Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

IE won't open (Non-descriptive error)

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

IE won't open (Non-descriptive error)

Unread postby homecomputeraid » March 24th, 2005, 9:49 am

Hello,

I'm fixing a Dell Dimension 4400 running Windows XP Home with all Service Packs.

OSI Layers 1-3 are working (I can ping and resolve addresses at a command prompt).

I've updated and completed a full system scan with AVG Antivirus. Interestingly, I had to disable Windows Firewall to update AVG. I thought I had made an exception for it, but I'll double check that.

I'm on a different PC from the one with the problems. It won't get to the Internet at all. Internet Explorer will try to connect, but errors out. The error is non-descript [edit]unless someone here's better at deciphering that text file that I. I'm inserting the error text message after the HJT log. Spybot and Ad-Aware have been run and find nothing. SpywareGuard and SpywareBlaster are also in use.

Mozilla Firefox will not connect either. It does not produce an error, but never opens all the way. It shows up as a service in Task Manager, but not as an application.

The customer had downloaded BearShare, but removed it. I can't find any other obvious spyware in Add/Remove Programs.

Without further adeu, here's the HJT Log:

Logfile of HijackThis v1.99.1
Scan saved at 8:31:15 AM, on 3/24/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Downloads\WinFix\HijackThis\hijackthis\HijackThis.exe

O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid= ... lcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 6627046561
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

Here's the error log that was transmitted to Microsoft in the IE Error Report:

<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="IEXPLORE.EXE" FILTER="GRABMI_FILTER_PRIVACY">
<MATCHING_FILE NAME="hmmapi.dll" SIZE="38912" CHECKSUM="0xD85D870C" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Microsoft HTTP Mail Simple MAPI" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="HMMAPI.DLL" INTERNAL_NAME="HMMAPI" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1667F" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:15" UPTO_LINK_DATE="08/04/2004 07:56:15" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="ie6setup.exe" SIZE="491768" CHECKSUM="0xE35ED3EF" BIN_FILE_VERSION="6.0.2800.1106" BIN_PRODUCT_VERSION="6.0.2800.1106" PRODUCT_VERSION="6.00.2800.1106" FILE_DESCRIPTION="Win32 Cabinet Self-Extractor " COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Internet Explorer 6" FILE_VERSION="6.00.2800.1106" ORIGINAL_FILENAME="WEXTRACT.EXE " INTERNAL_NAME="Wextract " LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x84D61" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2800.1106" UPTO_BIN_PRODUCT_VERSION="6.0.2800.1106" LINK_DATE="08/29/2002 11:23:17" UPTO_LINK_DATE="08/29/2002 11:23:17" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="iedetect.dll" SIZE="14336" CHECKSUM="0xD1EB3951" BIN_FILE_VERSION="6.0.2800.1106" BIN_PRODUCT_VERSION="6.0.2800.1106" PRODUCT_VERSION="6.00.2800.1106" FILE_DESCRIPTION="Internet Explorer Detection" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2800.1106" ORIGINAL_FILENAME="IEDETECT.DLL" INTERNAL_NAME="IEDETECT" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x4E1A" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2800.1106" UPTO_BIN_PRODUCT_VERSION="6.0.2800.1106" LINK_DATE="08/29/2002 11:23:38" UPTO_LINK_DATE="08/29/2002 11:23:38" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="iedw.exe" SIZE="18432" CHECKSUM="0x88F1640" BIN_FILE_VERSION="5.1.2600.2180" BIN_PRODUCT_VERSION="5.1.2600.2180" PRODUCT_VERSION="5.1.2600.2180" FILE_DESCRIPTION="IE Crash Detection" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="iedw.exe" INTERNAL_NAME="iedw.exe" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x67D2" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.2180" UPTO_BIN_PRODUCT_VERSION="5.1.2600.2180" LINK_DATE="08/04/2004 06:02:35" UPTO_LINK_DATE="08/04/2004 06:02:35" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="iexplore.exe" SIZE="93184" CHECKSUM="0xE187626E" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Explorer" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="IEXPLORE.EXE" INTERNAL_NAME="iexplore" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x23C72" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 06:00:33" UPTO_LINK_DATE="08/04/2004 06:00:33" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwconn.dll" SIZE="61440" CHECKSUM="0xDD04DAB" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="icwconn.dll" INTERNAL_NAME="icwconn" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x11BD7" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:14" UPTO_LINK_DATE="08/04/2004 07:56:14" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwconn1.exe" SIZE="214528" CHECKSUM="0xC9B5555" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="icwconn1.exe" INTERNAL_NAME="icwconn1" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x3C746" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 05:59:19" UPTO_LINK_DATE="08/04/2004 05:59:19" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwconn2.exe" SIZE="86016" CHECKSUM="0x7DE2AFFE" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="ICWCONN2.EXE" INTERNAL_NAME="ICWCONN2" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1DDE9" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 05:59:22" UPTO_LINK_DATE="08/04/2004 05:59:22" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwdl.dll" SIZE="32768" CHECKSUM="0xF4CC9266" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Service MIME Mutlipart Download" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="ICWDL.DLL" INTERNAL_NAME="ICWDL" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x174A9" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:16" UPTO_LINK_DATE="08/04/2004 07:56:16" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwhelp.dll" SIZE="172032" CHECKSUM="0xCBAB0AC0" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Connection Wizard Helper functions" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="icwhelp.dll" INTERNAL_NAME="icwhelp" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x33E62" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:17" UPTO_LINK_DATE="08/04/2004 07:56:17" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwres.dll" SIZE="61440" CHECKSUM="0xA488AA92" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="icwres.dll" INTERNAL_NAME="icwres" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1AA60" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/18/2001 05:35:05" UPTO_LINK_DATE="08/18/2001 05:35:05" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwrmind.exe" SIZE="24576" CHECKSUM="0x70643FDC" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Connection Wizard Reminder" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="ICWRMIND.EXE" INTERNAL_NAME="ICWRMIND" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x13447" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 