Solved IE 7 won't start

James1207 · 2009/02/05

[Resolved] IE 7 won't start

If anyone could help, I sure would appreciate it. My internet explorer stopped working yesterday. I thought I was smarter than this! It opens briefly but then closes before getting "online." I've run Adaware, AVG, A-squared, and SuperSpyware. I've tried numerous suggestions I read in threads here but nothing seems to work.

I ran the DDS tool; results:

DDS (Ver_09-02-01.01) - NTFSx86
Run by James Minkel at 9:36:31.32 on 2009-02-05
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1150.525 [GMT -7:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\TVersity\Media Server\MediaServer.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\James Minkel\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = about:
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = "c:\program files\outlook express\msimn.exe "
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: CPrintEnhancer Object: {ae84a6aa-a333-4b92-b276-c11e2212e4fe} - c:\program files\hp\smart web printing\SmartWebPrinting.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: : {fffffef0-5b30-21d4-945d-000000000000} - c:\progra~1\stardo~1\SDIEInt.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
TB: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe "
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe "
mRun: [eabconfg.cpl] c:\program files\hpq\quick launch buttons\EabServr.exe /Start
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe "
mRun: [AppleSyncNotifier] "c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe "
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: Download with Star Downloader - c:\program files\star downloader\sdie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {0470E62C-C97E-4317-81E5-0774D8CBF7B7} - hxxp://www.endpointscan.com/EndPointScan.cab
DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - hxxp://support.f-secure.com/ols/fscax.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.srtest.com/srl_bin/sysreqlab_srl.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} - hxxp://www.newhomebasedccr.com/test/PlaNetSysInfo.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photo.walgreens.com/WalgreensActivia.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1005.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1179540706147
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} - hxxp://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} - hxxp://zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\jamesm~1\applic~1\mozilla\firefox\profiles\ndo0ileb.default\
FF - plugin: c:\program files\download manager\npfpdlm.dll
FF - HiddenExtension: XUL Cache: {4004FBC3-AF01-43A9-9B9F-DC8F72210BC8} - c:\documents and settings\james minkel\local settings\application data\{4004FBC3-AF01-43A9-9B9F-DC8F72210BC8}

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000

============= SERVICES / DRIVERS ===============

R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [2007-10-22 40464]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-5-6 325128]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2007-4-21 27656]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-5-6 107272]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-1-15 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-1-15 55024]
R2 a2free;a-squared Free Service;c:\program files\a-squared free\a2service.exe [2009-1-10 421496]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-7-3 903960]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-7-3 298264]
R2 pnpcap;Pure Networks Packet Capture Driver;c:\windows\system32\drivers\pnpcap.sys [2009-1-6 23352]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2008-11-20 603904]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [2005-8-22 231424]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-1-15 7408]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2008-11-15 102912]
S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S3 BCASPROT;Advanced System Protector;c:\program files\systweak\advanced system protector\sasprot32.sys [2008-11-23 6656]
S3 cpuz131;cpuz131;\??\c:\docume~1\jamesm~1\locals~1\temp\cpuz131\cpuz_x32.sys --> c:\docume~1\jamesm~1\locals~1\temp\cpuz131\cpuz_x32.sys [?]
S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [2008-12-5 23096]
S3 MusCVideo;MusCVideo;c:\windows\system32\drivers\MusCVideo.sys [2008-12-5 3768]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S3 tapavpn;Steganos Anonym VPN Adapter;c:\windows\system32\drivers\tapavpn.sys [2007-10-19 24320]

