Inactive IE only works in Safe Mode

[Inactive] IE only works in Safe Mode

I had IE 7 installed on Windows Vista and when the latest Malware updates came out from Micorsoft I downloaded them and IE stopped working unless I am in safe mode. Networkiing is workingI can tracrt and ping to domains on the net so DNS, DCHP everything is working fine, email works fine too. When I restore back and take the updates off everything works fine again and I can access the Internet via IE in normal mode. So I tried just updating to IE8 to see if maybe that would work better with the updates. When I applied IE 8 the same problem happened no access unless in safe mode. I ran a hijack this

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:30:53 PM, on 4/20/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - MRI_DISABLED - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 4795 bytes

Combo fix log here

ComboFix 09-04-21.03 - Owner 04/20/2009 15:56.1 - NTFSx86
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6001.1.1252.1.1033.18.1790.1107 [GMT -4:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2009-03-21 to 2009-04-21 )))))))))))))))))))))))))))))))
.

2009-04-20 19:21 . 2008-11-06 06:03 -------- d-----w C:\SDFix
2009-04-20 19:05 . 2009-04-20 19:05 -------- d-----w c:\users\Owner\AppData\Roaming\Malwarebytes
2009-04-20 19:05 . 2009-04-06 19:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-20 19:05 . 2009-04-06 19:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-20 19:05 . 2009-04-20 19:05 -------- d-----w c:\users\All Users\Malwarebytes
2009-04-20 19:05 . 2009-04-20 19:05 -------- d-----w c:\programdata\Malwarebytes
2009-04-20 01:40 . 2009-04-20 01:40 -------- d-----w C:\Symlogs
2009-04-20 00:03 . 2009-04-20 01:40 -------- d-----w C:\SymNRA
2009-04-19 15:59 . 2009-04-19 16:02 -------- d-----w c:\users\All Users\Spybot - Search & Destroy
2009-04-19 15:59 . 2009-04-19 16:02 -------- d-----w c:\programdata\Spybot - Search & Destroy
2009-04-19 15:11 . 2008-07-27 18:03 96760 ----a-w c:\windows\system32\dfshim.dll
2009-04-19 15:11 . 2008-07-27 18:03 282112 ----a-w c:\windows\system32\mscoree.dll
2009-04-19 15:11 . 2008-07-27 18:03 41984 ----a-w c:\windows\system32\netfxperf.dll
2009-04-19 15:11 . 2008-07-27 18:03 158720 ----a-w c:\windows\system32\mscorier.dll
2009-04-19 15:11 . 2008-07-27 18:03 83968 ----a-w c:\windows\system32\mscories.dll
2009-04-19 14:14 . 2008-06-06 03:27 38912 ----a-w c:\windows\system32\xolehlp.dll
2009-04-19 14:14 . 2008-06-06 03:27 562176 ----a-w c:\windows\system32\msdtcprx.dll
2009-04-19 14:14 . 2009-03-03 04:37 3600880 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-04-19 14:14 . 2009-03-03 04:37 3548656 ----a-w c:\windows\system32\ntoskrnl.exe
2009-04-19 14:14 . 2009-03-03 04:39 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-04-19 14:14 . 2009-03-03 04:39 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-04-19 14:14 . 2009-03-03 04:37 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-04-19 14:14 . 2009-03-03 04:37 54784 ----a-w c:\windows\system32\iasads.dll
2009-04-19 14:14 . 2009-03-03 04:37 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-04-19 14:14 . 2009-03-03 03:04 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-04-19 14:14 . 2009-03-03 02:38 17408 ----a-w c:\windows\system32\iashost.exe
2009-04-19 14:13 . 2009-03-17 03:38 13824 ----a-w c:\windows\system32\apilogen.dll
2009-04-19 14:13 . 2009-03-17 03:38 24064 ----a-w c:\windows\system32\amxread.dll
2009-04-19 00:30 . 2009-04-19 00:30 680 ----a-w c:\users\Owner\AppData\Local\d3d9caps.dat
2009-04-19 00:08 . 2009-04-19 00:08 -------- dc-h--w c:\users\All Users\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-04-19 00:08 . 2009-04-19 00:08 -------- dc-h--w c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-04-18 06:03 . 2009-04-18 06:03 -------- d--h--w C:\$AVG8.VAULT$
2009-04-18 04:05 . 2009-04-18 04:05 -------- d-----w c:\users\All Users\avg8
2009-04-18 04:05 . 2009-04-18 04:05 -------- d-----w c:\programdata\avg8
2009-04-15 15:26 . 2009-03-03 04:40 1166336 ----a-w c:\windows\system32\urlmon(867).dll
2009-04-15 15:26 . 2009-03-03 04:40 1166336 ----a-w c:\windows\system32\urlmon(1055).dll
2009-04-15 15:26 . 2009-03-03 04:40 827392 ----a-w c:\windows\system32\wininet(924).dll
2009-04-15 15:26 . 2009-03-03 04:40 827392 ----a-w c:\windows\system32\wininet(1112).dll
2009-04-15 15:26 . 2009-03-03 04:37 270336 ----a-w c:\windows\system32\iertutil(799).dll
2009-04-15 15:26 . 2009-03-03 04:37 270336 ----a-w c:\windows\system32\iertutil(611).dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-20 19:05 . 2009-04-20 19:05 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-20 00:08 . 2008-10-25 22:53 -------- d-----w c:\programdata\Symantec
2009-04-19 23:46 . 2009-04-19 23:46 -------- d-----r c:\program files\Norton Support
2009-04-19 16:02 . 2009-04-19 15:59 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-19 15:46 . 2008-10-26 00:00 -------- d---a-w c:\programdata\Temp
2009-04-19 15:04 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-04-19 02:56 . 2008-10-26 00:17 -------- d-----w c:\program files\SMINST
2009-04-19 02:54 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Sidebar
2009-04-19 02:54 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Photo Gallery
2009-04-19 02:54 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Journal
2009-04-19 02:54 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Defender
2009-04-19 02:54 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Collaboration
2009-04-19 02:54 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Calendar
2009-04-19 02:54 . 2006-11-02 12:37 -------- d-----w c:\program files\Reference Assemblies
2009-04-19 02:54 . 2006-11-02 12:37 -------- d-----w c:\program files\MSBuild
2009-04-19 02:54 . 2006-11-02 12:37 -------- d-----w c:\program files\Microsoft Games
2009-04-19 02:54 . 2008-11-15 07:05 -------- d-----w c:\program files\NetWaiting
2009-04-19 02:54 . 2008-11-15 07:04 -------- d-----w c:\program files\CONEXANT
2009-04-19 02:54 . 2008-11-15 07:00 -------- d-----w c:\program files\Cisco
2009-04-19 02:54 . 2008-11-15 07:00 -------- d-----w c:\program files\Atheros
2009-04-18 22:57 . 2009-04-18 22:57 -------- d-----w c:\program files\Trend Micro
2009-04-18 04:05 . 2009-04-18 04:05 -------- d-----w c:\program files\AVG
2009-04-16 14:30 . 2009-01-16 21:21 27839 ----a-w c:\users\All Users\nvModes.dat
2009-04-16 14:30 . 2009-01-16 21:21 27839 ----a-w c:\programdata\nvModes.dat
2009-03-21 00:12 . 2009-03-21 00:12 -------- d-----w c:\users\Owner\AppData\Roaming\CyberLink
2009-03-18 23:30 . 2009-03-18 23:30 -------- d-----w c:\program files\Fast Browser Search
2009-03-17 03:38 . 2009-04-19 14:13 40960 ----a-w c:\windows\AppPatch\apihex86.dll
2009-03-08 11:34 . 2009-04-19 14:18 914944 ----a-w c:\windows\System32\wininet.dll
2009-03-08 11:34 . 2009-04-19 14:19 43008 ----a-w c:\windows\System32\licmgr10.dll
2009-03-08 11:33 . 2009-04-19 14:19 18944 ----a-w c:\windows\System32\corpol.dll
2009-03-08 11:33 . 2009-04-19 14:18 109056 ----a-w c:\windows\System32\iesysprep.dll
2009-03-08 11:33 . 2009-04-19 14:18 109568 ----a-w c:\windows\System32\PDMSetup.exe
2009-03-08 11:33 . 2009-04-19 14:18 132608 ----a-w c:\windows\System32\ieUnatt.exe
2009-03-08 11:33 . 2009-04-19 14:18 107520 ----a-w c:\windows\System32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-04-19 14:18 107008 ----a-w c:\windows\System32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-04-19 14:18 103936 ----a-w c:\windows\System32\SetDepNx.exe
2009-03-08 11:33 . 2009-04-19 14:18 420352 ----a-w c:\windows\System32\vbscript.dll
2009-03-08 11:32 . 2009-04-19 14:19 72704 ----a-w c:\windows\System32\admparse.dll
2009-03-08 11:32 . 2009-04-19 14:19 71680 ----a-w c:\windows\System32\iesetup.dll
2009-03-08 11:32 . 2009-04-19 14:19 66560 ----a-w c:\windows\System32\wextract.exe
2009-03-08 11:32 . 2009-04-19 14:18 169472 ----a-w c:\windows\System32\iexpress.exe
2009-03-08 11:31 . 2009-04-19 14:19 34816 ----a-w c:\windows\System32\imgutil.dll
2009-03-08 11:31 . 2009-04-19 14:19 48128 ----a-w c:\windows\System32\mshtmler.dll
2009-03-08 11:31 . 2009-04-19 14:18 45568 ----a-w c:\windows\System32\mshta.exe
2009-03-08 11:22 . 2009-04-19 14:19 156160 ----a-w c:\windows\System32\msls31.dll
2009-03-06 00:20 . 2009-03-06 00:20 545152 ----a-w c:\users\Public\MyWebTattoo.exe
2009-03-03 04:39 . 2009-04-15 15:27 551424 ----a-w c:\windows\System32\rpcss.dll
2009-03-03 04:39 . 2009-04-15 15:27 551424 ----a-w c:\windows\System32\rpcss(975).dll
2009-03-03 04:39 . 2009-04-15 15:27 551424 ----a-w c:\windows\System32\rpcss(787).dll
2009-02-13 08:49 . 2009-04-15 15:27 72704 ----a-w c:\windows\System32\secur32.dll
2009-02-13 08:49 . 2009-04-15 15:27 72704 ----a-w c:\windows\System32\secur32(988).dll
2009-02-13 08:49 . 2009-04-15 15:27 72704 ----a-w c:\windows\System32\secur32(800).dll
2009-02-13 08:49 . 2009-04-15 15:27 1255936 ----a-w c:\windows\System32\lsasrv.dll
2009-02-13 08:49 . 2009-04-15 15:27 1255936 ----a-w c:\windows\System32\lsasrv(829).dll
2009-02-13 08:49 . 2009-04-15 15:27 1255936 ----a-w c:\windows\System32\lsasrv(641).dll
2009-02-13 08:49 . 2009-04-15 15:27 888832 ----a-w c:\windows\System32\kernel32(819).dll
2009-02-13 08:49 . 2009-04-15 15:27 888832 ----a-w c:\windows\System32\kernel32(631).dll
2009-02-09 03:10 . 2009-03-11 21:36 2033152 ----a-w c:\windows\System32\win32k.sys
2009-01-11 02:59 . 2009-01-11 02:59 75264 ----a-w c:\users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2008-01-21 02:43 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini
2008-10-25 23:12 . 2008-10-25 22:59 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle "= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@= "Driver "