05:59:09" UPTO_LINK_DATE="08/04/2004 05:59:09" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwtutor.exe" SIZE="73728" CHECKSUM="0xF945F7EB" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="icwtutor.exe" INTERNAL_NAME="icwtutor" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x16B27" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/17/2001 20:49:08" UPTO_LINK_DATE="08/17/2001 20:49:08" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwutil.dll" SIZE="49152" CHECKSUM="0xB9156DF5" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="icwutil.dll" INTERNAL_NAME="icwutil" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xF816" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:19" UPTO_LINK_DATE="08/04/2004 07:56:19" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\inetwiz.exe" SIZE="20480" CHECKSUM="0x3D8A325B" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="INETWIZ.EXE" INTERNAL_NAME="INETWIZ" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xE297" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 05:59:25" UPTO_LINK_DATE="08/04/2004 05:59:25" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\isignup.exe" SIZE="16384" CHECKSUM="0xF8AB8D6E" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Internet Signup" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="ISIGNUP.EXE" INTERNAL_NAME="ISIGNUP" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x443C" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/17/2001 20:48:46" UPTO_LINK_DATE="08/17/2001 20:48:46" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\trialoc.dll" SIZE="40960" CHECKSUM="0x68F70073" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Internet Connection Wizard Trial Reminder Helper" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="trialoc.dll" INTERNAL_NAME="trialoc" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x198FE" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/18/2001 05:36:03" UPTO_LINK_DATE="08/18/2001 05:36:03" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="IE Uninstall\w2kexcp.exe" SIZE="33280" CHECKSUM="0xB6AD06CB" BIN_FILE_VERSION="6.0.2800.1106" BIN_PRODUCT_VERSION="6.0.2800.1106" PRODUCT_VERSION="6.00.2800.1106" FILE_DESCRIPTION="Microsoft Internet Explorer Windows2000 Installer" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2800.1106" ORIGINAL_FILENAME="W2KExcp.EXE" INTERNAL_NAME="W2KExcp" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xAA25" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2800.1106" UPTO_BIN_PRODUCT_VERSION="6.0.2800.1106" LINK_DATE="08/29/2002 11:23:44" UPTO_LINK_DATE="08/29/2002 11:23:44" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="mui\041e\browselc.dll" SIZE="63488" CHECKSUM="0xDAE5427E" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Shell Browser UI Library" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="BROWSEUI.DLL" INTERNAL_NAME="BROWSEUI.DLL" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x11598" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:07" UPTO_LINK_DATE="08/04/2004 07:56:07" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="mui\041e\inetres.dll" SIZE="48128" CHECKSUM="0xFA1EE2CF" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Microsoft Internet Messaging API Resources" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="INETRES.DLL" INTERNAL_NAME="INETRES" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xF045" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:38" UPTO_LINK_DATE="08/04/2004 07:56:38" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="mui\041e\mshtmler.dll" SIZE="56832" CHECKSUM="0xDEF939F" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Microsoft (R) HTML Editing Component's Resource DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="MSHTMLER.DLL" INTERNAL_NAME="MSHTMLER" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x10B5A" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:58:11" UPTO_LINK_DATE="08/04/2004 07:58:11" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="mui\041e\msoeres.dll" SIZE="2479616" CHECKSUM="0x752385C1" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Outlook Express" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="MSOERES.DLL" INTERNAL_NAME="MSOERES" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x25FEA8" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:58:51" UPTO_LINK_DATE="08/04/2004 07:58:51" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="mui\041e\shdoclc.dll" SIZE="549376" CHECKSUM="0x9A0B86D4" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Shell Doc Object and Control Library" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="SHDOCVW.DLL" INTERNAL_NAME="SHDOCVW.DLL" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x92C46" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:37" UPTO_LINK_DATE="08/04/2004 07:56:37" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="mui\041e\wab32res.dll" SIZE="249856" CHECKSUM="0x7611ED53" BIN_FILE_VERSION="6.0.2900.2180" BIN_PRODUCT_VERSION="6.0.2900.2180" PRODUCT_VERSION="6.00.2900.2180" FILE_DESCRIPTION="Microsoft (R) Address Book DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="WAB32res.DLL" INTERNAL_NAME="WAB32res.DLL" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x42D6F" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.2180" UPTO_BIN_PRODUCT_VERSION="6.0.2900.2180" LINK_DATE="08/04/2004 07:56:38" UPTO_LINK_DATE="08/04/2004 07:56:38" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="PLUGINS\npqtplugin.dll" SIZE="90112" CHECKSUM="0x8B7ABE0C" BIN_FILE_VERSION="5.0.2.15" BIN_PRODUCT_VERSION="5.0.2.15" PRODUCT_VERSION="QuickTime 5.0.2" FILE_DESCRIPTION="The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the &lt;A HREF=http://www.apple.com/quicktime/&gt;QuickTime&lt;/A&gt; Web site." COMPANY_NAME="Apple Computer, Inc." PRODUCT_NAME="QuickTime Plug-in 5.0.2" FILE_VERSION="5.0.2" ORIGINAL_FILENAME="npqtplugin.dll" INTERNAL_NAME="QuickTime Plug-In" LEGAL_COPYRIGHT="© Apple Computer, Inc. 1992-2001" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="5.0.2.15" UPTO_BIN_PRODUCT_VERSION="5.0.2.15" LINK_DATE="06/20/2001 23:29:56" UPTO_LINK_DATE="06/20/2001 23:29:56" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="PLUGINS\npqtplugin2.dll" SIZE="90112" CHECKSUM="0x8B7ABE0C" BIN_FILE_VERSION="5.0.2.15" BIN_PRODUCT_VERSION="5.0.2.15" PRODUCT_VERSION="QuickTime 5.0.2" FILE_DESCRIPTION="The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the &lt;A HREF=http://www.apple.com/quicktime/&gt;QuickTime&lt;/A&gt; Web site." COMPANY_NAME="Apple Computer, Inc." PRODUCT_NAME="QuickTime Plug-in 5.0.2" FILE_VERSION="5.0.2" ORIGINAL_FILENAME="npqtplugin.dll" INTERNAL_NAME="QuickTime Plug-In" LEGAL_COPYRIGHT="© Apple Computer, Inc. 1992-2001" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="5.0.2.15" UPTO_BIN_PRODUCT_VERSION="5.0.2.15" LINK_DATE="06/20/2001 23:29:56" UPTO_LINK_DATE="06/20/2001 23:29:56" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="PLUGINS\npqtplugin3.dll" SIZE="90112" CHECKSUM="0x8B7ABE0C" BIN_FILE_VERSION="5.0.2.15" BIN_PRODUCT_VERSION="5.0.2.15" PRODUCT_VERSION="QuickTime 5.0.2" FILE_DESCRIPTION="The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the &lt;A HREF=http://www.apple.com/quicktime/&gt;QuickTime&lt;/A&gt; Web site." COMPANY_NAME="Apple Computer, Inc." PRODUCT_NAME="QuickTime Plug-in 5.0.2" FILE_VERSION="5.0.2" ORIGINAL_FILENAME="npqtplugin.dll" INTERNAL_NAME="QuickTime Plug-In" LEGAL_COPYRIGHT="© Apple Computer, Inc. 1992-2001" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="5.0.2.15" UPTO_BIN_PRODUCT_VERSION="5.0.2.15" LINK_DATE="06/20/2001 23:29:56" UPTO_LINK_DATE="06/20/2001 23:29:56" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="PLUGINS\npqtplugin4.dll" SIZE="90112" CHECKSUM="0x8B7ABE0C" BIN_FILE_VERSION="5.0.2.15" BIN_PRODUCT_VERSION="5.0.2.15" PRODUCT_VERSION="QuickTime 5.0.2" FILE_DESCRIPTION="The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the &lt;A HREF=http://www.apple.com/quicktime/&gt;QuickTime&lt;/A&gt; Web site." COMPANY_NAME="Apple Computer, Inc." PRODUCT_NAME="QuickTime Plug-in 5.0.2" FILE_VERSION="5.0.2" ORIGINAL_FILENAME="npqtplugin.dll" INTERNAL_NAME="QuickTime Plug-In" LEGAL_COPYRIGHT="© Apple Computer, Inc. 1992-2001" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="5.0.2.15" UPTO_BIN_PRODUCT_VERSION="5.0.2.15" LINK_DATE="06/20/2001 23:29:56" UPTO_LINK_DATE="06/20/2001 23:29:56" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="PLUGINS\npqtplugin5.dll" SIZE="90112" CHECKSUM="0x8B7ABE0C" BIN_FILE_VERSION="5.0.2.15" BIN_PRODUCT_VERSION="5.0.2.15" PRODUCT_VERSION="QuickTime 5.0.2" FILE_DESCRIPTION="The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the &lt;A HREF=http://www.apple.com/quicktime/&gt;QuickTime&lt;/A&gt; Web site." COMPANY_NAME="Apple Computer, Inc." PRODUCT_NAME="QuickTime Plug-in 5.0.2" FILE_VERSION="5.0.2" ORIGINAL_FILENAME="npqtplugin.dll" INTERNAL_NAME="QuickTime Plug-In" LEGAL_COPYRIGHT="© Apple Computer, Inc. 1992-2001" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="5.0.2.15" UPTO_BIN_PRODUCT_VERSION="5.0.2.15" LINK_DATE="06/20/2001 23:29:56" UPTO_LINK_DATE="06/20/2001 23:29:56" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="W2K\expinst.exe" SIZE="23552" CHECKSUM="0x98D31F1" BIN_FILE_VERSION="6.0.2800.1106" BIN_PRODUCT_VERSION="6.0.2800.1106" PRODUCT_VERSION="6.00.2800.1106" FILE_DESCRIPTION="Microsoft Internet Explorer Windows2000 Installer" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2800.1106" ORIGINAL_FILENAME="W2KExcp.EXE" INTERNAL_NAME="W2KExcp" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x15630" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2800.1106" UPTO_BIN_PRODUCT_VERSION="6.0.2800.1106" LINK_DATE="08/29/2002 11:23:45" UPTO_LINK_DATE="08/29/2002 11:23:45" VER_LANGUAGE="English (United States) [0x409]" />
</EXE>
<EXE NAME="kernel32.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
<MATCHING_FILE NAME="kernel32.dll" SIZE="983552" CHECKSUM="0x4CE79457" BIN_FILE_VERSION="5.1.2600.2180" BIN_PRODUCT_VERSION="5.1.2600.2180" PRODUCT_VERSION="5.1.2600.2180" FILE_DESCRIPTION="Windows NT BASE API Client DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xFF848" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.2180" UPTO_BIN_PRODUCT_VERSION="5.1.2600.2180" LINK_DATE="08/04/2004 07:56:36" UPTO_LINK_DATE="08/04/2004 07:56:36" VER_LANGUAGE="English (United States) [0x409]" />
</EXE>
</DATABASE>