=============== Created Last 30 ================

2009-02-05 09:14 116,224 a------- c:\windows\system32\dllcache\xrxwiadr.dll
2009-02-05 09:14 23,040 a------- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-02-05 09:14 18,944 a------- c:\windows\system32\dllcache\xrxscnui.dll
2009-02-05 09:14 27,648 a------- c:\windows\system32\dllcache\xrxftplt.exe
2009-02-05 09:14 4,608 a------- c:\windows\system32\dllcache\xrxflnch.exe
2009-02-05 09:14 99,865 a------- c:\windows\system32\dllcache\xlog.exe
2009-02-05 09:14 28,288 a------- c:\windows\system32\dllcache\xjis.nls
2009-02-05 09:12 19,551 a------- c:\windows\system32\dllcache\watv02nt.sys
2009-02-05 09:11 224,802 a------- c:\windows\system32\dllcache\usr1807a.sys
2009-02-05 09:10 11,520 a------- c:\windows\system32\dllcache\twotrack.sys
2009-02-05 09:09 138,528 a------- c:\windows\system32\dllcache\tgiulnt5.sys
2009-02-05 09:08 3,968 a------- c:\windows\system32\dllcache\swusbflt.sys
2009-02-05 09:07 7,552 a------- c:\windows\system32\dllcache\sonypvu1.sys
2009-02-05 09:06 11,136 a------- c:\windows\system32\dllcache\slip.sys
2009-02-05 09:05 6,784 a------- c:\windows\system32\dllcache\serscan.sys
2009-02-05 09:04 41,216 a------- c:\windows\system32\dllcache\s3mt3d.sys
2009-02-05 09:03 41,472 a------- c:\windows\system32\dllcache\qvusd.dll
2009-02-05 09:02 121,344 a------- c:\windows\system32\dllcache\phvfwext.dll
2009-02-05 09:01 41,984 a------- c:\windows\system32\dllcache\ovui2rc.dll
2009-02-05 09:00 51,552 a------- c:\windows\system32\dllcache\ntgrip.sys
2009-02-05 08:59 13,664 a------- c:\windows\system32\dllcache\n9i128.sys
2009-02-05 08:58 56,832 a------- c:\windows\system32\dllcache\msdvbnp.ax
2009-02-05 08:57 797,500 a------- c:\windows\system32\dllcache\ltsmt.sys
2009-02-05 08:56 18,688 a------- c:\windows\system32\dllcache\irsir.sys
2009-02-05 08:55 26,624 a------- c:\windows\system32\dllcache\icam3ext.dll
2009-02-05 08:54 391,199 a------- c:\windows\system32\dllcache\hsf_k56k.sys
2009-02-05 08:53 2,688 a------- c:\windows\system32\dllcache\hidswvd.sys
2009-02-05 08:52 22,090 a------- c:\windows\system32\dllcache\fem556n5.sys
2009-02-05 08:51 283,904 a------- c:\windows\system32\dllcache\emu10k1m.sys
2009-02-05 08:50 952,007 a------- c:\windows\system32\dllcache\diwan.sys
2009-02-05 08:49 48,640 a------- c:\windows\system32\dllcache\cwrwdm.sys
2009-02-05 08:48 314,752 a------- c:\windows\system32\dllcache\camdro21.sys
2009-02-05 08:47 16,969 a------- c:\windows\system32\dllcache\amb8002.sys
2009-02-05 07:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-02-05 07:34 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-02-05 07:34 <DIR> --d----- c:\docume~1\jamesm~1\applic~1\SUPERAntiSpyware.com
2009-02-05 07:20 161,792 a------- c:\windows\SWREG.exe
2009-02-05 07:20 98,816 a------- c:\windows\sed.exe
2009-02-05 07:20 389,120 a------- c:\windows\system32\CF27999.exe
2009-02-05 07:20 <DIR> --d----- C:\ComboFix
2009-02-05 07:19 389,120 a------- c:\windows\system32\CF27852.exe
2009-02-04 23:22 <DIR> --d----- c:\program files\Lavasoft
2009-02-04 19:47 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-02-04 18:26 <DIR> --d----- c:\documents and settings\james minkel\IECompatCache
2009-02-04 18:25 <DIR> --d----- c:\documents and settings\james minkel\PrivacIE
2009-02-04 18:25 <DIR> --d----- c:\documents and settings\james minkel\IETldCache
2009-02-04 18:17 <DIR> -cd----- c:\windows\ie8
2009-02-04 15:28 <DIR> --d----- c:\program files\Auto Shutdown Genius
2009-02-03 14:39 32 a------- c:\windows\go
2009-02-02 12:40 69,712 a------- c:\windows\uninstall.dat
2009-02-02 12:40 314 a------- c:\windows\uninstall.xml
2009-01-30 15:04 <DIR> --d----- c:\program files\WinAVI MP4 Converter
2009-01-28 17:05 3,532 a------- C:\drmHeader.bin
2009-01-27 17:23 <DIR> --d----- c:\program files\VMNetSrv
2009-01-27 17:23 <DIR> --d----- c:\docume~1\jamesm~1\applic~1\Steganos VPN
2009-01-27 11:38 <DIR> --d----- c:\program files\WiresharkPortable
2009-01-26 18:29 <DIR> --d----- c:\docume~1\jamesm~1\applic~1\Crayon Physics Deluxe
2009-01-25 17:58 <DIR> --d----- c:\program files\Postal2STP
2009-01-25 12:23 <DIR> --d----- c:\program files\NetWaiting
2009-01-20 17:11 <DIR> --d----- c:\program files\Video Strip Poker Supreme
2009-01-20 16:50 343 a------- c:\windows\_c.ini
2009-01-20 16:45 343 a------- c:\windows\sw.ini
2009-01-20 16:38 343 a------- c:\windows\ask.ini
2009-01-20 16:37 446,464 a------- c:\windows\system32\vp31vfw.dll
2009-01-20 16:37 <DIR> --d----- c:\program files\On2 Technologies
2009-01-20 16:35 <DIR> --d----- c:\program files\Silver Wings
2009-01-20 15:31 47,104 a------- c:\windows\system32\KMVIDC32.DLL
2009-01-18 19:13 <DIR> --d----- c:\program files\GooTool
2009-01-18 17:32 20,480 a------- c:\windows\system32\scrnrdr.exe
2009-01-17 20:17 <DIR> --d----- C:\X360HP Temp
2009-01-17 20:00 <DIR> --d----- c:\program files\Xbox 360 Hack Pack RC1
2009-01-17 12:53 873,374 a------- c:\windows\system32\oem57.inf
2009-01-17 12:51 459,264 -------- c:\windows\system32\dllcache\msfeeds.dll
2009-01-17 12:51 52,224 -------- c:\windows\system32\dllcache\msfeedsbs.dll
2009-01-17 12:51 3,698,040 a------- c:\windows\system32\dllcache\ieapfltr.dat
2009-01-17 12:51 1,228,800 a------- c:\windows\system32\dllcache\ieframe.dll.mui
2009-01-17 12:51 6,066,176 -------- c:\windows\system32\dllcache\ieframe.dll
2009-01-17 12:51 383,488 -------- c:\windows\system32\dllcache\ieapfltr.dll
2009-01-17 12:51 267,776 -------- c:\windows\system32\dllcache\iertutil.dll
2009-01-17 12:51 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-01-17 12:51 63,488 -------- c:\windows\system32\dllcache\icardie.dll
2009-01-17 11:02 <DIR> --d----- c:\docume~1\jamesm~1\applic~1\Abuse
2009-01-16 17:53 <DIR> --d----- c:\program files\ViStart Beta 6
2009-01-16 10:15 65 a------- c:\windows\dartemup.ini
2009-01-15 20:19 <DIR> --d----- C:\Download
2009-01-15 20:16 <DIR> --d----- c:\docume~1\jamesm~1\applic~1\ViStart
2009-01-15 02:22 49,152 -------- c:\windows\system32\msrating.dll.mui
2009-01-15 02:21 2,560 -------- c:\windows\system32\mshta.exe.mui
2009-01-15 02:19 4,096 -------- c:\windows\system32\ie4uinit.exe.mui
2009-01-15 02:19 81,920 -------- c:\windows\system32\iedkcs32.dll.mui
2009-01-14 15:31 <DIR> --d----- c:\program files\Star Downloader
2009-01-14 15:12 524,288 a------- c:\windows\system32\xvidcore.dll
2009-01-14 15:12 139,264 a------- c:\windows\system32\xvidvfw.dll
2009-01-14 10:35 <DIR> --d----- C:\Neighbours from Hell 2 Demo XS
2009-01-13 17:13 <DIR> --d----- C:\cygdrive
2009-01-13 16:28 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Maxtor
2009-01-13 16:28 441,760 a------- c:\windows\system32\drivers\timntr.sys
2009-01-13 16:28 44,384 a------- c:\windows\system32\drivers\tifsfilt.sys
