IE won't open (Non-descriptive error)

homecomputeraid · **Posted:** Thu 24 Mar, 2005 2:49 pm

Hello,

I'm fixing a Dell Dimension 4400 running Windows XP Home with all Service Packs.

OSI Layers 1-3 are working (I can ping and resolve addresses at a command prompt).

I've updated and completed a full system scan with AVG Antivirus. Interestingly, I had to disable Windows Firewall to update AVG. I thought I had made an exception for it, but I'll double check that.

I'm on a different PC from the one with the problems. It won't get to the Internet at all. Internet Explorer will try to connect, but errors out. The error is non-descript [edit]unless someone here's better at deciphering that text file that I. I'm inserting the error text message after the HJT log. Spybot and Ad-Aware have been run and find nothing. SpywareGuard and SpywareBlaster are also in use.

Mozilla Firefox will not connect either. It does not produce an error, but never opens all the way. It shows up as a service in Task Manager, but not as an application.

The customer had downloaded BearShare, but removed it. I can't find any other obvious spyware in Add/Remove Programs.

Without further adeu, here's the HJT Log:

Logfile of HijackThis v1.99.1
Scan saved at 8:31:15 AM, on 3/24/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Downloads\WinFix\HijackThis\hijackthis\HijackThis.exe

O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid= ... lcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 6627046561
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

Here's the error log that was transmitted to Microsoft in the IE Error Report:

<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="IEXPLORE.EXE" FILTER="GRABMI_FILTER_PRIVACY">
<MATCHING_FILE NAME="hmmapi.dll" SIZE="38912" CHECKSUM="0xD85D870C" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Microsoft HTTP Mail Simple MAPI" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="HMMAPI.DLL" INTERNAL_NAME="HMMAPI" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1667F" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:15" UPTO_LINK_DATE="08/04/2004 07:56:15" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="ie6setup.exe" SIZE="491768" CHECKSUM="0xE35ED3EF" BIN_FILE_VERSION="6.0.2800.1106" BIN_PRODUCT_VERSION="6.0.2800.1106" PRODUCT_VERSION="6.00.2800.1106" FILE_DESCRIPTION="Win32 Cabinet Self-Extractor " COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Internet Explorer 6" FILE_VERSION="6.00.2800.1106" ORIGINAL_FILENAME="WEXTRACT.EXE " INTERNAL_NAME="Wextract " LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x84D61" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2800.1106" UPTO_BIN_PRODUCT_VERSION="6.0.2800.1106" LINK_DATE="08/29/2002 11:23:17" UPTO_LINK_DATE="08/29/2002 11:23:17" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="iedetect.dll" SIZE="14336" CHECKSUM="0xD1EB3951" BIN_FILE_VERSION="6.0.2800.1106" BIN_PRODUCT_VERSION="6.0.2800.1106" PRODUCT_VERSION="6.00.2800.1106" FILE_DESCRIPTION="Internet Explorer Detection" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2800.1106" ORIGINAL_FILENAME="IEDETECT.DLL" INTERNAL_NAME="IEDETECT" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x4E1A" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2800.1106" UPTO_BIN_PRODUCT_VERSION="6.0.2800.1106" LINK_DATE="08/29/2002 11:23:38" UPTO_LINK_DATE="08/29/2002 11:23:38" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="iedw.exe" SIZE="18432" CHECKSUM="0x88F1640" BIN_FILE_VERSION="5.1.2600.2180" BIN_PRODUCT_VERSION="5.1.2600.2180" PRODUCT_VERSION="5.1.2600.2180" FILE_DESCRIPTION="IE Crash Detection" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="iedw.exe" INTERNAL_NAME="iedw.exe" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x67D2" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.2180" UPTO_BIN_PRODUCT_VERSION="5.1.2600.2180" LINK_DATE="08/04/2004 06:02:35" UPTO_LINK_DATE="08/04/2004 06:02:35" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="iexplore.exe" SIZE="93184" CHECKSUM="0xE187626E" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Explorer" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="IEXPLORE.EXE" INTERNAL_NAME="iexplore" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x23C72" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 06:00:33" UPTO_LINK_DATE="08/04/2004 06:00:33" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwconn.dll" SIZE="61440" CHECKSUM="0xDD04DAB" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="icwconn.dll" INTERNAL_NAME="icwconn" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x11BD7" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:14" UPTO_LINK_DATE="08/04/2004 07:56:14" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwconn1.exe" SIZE="214528" CHECKSUM="0xC9B5555" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="icwconn1.exe" INTERNAL_NAME="icwconn1" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x3C746" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 05:59:19" UPTO_LINK_DATE="08/04/2004 05:59:19" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwconn2.exe" SIZE="86016" CHECKSUM="0x7DE2AFFE" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="ICWCONN2.EXE" INTERNAL_NAME="ICWCONN2" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1DDE9" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 05:59:22" UPTO_LINK_DATE="08/04/2004 05:59:22" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwdl.dll" SIZE="32768" CHECKSUM="0xF4CC9266" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Service MIME Mutlipart Download" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="ICWDL.DLL" INTERNAL_NAME="ICWDL" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x174A9" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:16" UPTO_LINK_DATE="08/04/2004 07:56:16" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwhelp.dll" SIZE="172032" CHECKSUM="0xCBAB0AC0" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Connection Wizard Helper functions" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="icwhelp.dll" INTERNAL_NAME="icwhelp" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x33E62" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:17" UPTO_LINK_DATE="08/04/2004 07:56:17" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwres.dll" SIZE="61440" CHECKSUM="0xA488AA92" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="icwres.dll" INTERNAL_NAME="icwres" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1AA60" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/18/2001 05:35:05" UPTO_LINK_DATE="08/18/2001 05:35:05" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwrmind.exe" SIZE="24576" CHECKSUM="0x70643FDC" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Connection Wizard Reminder" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="ICWRMIND.EXE" INTERNAL_NAME="ICWRMIND" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x13447" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 05:59:09" UPTO_LINK_DATE="08/04/2004 05:59:09" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwtutor.exe" SIZE="73728" CHECKSUM="0xF945F7EB" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="icwtutor.exe" INTERNAL_NAME="icwtutor" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x16B27" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/17/2001 20:49:08" UPTO_LINK_DATE="08/17/2001 20:49:08" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwutil.dll" SIZE="49152" CHECKSUM="0xB9156DF5" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="icwutil.dll" INTERNAL_NAME="icwutil" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xF816" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:19" UPTO_LINK_DATE="08/04/2004 07:56:19" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\inetwiz.exe" SIZE="20480" CHECKSUM="0x3D8A325B" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="INETWIZ.EXE" INTERNAL_NAME="INETWIZ" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xE297" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 05:59:25" UPTO_LINK_DATE="08/04/2004 05:59:25" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\isignup.exe" SIZE="16384" CHECKSUM="0xF8AB8D6E" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Internet Signup" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="ISIGNUP.EXE" INTERNAL_NAME="ISIGNUP" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x443C" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/17/2001 20:48:46" UPTO_LINK_DATE="08/17/2001 20:48:46" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\trialoc.dll" SIZE="40960" CHECKSUM="0x68F70073" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Internet Connection Wizard Trial Reminder Helper" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="trialoc.dll" INTERNAL_NAME="trialoc" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x198FE" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/18/2001 05:36:03" UPTO_LINK_DATE="08/18/2001 05:36:03" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="IE Uninstall\w2kexcp.exe" SIZE="33280" CHECKSUM="0xB6AD06CB" BIN_FILE_VERSION="6.0.2800.1106" BIN_PRODUCT_VERSION="6.0.2800.1106" PRODUCT_VERSION="6.00.2800.1106" FILE_DESCRIPTION="Microsoft Internet Explorer Windows2000 Installer" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2800.1106" ORIGINAL_FILENAME="W2KExcp.EXE" INTERNAL_NAME="W2KExcp" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xAA25" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2800.1106" UPTO_BIN_PRODUCT_VERSION="6.0.2800.1106" LINK_DATE="08/29/2002 11:23:44" UPTO_LINK_DATE="08/29/2002 11:23:44" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="mui\041e\browselc.dll" SIZE="63488" CHECKSUM="0xDAE5427E" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Shell Browser UI Library" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="BROWSEUI.DLL" INTERNAL_NAME="BROWSEUI.DLL" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x11598" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:07" UPTO_LINK_DATE="08/04/2004 07:56:07" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="mui\041e\inetres.dll" SIZE="48128" CHECKSUM="0xFA1EE2CF" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Microsoft Internet Messaging API Resources" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="INETRES.DLL" INTERNAL_NAME="INETRES" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xF045" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:38" UPTO_LINK_DATE="08/04/2004 07:56:38" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="mui\041e\mshtmler.dll" SIZE="56832" CHECKSUM="0xDEF939F" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Microsoft (R) HTML Editing Component's Resource DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="MSHTMLER.DLL" INTERNAL_NAME="MSHTMLER" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x10B5A" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:58:11" UPTO_LINK_DATE="08/04/2004 07:58:11" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="mui\041e\msoeres.dll" SIZE="2479616" CHECKSUM="0x752385C1" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Outlook Express" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="MSOERES.DLL" INTERNAL_NAME="MSOERES" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x25FEA8" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:58:51" UPTO_LINK_DATE="08/04/2004 07:58:51" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="mui\041e\shdoclc.dll" SIZE="549376" CHECKSUM="0x9A0B86D4" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Shell Doc Object and Control Library" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="SHDOCVW.DLL" INTERNAL_NAME="SHDOCVW.DLL" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x92C46" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:37" UPTO_LINK_DATE="08/04/2004 07:56:37" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="mui\041e\wab32res.dll" SIZE="249856" CHECKSUM="0x7611ED53" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Microsoft (R) Address Book DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="WAB32res.DLL" INTERNAL_NAME="WAB32res.DLL" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x42D6F" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:38" UPTO_LINK_DATE="08/04/2004 