If that M$ Error Log File is no help, please remove it Moderators. :)

Thanks in advance for your help!
User avatar
homecomputeraid
Regular Member
 
Posts: 48
Joined: March 23rd, 2005, 6:29 pm
Location: Rochester area, New York, USA
Advertisement
Register to Remove

Unread postby Nellie2 » March 26th, 2005, 11:23 am

I'm not sure that this is a spyware problem... if Mozilla won't connect either then something is stopping it.

Is the user running the xp firewall... is it blocking everything?
User avatar
Nellie2
Administrator Emeritus
 
Posts: 8737
Joined: December 16th, 2004, 5:01 pm
Location: UK

It's not the firewall

Unread postby homecomputeraid » March 26th, 2005, 11:44 am

Hi Nel!

Thanks for the reply. I turned off Windows Firewall (the only Firewall presently installed), and got the same results.

I noticed using SysInternals' TCPVeiw http://www.sysinternals.com/ntw2k/utilities.shtml that Firefox shows a connection to localhost, ports 1114 and 1115 when I try to start it (Firefox never really opens). I wonder if the hosts file has become messed up?
User avatar
homecomputeraid
Regular Member
 
Posts: 48
Joined: March 23rd, 2005, 6:29 pm
Location: Rochester area, New York, USA

Unread postby Nellie2 » March 26th, 2005, 11:46 am

Its worth a look... I wouldn't say this was a browser problem per say as all browsers are affected.
User avatar
Nellie2
Administrator Emeritus
 
Posts: 8737
Joined: December 16th, 2004, 5:01 pm
Location: UK

Nothing in Hosts file

Unread postby homecomputeraid » March 26th, 2005, 12:14 pm

Hi Nel,

There was nothing in the Hosts file except an entry pointing 127.0.0.1 to localhost which is normal.

When I reboot now, AVG won't start. I suspect a hard to find virus or something. I'm going to try a scan with a new version of Stinger and if that doesn't work, I'll probably resort to another rebuild (I just rebuilt this guy's machine less than a month ago and thought I had it pretty well protected!).

I ran CCleaner and RegSupreme, but still same result. [edit]I turned off System Restore too.
User avatar
homecomputeraid
Regular Member
 
Posts: 48
Joined: March 23rd, 2005, 6:29 pm
Location: Rochester area, New York, USA

Knowing it's probably not spyware helped!

Unread postby homecomputeraid » March 26th, 2005, 12:47 pm

Nel, and all who checked out my HJT log, knowing it's probably not spyware helped. I'm still trying to figure it out before I resort to a rebuild.

Thanks,
User avatar
homecomputeraid
Regular Member
 
Posts: 48
Joined: March 23rd, 2005, 6:29 pm
Location: Rochester area, New York, USA

Unread postby Nellie2 » March 26th, 2005, 4:44 pm

You could try an Mwav scan, that usually manages to pick up all sorts of stuff... if it is there.

Click here to download eScan's mwav application. Double-click it to run it, select all local drives, scan all files, press 'scan' and when it is completed, anything found will be displayed in the lower pane.
User avatar
Nellie2
Administrator Emeritus
 
Posts: 8737
Joined: December 16th, 2004, 5:01 pm
Location: UK

Too late. Rebuilt. :)

Unread postby homecomputeraid » March 26th, 2005, 10:40 pm

Thanks for the link Nel, but I've already rebuilt it. I tried a repair from the CD, and it told me inetcom.dll and msoe.dll were corrupt.

I think the link will be useful in the future though.
User avatar
homecomputeraid
Regular Member
 
Posts: 48
Joined: March 23rd, 2005, 6:29 pm
Location: Rochester area, New York, USA

Possible bad Dell OEM XP Release?

Unread postby homecomputeraid » March 27th, 2005, 9:33 pm

Just an update. I've done several complete rebuilds. I suspected that there was a bad interaction between the OS release I had and M$ Hotfixes. I got the exact same issue after a format and reinstall of XP. Not until I was doing post SP2 Hotfixes though. Before I could go in and start removing Hotfixes one at a time, I got an error about a problem checking the license which completely locked me out of the system, so I did another rebuild!

I got another Dell OEM release of XP Home, and I'm trying that. I'll post when finished.
User avatar
homecomputeraid
Regular Member
 
Posts: 48
Joined: March 23rd, 2005, 6:29 pm
Location: Rochester area, New York, USA

Bad XP Release?

Unread postby homecomputeraid » March 28th, 2005, 1:37 am

It looks like it was a bad XP Release. The Dell Part Number of the release that didn't work is 7K404. The one that worked is 6U790.

This isn't definitive, but I only had so much time to put into trying to track down the problem or rebuilding. It could simply have been a Hotfix that didn't agree with the first release.

Thanks to all for your help!
User avatar
homecomputeraid
Regular Member
 
Posts: 48
Joined: March 23rd, 2005, 6:29 pm
Location: Rochester area, New York, USA

Unread postby Nellie2 » March 29th, 2005, 2:35 pm

Thanks for letting us know! It's nice to know that not everything is down to malware. :wink:
User avatar
Nellie2
Administrator Emeritus
 
Posts: 8737
Joined: December 16th, 2004, 5:01 pm
Location: UK

You're welcome

Unread postby homecomputeraid » March 29th, 2005, 7:38 pm

Thanks for letting me know it wasn't spyware! I didn't want to do yet another rebuild only to find that the user was going to get infected again because I couldn't tell him what was wrong!

Great forum by the way. I predict that we'll be overrun with 'customers' looking for help very soon. :)
User avatar
homecomputeraid
Regular Member
 
Posts: 48
Joined: March 23rd, 2005, 6:29 pm
Location: Rochester area, New York, USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 291 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware