Inactive I cannot boot normally except in Safe Mode

[Inactive] I cannot boot normally except in Safe Mode

When I boot my laptop normally, Windows seemingly starts OK but there are many problems. I am unable to connect to the Internet. My mouse pointer moves but clicking on any desktop icons does nothing. IE will start to open but will then lock up. Also, Norton Internet Security is not loaded in the services tray.

However, when I boot in Safe Mode with networking, my system seems to work normally, including Internet connectivity.

I tried to perform a System Restore but cannot run it (even in Safe Mode). System Restore seems to start normally and will allow me to choose a restore point, but when I click Next for the last time to start the restore, nothing happens. I ran a full Dell diagnostic and did not get any errors. I ran a full NIS system scan in Safe Mode and it detected FakeAV (can't recall the specific variety). However, the problem persists when I try a normal boot.

I am not sure if this is the correct forum for to post in but I think that a virus of some sort has made changes to my registry and is pre-empting the loading of Norton (NIS). Last night, shortly before going to bed, I got two separate notifications from NIS that it had detected and thwarted attacks on my PC (not sure how to get the names of them because NIS works differently in Safe Mode). I did not notice any other problems until I turned the PC on this morning and have not been able to use my laptop except in Safe Mode all day.

I apologize if I have posted in the wrong group but I do not know where to start with this issue. Any help is greatly appreciated.

********* DDS.txt **************


DDS (Ver_09-12-01.01) - NTFSx86 NETWORK
Run by Carey Cooley at 22:20:30.50 on Wed 12/23/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1586 [GMT -6:00]

AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Documents and Settings\Carey Cooley\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.yahoo.com/
uURLSearchHooks: H - No File
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\16.7.2.11\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\16.7.2.11\IPSBHO.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: IEHlprObj Class: {8ca5ed52-f3fb-4414-a105-2e3491156990} - c:\program files\iwin games\iWinGamesHookIE.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: TBSB00982 Class: {da3d342f-ff20-4e31-9e82-22334155730c} - c:\program files\antbar\ant.com toolbar\tbcore3.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: TBSB00982 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\antbar\ant.com toolbar\tbcore3.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Ant.com Toolbar: {6cd56c02-cb4d-41b5-a0fe-b479061ccb41} - c:\program files\antbar\ant.com toolbar\tbcore3.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\16.7.2.11\coIEPlg.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AdobeUpdater] "c:\program files\common files\adobe\updater5\AdobeUpdater.exe "
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe "
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd.exe "
mRun: [eFax 4.2] "c:\program files\efax messenger 4.2\J2GDllCmd.exe" /R
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe "
mRun: [Document Manager] c:\program files\wave systems corp\services manager\docmgr\bin\docmgr.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [BJCFD] c:\program files\broadjump\client foundation\CFD.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe "
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acroba~1.lnk - c:\program files\adobe\acrobat 6.0\distillr\acrotray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng1.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\embass~1.lnk - c:\program files\wave systems corp\services manager\secure update\AutoUpdate.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
IE: {13C1DBF6-7535-495c-91F6-8C13714ED485} - c:\documents and settings\carey cooley\start menu\programs\absolute poker\Absolute Poker.lnk
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - c:\program files\paltalk messenger\Paltalk.exe
IE: {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - c:\program files\empirepokermaster\empirepoker\RunEPoker.exe
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partygaming\partypoker\RunApp.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} - hxxp://web1.shutterfly.com/downloads/Uploader.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton internet security\engine\16.7.2.11\CoIEPlg.dll
AppInit_DLLs: wxvault.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 wvauth

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\careyc~1\applic~1\mozilla\firefox\profiles\535beiyl.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\documents and settings\carey cooley\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1007020.00b\SymEFA.sys [2009-8-31 310320]
S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1007020.00b\BHDrvx86.sys [2009-8-31 259632]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1007020.00b\cchpx86.sys [2009-8-31 482432]
S1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20091217.002\IDSXpx86.sys [2009-12-18 329592]
S2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\eappkt.sys --> c:\windows\system32\drivers\EAPPkt.sys [?]
S2 iWinTrusted;iWinTrusted;c:\program files\iwin games\iWinTrusted.exe [2009-11-9 78104]
S2 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\engine\16.7.2.11\ccSvcHst.exe [2009-8-31 117640]
S3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20091223.003\NAVENG.SYS [2009-12-23 84912]
S3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20091223.003\NAVEX15.SYS [2009-12-23 1323568]
S3 RTL8187B;Airlink101 802.11g USB 2.0 Adapter;c:\windows\system32\drivers\rtl8187b.sys --> c:\windows\system32\drivers\RTL8187B.sys [?]

=============== Created Last 30 ================

2009-12-24 03:59:44 0 d-----w- c:\docume~1\careyc~1\applic~1\Simply Super Software
2009-12-23 19:30:49 0 d-----w- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2009-12-23 09:40:45 654 ----a-w- c:\windows\system32\krl32mainweq.dll
2009-12-23 09:39:42 206 ----a-w- c:\windows\system32\srcr.dat
2009-12-16 17:11:39 54156 ---ha-w- c:\windows\QTFont.qfn
2009-12-16 17:11:39 1409 ----a-w- c:\windows\QTFont.for
2009-11-30 09:10:52 0 d-sh--w- c:\documents and settings\carey cooley\IECompatCache
2009-11-30 09:09:42 0 d-sh--w- c:\documents and settings\carey cooley\PrivacIE
2009-11-30 09:08:05 0 d-sh--w- c:\documents and settings\carey cooley\IETldCache
2009-11-30 09:05:31 0 d-----w- c:\windows\ie8updates
2009-11-30 09:00:50 0 dc-h--w- c:\windows\ie8
2009-11-30 08:56:41 92160 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-11-30 08:56:35 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-11-30 08:56:33 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll

==================== Find3M ====================

2009-12-15 08:34:20 75474 ----a-w- c:\windows\system32\nvModes.dat
2008-06-25 16:51:51 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008062520080626\index.dat
2008-04-06 19:15:01 16384 --sha-w- c:\windows\temp\cookies\index.dat
2008-04-06 19:15:01 16384 --sha-w- c:\windows\temp\history\history.ie5\index.dat
2008-04-06 19:15:01 32768 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat

============= FINISH: 22:21:34.73 ===============


************ Attach.txt *******************


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 9/22/2006 11:26:21 AM
System Uptime: 12/23/2009 7:05:24 PM (3 hours ago)

Motherboard: Dell Inc. | |
Processor: Intel(R) Core(TM)2 CPU T7400 @ 2.16GHz | Microprocessor | 2161/166mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 74 GiB total, 21.695 GiB free.
D: is CDROM (UDF)

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP475: 10/7/2009 7:32:31 PM - System Checkpoint
RP476: 10/8/2009 9:37:26 PM - System Checkpoint
RP477: 10/10/2009 3:57:18 PM - System Checkpoint
RP478: 10/11/2009 5:42:08 PM - System Checkpoint
RP479: 10/12/2009 6:55:10 PM - System Checkpoint
RP480: 10/13/2009 8:45:09 PM - System Checkpoint
RP481: 10/15/2009 11:24:27 AM - System Checkpoint
RP482: 10/16/2009 9:34:37 PM - System Checkpoint
RP483: 10/18/2009 8:19:14 AM - System Checkpoint
RP484: 10/19/2009 9:01:39 AM - System Checkpoint
RP485: 10/20/2009 11:54:17 AM - System Checkpoint
RP486: 10/21/2009 12:55:54 PM - System Checkpoint
RP487: 10/22/2009 1:53:46 PM - System Checkpoint
RP488: 10/23/2009 2:46:20 PM - System Checkpoint
RP489: 10/24/2009 5:24:58 PM - System Checkpoint
RP490: 10/25/2009 7:41:06 PM - System Checkpoint
RP491: 10/26/2009 8:13:18 PM - System Checkpoint
RP492: 10/27/2009 9:22:53 PM - System Checkpoint
RP493: 10/29/2009 4:29:27 PM - System Checkpoint
RP494: 10/30/2009 7:20:22 PM - System Checkpoint
RP495: 11/1/2009 4:11:59 PM - System Checkpoint
RP496: 11/2/2009 7:17:01 PM - System Checkpoint
RP497: 11/3/2009 8:45:33 PM - System Checkpoint
RP498: 11/4/2009 10:06:04 PM - System Checkpoint
RP499: 11/5/2009 11:11:53 PM - System Checkpoint
RP500: 11/7/2009 12:55:51 PM - System Checkpoint
RP501: 11/8/2009 1:41:42 PM - System Checkpoint
RP502: 11/9/2009 6:53:08 PM - System Checkpoint
RP503: 11/10/2009 8:12:32 PM - System Checkpoint
RP504: 11/11/2009 9:37:26 PM - System Checkpoint
RP505: 11/12/2009 11:56:26 PM - System Checkpoint
RP506: 11/14/2009 4:40:17 AM - System Checkpoint
RP507: 11/15/2009 6:08:12 PM - System Checkpoint
RP508: 11/16/2009 6:57:16 PM - System Checkpoint
RP509: 11/17/2009 8:08:22 PM - System Checkpoint
RP510: 11/18/2009 8:17:55 PM - System Checkpoint
RP511: 11/19/2009 10:09:23 PM - System Checkpoint
RP512: 11/20/2009 10:25:38 PM - System Checkpoint
RP513: 11/22/2009 10:46:11 AM - System Checkpoint
RP514: 11/23/2009 3:09:13 PM - System Checkpoint
RP515: 11/24/2009 3:17:25 PM - System Checkpoint
RP516: 11/25/2009 4:54:11 PM - System Checkpoint
RP517: 11/26/2009 5:46:09 PM - System Checkpoint
RP518: 11/28/2009 2:58:19 PM - System Checkpoint
RP519: 11/29/2009 3:57:36 PM - System Checkpoint
RP520: 11/30/2009 2:56:50 AM - Software Distribution Service 3.0
RP521: 11/30/2009 3:02:49 AM - Installed Windows Internet Explorer 8.
RP522: 11/30/2009 3:04:11 AM - Software Distribution Service 3.0
RP523: 12/1/2009 9:32:18 AM - System Checkpoint
RP524: 12/2/2009 10:20:09 AM - System Checkpoint
RP525: 12/3/2009 5:10:24 PM - System Checkpoint
RP526: 12/4/2009 7:12:48 PM - System Checkpoint
RP527: 12/5/2009 9:06:13 PM - System Checkpoint
RP528: 12/6/2009 9:09:24 PM - System Checkpoint
RP529: 12/7/2009 11:41:00 PM - System Checkpoint
RP530: 12/9/2009 11:22:54 AM - System Checkpoint
RP531: 12/10/2009 12:32:05 PM - System Checkpoint
RP532: 12/11/2009 3:56:51 PM - System Checkpoint
RP533: 12/12/2009 6:41:12 PM - System Checkpoint
RP534: 12/14/2009 1:43:27 AM - System Checkpoint
RP535: 12/15/2009 12:15:29 PM - System Checkpoint
RP536: 12/16/2009 3:08:49 PM - System Checkpoint
RP537: 12/17/2009 6:21:12 PM - System Checkpoint
RP538: 12/18/2009 8:03:04 PM - System Checkpoint
RP539: 12/20/2009 11:05:06 AM - System Checkpoint
RP540: 12/21/2009 11:50:38 AM - System Checkpoint
RP541: 12/22/2009 3:53:42 PM - System Checkpoint

==== Installed Programs ======================

7-Zip 4.57
Absolute Poker
Adobe Acrobat 6.0 Standard
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe Photoshop 7.0
Adobe Reader 8.1.5
Adobe Shockwave Player 11.5
Adobe® Photoshop® Album Starter Edition 3.0
Adobe® Photoshop® Album Starter Edition 3.0.1
ALPS Touch Pad Driver
AnswerWorks 5.0 English Runtime
Ant.com Toolbar
Apple Software Update
AutoUpdate
Bluetooth Stack for Windows by Toshiba
Broadcom Advanced Control Suite
Broadcom TPM Driver Installer
BroadJump Client Foundation
Caesar 3
Caesar IV
Compatibility Pack for the 2007 Office system
Conexant HDA D110 MDC V.92 Modem
Copy
CreativeProjects
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Reset Tool
Dell Embassy Trust Suite by Wave Systems
Dell ResourceCD
Digital Line Detect
Director
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DocProc
Document Manager Lite
DoremiSoft FLV to MPG Converter 1.0
ebgcInfra
ebgcRes
ebgcSDK
EditPlus 2
eFax Messenger 4.2
EMBASSY Security Center
EMBASSY Trust Suite by Wave Systems
ETS Launch Pad
ETS Upgrade
FileZilla (remove only)
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP Image Zone 3.5
HP Software Update
HPSystemDiagnostics
iDisk Utility for Windows
InstantShare
Intel A/V Codecs V2.0
IsoBuster 2.5.5
iTunes
iWin Games (remove only)
Java(TM) 6 Update 11
Java(TM) 6 Update 7
Jewel Quest (remove only)
Jewel Quest II (remove only)
KB408682
Kudos (remove only)
Macromedia Dreamweaver MX
Macromedia Extension Manager
Media Library Management Wizard
Medic Patch 6.0.0.8
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Age of Empires Gold
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Outlook 2003 with Business Contact Manager Update
Microsoft Office Small Business Edition 2003
Microsoft Silverlight
Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Modem Helper
Move Media Player
Movie Maker Background Music Files
Movie Maker Sound Effects
Movie Maker Title Images
Mozilla Firefox (3.0.15)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MySQL Connector/ODBC 3.51
NetWaiting
Norton Internet Security
NTRU Hybrid TSS v2.0.25
NVIDIA Drivers
Octoshape add-in for Adobe Flash Player
OpenOffice.org 1.1.5
Options 360â„¢
PageNest
PaltalkScene
PartyPoker
Pdf995
Personal License Update Wizard for Windows Media Player
Pharaoh and Cleopatra
PhotoGallery
Picasa 3
Plus! MP3 Audio Converter LE
Power FLV Converter 1.5
PowerDVD 5.7
Preboot Manager
Private Information Manager
QFolder
Quicken 2008
Quicken WillMaker Plus 2008
QuickProjects
QuickSet
QuickTime
QuoteTracker
RagnarokOnline
Roxio DLA
Roxio Express Labeler
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Secure Update
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB973346)
Security Wizards
Serif PhotoPlus 6.0
SigmaTel MSCN Audio Player
SkinsHP1
SkinsHP2
Sonic Update Manager
Symantec Technical Support Web Controls
TD AMERITRADE StrategyDesk 2.4
TD AMERITRADE StrategyDesk 3.0_2 (C:\Program Files\TD AMERITRADE\StrategyDesk)
TD AMERITRADE StrategyDesk 3.2_3 (C:\Program Files\TD AMERITRADE\StrategyDesk)
TrayApp
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
upekmsi
Ventrilo Client
Wave Infrastructure Installer
Wave Support Software
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Playlist Import to Excel Wizard
Windows Media Player Skin Importer
Windows Media Player Tray Control
Windows XP Service Pack 3
Yahoo! Browser Services
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

12/23/2009 4:53:24 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service COMSysApp with arguments " " in order to run the server: {182C40F0-32E4-11D0-818B-00A0C9231C29}
12/23/2009 4:48:27 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service ntmssvc with arguments "-Service" in order to run the server: {D61A27C6-8F53-11D0-BFA0-00A024151983}
12/23/2009 12:34:35 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: APPDRV BHDrvx86 ccHP eeCtrl Fips IDSxpx86 intelppm OMCI SRTSPX SYMTDI Tosrfcom
12/23/2009 12:34:35 PM, error: Service Control Manager [7001] - The Fax service depends on the Print Spooler service which failed to start because of the following error: The dependency service or group failed to start.
12/23/2009 12:33:34 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/23/2009 12:33:06 PM, error: sfsync02 [12] -
12/23/2009 12:21:46 PM, error: Print [19] - Sharing printer failed + 1722, Printer eFax 4.2 share name Printer4.
12/23/2009 11:51:02 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Themes service to connect.
12/23/2009 11:51:02 AM, error: Service Control Manager [7000] - The Themes service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/23/2009 11:28:41 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
12/23/2009 11:28:41 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/23/2009 11:28:28 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Norton Internet Security service to connect.
12/23/2009 11:28:28 AM, error: Service Control Manager [7000] - The Norton Internet Security service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/23/2009 1:33:12 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments " " in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12/20/2009 2:15:02 PM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity.
12/20/2009 2:15:02 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. .
12/20/2009 2:15:02 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. .
12/20/2009 2:15:02 PM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2.
12/20/2009 2:15:02 PM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2.
12/20/2009 2:15:01 PM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity.
12/16/2009 1:54:43 AM, error: Service Control Manager [7000] - The Realtek EAPPkt Protocol service failed to start due to the following error: The system cannot find the file specified.

==== End Of File ===========================

 

broni,

Thanks so much for your help. I could not get ComboFix to execute from my desktop yesterday. I managed to re-download and get it to attempt to execute today but it says that "antivirus: Norton Internet Security" needs to be disabled.

How do I turn NIS off in Safe Mode? The only thing it allows me to do is run a scan. There are no other options. I did check in Services to see if I could turn it off there but it did not show that the NIS service was started.

Thanks.

 

If I save ComboFix.exe to my desktop and then try to run it, it will not run. If I try to run it while downloading (instead of saving it), I get 2 warnings about NIS running and then I get a message that says "Cannot rename ComboFix as ComboFix[1] ". Bottom line is I cannot get it to run.