[HKLM\~\startupfolder\C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{116E4D05-1782-4CEC-B486-8C0E36EF5903} "= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{1FF9B5FA-F576-4093-AFC7-0A218C7D27C9} "= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{4902CBA3-3773-4B14-B6C8-7E215919B83C} "= c:\program files\CyberLink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{0B78B2EB-090B-4EF0-BCFD-FFEF0A5E8521} "= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{360F8A76-8307-464D-AAA1-9EFB786E8D6F} "= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{8F740BD7-44C6-4D39-BA17-61AF56997711} "= Disabled:UDP:c:\users\Owner\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
"{C0859EF0-8565-4BD8-B07E-4B43F0694C94} "= Disabled:TCP:c:\users\Owner\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
"{25CDF1C0-BC57-44B4-9B61-3CF466B46BA9} "= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{6D7BE413-E532-415D-B833-69CC27A4DD27} "= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail
"{859BBC61-13F6-4E36-9082-21067C4E21B1} "= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{2DE4EAF9-F471-42DD-B43E-4ACA81039988} "= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail
"{77D410EA-69E6-4FDC-A3C9-0379133117AD} "= Disabled:UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{9E387ACA-2B3E-4FC0-A1BD-0C4307F8BC16} "= Disabled:TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{6187F534-AC57-46A5-8D99-B82703916707} "= Disabled:UDP:c:\users\Owner\AppData\Local\Temp\ImInstaller\magentic_installer.exe:IncrediMail Installer
"{59780225-E0AF-4922-89D6-2DE4AECDF381} "= Disabled:TCP:c:\users\Owner\AppData\Local\Temp\ImInstaller\magentic_installer.exe:IncrediMail Installer

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall "= 0 (0x0)

R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1000000.07D\SYMEFA.SYS [2008-10-25 309296]
S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1000000.07D\BHDrvx86.sys [2008-10-25 254512]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1000000.07D\ccHPx86.sys [2008-10-25 362544]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20080826.006\IDSVix86.sys [2008-10-25 289840]
S2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [2008-10-25 115560]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-10-06 365952]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-05-09 43040]
S3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\NIS\1000000.07D\SYMNDISV.SYS [2008-10-25 40496]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll ",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-04-19 c:\windows\Tasks\HPCeeScheduleForOwner.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-10-25 18:34]

2009-04-20 c:\windows\Tasks\User_Feed_Synchronization-{355B4E8B-26C0-4475-A6DE-C08252491CDD}.job
- c:\windows\system32\msfeedssync.exe [2009-04-19 11:31]
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
uInternet Settings,ProxyOverride = <local>
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-20 16:00
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
"ImagePath "= "\ "c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \ "Norton Internet Security\" /m \ "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1 "
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial "=dword:00000000
.
Completion time: 2009-04-20 16:01
ComboFix-quarantined-files.txt 2009-04-20 20:01

Pre-Run: 178,873,556,992 bytes free
Post-Run: 178,371,211,264 bytes free

198 --- E O F --- 2009-04-19 15:17


MBAM log here
Malwarebytes' Anti-Malware 1.36
Database version: 2015
Windows 6.0.6001 Service Pack 1

4/20/2009 3:09:02 PM
mbam-log-2009-04-20 (15-09-02).txt

Scan type: Quick Scan
Objects scanned: 60819
Time elapsed: 2 minute(s), 24 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 11
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Catchme log here

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

I can't figure out what is going on any help would be appreciated. Thanks

 

Hi
I would remove the updates one at a time and then test to find out which one is causing the problem.

Geri