2009-01-13 16:28 132,224 a------- c:\windows\system32\drivers\snapman.sys
2009-01-13 16:28 368,480 a------- c:\windows\system32\drivers\tdrpman.sys
2009-01-13 16:23 <DIR> --d----- C:\MaxtorDrv
2009-01-13 14:15 <DIR> --d----- c:\program files\Aimersoft
2009-01-12 16:19 <DIR> --d----- C:\Sandbox
2009-01-12 16:19 1,834 a------- c:\windows\Sandboxie.ini
2009-01-12 16:18 <DIR> --d----- c:\program files\Sandboxie
2009-01-11 17:16 <DIR> --d----- c:\program files\SpeedFan
2009-01-11 17:16 45 a------- c:\windows\system32\initdebug.nfo
2009-01-11 16:48 <DIR> --d----- c:\program files\Motherboard Monitor 5
2009-01-11 11:38 <DIR> --d----- c:\program files\stripPoker
2009-01-11 11:29 51 a------- c:\windows\rblky.sys
2009-01-10 22:59 <DIR> --d----- c:\program files\Axaware
2009-01-10 21:15 <DIR> --d----- c:\program files\a-squared Free
2009-01-10 20:33 <DIR> --d----- c:\documents and settings\james minkel\Application DataRetinax
2009-01-10 20:32 1,010,720 a------- c:\windows\system32\MSCHRT20.OCX
2009-01-10 20:32 951,104 a------- c:\windows\system32\tssOfficeMenu1d.ocx
2009-01-10 20:32 515,584 a------- c:\windows\system32\RetinaTSpinEditXControl1.ocx
2009-01-10 20:32 491,520 a------- c:\windows\system32\vbalSGrid6.ocx
2009-01-10 20:32 312,128 a------- c:\windows\system32\tssPopupNotify.ocx
2009-01-10 20:32 212,240 a------- c:\windows\system32\RICHTX32.OCX
2009-01-10 20:32 94,208 a------- c:\windows\system32\vbalIml6.ocx
2009-01-10 20:32 865,088 a------- c:\windows\system32\ExplorerBarXP2_vba.ocx
2009-01-10 20:32 865,080 a------- c:\windows\system32\ExplorerBarXP2.ocx
2009-01-10 20:32 851,968 a------- c:\windows\system32\ExplorerBarXP2Demo.ocx
2009-01-10 20:32 143,360 a------- c:\windows\system32\LVbuttons.ocx
2009-01-10 20:32 65,536 a------- c:\windows\system32\MBSplit.ocx
2009-01-10 17:33 <DIR> --d----- c:\program files\NOMBZ Night of a Million Billion Zombies
2009-01-10 17:33 89,777,067 a------- c:\windows\system32\xa31831015.exe
2009-01-10 17:32 89,777,067 a------- c:\windows\system32\xa31774703.exe
2009-01-10 14:40 <DIR> --d----- c:\program files\Mozilla ActiveX Control v1.7.12
2009-01-10 14:39 <DIR> --d----- c:\program files\Graboid
2009-01-09 10:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Innovative Solutions
2009-01-09 10:11 42,496 a------- c:\windows\system32\AdvUninstCPL.cpl
2009-01-09 10:11 <DIR> --d----- c:\program files\Innovative Solutions
2009-01-09 09:33 <DIR> --d----- c:\program files\trend micro
2009-01-08 10:47 129,784 -------- c:\windows\system32\pxafs.dll
2009-01-07 16:25 446 a------- c:\windows\system32\tversity.cookies
2009-01-06 19:49 60,273 a------- c:\windows\system32\pthreadGC2.dll
2009-01-06 19:49 7,680 a------- c:\windows\system32\ff_vfw.dll
2009-01-06 19:49 547 a------- c:\windows\system32\ff_vfw.dll.manifest
2009-01-06 19:49 <DIR> --d----- c:\program files\ffdshow
2009-01-06 19:47 <DIR> --d----- c:\program files\TVersity Codec Pack
2009-01-06 19:45 <DIR> --d----- c:\program files\TVersity
2009-01-06 17:51 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Launcher
2009-01-06 17:51 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Graboid Inc
2009-01-06 17:50 <DIR> --d----- c:\docume~1\jamesm~1\applic~1\MozillaControl
2009-01-06 17:48 <DIR> --d----- c:\program files\VideoLAN
2009-01-06 15:19 23,352 a------- c:\windows\system32\drivers\pnpcap.sys

