Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: IE Only Displays Secure Sites on Favorites

  1. #1
    Junior Member
    Join Date
    Oct 2007
    Location
    Milford, MI
    Posts
    11

    Default IE Only Displays Secure Sites on Favorites

    IE will only display secure pages (https) that are saved as a "favorite." When I try to access unsecure sites, I receive the "Page Cannot Be Displayed" error and at the bottom, "Cannot Find Server on DNS Error." If I type an address in the address line (secure or unsecure), I get a window error stating "Internet Explorer Could Not Open the search page."

    Before finding this site, I have run Norton Antivirus, checked hosts files (did not find anything), emptied temporary internet files and cache, checked to make sure security settings are OK. I could not run the Kaspersky because you need IE to run it and I cannot access from IE. I ran Spybot as required to clear up anything in "red" but there are two items that cannot be fixed, and upon start-up, it goes through the same cycle of identifying the same issues.

    I loaded Firefox onto my computer so that I could access the internet. Below is the HJT Info.

    Thank you.
    Cyrowski

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:57:47 PM, on 10/11/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\KMWDSrv.exe
    C:\WINNT\System32\NMSSvc.exe
    C:\WINNT\System32\nvsvc32.exe
    C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
    C:\WINNT\System32\svchost.exe
    C:\WINNT\wanmpsvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINNT\Explorer.EXE
    C:\WINNT\system32\CTHELPER.EXE
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\WINNT\GWMDMMSG.exe
    C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    C:\MMaestro\BWheel35.exe
    C:\Program Files\PhoneTools\CapFax.EXE
    C:\Program Files\Common Files\AOL\1127949917\ee\AOLSoftware.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    c:\program files\common files\aol\1127949917\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
    c:\program files\common files\aol\1127949917\ee\aolsoftware.exe
    C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\StartAutorun.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\KMConfig.exe
    C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\KMProcess.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\KMaestro\KMaestro.exe
    C:\WINNT\system32\HPZipm12.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Owner\Desktop\hijackthis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:65535
    O2 - BHO: (no name) - SOFTWARE - (no file)
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\WINNT\Downloaded Program Files\ycomp5_0_2_7.dll (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {} - (no file)
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\WINNT\Downloaded Program Files\ycomp5_0_2_7.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [Keyboard Preload Check] C:\OEMDRVRS\KEYB\Preload.exe /DEVID: /CLASS:Keyboard /RunValue:"Keyboard Preload Check"
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
    O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
    O4 - HKLM\..\Run: [GWMDMpi] C:\WINNT\GWMDMpi.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    O4 - HKLM\..\Run: [h4X6VW8kd] C:\documents and settings\owner\local settings\temp\h4X6VW8kd.exe
    O4 - HKLM\..\Run: [BtcMaestro] C:\Program Files\KMaestro\KMaestro.exe
    O4 - HKLM\..\Run: [LWBMOUSE] C:\MMaestro\BWheel35.exe
    O4 - HKLM\..\Run: [CapFax] C:\Program Files\PhoneTools\CapFax.EXE
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1127949917\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
    O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
    O15 - Trusted Zone: http://*.windowsupdate.microsoft.com
    O15 - Trusted Zone: http://*.windowsupdate.com
    O16 - DPF: Mah Jong Garden by pogo - http://game4.pogo.com/applet-6.0.1.2...-ob-assets.cab
    O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.1.5.2...-ob-assets.cab
    O16 - DPF: Word Whomp Whackdown by pogo - http://whackdown.pogo.com/applet-6.0...-ob-assets.cab
    O16 - DPF: WordJong by pogo - http://wordjong.pogo.com/applet-6.0....-ob-assets.cab
    O16 - DPF: World Class Solitaire by pogo - http://game4.pogo.com/applet-6.0.0.3...-ob-assets.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/p.../PCPitStop.CAB
    O16 - DPF: {0F04992B-E661-4DB9-B223-903AB628225D} (DoMoreRunExe.DoMoreRun) - file://C:\Program Files\Gateway\Do More\DoMoreRunExe.CAB
    O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivillage.com/save/makeover.cab
    O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/do...e_Inst_Win.cab
    O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Activ...veLauncher.cab
    O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
    O16 - DPF: {511073AD-BE56-4D43-AE68-93390514385E} (TechToolsActivex.TechTools) - hcp://system/TechTools.CAB
    O16 - DPF: {5BDBA960-6534-11D3-97C7-00500422B550} (LotusDRSControl Class) - http://acna-mi-ml1.akebono-usa.com/d...dolcontrol.cab
    O16 - DPF: {63E07911-299B-4B9A-825B-1AB14CC4C53B} (PhxStudent.OeSetup15) - https://mycampus.phoenix.edu/secure/PhxStudent15.CAB
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.142/code/PWActiveXImgCtl.CAB
    O16 - DPF: {72944257-0AE0-44FD-8A51-AA21853092C8} (PhxStudent.OeSetup15) - https://mycampus.phoenix.edu/secure/PhxStudent15.CAB
    O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} (RunExeActiveX.RunExe) - hcp://system/RunExeActiveX.CAB
    O16 - DPF: {76D90D08-EAB7-46D8-BF99-87445BF59E72} (SystemInfo Class) - http://www.getdway.com/dwayready/dpcsysinfo.cab
    O16 - DPF: {8494B5D2-DA6A-4BB8-9C15-6C18A312387E} (Caymas Secure Tunnel) - https://remote.akebono-usa.com/ui/Axt.cab
    O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://aolsvc.aol.com/onlinegames/gh...ugs/axhost.cab
    O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) - hcp://system/StartFirstControl.CAB
    O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) - https://www.stu.uophx.edu/secure/PhxStudent15.CAB
    O16 - DPF: {B12213CD-4189-415D-A054-7999528459F7} (pixelStormLauncher Class) - http://aolsvc.aol.com/onlinegames/tr...rmlauncher.cab
    O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/...reeInstall.cab
    O16 - DPF: {B7AEE795-CA7A-4BCE-8F63-6BC4AF227F2B} - http://status.uophx.edu/tech/transit...tupControl.ocx
    O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - https://hrpayroll-ml.ceridian.com/vi...ivexviewer.cab
    O16 - DPF: {D410AFBD-4E26-4D5F-840F-0412D6F6BB8D} (CPlayFirstSandScriptControl Object) - http://aolsvc.aol.com/onlinegames/fr...t.1.0.0.21.cab
    O16 - DPF: {D68217F4-1DF9-45C1-BFA6-61DBD5464527} (Genealogy Browser) - http://66.119.139.74/cabs/zinst.cab
    O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://dgl.microsoft.com/downloads/outc.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/pc...ploader_v7.cab
    O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - http://acna-mi-ml1.akebono-usa.com/dwa7W.cab
    O16 - DPF: {E1FD0DCC-705B-4F61-B9EC-6E711F9B56FE} (Secure Connect) - https://remote.akebono-usa.com/ui/cscinstaller.dll
    O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://livewc01.custhelp.com/7520-b.../java/RntX.cab
    O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex...trol_v1-32.cab
    O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Companion) - http://us.dl1.yimg.com/download.yaho...bio5_0_2_7.cab
    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\KMWDSrv.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINNT\System32\NMSSvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
    O23 - Service: PictureTaker - LANovation - C:\WINNT\System32\PCTKRNT.SYS
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
    O23 - Service: PrismXL - Lanovation - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINNT\wanmpsvc.exe

    --
    End of file - 14429 bytes

  2. #2
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
    "BEFORE you POST" (READ this Procedure before Requesting Assistance)
    http://forums.spybot.info/showthread.php?t=288
    All advice given is taken at your own risk.
    Please make sure you have read this information so we are on the same page.

    I ran Spybot as required to clear up anything in "red" but there are two items that cannot be fixed, and upon start-up, it goes through the same cycle of identifying the same issues.
    Be 100% positive you have the most recent updates and are fully immunized. If the issue with Spybot still persists, ask those questions to the Spybot experts here:
    http://forums.spybot.info/forumdisplay.php?f=4 <<< Spybot forum
    http://forums.spybot.info/forumdisplay.php?f=16 <<< false positives

    Even though you are infected, it is rare malware causes the issues you are having with IE. Have a look here:
    http://www.microsoft.com/windows/IE/.../IEtopten.mspx
    http://www.google.com/search?hl=en&q...=Google+Search
    http://www.google.com/search?hl=en&q...=Google+Search
    http://www.google.com/search?hl=en&q...=Google+Search

    You have this junk onboard: http://www.symantec.com/security_res...012017-0346-99

    and this: O4 - HKLM\..\Run: [h4X6VW8kd] C:\documents and settings\owner\local settings\temp\h4X6VW8kd.exe
    do you know what that is? If not, use one or more of these free online scanners to find out and post the results for me to view:
    http://virusscan.jotti.org/
    http://www.kaspersky.com/scanforvirus
    http://www.virustotal.com/

    You also have this: O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Activ...veLauncher.cab
    See what CastleCops has to say: http://www.castlecops.com/atxlist-951.html

    Let's let combofix take a look to see what it finds and we will go from there:

    Download ComboFix from Here or Here to your Desktop.
    • Double click combofix.exe and follow the prompts.
    • When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

    Note: Do not mouseclick combofix's window while its running. That may cause it to stall

    If your issues are resolved, please post to let me know so I can close the topic.

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  3. #3
    Junior Member
    Join Date
    Oct 2007
    Location
    Milford, MI
    Posts
    11

    Default IE Only Displays Secure Sites on Favorites

    Hi there,

    Sorry for the delay; I was out of town for two days. Thank you for helping me!

    1. Updated Spybot and ran. Same issues appeared. Attaching text file. Will submit to spybot forum you recommended.

    2. Thanks for the suggestions on searching for IE issues. Before I found this forum, I had found the Sandi Hardmeier article and followed all of her steps. I also found some of the other forums and read through the issues, tried some, but could not resolve the issue.

    3. How do I get rid of the junk you reference, including the wild tangent? I ran the file h4X6VW8kd through virusscan and virustotal. No issues were found. Results are attached as text.

    4. Ran combofix & HJT. Results below in separate posts (too much data). IE still does not load pages. Also, I am now missing my calculator, solitaire, outlook express, hearts. Shortcuts do not work. Applications appear to be missing. This occurred a few days ago.

    Combofix:

    ComboFix 07-10-16.1 - Owner 2007-10-16 19:37:49.1 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.133 [GMT -4:00]
    Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
    * Created a new restore point
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINNT\NDNuninstall4_80.exe
    C:\WINNT\NDNuninstall4_88.exe
    C:\WINNT\NDNuninstall4_94.exe
    C:\WINNT\NDNuninstall5_40.exe
    C:\WINNT\NDNuninstall5_48.exe
    C:\WINNT\NDNuninstall5_64.exe
    C:\WINNT\NDNuninstall6_10.exe
    C:\WINNT\NDNuninstall6_22.exe

    .
    ((((((((((((((((((((((((( Files Created from 2007-09-16 to 2007-10-16 )))))))))))))))))))))))))))))))
    .

    2007-10-16 19:35 51,200 --a------ C:\WINNT\NirCmd.exe
    2007-10-11 19:33 1,156 --a------ C:\WINNT\mozver.dat
    2007-10-11 15:17 <DIR> d-------- C:\Program Files\Java
    2007-10-11 15:17 <DIR> d-------- C:\Program Files\Common Files\Java
    2007-10-08 17:05 75,384 --a------ C:\WINNT\TrueInstall.exe
    2007-09-18 14:43 317,616 --a------ C:\WINNT\system32\drivers\srtspl.sys
    2007-09-18 14:43 278,576 --a------ C:\WINNT\system32\drivers\srtsp.sys
    2007-09-18 14:43 43,696 --a------ C:\WINNT\system32\drivers\srtspx.sys

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-10-11 23:06 --------- d-----w C:\Program Files\America Online 7.0
    2007-10-11 20:17 --------- d-----w C:\Program Files\America Online 8.0
    2007-10-08 22:10 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2007-10-08 21:59 --------- d-----w C:\Program Files\Norton AntiVirus
    2007-10-08 21:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2007-10-08 21:57 805 ----a-w C:\WINNT\system32\drivers\SYMEVENT.INF
    2007-10-08 21:57 60,800 ----a-w C:\WINNT\system32\S32EVNT1.DLL
    2007-10-08 21:57 123,952 ----a-w C:\WINNT\system32\drivers\SYMEVENT.SYS
    2007-10-08 21:57 10,740 ----a-w C:\WINNT\system32\drivers\SYMEVENT.CAT
    2007-10-08 21:57 --------- d-----w C:\Program Files\Symantec
    2007-10-08 21:05 --------- d-----w C:\Program Files\TrueSwitchComcast
    2007-10-06 17:03 --------- d-----w C:\Documents and Settings\Owner\Application Data\MSN6
    2007-10-06 17:03 --------- d-----w C:\Documents and Settings\Owner\Application Data\MSN6
    2007-09-18 18:44 10,662 ----a-w C:\WINNT\system32\drivers\srtspx.cat
    2007-09-18 18:44 10,662 ----a-w C:\WINNT\system32\drivers\srtspl.cat
    2007-09-18 18:44 10,658 ----a-w C:\WINNT\system32\drivers\srtsp.cat
    2007-09-18 18:44 1,430 ----a-w C:\WINNT\system32\drivers\srtspl.inf
    2007-09-18 18:44 1,421 ----a-w C:\WINNT\system32\drivers\srtspx.inf
    2007-09-18 18:44 1,415 ----a-w C:\WINNT\system32\drivers\srtsp.inf
    2007-09-14 03:28 --------- d-----w C:\Documents and Settings\Owner\Application Data\Viewpoint
    2007-09-14 03:28 --------- d-----w C:\Documents and Settings\Owner\Application Data\Viewpoint
    2007-09-14 03:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
    2007-09-09 21:21 512,000 ----a-w C:\WINNT\system32\WunderPhoto Screensaver.scr
    2007-09-02 13:26 --------- d-----w C:\Program Files\Real
    2007-09-01 13:08 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-08-25 16:43 --------- d-----w C:\Program Files\Common Files\Adobe
    2007-08-24 15:44 --------- d-----w C:\Documents and Settings\Owner\Application Data\TrueSwitch
    2007-08-24 15:44 --------- d-----w C:\Documents and Settings\Owner\Application Data\TrueSwitch
    2007-08-22 13:12 96,256 ------w C:\WINNT\system32\dllcache\inseng.dll
    2007-08-22 13:12 658,944 ----a-w C:\WINNT\system32\dllcache\wininet.dll
    2007-08-22 13:12 615,424 ----a-w C:\WINNT\system32\dllcache\urlmon.dll
    2007-08-22 13:12 55,808 ------w C:\WINNT\system32\dllcache\extmgr.dll
    2007-08-22 13:12 532,480 ------w C:\WINNT\system32\dllcache\mstime.dll
    2007-08-22 13:12 474,112 ----a-w C:\WINNT\system32\dllcache\shlwapi.dll
    2007-08-22 13:12 449,024 ------w C:\WINNT\system32\dllcache\mshtmled.dll
    2007-08-22 13:12 39,424 ------w C:\WINNT\system32\dllcache\pngfilt.dll
    2007-08-22 13:12 357,888 ------w C:\WINNT\system32\dllcache\dxtmsft.dll
    2007-08-22 13:12 3,058,176 ------w C:\WINNT\system32\dllcache\mshtml.dll
    2007-08-22 13:12 251,392 ------w C:\WINNT\system32\dllcache\iepeers.dll
    2007-08-22 13:12 205,312 ------w C:\WINNT\system32\dllcache\dxtrans.dll
    2007-08-22 13:12 16,384 ------w C:\WINNT\system32\dllcache\jsproxy.dll
    2007-08-22 13:12 151,040 ------w C:\WINNT\system32\dllcache\cdfview.dll
    2007-08-22 13:12 146,432 ------w C:\WINNT\system32\dllcache\msrating.dll
    2007-08-22 13:12 1,494,528 ----a-w C:\WINNT\system32\dllcache\shdocvw.dll
    2007-08-22 13:12 1,054,208 ------w C:\WINNT\system32\dllcache\danim.dll
    2007-08-22 13:12 1,022,976 ------w C:\WINNT\system32\dllcache\browseui.dll
    2007-08-21 10:30 18,432 ------w C:\WINNT\system32\dllcache\iedw.exe
    2007-08-21 06:15 683,520 ----a-w C:\WINNT\system32\inetcomm.dll
    2007-08-21 06:15 683,520 ------w C:\WINNT\system32\dllcache\inetcomm.dll
    2007-08-19 00:43 --------- d-----w C:\Documents and Settings\Owner\Application Data\Canon
    2007-08-19 00:43 --------- d-----w C:\Documents and Settings\Owner\Application Data\Canon
    2007-08-18 17:24 --------- d-----w C:\Program Files\support.com
    2007-08-18 16:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Support.com
    2007-08-05 23:30 63,176 ----a-w C:\Documents and Settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
    2007-08-05 23:30 63,176 ----a-w C:\Documents and Settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
    2007-07-30 23:19 92,504 ----a-w C:\WINNT\system32\dllcache\cdm.dll
    2007-07-30 23:19 92,504 ----a-w C:\WINNT\system32\cdm.dll
    2007-07-30 23:19 549,720 ----a-w C:\WINNT\system32\wuapi.dll
    2007-07-30 23:19 549,720 ----a-w C:\WINNT\system32\dllcache\wuapi.dll
    2007-07-30 23:19 53,080 ----a-w C:\WINNT\system32\wuauclt.exe
    2007-07-30 23:19 53,080 ----a-w C:\WINNT\system32\dllcache\wuauclt.exe
    2007-07-30 23:19 43,352 ----a-w C:\WINNT\system32\wups2.dll
    2007-07-30 23:19 325,976 ----a-w C:\WINNT\system32\wucltui.dll
    2007-07-30 23:19 325,976 ----a-w C:\WINNT\system32\dllcache\wucltui.dll
    2007-07-30 23:19 203,096 ----a-w C:\WINNT\system32\wuweb.dll
    2007-07-30 23:19 203,096 ----a-w C:\WINNT\system32\dllcache\wuweb.dll
    2007-07-30 23:19 1,712,984 ----a-w C:\WINNT\system32\wuaueng.dll
    2007-07-30 23:19 1,712,984 ----a-w C:\WINNT\system32\dllcache\wuaueng.dll
    2007-07-30 23:18 33,624 ----a-w C:\WINNT\system32\wups.dll
    2007-07-30 23:18 33,624 ----a-w C:\WINNT\system32\dllcache\wups.dll
    2006-02-19 08:28 12,288 ----a-w C:\WINNT\Fonts\RandFont.dll
    2003-07-26 19:08 1,583 -c--a-w C:\Program Files\INSTALL.LOG
    2002-10-02 20:33:16 32 -csha-w C:\WINNT\{9FAB8911-3BC4-493A-9D31-15B0694333AF}.dat
    2002-10-02 20:33:16 32 --sha-w C:\WINNT\system32\{132DF614-59EA-4791-9A10-1D83F9D5DFF3}.dat
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="NvQTwk" []
    "Keyboard Preload Check"="C:\OEMDRVRS\KEYB\Preload.exe" []
    "CTHelper"="CTHELPER.EXE" [2002-07-02 19:56 C:\WINNT\system32\cthelper.exe]
    "UpdReg"="C:\WINNT\UpdReg.EXE" [2000-05-11 03:00]
    "Jet Detection"="C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe" [2001-10-04 03:00]
    "RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2002-11-23 21:46]
    "GWMDMMSG"="GWMDMMSG.exe" [2002-08-06 16:24 C:\WINNT\GWMDMMSG.exe]
    "GWMDMpi"="C:\WINNT\GWMDMpi.exe" [2002-08-06 16:24]
    "NeroCheck"="C:\WINNT\system32\NeroCheck.exe" [2001-07-09 07:50]
    "Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-16 22:21]
    "Omnipage"="C:\Program Files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 12:38]
    "h4X6VW8kd"="C:\documents and settings\owner\local settings\temp\h4X6VW8kd.exe" []
    "BtcMaestro"="C:\Program Files\KMaestro\KMaestro.exe" [2002-11-27 01:47]
    "LWBMOUSE"="C:\MMaestro\BWheel35.exe" [2002-09-12 12:22]
    "CapFax"="C:\Program Files\PhoneTools\CapFax.EXE" [2001-11-07 15:25]
    "HostManager"="C:\Program Files\Common Files\AOL\1127949917\ee\AOLSoftware.exe" [2006-03-10 18:22]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-10-06 19:03]
    "HPDJ Taskbar Utility"="C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 11:46]
    "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 08:38]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-12-26 16:16]
    "HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-02-17 00:11]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 01:59]
    "osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [2007-01-14 03:11]
    "KMCONFIG"="C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\StartAutorun.exe" [2007-03-06 14:51]
    "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30]
    "SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_07\bin\jusched.exe" [2005-01-15 12:24]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" [2004-02-25 11:48]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
    "SpybotSnD"="C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 05:21:22]
    HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 08:56:20]
    Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2006-06-02 05:29:26]
    KODAK Software Updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 15:12:08]

    R0 IFP300;iRiver Internet Audio Player IFP-300;C:\WINNT\system32\DRIVERS\ifp300.sys
    R2 KMWDSERVICE;Keyboard And Mouse Communication Service;C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\KMWDSrv.exe
    R2 RioPNP;RioPNP;C:\WINNT\system32\drivers\RioPNP.sys
    R3 GTWModem;GTW V.92 Voicemodem;C:\WINNT\system32\DRIVERS\GWMDM.sys
    R3 KMWDFilter;KMWDFilter;\??\C:\WINNT\System32\Drivers\KMWDFilter.SYS
    S2 NMSSvc;Intel(R) NMS;C:\WINNT\System32\NMSSvc.exe
    S3 BCMModem;BCM V.90 56K Modem;C:\WINNT\system32\DRIVERS\BCMDM.sys
    S3 hlabeeh.sys;hlabeeh.sys;\??\C:\WINNT\System32\hlabeeh.sys
    S3 iscFlash;iscFlash;\??\C:\WINNT\SYSTEM32\DRIVERS\iscflash.sys
    S3 PCDRDRV;Pcdr Helper Driver;\??\C:\Atf\Qctest\PCDoc\PCDRDRV.sys

    *Newly Created Service* - CATCHME
    .
    Contents of the 'Scheduled Tasks' folder
    "2007-10-16 22:40:35 C:\WINNT\Tasks\Norton AntiVirus - Run Full System Scan - Owner.job"
    .
    **************************************************************************

    catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-10-16 19:40:59
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-10-16 19:41:51
    .
    --- E O F ---
    Cyro

  4. #4
    Junior Member
    Join Date
    Oct 2007
    Location
    Milford, MI
    Posts
    11

    Default IE Only Displays Secure Sites on Favorites

    HJT scan:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 7:44:07 PM, on 10/16/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\KMWDSrv.exe
    C:\WINNT\System32\nvsvc32.exe
    C:\WINNT\system32\HPZipm12.exe
    C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
    C:\WINNT\System32\svchost.exe
    C:\WINNT\wanmpsvc.exe
    C:\WINNT\system32\CTHELPER.EXE
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\WINNT\GWMDMMSG.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    C:\Program Files\KMaestro\KMaestro.exe
    C:\MMaestro\BWheel35.exe
    C:\Program Files\PhoneTools\CapFax.EXE
    C:\Program Files\Common Files\AOL\1127949917\ee\AOLSoftware.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\StartAutorun.exe
    C:\Program Files\Java\j2re1.4.2_07\bin\jusched.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    c:\program files\common files\aol\1127949917\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
    C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\KMConfig.exe
    C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\KMProcess.exe
    c:\program files\common files\aol\1127949917\ee\aolsoftware.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Norton AntiVirus\NAVW32.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINNT\explorer.exe
    C:\Documents and Settings\Owner\Desktop\hijackthis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:65535
    O2 - BHO: (no name) - SOFTWARE - (no file)
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\WINNT\Downloaded Program Files\ycomp5_0_2_7.dll (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {} - (no file)
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\WINNT\Downloaded Program Files\ycomp5_0_2_7.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [Keyboard Preload Check] C:\OEMDRVRS\KEYB\Preload.exe /DEVID: /CLASS:Keyboard /RunValue:"Keyboard Preload Check"
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
    O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
    O4 - HKLM\..\Run: [GWMDMpi] C:\WINNT\GWMDMpi.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    O4 - HKLM\..\Run: [h4X6VW8kd] C:\documents and settings\owner\local settings\temp\h4X6VW8kd.exe
    O4 - HKLM\..\Run: [BtcMaestro] C:\Program Files\KMaestro\KMaestro.exe
    O4 - HKLM\..\Run: [LWBMOUSE] C:\MMaestro\BWheel35.exe
    O4 - HKLM\..\Run: [CapFax] C:\Program Files\PhoneTools\CapFax.EXE
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1127949917\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
    O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_07\bin\jusched.exe
    O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
    O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
    O15 - Trusted Zone: http://*.windowsupdate.microsoft.com
    O15 - Trusted Zone: http://*.windowsupdate.com
    O16 - DPF: Mah Jong Garden by pogo - http://game4.pogo.com/applet-6.0.1.2...-ob-assets.cab
    O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.1.5.2...-ob-assets.cab
    O16 - DPF: Word Whomp Whackdown by pogo - http://whackdown.pogo.com/applet-6.0...-ob-assets.cab
    O16 - DPF: WordJong by pogo - http://wordjong.pogo.com/applet-6.0....-ob-assets.cab
    O16 - DPF: World Class Solitaire by pogo - http://game4.pogo.com/applet-6.0.0.3...-ob-assets.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/p.../PCPitStop.CAB
    O16 - DPF: {0F04992B-E661-4DB9-B223-903AB628225D} (DoMoreRunExe.DoMoreRun) - file://C:\Program Files\Gateway\Do More\DoMoreRunExe.CAB
    O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivillage.com/save/makeover.cab
    O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/do...e_Inst_Win.cab
    O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Activ...veLauncher.cab
    O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
    O16 - DPF: {511073AD-BE56-4D43-AE68-93390514385E} (TechToolsActivex.TechTools) - hcp://system/TechTools.CAB
    O16 - DPF: {5BDBA960-6534-11D3-97C7-00500422B550} (LotusDRSControl Class) - http://acna-mi-ml1.akebono-usa.com/d...dolcontrol.cab
    O16 - DPF: {63E07911-299B-4B9A-825B-1AB14CC4C53B} (PhxStudent.OeSetup15) - https://mycampus.phoenix.edu/secure/PhxStudent15.CAB
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.142/code/PWActiveXImgCtl.CAB
    O16 - DPF: {72944257-0AE0-44FD-8A51-AA21853092C8} (PhxStudent.OeSetup15) - https://mycampus.phoenix.edu/secure/PhxStudent15.CAB
    O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} (RunExeActiveX.RunExe) - hcp://system/RunExeActiveX.CAB
    O16 - DPF: {76D90D08-EAB7-46D8-BF99-87445BF59E72} (SystemInfo Class) - http://www.getdway.com/dwayready/dpcsysinfo.cab
    O16 - DPF: {8494B5D2-DA6A-4BB8-9C15-6C18A312387E} (Caymas Secure Tunnel) - https://remote.akebono-usa.com/ui/Axt.cab
    O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://aolsvc.aol.com/onlinegames/gh...ugs/axhost.cab
    O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) - hcp://system/StartFirstControl.CAB
    O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) - https://www.stu.uophx.edu/secure/PhxStudent15.CAB
    O16 - DPF: {B12213CD-4189-415D-A054-7999528459F7} (pixelStormLauncher Class) - http://aolsvc.aol.com/onlinegames/tr...rmlauncher.cab
    O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/...reeInstall.cab
    O16 - DPF: {B7AEE795-CA7A-4BCE-8F63-6BC4AF227F2B} - http://status.uophx.edu/tech/transit...tupControl.ocx
    O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - https://hrpayroll-ml.ceridian.com/vi...ivexviewer.cab
    O16 - DPF: {D410AFBD-4E26-4D5F-840F-0412D6F6BB8D} (CPlayFirstSandScriptControl Object) - http://aolsvc.aol.com/onlinegames/fr...t.1.0.0.21.cab
    O16 - DPF: {D68217F4-1DF9-45C1-BFA6-61DBD5464527} (Genealogy Browser) - http://66.119.139.74/cabs/zinst.cab
    O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://dgl.microsoft.com/downloads/outc.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/pc...ploader_v7.cab
    O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - http://acna-mi-ml1.akebono-usa.com/dwa7W.cab
    O16 - DPF: {E1FD0DCC-705B-4F61-B9EC-6E711F9B56FE} (Secure Connect) - https://remote.akebono-usa.com/ui/cscinstaller.dll
    O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://livewc01.custhelp.com/7520-b.../java/RntX.cab
    O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex...trol_v1-32.cab
    O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Companion) - http://us.dl1.yimg.com/download.yaho...bio5_0_2_7.cab
    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\KMWDSrv.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINNT\System32\NMSSvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
    O23 - Service: PictureTaker - LANovation - C:\WINNT\System32\PCTKRNT.SYS
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
    O23 - Service: PrismXL - Lanovation - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINNT\wanmpsvc.exe

    --
    End of file - 14913 bytes
    Cyro

  5. #5
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Thanks for returning your information, please do not attach files I have not requested, read the instructions.
    All logs should be copy/pasted into topic and not attached unless requested by helper in that format.
    Also, I am now missing my calculator, solitaire, outlook express, hearts. Shortcuts do not work. Applications appear to be missing. This occurred a few days ago.
    What do you mean by missing? These program are not on your computer? Or are you missing the short cuts to them? While I suppose anything is possible, I have yet to run into malware that removed whole programs.

    Spy Sweeper <<< do you own this program or is it left from a trial?

    Let's do this please:

    1) Click the "Open the Misc Tools" section Button.
    Click the "Open Uninstall Manager" Button.
    Click the "Save list..." Button.
    Save it to your desktop. Copy and paste the contents into your reply.
    (You may edit out Microsoft, Hotfixes, Security Update for Windows XP, Update for Windows XP and Windows XP Hotfix to shorten the list)

    2) See this: http://forums.spybot.info/showpost.p...80&postcount=2
    C:\Program Files\Java\j2re1.4.2_07\ <<< Java is out of date, please download the newest version and uninstall all old versions in Add Remove programs.

    3) You are still running IE6, I suggest you try updating to the newest version to see if that fixes your IE issues:
    http://www.microsoft.com/windows/pro...e/default.mspx

    4) Please download ATF Cleaner by Atribune
    http://www.atribune.org/content/view/25/2/
    Save it to your Desktop. We will use this later.

    5) Open HijackThis and choose "Do a system scan only" then check the box in front of these line items:

    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
    O2 - BHO: (no name) - SOFTWARE - (no file)
    (next item is damaged, install it again once we finish if you use it)
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\WINNT\Downloaded Program Files\ycomp5_0_2_7.dll (file missing)
    O2 - BHO: (no name) - {} - (no file)
    (same as above)
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\WINNT\Downloaded Program Files\ycomp5_0_2_7.dll (file missing)
    O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Activ...veLauncher.cab
    See this: http://www.castlecops.com/atxlist-951.html
    O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/...reeInstall.cab
    See this: http://www.castlecops.com/atxlist-1656.html
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/pc...ploader_v7.cab
    See this: http://www.trendmicro.com/vinfo/gray...=ADW%5FPOP%2EA

    Close all programs but HJT and all browser windows, then click on "Fix Checked"

    6) Run ATF Cleaner
    Double-click ATF-Cleaner.exe to run the program.
    Click Select All found at the bottom of the list.
    Click the Empty Selected button.
    Click Exit on the Main menu to close the program.

    Restart and post a new HJT log, the information you attached, the uninstall list and any feedback you think will help.

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  6. #6
    Junior Member
    Join Date
    Oct 2007
    Location
    Milford, MI
    Posts
    11

    Default IE Only Displays Secure Sites on Favorites

    Thank you for the continued support.

    1. Please bear with me. I am very green at this. Sorry for attaching files when not asked.

    2. You asked, "What do you mean by missing? These program are not on your computer? Or are you missing the short cuts to them? While I suppose anything is possible, I have yet to run into malware that removed whole programs."

    The applications/programs are no longer on my computer.

    3. Yes, I own Spysweeper. Do I need this if I am now using Spybot?

    4. You asked me to "click the 'open misc tools' section button. Are you referring to Spysweeper? There is no such section on my Spysweeper. If you are referring to something else, please clarify.

    5. I uninstalled the Java version on my computer but was unable to install the new version from the link you provided. Received message "the installer cannot proceed with the current internet connection settings. When I close out the window, an error message appears stating an unexpected installation error occurred.

    6. Downloaded the newest version of IE. Same issue still exists. Only secure sites will load.

    7. I conducted the HJT system scan only and checked the items indicated and followed the prompts to "Fix Checked."

    8. I ran the ATF Cleaner.

    9. New HJT loog is below. You also asked me to post "the information you attached." I am unsure if you want me to post it here as I ran it yesterday, so that is what I will do. I could not post the "uninstall list" as I am not sure what you were referencing in your point 1).

    10. I'm ready to just uninstall IE and continue using Firefox. Any long-term issues that I might face if I do that? I also plan to uninstall AOL, which I do not use since getting Comcast cable internet.

    HJT:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 9:39:24 PM, on 10/17/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0013)
    Boot mode: Normal

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\KMWDSrv.exe
    C:\WINNT\System32\NMSSvc.exe
    C:\WINNT\System32\nvsvc32.exe
    C:\WINNT\system32\HPZipm12.exe
    C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
    C:\WINNT\System32\svchost.exe
    C:\WINNT\wanmpsvc.exe
    C:\WINNT\Explorer.EXE
    C:\WINNT\system32\CTHELPER.EXE
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\WINNT\GWMDMMSG.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    C:\Program Files\KMaestro\KMaestro.exe
    C:\MMaestro\BWheel35.exe
    C:\Program Files\PhoneTools\CapFax.EXE
    C:\Program Files\Common Files\AOL\1127949917\ee\AOLSoftware.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\StartAutorun.exe
    C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\KMConfig.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINNT\system32\ctfmon.exe
    C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\KMProcess.exe
    c:\program files\common files\aol\1127949917\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
    c:\program files\common files\aol\1127949917\ee\aolsoftware.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Documents and Settings\Owner\Desktop\hijackthis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:65535
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [Keyboard Preload Check] C:\OEMDRVRS\KEYB\Preload.exe /DEVID: /CLASS:Keyboard /RunValue:"Keyboard Preload Check"
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
    O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
    O4 - HKLM\..\Run: [GWMDMpi] C:\WINNT\GWMDMpi.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    O4 - HKLM\..\Run: [h4X6VW8kd] C:\documents and settings\owner\local settings\temp\h4X6VW8kd.exe
    O4 - HKLM\..\Run: [BtcMaestro] C:\Program Files\KMaestro\KMaestro.exe
    O4 - HKLM\..\Run: [LWBMOUSE] C:\MMaestro\BWheel35.exe
    O4 - HKLM\..\Run: [CapFax] C:\Program Files\PhoneTools\CapFax.EXE
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1127949917\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
    O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
    O15 - Trusted Zone: http://*.windowsupdate.microsoft.com
    O15 - Trusted Zone: http://*.windowsupdate.com
    O16 - DPF: Mah Jong Garden by pogo - http://game4.pogo.com/applet-6.0.1.2...-ob-assets.cab
    O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.1.5.2...-ob-assets.cab
    O16 - DPF: Word Whomp Whackdown by pogo - http://whackdown.pogo.com/applet-6.0...-ob-assets.cab
    O16 - DPF: WordJong by pogo - http://wordjong.pogo.com/applet-6.0....-ob-assets.cab
    O16 - DPF: World Class Solitaire by pogo - http://game4.pogo.com/applet-6.0.0.3...-ob-assets.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/p.../PCPitStop.CAB
    O16 - DPF: {0F04992B-E661-4DB9-B223-903AB628225D} (DoMoreRunExe.DoMoreRun) - file://C:\Program Files\Gateway\Do More\DoMoreRunExe.CAB
    O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivillage.com/save/makeover.cab
    O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/do...e_Inst_Win.cab
    O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
    O16 - DPF: {511073AD-BE56-4D43-AE68-93390514385E} (TechToolsActivex.TechTools) - hcp://system/TechTools.CAB
    O16 - DPF: {5BDBA960-6534-11D3-97C7-00500422B550} (LotusDRSControl Class) - http://acna-mi-ml1.akebono-usa.com/d...dolcontrol.cab
    O16 - DPF: {63E07911-299B-4B9A-825B-1AB14CC4C53B} (PhxStudent.OeSetup15) - https://mycampus.phoenix.edu/secure/PhxStudent15.CAB
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.142/code/PWActiveXImgCtl.CAB
    O16 - DPF: {72944257-0AE0-44FD-8A51-AA21853092C8} (PhxStudent.OeSetup15) - https://mycampus.phoenix.edu/secure/PhxStudent15.CAB
    O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} (RunExeActiveX.RunExe) - hcp://system/RunExeActiveX.CAB
    O16 - DPF: {76D90D08-EAB7-46D8-BF99-87445BF59E72} (SystemInfo Class) - http://www.getdway.com/dwayready/dpcsysinfo.cab
    O16 - DPF: {8494B5D2-DA6A-4BB8-9C15-6C18A312387E} (Caymas Secure Tunnel) - https://remote.akebono-usa.com/ui/Axt.cab
    O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://aolsvc.aol.com/onlinegames/gh...ugs/axhost.cab
    O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) - hcp://system/StartFirstControl.CAB
    O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) - https://www.stu.uophx.edu/secure/PhxStudent15.CAB
    O16 - DPF: {B12213CD-4189-415D-A054-7999528459F7} (pixelStormLauncher Class) - http://aolsvc.aol.com/onlinegames/tr...rmlauncher.cab
    O16 - DPF: {B7AEE795-CA7A-4BCE-8F63-6BC4AF227F2B} - http://status.uophx.edu/tech/transit...tupControl.ocx
    O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - https://hrpayroll-ml.ceridian.com/vi...ivexviewer.cab
    O16 - DPF: {D410AFBD-4E26-4D5F-840F-0412D6F6BB8D} (CPlayFirstSandScriptControl Object) - http://aolsvc.aol.com/onlinegames/fr...t.1.0.0.21.cab
    O16 - DPF: {D68217F4-1DF9-45C1-BFA6-61DBD5464527} (Genealogy Browser) - http://66.119.139.74/cabs/zinst.cab
    O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://dgl.microsoft.com/downloads/outc.cab
    O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - http://acna-mi-ml1.akebono-usa.com/dwa7W.cab
    O16 - DPF: {E1FD0DCC-705B-4F61-B9EC-6E711F9B56FE} (Secure Connect) - https://remote.akebono-usa.com/ui/cscinstaller.dll
    O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://livewc01.custhelp.com/7520-b.../java/RntX.cab
    O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex...trol_v1-32.cab
    O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Companion) - http://us.dl1.yimg.com/download.yaho...bio5_0_2_7.cab
    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Micro Innovations\Wireless Keyboard & Mouse Driver\KMWDSrv.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINNT\System32\NMSSvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
    O23 - Service: PictureTaker - LANovation - C:\WINNT\System32\PCTKRNT.SYS
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
    O23 - Service: PrismXL - Lanovation - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINNT\wanmpsvc.exe