07:56:38" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="PLUGINS\npqtplugin.dll" SIZE="90112" CHECKSUM="0x8B7ABE0C" BIN_FILE_VERSION="5.0.2.15" BIN_PRODUCT_VERSION="5.0.2.15" PRODUCT_VERSION="QuickTime 5.0.2" FILE_DESCRIPTION="The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the <A HREF=http://www.apple.com/quicktime/>QuickTime</A> Web site." COMPANY_NAME="Apple Computer, Inc." PRODUCT_NAME="QuickTime Plug-in 5.0.2" FILE_VERSION="5.0.2" ORIGINAL_FILENAME="npqtplugin.dll" INTERNAL_NAME="QuickTime Plug-In" LEGAL_COPYRIGHT="Â© Apple Computer, Inc. 1992-2001" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="5.0.2.15" UPTO_BIN_PRODUCT_VERSION="5.0.2.15" LINK_DATE="06/20/2001 23:29:56" UPTO_LINK_DATE="06/20/2001 23:29:56" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="PLUGINS\npqtplugin2.dll" SIZE="90112" CHECKSUM="0x8B7ABE0C" BIN_FILE_VERSION="5.0.2.15" BIN_PRODUCT_VERSION="5.0.2.15" PRODUCT_VERSION="QuickTime 5.0.2" FILE_DESCRIPTION="The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the <A HREF=http://www.apple.com/quicktime/>QuickTime</A> Web site." COMPANY_NAME="Apple Computer, Inc." PRODUCT_NAME="QuickTime Plug-in 5.0.2" FILE_VERSION="5.0.2" ORIGINAL_FILENAME="npqtplugin.dll" INTERNAL_NAME="QuickTime Plug-In" LEGAL_COPYRIGHT="Â© Apple Computer, Inc. 1992-2001" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="5.0.2.15" UPTO_BIN_PRODUCT_VERSION="5.0.2.15" LINK_DATE="06/20/2001 23:29:56" UPTO_LINK_DATE="06/20/2001 23:29:56" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="PLUGINS\npqtplugin3.dll" SIZE="90112" CHECKSUM="0x8B7ABE0C" BIN_FILE_VERSION="5.0.2.15" BIN_PRODUCT_VERSION="5.0.2.15" PRODUCT_VERSION="QuickTime 5.0.2" FILE_DESCRIPTION="The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the <A HREF=http://www.apple.com/quicktime/>QuickTime</A> Web site." COMPANY_NAME="Apple Computer, Inc." PRODUCT_NAME="QuickTime Plug-in 5.0.2" FILE_VERSION="5.0.2" ORIGINAL_FILENAME="npqtplugin.dll" INTERNAL_NAME="QuickTime Plug-In" LEGAL_COPYRIGHT="Â© Apple Computer, Inc. 1992-2001" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="5.0.2.15" UPTO_BIN_PRODUCT_VERSION="5.0.2.15" LINK_DATE="06/20/2001 23:29:56" UPTO_LINK_DATE="06/20/2001 23:29:56" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="PLUGINS\npqtplugin4.dll" SIZE="90112" CHECKSUM="0x8B7ABE0C" BIN_FILE_VERSION="5.0.2.15" BIN_PRODUCT_VERSION="5.0.2.15" PRODUCT_VERSION="QuickTime 5.0.2" FILE_DESCRIPTION="The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the <A HREF=http://www.apple.com/quicktime/>QuickTime</A> Web site." COMPANY_NAME="Apple Computer, Inc." PRODUCT_NAME="QuickTime Plug-in 5.0.2" FILE_VERSION="5.0.2" ORIGINAL_FILENAME="npqtplugin.dll" INTERNAL_NAME="QuickTime Plug-In" LEGAL_COPYRIGHT="Â© Apple Computer, Inc. 1992-2001" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="5.0.2.15" UPTO_BIN_PRODUCT_VERSION="5.0.2.15" LINK_DATE="06/20/2001 23:29:56" UPTO_LINK_DATE="06/20/2001 23:29:56" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="PLUGINS\npqtplugin5.dll" SIZE="90112" CHECKSUM="0x8B7ABE0C" BIN_FILE_VERSION="5.0.2.15" BIN_PRODUCT_VERSION="5.0.2.15" PRODUCT_VERSION="QuickTime 5.0.2" FILE_DESCRIPTION="The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the <A HREF=http://www.apple.com/quicktime/>QuickTime</A> Web site." COMPANY_NAME="Apple Computer, Inc." PRODUCT_NAME="QuickTime Plug-in 5.0.2" FILE_VERSION="5.0.2" ORIGINAL_FILENAME="npqtplugin.dll" INTERNAL_NAME="QuickTime Plug-In" LEGAL_COPYRIGHT="Â© Apple Computer, Inc. 1992-2001" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="5.0.2.15" UPTO_BIN_PRODUCT_VERSION="5.0.2.15" LINK_DATE="06/20/2001 23:29:56" UPTO_LINK_DATE="06/20/2001 23:29:56" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="W2K\expinst.exe" SIZE="23552" CHECKSUM="0x98D31F1" BIN_FILE_VERSION="6.0.2800.1106" BIN_PRODUCT_VERSION="6.0.2800.1106" PRODUCT_VERSION="6.00.2800.1106" FILE_DESCRIPTION="Microsoft Internet Explorer Windows2000 Installer" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="6.00.2800.1106" ORIGINAL_FILENAME="W2KExcp.EXE" INTERNAL_NAME="W2KExcp" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x15630" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2800.1106" UPTO_BIN_PRODUCT_VERSION="6.0.2800.1106" LINK_DATE="08/29/2002 11:23:45" UPTO_LINK_DATE="08/29/2002 11:23:45" VER_LANGUAGE="English (United States) [0x409]" />
</EXE>
<EXE NAME="kernel32.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
<MATCHING_FILE NAME="kernel32.dll" SIZE="983552" CHECKSUM="0x4CE79457" BIN_FILE_VERSION="5.1.2600.2180" BIN_PRODUCT_VERSION="5.1.2600.2180" PRODUCT_VERSION="5.1.2600.2180" FILE_DESCRIPTION="Windows NT BASE API Client DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="MicrosoftÂ® WindowsÂ® Operating System" FILE_VERSION="5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32" LEGAL_COPYRIGHT="Â© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xFF848" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.2180" UPTO_BIN_PRODUCT_VERSION="5.1.2600.2180" LINK_DATE="08/04/2004 07:56:36" UPTO_LINK_DATE="08/04/2004 07:56:36" VER_LANGUAGE="English (United States) [0x409]" />
</EXE>
</DATABASE>

