Address: 0x89500768 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_POWER]
Process: System Address: 0x894e6948 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x894ffcd0 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x894e3cd0 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x894ff860 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_SET_QUOTA]
Process: System Address: 0x894fea40 Size: -

Object: Hidden Code [Driver: Tcpip, IRP_MJ_PNP]
Process: System Address: 0x8943ee68 Size: -

 

Hi
OK not seeing anything in there either.

Lets get a on line scan.

Please do this.

Download ATF Cleaner by Atribune and save it to your Desktop.
This is a good tool to get rid of the temporary garbage you pick up while surfing the net.
Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:

Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
Recycle bin

The rest are optional - if you want it to remove everything check "Select All ".
Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.

Now a scan.

Please do an online scan with Kaspersky WebScanner

It's best to disable real time protection applications as they sometimes interfere with the scan.
Check this link for any applicable programs you may have.

Click on “Accept” If your pop –up blocker blocks any windows from opening.

Click Run on the window that opens.
Windows Vista users you must open the web browser using the Run as Administrator command.

• The program will launch and then begin downloading the latest definition files:
• Under Scan on the left side.Click on My Computer
• This will start the program and scan your system.
• Click the “Scan Report” On the left side.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  • Click the Save Report As button, and in the Browse dialog box, type a name for the scan report file that you want to create and select its type Text file. Click OK to save the file.:
• Save the text file to your desktop.
• Copy and paste that information in your next post.

Please post the Kaspersky results.

Thanks
Geri

 

I don't know if it helps, but Windows Explorer restarts itself at around 9:00 AM every morning. Also, my clock is routinely off, and is not getting regular Internet updates.


--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Thursday, April 9, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Thursday, April 09, 2009 18:34:43
Records in database: 2028598
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
F:\
H:\

Scan statistics:
Files scanned: 75977
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 02:00:29

No malware has been detected. The scan area is clean.

The selected area was scanned.

 

Hi
OK please do this.

Open Notepad and copy/paste the contents in the quotebox below, into Notepad.

Save this as look.bat Choose to "Save type as - All Files "
Save it to your Desktop

Double click on look.bat & allow it to run. Then post the log which it produces

Thanks
Geri

 

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper "= "midimap.dll "
"msacm.imaadpcm "= "imaadp32.acm "
"msacm.msadpcm "= "msadp32.acm "
"msacm.msg711 "= "msg711.acm "
"msacm.msgsm610 "= "msgsm32.acm "
"msacm.trspch "= "tssoft32.acm "
"vidc.cvid "= "iccvid.dll "
"vidc.I420 "= "msh263.drv "
"vidc.iv31 "= "ir32_32.dll "
"vidc.iv32 "= "ir32_32.dll "
"vidc.iv41 "= "ir41_32.ax "
"vidc.iyuv "= "iyuv_32.dll "
"vidc.mrle "= "msrle32.dll "
"vidc.msvc "= "msvidc32.dll "
"vidc.uyvy "= "msyuv.dll "
"vidc.yuy2 "= "msyuv.dll "
"vidc.yvu9 "= "tsbyuv.dll "
"vidc.yvyu "= "msyuv.dll "
"wavemapper "= "msacm32.drv "
"msacm.msg723 "= "msg723.acm "
"vidc.M263 "= "msh263.drv "
"vidc.M261 "= "msh261.drv "
"msacm.msaudio1 "= "msaud32.acm "
"msacm.sl_anet "= "sl_anet.acm "
"msacm.iac2 "= "C:\\WINDOWS\\System32\\iac25_32.ax "
"vidc.iv50 "= "ir50_32.dll "
"msacm.l3acm "= "C:\\WINDOWS\\System32\\l3codeca.acm "
"wave "= "wdmaud.drv "
"midi "= "wdmaud.drv "
"mixer "= "wdmaud.drv "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP]
"wave "= "rdpsnd.dll "
"MaxBandwidth "=dword:000056b9
"wavemapper "= "msacm32.drv "
"EnableMP3Codec "=dword:00000001
"midimapper "= "midimap.dll "
"mixer "= "rdpsnd.dll "

 

Hi
OK, that looks OK.
Is this a laptop or a PC? and how old is it?

Geri

 

PC, unsure how old. It is my work PC.

It still is restarting Windows Explorer every morning and I saw these errors in the error log all at 9:21 AM today and all listing SideBySide as the Source:

Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.

Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system.

Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\MFC80U.DLL. Reference error message: The operation completed successfully.

Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.

Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system.

Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\MFC80U.DLL. Reference error message: The operation completed successfully.

Symantec says SideBySide is adware:
http://www.symantec.com/security_response/writeup.jsp?docid=2005-070514-5200-99

Also found this site with exact same problem. Maybe it can help you.
http://www.pcreview.co.uk/forums/thread-3237688.php

 

Hi
It is a legit file, Symantec has them listed here,
%ProgramFiles%\sbss\sbss.exe
%ProgramFiles%\sbss\Stop sbss.lnk
%ProgramFiles%\sbss\Uninstall sbss.exe

Yours are listed here,
C:\WINDOWS\WinSxS

See if you can get the updates by doing it this way.

Click > Start > All Programs Click on > Windows Update, and follow the online instructions from there.

Geri

 

I installed all the Windows Updates. Problem happened again this morning at 7:53 AM.

 

Hi
I'm thinking it may be a battery problem that your clock is off.

I'll see if I can get some ideas for others here.

I'll let you know.

Geri

 

The specific symptom is out of the blue all my task bar icons disappear and the computer is clearly working through something. Then it says Windows Explorer has had a problem and needs to restart. It asks me if I want to email Microsoft about it and I do. Then it restarts Windows Explorer and all my programs come back fine. There is no real damage, but it is annoying since it happens every morning.

 

Hi
Ok This is what I got from noahdfear.

I'd recommend trying the Visual C++ 2008 Redistributable Package (x86) first. Note that the 2008 package contains the Microsoft.VC90* version rather than the Microsoft.VC80* as shown in the errors. The system should provide the Microsoft.VC90* version automatically for whatever application is calling the Microsoft.VC80* version. If it doesn't resolve the errors, uninstall the 2008 package, then install the 2005 package,
Visual C++ 2005 Redistributable Package (x86)
then install the 2008 package again.

Let me know if that helps.

Geri

 

First package did not solve problem. Will uninstall and try second.

 

Problem has not happened lately so maybe that second package did the trick. Thanks for all of your help. My clock is still off everyday. Any ideas on how to fix that?

 

Hi
OK, that's good to hear, my guess with the clock would be the battery is running low and needs to be replaced.

Geri

 

Seemed to work for awhile, but now Windows Explorer is again restarting in the morning. Seems to be in response to clicking on a URL in email. Checked error message from event log and it says, "The redirector failed to determine the connection type. "

 

Hi
That error message is only informational. You can safely ignore it.

This event is logged when you first connect to a mapped drive and create a new session with the server. The error message can appear when you create a network connection to a share on your local computer.

The event can occur in any of the following situations:

* The first time that you connect to a mapped drive after you log on.
* The first time that you connect to the mapped drive after the computer resumes from Hibernation mode.
* The first time that you use a local network share after your computer is automatically disconnected from the mapped drive by using the autodisconnect feature.

I'm out of ideas, sorry.
I don't believe it to be malware related, I would post the problem in the internet-explorer/ forum.

Geri