==================== Find3M ====================

2009-01-29 17:18 603,904 a------- c:\windows\system32\TUProgSt.exe
2009-01-29 17:17 362,240 a------- c:\windows\system32\TuneUpDefragService.exe
2009-01-29 09:01 325,128 a------- c:\windows\system32\drivers\avgldx86.sys
2009-01-29 09:01 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-01-29 09:01 107,272 a------- c:\windows\system32\drivers\avgtdix.sys
2009-01-24 22:04 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-16 09:35 87,608 a------- c:\docume~1\jamesm~1\applic~1\inst.exe
2009-01-16 09:35 47,360 a------- c:\docume~1\jamesm~1\applic~1\pcouffin.sys
2009-01-14 19:49 1,016 a------- C:\ErsXP.bat
2009-01-14 16:11 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 16:11 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-12-23 11:52 385,024 a------- c:\windows\system32\srkey.exe
2008-12-20 16:18 107,888 a------- c:\windows\system32\CmdLineExt.dll
2008-12-20 16:12 413,696 a------- c:\windows\system32\wrap_oal.dll
2008-12-20 16:12 110,592 a------- c:\windows\system32\OpenAL32.dll
2008-12-12 23:40 3,593,216 a------- c:\windows\system32\dllcache\mshtml.dll
2008-12-12 00:57 78,336 a------- c:\windows\system32\Agent.OMZ.Fix.exe
2008-12-11 03:57 333,952 a------- c:\windows\system32\drivers\srv.sys
2008-12-11 03:57 333,952 a------- c:\windows\system32\dllcache\srv.sys
2008-12-10 17:33 200,704 a------- c:\windows\system32\dtu100.dll
2008-12-10 17:33 86,016 a------- c:\windows\system32\dpl100.dll
2008-12-09 20:24 8,835,397 a------- c:\windows\system32\xa2761265.exe
2008-12-09 20:24 8,835,397 a------- c:\windows\system32\xa2756265.exe
2008-12-08 19:28 593,920 a------- c:\windows\system32\dpuGUI11.dll
2008-12-08 19:28 344,064 a------- c:\windows\system32\dpus11.dll
2008-12-08 19:28 294,912 a------- c:\windows\system32\dpu11.dll
2008-12-08 19:28 57,344 a------- c:\windows\system32\dpv11.dll
2008-12-08 10:12 19,712 a------- c:\windows\system32\drivers\ndisprotiln.sys
2008-12-05 12:40 3,400 a------- c:\windows\system32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
2008-12-05 12:32 349,048 a------- c:\windows\system32\SpoonUninstall.exe
2008-12-02 19:52 1,066,544 a------- c:\windows\system32\mfc71.dll
2008-12-02 11:48 32,365,900 a------- c:\windows\system32\xa16769968.exe
2008-12-02 11:48 32,365,900 a------- c:\windows\system32\xa16766796.exe
2008-12-01 18:15 7,302,267 a------- c:\windows\system32\easy_dvd_creator.exe
2008-12-01 09:37 737,280 a------- c:\windows\iun6002.exe
2008-11-29 17:58 82,944 a------- c:\windows\system32\IEDFix.C.exe
2008-11-27 11:47 10,240 a------- c:\windows\system32\RtNicProp32.dll
2008-11-20 00:46 45,056 a------- c:\windows\system32\wnaspi32.dll
2008-11-12 16:44 27,904 a------- c:\windows\system32\uxtuneup.dll
2008-11-10 19:49 17,136 a------- c:\windows\system32\sasnative32.exe
2008-08-18 12:59 108 a------- c:\docume~1\alluse~1\applic~1\913952bf.dat
2007-10-16 17:35 185 a--shr-- c:\windows\Regbak.dat
2006-12-16 15:42 0 a--sh--- c:\windows\sminst\HPCD.SYS

============= FINISH: 9:37:17.48 ===============

HiJack This; results:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:54:21, on 2009-02-05
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Common Files\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\TVersity\Media Server\MediaServer.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\James Minkel\My Documents\Computer-Repair-Utility-

Kit-V2\Computer-Repair-Utility-Kit-V2\Virus Removal\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =

"C:\Program Files\Outlook Express\msimn.exe "
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet

Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-

784B7D6BE0B3} - C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

- C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} -

C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: CPrintEnhancer Object - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} -

C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-

9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-

EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1

\STARDO~1\SDIEInt.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} -

C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control

Panel\atiptaxx.exe "
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software

Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe "
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch

Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP

Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows

Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks

Shared\Platform\nmctxth.exe "
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common

Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe "
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6

\bin\jusched.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -

atboottime
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media

Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program

Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1

\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1

\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: Download with Star Downloader - C:\Program

Files\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-

f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-

00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?

TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=laptop
O16 - DPF: {0470E62C-C97E-4317-81E5-0774D8CBF7B7} (EndPointScan Class) -

http://www.endpointscan.com/EndPointScan.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner

3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) -

http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan

Agent 6.6) -

http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activ

ex/hcImpl.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) -

http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) -

http://www.newhomebasedccr.com/test/PlaNetSysInfo.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -

http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -

http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center

Base Module) -

http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) -

http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_

site.cab?1179540706147
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) -

http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) -

http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -

http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1)

- http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
O16 - DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} (AstoundLauncher Control) -

http://zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) -

http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program

Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH -

C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common

Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. -

C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. -

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. -

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision

Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32

\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun

Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service

(LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common

Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common

Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems,

Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) -

CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program

Files\Sandboxie\SbieSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software -

C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc)

- TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: TVersityMediaServer - Unknown owner - C:\Program

Files\TVersity\Media Server\MediaServer.exe

--
End of file - 11197 bytes

PeteC · 2009/02/05

Welcome to WindowsBBS

While you are waiting for one of out trained analysts to look over your log - may be a couple of days as they are very busy, have you tried starting IE in no-addons mode and what is the result?

Right click IE icon on desktop > Start without Add-ons or Start > Programs > Accessories > System Tools > IE no add-ons.

Another possible solution ....

Right click IE icon on Desktop > Properties > Advanced > Reset.

James1207 · 2009/02/05

Thank you for the suggestions, neither worked. When I opened w/o addons it opened to a blank page but just sat there. There are no toolbars, and no "title" on the bar at the top after the IE Icon. When I tried to get into properties, nothing happened...
I'm at a complete loss here...
Oh and thank you for the welcome!

noahdfear · 2009/02/10

Hi James, and sorry for the wait.

Please download [color= "#FF0000"] GooredFix[/color] from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2

Double-click GooredFix.exe to run it.

Select 1. Find Goored (no fix) by typing 1 and pressing Enter.

A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called GooredLog.txt).

Note: Do not run Option #2 yet.

James1207 · 2009/02/10

I was able to install IE 8. It seems to be working, should I still do this?

noahdfear · 2009/02/10

Your computer is infected, so yes, please complete the recommendation.

James1207 · 2009/02/10

GooredFix v1.83 by jpshortstuff
Log created at 07:28 on 10/02/2009 running Option #1 (James XXXXXX)
Firefox version 3.0.5 (en-US)

=====Suspect Goored Entries=====

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"{4004FBC3-AF01-43A9-9B9F-DC8F72210BC8} "= "C:\Documents and Settings\James XXXXXX\Local Settings\Application Data\{4004FBC3-AF01-43A9-9B9F-DC8F72210BC8} "

=====Dumping Registry Values=====

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.5\extensions]
"Plugins "= "C:\Program Files\Mozilla Firefox\plugins "

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.5\extensions]
"Components "= "C:\Program Files\Mozilla Firefox\components "

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"{20a82645-c095-46ed-80e3-08825760534b} "= "C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"jqs@sun.com "= "C:\Program Files\Java\jre6\lib\deploy\jqs\ff "

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"{4004FBC3-AF01-43A9-9B9F-DC8F72210BC8} "= "C:\Documents and Settings\James XXXXXX\Local Settings\Application Data\{4004FBC3-AF01-43A9-9B9F-DC8F72210BC8} "

noahdfear · 2009/02/10

Please double-click GooredFix.exe on your Desktop to run it.

Select "2. Fix Goored " by typing 2 and pressing Enter.

Make sure all instances of Firefox are closed at this point.

Type y at the prompt and press Enter again.

A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called GooredLog.txt).

Note: If you receive a message saying that GooredFix needs your system to be restarted, please close all applications and reboot your system. Please also allow any registry changes that may be prompted by any of your security programs.

Next, please do an online scan with Kaspersky Online Scanner

Click Accept, when prompted to download and install the program files and database of malware definitions.

Click Run at the Security prompt.

The program will then begin downloading and installing and will also update the database.

Please be patient as this can take several minutes.

Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.

Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.

Click View scan report at the bottom.

Click the Save Report As... button.

Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.

**Note**

To optimize scanning time and produce a more sensible report for review:

Close any open programs.

Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.

Post the Kaspersky log here.

James1207 · 2009/02/11

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Wednesday, February 11, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, February 11, 2009 23:44:40
Records in database: 1784406
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - Critical Areas:
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
C:\Documents and Settings\James Minkel\Start Menu\Programs\Startup
C:\Program Files
C:\WINDOWS

Scan statistics:
Files scanned: 84234
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 01:52:04

No malware has been detected. The scan area is clean.

The selected area was scanned.

noahdfear · 2009/02/13

Looks good. Please post the contents of GooredLog.txt on your desktop.

James1207 · 2009/02/13

GooredFix v1.91 by jpshortstuff
Log created at 06:34 on 13/02/2009 running Option #2 (James XXXXXX)
Firefox version 3.0.6 (en-US)

=====Goored Deletions=====

=====Dumping Registry Values=====

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.6\extensions]
"Plugins "= "C:\Program Files\Mozilla Firefox\plugins "

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.6\extensions]
"Components "= "C:\Program Files\Mozilla Firefox\components "

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"{20a82645-c095-46ed-80e3-08825760534b} "= "C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions]
"jqs@sun.com "= "C:\Program Files\Java\jre6\lib\deploy\jqs\ff "

noahdfear · 2009/02/14

Looks good. Provided you're experiencing no other problems, we're done. You can delete the gooredfix files and log(s), dds.scr and the dds logs, and the Kaspersky log.

A Java update is available, so if you're not using Version 6 Update 12, I recommend you uninstall all old versions then install JRE 6 Update 12 from here

If you're satisfied that the computer is working properly, clear the System Restore points. They are infected.

Clear past system restore points and create a new one.
Right click My Computer and select Properties. On the System Restore tab, check the box to turn System Restore off. Click Apply. Now, uncheck the box and click Apply to turn System Restore back on. Click OK, then OK to close the System Properties dialog.

Verify a new restore point was created.
Click Start>All Programs>Accessories>System Tools>System Restore
Select 'Restore my computer to an earlier time', then click next.
You should have a newly created System Checkpoint available. If so, click Cancel. If not, click Back and select 'Create a restore point' then click Next. Give the restore point a name and click next.

Geri has posted some very helpful information and recommendations regarding future protection in the following link.

http://www.windowsbbs.com/showthread.php?t=67958

Surf safe!

James1207 · 2009/02/14

Thank you so much for all your help! I really appreciate it!

noahdfear · 2009/02/14

You're most welcome.

Log in or Sign up

Solved IE 7 won't start

James1207 Inactive Thread Starter

PeteC SuperGeek Staff

James1207 Inactive Thread Starter

noahdfear Inactive

James1207 Inactive Thread Starter

noahdfear Inactive

James1207 Inactive Thread Starter

noahdfear Inactive

James1207 Inactive Thread Starter

noahdfear Inactive

James1207 Inactive Thread Starter

noahdfear Inactive

James1207 Inactive Thread Starter

noahdfear Inactive

Share This Page

Log in or Sign up

Solved IE 7 won't start

James1207 Inactive Thread Starter

PeteC SuperGeek Staff

James1207 Inactive Thread Starter

noahdfear Inactive

James1207 Inactive Thread Starter

noahdfear Inactive

James1207 Inactive Thread Starter

noahdfear Inactive

James1207 Inactive Thread Starter

noahdfear Inactive

James1207 Inactive Thread Starter

noahdfear Inactive

James1207 Inactive Thread Starter

noahdfear Inactive

Share This Page

Useful Searches