Active IE 7 (& now Safari) aren't working problem

Radiate · 2009/02/16

[Active] IE 7 (& now Safari) aren't working problem

Hi guys, i was redirected to this thread by Rockster2u from a previous thread I started. The previous thread can be found here: http://www.windowsbbs.com/internet-explorer/81557-ie-7-now-safari-problem.html

For efficiency's sake I'll repost my initial problem:

About a week ago my IE was playing-up. It worked perfectly, except whenever I attempted to go onto Facebook the IE browser would freeze and my laptop would notably whir as if it was dealing with some massive program. I thought it was a virus or something but my AVG (Free Edition) Virus scanner found nothing. Also used SuperAntiSypware Free Edition and it didn't resolve anything.

A few days ago my IE 7 browser stopped working completely. Every time I try to use it it comes up with "Internet Explorer cannot display the webpage ". It can't be my internet connection cos a) Network Diagnostics found nothing wrong and b) i could use Safari and Mozilla. I tried to do a System Restore but annoyingly there weren't any earlier dates to restore to (even though I'd done a System Restore the previous day and there were earlier dates!) I've tried to switch on & off my Windows Firewall and nothing happened. I've constantly got a Norton firewall working but every time I try to access it it doesn't work (and its out-of-date, even though it's still supposedly Firewalling my laptop).

I've also tried to reinstall IE 7 over my current one. No luck. I also tried to install IE 8 but the problem still persists. Some recent developments have me even more confused. I resorted to using Safari which was working fine until earlier today I went onto it it says "Safari can't connect to the server ". Now i can't use Safari.

I'm currently using Mozilla right now, so obviously my Internet connection is not the problem. Oddly enough, just now Mozilla notified me of an update. I installed it, restarted Mozilla and then it said Mozilla couldn't access the internet!! I did a System Restore and now i can use Mozilla. This example has lead me to think that every time I've used IE or Safari, i think there was an updating notification and in both instances after I've updated both browsers ceased to work! Maybe this is a coincedence, who knows?

But right now I'm out of options and have NO idea what's wrong. It has to be internal to my computer and can't be the internet connection. It has to be a virus right? Then why doesn't my AVG scanner pick anything up? Any help on getting back IE and Safari (but mainly IE) would be really appreciated! Thanks.

Here's my DDS:

DDS (Ver_09-02-01.01) - NTFSx86
Run by Alfred Liu at 14:32:04.35 on 16/02/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.894.207 [GMT 0:00]

AV: AVG 7.5.552 *On-access scanning enabled* (Updated)
AV: Norton Internet Security 2006 *On-access scanning enabled* (Outdated)
FW: Norton Internet Worm Protection *disabled*
FW: Norton Internet Security 2006 *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Alfred Liu\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {98cbb952-ff38-4a0c-988b-bac03f31690e} - c:\windows\system32\opnlKcAs.dll
BHO: CNavExtBho Class: {a8f38d8d-e480-4d52-b7a2-731bb6995fdd} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: NoExplorer - No File
TB: Norton AntiVirus: {c4069e3a-68f1-403e-b40e-20066696354b} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
TB: AOL Toolbar: {4982d40a-c53b-4615-b15b-b5b5e98d167c} - c:\program files\aol toolbar\toolbar.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: &Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe AcRdB7_0_9
uRun: [MsnMsgr] "c:\program files\msn messenger\MsnMsgr.Exe" /background
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe "
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe "
mRun: [eabconfg.cpl] c:\program files\hpq\quick launch buttons\EabServr.exe /Start
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [RecGuard] c:\windows\sminst\RecGuard.exe
mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe
mRun: [AVG7_CC] c:\progra~1\grisoft\avgfre~1\avgcc.exe /STARTUP
mRun: [DataLayer] c:\program files\common files\pcsuite\datalayer\DataLayer.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll "
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe "
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\npjpi160_07.dll
IE: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - c:\program files\aol toolbar\toolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} - hxxp://site.ebrary.com/lib/uon/support/plugins/ebraryRdr.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab
DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FACB588-4A4B-46C1-807B-1F08D0AC7592} - hxxp://www.360etours.net/activex/eTours3-4-0-01.ocx
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} - hxxp://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: ddcYpnOh - ddcYpnOh.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {657fe57a-1ac8-455e-9651-51044228c11a} - c:\windows\system32\ddcYpnOh.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 c:\windows\system32\opnlKcAs

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\alfred~1\applic~1\mozilla\firefox\profiles\ri9omywa.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-USfficial
FF - component: c:\documents and settings\alfred liu\application data\mozilla\firefox\profiles\ri9omywa.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll
FF - component: c:\documents and settings\alfred liu\application data\mozilla\firefox\profiles\ri9omywa.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll

============= SERVICES / DRIVERS ===============

R1 Avg7Core;AVG7 Kernel;c:\windows\system32\drivers\avg7core.sys [2006-9-19 821856]
R1 Avg7RsW;AVG7 Wrap Driver;c:\windows\system32\drivers\avg7rsw.sys [2006-9-19 4224]
R1 Avg7RsXP;AVG7 Resident Driver XP;c:\windows\system32\drivers\avg7rsxp.sys [2006-9-19 27776]
R1 AvgClean;AVG7 Clean Driver;c:\windows\system32\drivers\avgclean.sys [2007-2-22 10760]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-1-15 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-1-15 55024]
R1 SAVRTPEL;SAVRTPEL;c:\program files\norton internet security\norton antivirus\Savrtpel.sys [2005-8-27 53896]
R2 Avg7Alrt;AVG7 Alert Manager Server;c:\progra~1\grisoft\avgfre~1\avgamsvr.exe [2006-9-19 418816]
R2 Avg7UpdSvc;AVG7 Update Service;c:\progra~1\grisoft\avgfre~1\avgupsvc.exe [2006-9-19 49664]
R2 AVGEMS;AVG E-mail Scanner;c:\progra~1\grisoft\avgfre~1\avgemc.exe [2006-9-19 406528]
R2 AvgTdi;AVG Network Redirector;c:\windows\system32\drivers\avgtdi.sys [2006-9-19 4960]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\CCEVTMGR.EXE [2005-9-17 192104]
R2 ccProxy;Symantec Network Proxy;c:\program files\common files\symantec shared\CCPROXY.EXE [2005-9-17 202344]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSETMGR.EXE [2005-9-17 169576]
R2 CyberLink Media Library Service(HP TVPlay);CyberLink Media Library Service(HP TVPlay);c:\program files\hp\tvplay\kernel\clml_ntservice\CLMLServer.exe [2006-9-19 1073152]
R2 navapsvc;Norton AntiVirus Auto-Protect Service;c:\program files\norton internet security\norton antivirus\NAVAPSVC.EXE [2005-10-7 139888]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-4-26 1247600]
R2 TVPCapSvc;CyberLink Background Capture Service (CBCS HP TVPlay);c:\program files\hp\tvplay\kernel\tv\TVPCapSvc.exe [2006-9-19 258147]
R2 TVPSched;CyberLink Task Scheduler (CTS HP TVPlay);c:\program files\hp\tvplay\kernel\tv\TVPSched.exe [2006-9-19 114785]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2006-11-15 102760]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [2005-8-22 231424]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20061116.036\NAVENG.Sys [2006-11-16 79240]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20061116.036\NavEx15.Sys [2006-11-16 831880]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-1-15 7408]
R3 SAVRT;SAVRT;c:\program files\norton internet security\norton antivirus\savrt.sys [2005-8-27 334984]
S3 MODBDA2;DiBcom MOD3000 TV receiver;c:\windows\system32\drivers\modbda2.sys [2005-6-4 30464]
S3 SAVScan;Symantec AVScan;c:\program files\norton internet security\norton antivirus\SAVScan.exe [2005-8-27 198368]

=============== Created Last 30 ================

2009-02-15 19:03 <DIR> --d----- c:\program files\QUAD Utilities
2009-02-13 00:05 <DIR> --dsh--- c:\documents and settings\alfred liu\IECompatCache
2009-02-13 00:05 <DIR> --dsh--- c:\documents and settings\alfred liu\PrivacIE
2009-02-13 00:05 <DIR> --dsh--- c:\documents and settings\alfred liu\IETldCache
2009-02-12 23:57 <DIR> --d----- c:\windows\ie8updates
2009-02-12 23:53 81,920 a------- c:\windows\system32\ieencode.dll
2009-02-12 23:53 78,336 a------- c:\windows\system32\dllcache\ieencode.dll
2009-02-12 23:49 79,360 -------- c:\windows\system32\dllcache\iecompat.dll
2009-02-12 20:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-02-12 20:49 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-02-12 20:49 <DIR> --d----- c:\docume~1\alfred~1\applic~1\SUPERAntiSpyware.com
2009-02-12 20:49 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-01-25 13:49 7,592 a------- C:\ZB20090125134905001.xml

==================== Find3M ====================

2009-01-16 21:35 3,594,752 a------- c:\windows\system32\dllcache\mshtml.dll
2008-12-19 09:10 70,656 a------- c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024 a------- c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792 a------- c:\windows\system32\dllcache\ieakui.dll
2008-12-11 10:57 333,952 -------- c:\windows\system32\dllcache\srv.sys
2007-12-18 22:08 0 a------- c:\docume~1\alfred~1\applic~1\wklnhst.dat
2007-08-26 12:12 87,608 a------- c:\docume~1\alfred~1\applic~1\inst.exe
2007-08-26 12:12 47,360 a------- c:\docume~1\alfred~1\applic~1\pcouffin.sys
2006-09-21 01:36 22 a--sh--- c:\windows\sminst\HPCD.sys
2008-06-12 17:41 415,436 a--sh--- c:\windows\system32\ddKlRXbc.ini2
2008-06-16 12:15 1,187 a--sh--- c:\windows\system32\ddMmmUvw.ini2
2008-06-12 01:33 1,471 a--sh--- c:\windows\system32\sAcKlnpo.ini2
2008-06-16 12:10 354 a--sh--- c:\windows\system32\vjcpmouw.ini2
2008-10-29 11:48 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008102920081030\index.dat

============= FINISH: 14:33:09.84 ===============

and my ATTACH:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 18/09/2006 13:12:59
System Uptime: 16/02/2009 01:06:53 (13 hours ago)

Motherboard: Hewlett-Packard | | 30AE
Processor: AMD Turion(tm) 64 Mobile Technology ML-34 | U23 | 1794/mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 85 GiB total, 10.134 GiB free.
D: is FIXED (FAT32) - 7 GiB total, 1.14 GiB free.
E: is CDROM ()
F: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia N95
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia N95
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd

==== System Restore Points ===================

RP738: 12/02/2009 18:41:20 - Software Distribution Service 3.0
RP739: 12/02/2009 20:21:15 - Removed Java(TM) 6 Update 5
RP740: 12/02/2009 20:25:52 - Removed Bonjour
RP741: 12/02/2009 20:40:47 - Removed MobileMe Control Panel
RP742: 12/02/2009 20:49:37 - Installed SUPERAntiSpyware Free Edition
RP743: 12/02/2009 22:35:28 - Installed Windows NLSDownlevelMapping.
RP744: 12/02/2009 22:36:00 - Installed Windows IDNMitigationAPIs.
RP745: 12/02/2009 22:36:40 - Installed Windows Internet Explorer 7.
RP746: 12/02/2009 23:55:16 - Installed Windows Internet Explorer 8.
RP747: 12/02/2009 23:56:58 - Software Distribution Service 3.0
RP748: 13/02/2009 03:00:23 - Software Distribution Service 3.0
RP749: 14/02/2009 03:41:54 - System Checkpoint
RP750: 15/02/2009 13:11:47 - System Checkpoint
RP751: 15/02/2009 18:16:55 - Restore Operation
RP752: 15/02/2009 22:07:01 - Removed Java(TM) 6 Update 2

==== Installed Programs ======================

Ad-Aware SE Personal
Adobe Flash Player ActiveX
Adobe Reader 7.0.9
Adobe Shockwave Player
Adobe® Photoshop® Album Starter Edition 3.0
AOL Toolbar
AOL UK (Choose which version to remove)
Apple Mobile Device Support
Apple Software Update
Athlon 64 Processor Driver
ATI Control Panel
ATI Display Driver
AVG Free Edition
AviSynth 2.5
Azureus Vuze
BufferChm
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
CANON iMAGE GATEWAY Task
Canon Internet Library for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
CC_ccProxyExt
ccCommon
ccPxyCore
CDisplay 1.8
Compatibility Pack for the 2007 Office system
Conexant AC-Link Audio
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
CueTour
Customer Experience Enhancement
DefilerPak 1.22 (Remove Only)
Destinations
DeviceManagementQFolder
DivX Web Player
Easy Internet Sign-up
FullDPAppQFolder
Google Toolbar for Firefox
Google Toolbar for Internet Explorer
Home Media Server 4.2.0.32
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP Help and Support
HP Imaging Device Functions 6.0
HP Photosmart Premier Software 6.0
HP QuickPlay 2.0
HP Software Update
HP TVPlay
HP User Guides--System Recovery
HP User Guides 0025
HP Wireless Assistant 2.00 C1
HpSdpAppCoreApp
InstantShareDevices
iTunes
J2SE Runtime Environment 5.0 Update 11
Java(TM) 6 Update 3
Java(TM) 6 Update 7
LightScribe 1.4.56.1
LiveUpdate 3.0 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Map Button (Windows Live Toolbar)
Marvel(TM) - Ultimate Alliance
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Works
Mozilla Firefox (1.5.0.12)
MSRedist
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
NICI (Shared) U.S./Worldwide (128 bit) (2.6.6-1)
Nokia Connectivity Cable Driver
Nokia Lifeblog 2.5
Nokia MTP driver
Nokia NSeries Application Installer
Nokia NSeries Content Copier
Nokia NSeries Multimedia Player
Nokia NSeries Music Manager
Nokia NSeries One Touch Access
Nokia NSeries System Utilities
Nokia Nseries Video Manager
Nokia PC Suite
Nokia Software Launcher
Nokia Software Updater
Norton AntiSpam
Norton AntiVirus 2006
Norton Internet Security
Norton Internet Security 2006 (Symantec Corporation)
Norton Protection Center
Norton WMI Update
OneCare Advisor (Windows Live Toolbar)
OptionalContentQFolder
PC Connectivity Solution
PhotoGallery
Popup Blocker (Windows Live Toolbar)
Quick Launch Buttons 5.20 G1
QuickTime
RandMap
RealPlayer
Safari
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960715)
SkinsHP1
Smart Menus (Windows Live Toolbar)
Soft Data Fax Modem with SmartCP
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic MyDVD Plus
Sonic Update Manager
Sonic_PrimoSDK
SPBBC
SUPERAntiSpyware Free Edition
Symantec KB-DocID:2003093015493306
SymNet
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
Unload
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
VideoEgg Publisher
VideoLAN VLC media player 0.8.5
Videora iPod Converter 3.07
Viewpoint Media Player
WD Diagnostics
WebFldrs XP
Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Live Favorites for Windows Live Toolbar
Windows Live Messenger
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
X-Men(TM) Legends 2

==== Event Viewer Messages From Past Week ========

12/02/2009 20:25:56, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
12/02/2009 19:54:03, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000D' while processing the file 'BOOT.INI' on the volume 'HarddiskVolume3'. It has stopped monitoring the volume.
12/02/2009 19:47:00, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/02/2009 19:44:36, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments " " in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
12/02/2009 19:44:12, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK8 Avg7Core Avg7RsW Avg7RsXP eabfiltr eeCtrl Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SAVRTPEL SPBBCDrv SYMTDI Tcpip
12/02/2009 19:44:12, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/02/2009 19:44:12, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/02/2009 19:44:12, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/02/2009 19:44:12, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
12/02/2009 19:44:12, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/02/2009 19:44:12, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
12/02/2009 19:07:50, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments " " in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
12/02/2009 18:28:05, error: Service Control Manager [7000] - The ServiceLayer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/02/2009 18:28:05, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the ServiceLayer service to connect.
12/02/2009 18:27:49, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service ServiceLayer with arguments " " in order to run the server: {ACF50018-41F8-476D-85FD-CD953DAE4A49}
12/02/2009 18:26:27, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000007F' while processing the file 'atmenuxx.hlp' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
12/02/2009 18:25:13, error: Dhcp [1002] - The IP address lease 172.18.0.29 for the Network Card with network address 0016D43D3CE5 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
11/02/2009 21:19:53, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
11/02/2009 17:14:19, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/02/2009 17:14:19, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
11/02/2009 17:14:19, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments " " in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
09/02/2009 13:53:59, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
09/02/2009 13:53:46, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Symantec Core LC service.
13/02/2009 01:33:55, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK8 Avg7Core Avg7RsW Avg7RsXP eabfiltr eeCtrl Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL SAVRTPEL SPBBCDrv SYMTDI Tcpip
15/02/2009 19:03:42, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
15/02/2009 19:03:42, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. .
15/02/2009 19:03:42, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\MFC80.DLL. Reference error message: The operation completed successfully. .
15/02/2009 22:15:57, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdK8 Avg7Core Avg7RsW Avg7RsXP eabfiltr eeCtrl Fips SASDIFSV SASKUTIL SAVRTPEL SPBBCDrv SYMTDI

==== End Of File ===========================

RADIATE!

Radiate · 2009/02/17

From what I can gather on the ATTACH there was a lot of "error" messages on 12/02/09 which is around the day my IE stopped working. Not sure what this means though or if this is the reason for why my IE isn't working. Any help?

RADIATE!

Geri · 2009/02/17

Hi Radiate.

First, you can not have to Anti virus programs running. Please remove one (1) of them.

AVG Free
Norton

If you choose to remove Norton please go here and run their removal tool.
Go here and run the Norton Removal Tool for the product version you have.

http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039

After doing that then please do the following.

Download ComboFix from Here to your Desktop.

It's best to disable realtime protection applications as they sometimes interfere with the tool.
Check this link for any applicable programs you may have.

Close all open programs and windows

Double click combofix.exe and follow the prompts.

Vista users right click Combofix.exe and select Run As Administrator.

When finished, it shall produce a log for you. Post the Combofix log

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

**NOTE - Allow ComboFix to update if prompted.

Thanks
Geri

Radiate · 2009/02/18

Hi Geri,

I'm trying to uninstall Norton but when i try to download the removal tool a new browser page appears and is trying to connect with: ftp.symantec.com but takes ages to upload and then says "connection has timed out ".

Do i have to remove Norton (which i'm no longer subscribed to anymore) in order to download the ComboFix?

RADIATE!

Radiate · 2009/02/18

Ok managed to find an alternative way to get Norton Removal Tool and have removed Norton. Oddly enough that seems to have fixed my IE and now it's working!!! How did that happen? I've always had Norton on my computer so how come it was stopping my IE from accessing the internet?

RADIATE!

Geri · 2009/02/18

Hi
Running two AV's can cause some strang effects, plus you end up with less protection because of conflicks between the two.

Please run Combofix and post the log.

Thanks
Geri

Radiate · 2009/02/19

ComboFix Log:

ComboFix 09-02-18.01 - Alfred Liu 2009-02-19 13:12:59.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.894.370 [GMT 0:00]
Running from: c:\documents and settings\Alfred Liu\Desktop\ComboFix.exe
AV: AVG 7.5.552 *On-access scanning enabled* (Updated)
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Alfred Liu\Application Data\inst.exe
c:\program files\QUAD Utilities
c:\windows\BM5c654742.txt
c:\windows\BM5c654742.xml
c:\windows\f49f4daa.dat
c:\windows\fmark2.dat
c:\windows\IE4 Error Log.txt
c:\windows\system32\_000003_.tmp.dll
c:\windows\system32\_000004_.tmp.dll
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000025_.tmp.dll
c:\windows\system32\ddKlRXbc.ini2
c:\windows\system32\ddMmmUvw.ini2
c:\windows\system32\mcrh.tmp
c:\windows\system32\sAcKlnpo.ini
c:\windows\system32\sAcKlnpo.ini2
c:\windows\system32\vjcpmouw.ini2
c:\windows\system32\vjcpmouw.tmp
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2009-01-19 to 2009-02-19 )))))))))))))))))))))))))))))))
.

2009-02-13 00:05 . 2009-02-13 00:05 <DIR> d--hs---- c:\documents and settings\Alfred Liu\PrivacIE
2009-02-13 00:05 . 2009-02-13 00:05 <DIR> d--hs---- c:\documents and settings\Alfred Liu\IETldCache
2009-02-13 00:05 . 2009-02-13 00:05 <DIR> d--hs---- c:\documents and settings\Alfred Liu\IECompatCache
2009-02-12 23:57 . 2009-02-13 00:43 <DIR> d-------- c:\windows\ie8updates
2009-02-12 23:53 . 2008-04-14 00:11 81,920 --a------ c:\windows\system32\ieencode.dll
2009-02-12 23:53 . 2007-08-13 18:45 78,336 --a------ c:\windows\system32\dllcache\ieencode.dll
2009-02-12 23:49 . 2009-01-11 05:00 79,360 --------- c:\windows\system32\dllcache\iecompat.dll
2009-02-12 20:49 . 2009-02-12 20:49 <DIR> d-------- c:\program files\SUPERAntiSpyware
2009-02-12 20:49 . 2009-02-12 20:49 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-02-12 20:49 . 2009-02-12 20:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-02-12 20:49 . 2009-02-12 20:49 <DIR> d-------- c:\documents and settings\Alfred Liu\Application Data\SUPERAntiSpyware.com
2009-02-12 19:43 . 2006-04-26 05:52 <DIR> d-------- c:\documents and settings\Administrator.LIU.000\Application Data\Symantec
2009-02-12 19:43 . 2009-02-15 18:22 <DIR> d-------- c:\documents and settings\Administrator.LIU.000
2009-01-25 13:49 . 2009-01-25 13:49 7,592 --a------ C:\ZB20090125134905001.xml

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-18 14:21 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-18 14:12 --------- d-----w c:\documents and settings\Alfred Liu\Application Data\Azureus
2009-02-17 08:00 --------- d-----w c:\documents and settings\LocalService\Application Data\AVG7
2009-02-15 22:07 --------- d-----w c:\program files\Java
2009-02-15 17:02 --------- d-----w c:\documents and settings\Alfred Liu\Application Data\AVG7
2009-02-13 15:51 --------- d-----w c:\program files\Safari
2009-01-27 23:00 --------- d-----w c:\program files\Azureus
2007-12-18 22:08 0 ----a-w c:\documents and settings\Alfred Liu\Application Data\wklnhst.dat
2007-08-26 12:12 47,360 ----a-w c:\documents and settings\Alfred Liu\Application Data\pcouffin.sys
2008-08-20 21:05 61,038 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2008-08-20 21:05 49,256 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2008-08-20 21:05 166,000 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
2006-09-21 01:36 22 --sha-w c:\windows\SMINST\HPCD.sys
2008-10-29 11:48 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008102920081030\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "= "c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"updateMgr "= "c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"MsnMsgr "= "c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"SUPERAntiSpyware "= "c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-01-15 1830128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA "= "c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-11-10 344064]
"HP Software Update "= "c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"SynTPEnh "= "c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-06-19 729178]
"QPService "= "c:\program files\HP\QuickPlay\QPService.exe" [2005-12-12 94208]
"eabconfg.cpl "= "c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2005-12-22 405504]
"Cpqset "= "c:\program files\HPQ\Default Settings\cpqset.exe" [2005-08-01 233534]
"RecGuard "= "c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
"hpWirelessAssistant "= "c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 507904]
"AVG7_CC "= "c:\progra~1\Grisoft\AVGFRE~1\avgcc.exe" [2008-10-17 590848]
"DataLayer "= "c:\program files\Common Files\PCSuite\DataLayer\DataLayer.exe" [2005-06-07 819712]
"TkBellExe "= "c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-11-02 185896]
"QuickTime Task "= "c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper "= "c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"ISUSPM Startup "= "c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler "= "c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"SunJavaUpdateSched "= "c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE "= "c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32 "= DivXa32.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL 9.0 Tray Icon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk
backup=c:\windows\pss\AOL 9.0 Tray Icon.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL Companion.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AOL Companion.lnk
backup=c:\windows\pss\AOL Companion.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk
backup=c:\windows\pss\HP Photosmart Premier Fast Start.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2005-06-06 22:46 57344 c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-08-16 11:24 167368 c:\program files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSLauncher]
--a------ 2007-09-07 13:44 3100672 c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 2005-06-29 14:29 176128 c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
--a------ 2005-06-24 13:08 860160 c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVPService]
--------- 2006-04-03 12:34 135168 c:\program files\HP\TVPlay\TVPService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\AOL 9.0\\waol.exe "=
"c:\\Program Files\\Grisoft\\AVG Free\\avginet.exe "=
"c:\\Program Files\\Grisoft\\AVG Free\\avgemc.exe "=
"c:\\Program Files\\HP\\TVPlay\\TVPlay.exe "=
"c:\\Program Files\\HP\\TVPlay\\TVPService.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe "=
"c:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe "=
"c:\\Program Files\\Azureus\\Azureus.exe "=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe "=
"c:\\Program Files\\MSN Messenger\\livecall.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-01-15 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-01-15 55024]
R2 CyberLink Media Library Service(HP TVPlay);CyberLink Media Library Service(HP TVPlay);c:\program files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe [2006-09-19 1073152]
R2 TVPCapSvc;CyberLink Background Capture Service (CBCS HP TVPlay);c:\program files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe [2006-09-19 258147]
R2 TVPSched;CyberLink Task Scheduler (CTS HP TVPlay);c:\program files\HP\TVPlay\Kernel\TV\TVPSched.exe [2006-09-19 114785]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [2005-08-22 231424]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408]
S3 MODBDA2;DiBcom MOD3000 TV receiver;c:\windows\system32\drivers\modbda2.sys [2005-06-04 30464]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{41fc88df-a6d7-11dd-9bce-00038a000015}]
\Shell\Auto\command - udisk.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL udisk.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9a2a8039-f58b-11dd-9c0b-00038a000015}]
\Shell\AutoRun\command - g:\wd_windows_tools\Setup.exe
.
Contents of the 'Scheduled Tasks' folder

2009-02-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-02-19 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]

2007-02-15 c:\windows\Tasks\Easy Internet Sign-up.job
- c:\program files\Hewlett-Packard\SDP\HPSdpApp.exe [2005-11-16 09:55]
.
- - - - ORPHANS REMOVED - - - -

BHO-{98CBB952-FF38-4A0C-988B-BAC03F31690E} - c:\windows\system32\opnlKcAs.dll
Notify-ddcYpnOh - ddcYpnOh.dll
MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe

.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
DPF: {8FACB588-4A4B-46C1-807B-1F08D0AC7592} - hxxp://www.360etours.net/activex/eTours3-4-0-01.ocx
FF - ProfilePath - c:\documents and settings\Alfred Liu\Application Data\Mozilla\Firefox\Profiles\ri9omywa.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-USfficial
FF - component: c:\documents and settings\Alfred Liu\Application Data\Mozilla\Firefox\Profiles\ri9omywa.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll
FF - component: c:\documents and settings\Alfred Liu\Application Data\Mozilla\Firefox\Profiles\ri9omywa.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-19 13:17:13
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????????P??|?????? ???B?????????????hLC? ??????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(556)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\progra~1\Grisoft\AVGFRE~1\avgamsvr.exe
c:\progra~1\Grisoft\AVGFRE~1\avgupsvc.exe
c:\progra~1\Grisoft\AVGFRE~1\avgemc.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\rundll32.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\progra~1\HPQ\shared\HPQTOA~1.EXE
c:\program files\Java\jre1.6.0_07\bin\jucheck.exe
.
**************************************************************************
.
Completion time: 2009-02-19 13:23:24 - machine was rebooted
ComboFix-quarantined-files.txt 2009-02-19 13:22:50

Pre-Run: 10,221,789,184 bytes free
Post-Run: 10,177,843,200 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT= "Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS= "Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

232 --- E O F --- 2009-02-13 03:01:09

What's the reason for this Log?

RADIATE!

Rockster2U · 2009/02/19

What's the reason for this Log?
Click to expand...

It shows all the malware that ComboFix just cleaned up and provides a roadmap for an expert like Geri to help you finish cleaning up this mess.

Geri · 2009/02/19

Hi
OK how are things running now?

Please do the following.

Download ATF Cleaner by Atribune and save it to your Desktop.
This is a good tool to get rid of the temporary garbage you pick up while surfing the net.
Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:

Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
Recycle bin

The rest are optional - if you want it to remove everything check "Select All ".
Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.

Now a on line scan.

Please do an online scan with Kaspersky WebScanner

It's best to disable real time protection applications as they sometimes interfere with the scan.
Check this link for any applicable programs you may have.

Click on “Accept” If your pop –up blocker blocks any windows from opening.

Click Run on the window that opens.
Windows Vista users you must open the web browser using the Run as Administrator command.

The program will launch and then begin downloading the latest definition files:

Under Scan on the left side.Click on My Computer

This will start the program and scan your system.

Click the “Scan Report” On the left side.

The scan will take a while so be patient and let it run.

Once the scan is complete it will display if your system has been infected.

Click the Save Report As button, and in the Browse dialog box, type a name for the scan report file that you want to create and select its type Text file. Click OK to save the file.:

Save the text file to your desktop.

Copy and paste that information in your next post.

Please post the Kaspersky results.

Thanks
Geri

Log in or Sign up

Active IE 7 (& now Safari) aren't working problem

Radiate Inactive Thread Starter

Radiate Inactive Thread Starter

Geri Inactive Alumni

Radiate Inactive Thread Starter

Radiate Inactive Thread Starter

Geri Inactive Alumni

Radiate Inactive Thread Starter

Rockster2U Geek Member

Geri Inactive Alumni

Share This Page

Log in or Sign up

Active IE 7 (& now Safari) aren't working problem

Radiate Inactive Thread Starter

Radiate Inactive Thread Starter

Geri Inactive Alumni

Radiate Inactive Thread Starter

Radiate Inactive Thread Starter

Geri Inactive Alumni

Radiate Inactive Thread Starter

Rockster2U Geek Member

Geri Inactive Alumni

Share This Page

Useful Searches