If that M$ Error Log File is no help, please remove it Moderators.

Thanks in advance for your help!

Nellie2 · **Posted:** Sat 26 Mar, 2005 4:23 pm

I'm not sure that this is a spyware problem... if Mozilla won't connect either then something is stopping it.

Is the user running the xp firewall... is it blocking everything?
_________________

homecomputeraid · **Posted:** Sat 26 Mar, 2005 4:44 pm

Hi Nel!

Thanks for the reply. I turned off Windows Firewall (the only Firewall presently installed), and got the same results.

I noticed using SysInternals' TCPVeiw http://www.sysinternals.com/ntw2k/utilities.shtml that Firefox shows a connection to localhost, ports 1114 and 1115 when I try to start it (Firefox never really opens). I wonder if the hosts file has become messed up?

Nellie2 · **Posted:** Sat 26 Mar, 2005 4:46 pm

Its worth a look... I wouldn't say this was a browser problem per say as all browsers are affected.
_________________

homecomputeraid · **Posted:** Sat 26 Mar, 2005 5:14 pm

Hi Nel,

There was nothing in the Hosts file except an entry pointing 127.0.0.1 to localhost which is normal.

When I reboot now, AVG won't start. I suspect a hard to find virus or something. I'm going to try a scan with a new version of Stinger and if that doesn't work, I'll probably resort to another rebuild (I just rebuilt this guy's machine less than a month ago and thought I had it pretty well protected!).

I ran CCleaner and RegSupreme, but still same result. [edit]I turned off System Restore too.

homecomputeraid · **Posted:** Sat 26 Mar, 2005 5:47 pm

Nel, and all who checked out my HJT log, knowing it's probably not spyware helped. I'm still trying to figure it out before I resort to a rebuild.

Thanks,

Nellie2 · **Posted:** Sat 26 Mar, 2005 9:44 pm

You could try an Mwav scan, that usually manages to pick up all sorts of stuff... if it is there.

Click here to download eScan's mwav application. Double-click it to run it, select all local drives, scan all files, press 'scan' and when it is completed, anything found will be displayed in the lower pane.

homecomputeraid · **Posted:** Sun 27 Mar, 2005 3:40 am

Thanks for the link Nel, but I've already rebuilt it. I tried a repair from the CD, and it told me inetcom.dll and msoe.dll were corrupt.

I think the link will be useful in the future though.

homecomputeraid · **Posted:** Mon 28 Mar, 2005 2:33 am

Just an update. I've done several complete rebuilds. I suspected that there was a bad interaction between the OS release I had and M$ Hotfixes. I got the exact same issue after a format and reinstall of XP. Not until I was doing post SP2 Hotfixes though. Before I could go in and start removing Hotfixes one at a time, I got an error about a problem checking the license which completely locked me out of the system, so I did another rebuild!

I got another Dell OEM release of XP Home, and I'm trying that. I'll post when finished.

homecomputeraid · **Posted:** Mon 28 Mar, 2005 6:37 am

It looks like it was a bad XP Release. The Dell Part Number of the release that didn't work is 7K404. The one that worked is 6U790.

This isn't definitive, but I only had so much time to put into trying to track down the problem or rebuilding. It could simply have been a Hotfix that didn't agree with the first release.

Thanks to all for your help!

Nellie2 · **Posted:** Tue 29 Mar, 2005 7:35 pm

Thanks for letting us know! It's nice to know that not everything is down to malware. :wink:

homecomputeraid · **Posted:** Wed 30 Mar, 2005 12:38 am

Thanks for letting me know it wasn't spyware! I didn't want to do yet another rebuild only to find that the user was going to get infected again because I couldn't tell him what was wrong!

Great forum by the way. I predict that we'll be overrun with 'customers' looking for help very soon.

MalWare Removal Forum

Forum rules

IE won't open (Non-descriptive error)

Who is online