    --
    End of file - 13957 bytes

    Will post previous attachments in next post.

    Thank you.
    Cyro

  7. #7
    Junior Member
    Join Date
    Oct 2007
    Location
    Milford, MI
    Posts
    11

    Default IE Only Displays Secure Sites on Favorites

    Spybot 10.16 results:

    NewDotNet: User settings (Registry key, fixing failed)
    HKEY_USERS\S-1-5-18\Software\new.net

    NewDotNet: User settings (Registry key, fixing failed)
    HKEY_USERS\.DEFAULT\Software\new.net


    --- Spybot - Search && Destroy version: 1.3 ---
    2007-10-10 Includes\Cookies.sbi
    2007-07-25 Includes\Dialer.sbi
    2007-10-10 Includes\DialerC.sbi
    2007-08-29 Includes\Hijackers.sbi
    2007-10-10 Includes\HijackersC.sbi
    2007-10-04 Includes\Keyloggers.sbi
    2007-10-10 Includes\KeyloggersC.sbi
    2004-05-12 Includes\LSP.sbi
    2007-10-04 Includes\Malware.sbi
    2007-10-10 Includes\MalwareC.sbi
    2007-09-05 Includes\PUPS.sbi
    2007-10-10 Includes\PUPSC.sbi
    2007-10-10 Includes\Revision.sbi
    2007-05-30 Includes\Security.sbi
    2007-10-10 Includes\SecurityC.sbi
    2007-10-10 Includes\Spybots.sbi
    2007-10-10 Includes\SpybotsC.sbi
    2007-08-21 Includes\Tracks.uti
    2007-10-04 Includes\Trojans.sbi
    2007-10-10 Includes\TrojansC.sbi
    2007-06-06 Plugins\TCPIPAddress.dll

    Virustotalscan:


    Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
    Virus Total
    Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
    File h4x6vw8kd.dll received on 10.17.2007 01:23:43 (CET)
    Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
    Result: 0/31 (0%)
    Loading server information...
    Your file is queued in position: 3.
    Estimated start time is between 48 and 68 seconds.
    Do not close the window until scan is complete.
    The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
    If you are waiting for more than five minutes you have to resend your file.
    Your file is being scanned by VirusTotal in this moment,
    results will be shown as they're generated.
    Compact Compact
    Print results Print results
    Your file has expired or does not exists.
    Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

    You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
    Email:

    Antivirus Version Last Update Result
    AhnLab-V3 2007.10.17.0 2007.10.16 -
    AntiVir 7.6.0.23 2007.10.16 -
    Authentium 4.93.8 2007.10.16 -
    Avast 4.7.1051.0 2007.10.15 -
    AVG 7.5.0.488 2007.10.16 -
    BitDefender 7.2 2007.10.17 -
    CAT-QuickHeal 9.00 2007.10.16 -
    ClamAV 0.91.2 2007.10.16 -
    DrWeb 4.44.0.09170 2007.10.16 -
    eSafe 7.0.15.0 2007.10.15 -
    eTrust-Vet 31.2.5216 2007.10.17 -
    Ewido 4.0 2007.10.16 -
    FileAdvisor 1 2007.10.17 -
    Fortinet 3.11.0.0 2007.10.16 -
    F-Prot 4.3.2.48 2007.10.15 -
    F-Secure 6.70.13030.0 2007.10.17 -
    Ikarus T3.1.1.12 2007.10.16 -
    Kaspersky 7.0.0.125 2007.10.17 -
    McAfee 5142 2007.10.16 -
    Microsoft 1.2908 2007.10.16 -
    NOD32v2 2595 2007.10.16 -
    Norman 5.80.02 2007.10.16 -
    Panda 9.0.0.4 2007.10.16 -
    Prevx1 V2 2007.10.17 -
    Rising 19.45.12.00 2007.10.16 -
    Sophos 4.22.0 2007.10.16 -
    Sunbelt 2.2.907.0 2007.10.16 -
    Symantec 10 2007.10.16 -
    TheHacker 6.2.8.093 2007.10.16 -
    VBA32 3.12.2.4 2007.10.16 -
    VirusBuster 4.3.26:9 2007.10.16 -
    Additional information
    File size: 286 bytes
    MD5: ee541d27c5750e9fc8a647b19a1550a9
    SHA1: 46f48ccf700c9aa8f14038bab1f794684b7b4070

    ATENTION ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

    Scan another file
    VirusTotal © Hispasec Sistemas - Blog - Contact: info@virustotal.com

    Virusscan:

    Jotti's malware scan 2.99-TRANSITION_TO_3.00-R1
    File to upload & scan: Virus

    Service
    Service load:
    0% 100%
    File: h4x6vw8kd.dll
    Status:
    OK
    MD5: ee541d27c5750e9fc8a647b19a1550a9
    Packers detected:
    -
    Bit9 reports: File not found
    Scanner results
    Scan taken on 16 Oct 2007 23:16:51 (GMT)
    A-Squared
    Found nothing
    AntiVir
    Found nothing
    ArcaVir
    Found nothing
    Avast
    Found nothing
    AVG Antivirus
    Found nothing
    BitDefender
    Found nothing
    ClamAV
    Found nothing
    CPsecure
    Found nothing
    Dr.Web
    Found nothing
    F-Prot Antivirus
    Found nothing
    F-Secure Anti-Virus
    Found nothing
    Fortinet
    Found nothing
    Kaspersky Anti-Virus
    Found nothing
    NOD32
    Found nothing
    Norman Virus Control
    Found nothing
    Panda Antivirus
    Found nothing
    Rising Antivirus
    Found nothing
    Sophos Antivirus
    Found nothing
    VirusBuster
    Found nothing
    VBA32
    Found nothing

    Powered by
    images/asquared.png images/antivir.png images/arcabit.png images/avast.png images/avg.gif images/bitdefender.png images/clamav-logo1.png images/cpsecure.gif images/drweb.gif images/f-prot.png images/f-secure_logo.gif images/fortinet.gif images/kaspersky.png images/nod32.gif images/norman.png images/panda.png images/rising.gif images/sophos.gif images/virusbuster.gif images/vba32.png Bit9
    Disclaimer
    This service is by no means 100% safe. If this scanner says 'OK', it does not necessarily mean the file is clean. There could be a whole new virus on the loose. NEVER EVER rely on one single product only, not even this service, even though it utilizes several products. Therefore, We cannot and will not be held responsible for any damage caused by results presented by this non-profit online service.

    Also, we are aware of the implications of a setup like this. We are sure this whole thing is by no means scientifically correct, since this is a fully automated service (although manual correction is possible). We are aware, in spite of efforts to proactively counter these, false positives might occur, for example. We do not consider this a very big issue, so please do not e-mail us about it. This is a simple online scan service, not the university of Wichita.

    Scanning can take a while, since several scanners are being used, plus the fact some scanners use very high levels of (time consuming) heuristics. Scanners used are Linux versions, differences with Windows scanners may or may not occur. Another note: some scanners will only report one virus when scanning archives with multiple pieces of malware.

    Virus definitions are updated every hour. There is a 10Mb limit per file. Please refrain from uploading tons of hex-edited or repacked variants of the same sample.

    Please do not ask for viruses uploaded here, unless you work for an anti-virus vendor. They are not for trade. This is a legitimate service, not a VX site. Viruses uploaded here will be distributed to antivirus vendors without exception. Read more about this in our privacy policy. If you do not want your files to be distributed, please do not send them at all.

    Sponsored by donations (in random order) from: Stormbyte Technologies LLC, The ClamAV project, Steve S., Eric Johansen, Eric Schechter, Paul Bokel, Wilders Security, Wilfried Lilie, Prevx, SonicWALL, Lance Mueller, Ewido networks, HotelScraper.com, people who donated in the past, and some people who prefer to remain anonymous... many thanks to all!
    Statistics
    Last file scanned at least one scanner reported something about: ccsetup201.exe (MD5: 98dc79b8171c1a32e5c9deec33019ad6, size: 2806238 bytes), detected by:

    Scanner Malware name
    A-Squared X
    AntiVir W32/Parite
    ArcaVir W95.Parite.B
    Avast Win32:Parite
    AVG Antivirus Win32/Parite
    BitDefender Win32.Parite.B
    ClamAV W32.Parite.B
    CPsecure W32.Parite.B
    Dr.Web Win32.Parite.2
    F-Prot Antivirus W32/Parite.B
    F-Secure Anti-Virus Virus.Win32.Parite.b
    Fortinet W32/Parite.B
    Kaspersky Anti-Virus Virus.Win32.Parite.b
    NOD32 Win32/Parite.B
    Norman Virus Control W32/Pinfi.A
    Panda Antivirus W32/Parite.B
    Rising Antivirus Win32.Parite.b
    Sophos Antivirus W32/Parite-B
    VirusBuster Win32.Parite.B
    VBA32 Win32.Parite.B


    You're free to (mis)interpret these automated, flawed statistics at your own discretion. For antivirus comparisons, visit AV comparatives
    We are not affiliated with any third parties that conduct tests using this service.



    Frequently asked questions - Feedback - Privacy policy

    Debian

    Page generated by JTPL

    © 2004-2007 Jordi Bosveld <jotti@jotti.org>
    Cyro

  8. #8
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    1. Please bear with me. I am very green at this. Sorry for attaching files when not asked.
    No problem, that is why I post that information first, to clear the air.
    We have multiple issues here and I am going to try to help with malware. I may or may not be able to help with issues not malware related. I may be able to direct you to help, we shall see.
    The applications/programs are no longer on my computer.
    You are saying calculator, solitaire, outlook express, hearts <<< these programs are missing totally? You may have to reinstall the Operating System to fix this, I am going to suggest you ask technical support here:
    http://support.microsoft.com/ I know OE is part of the Operating system as is IE.

    Spybot 10.16 results:
    Though I use Spybot S&D and have for many years, there is much to know about the program and malware keeps me busy. I prefer to direct Spybot issues to experts with the program. I will say most issues (not all) are caused by lack of maintenance. If it is a new issue that needs adding to the databases, the Spybot experts will know this and be able to advise you.
    http://forums.spybot.info/forumdisplay.php?f=4 <<< Spybot forum
    http://forums.spybot.info/forumdisplay.php?f=16 <<< false positives

    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:44:07 PM, on 10/16/2007Looking at this HJT log I do not see anything that appears to be malware related. I do see items I do not know, is there anything in that HJT list you are not aware of why it is on your computer?

    Spysweeper is a good program that runs in real time, Spybot Does not.

    Instructions for Java were to download the new version FIRST and then uninstall old verions? You will have to ask Java support about those issues:
    http://java.sun.com/developer/support/ or perhaps one of the free user groups?

    Uninstall List: May show me something? I apologise for cutting off the first line.
    Open Hijackthis.
    Click the "Open the Misc Tools" section Button.
    Click the "Open Uninstall Manager" Button.
    Click the "Save list..." Button.
    Save it to your desktop. Copy and paste the contents into your reply.
    (You may edit out Microsoft, Hotfixes, Security Update for Windows XP, Update for Windows XP and Windows XP Hotfix to shorten the list)

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  9. #9
    Junior Member
    Join Date
    Oct 2007
    Location
    Milford, MI
    Posts
    11

    Default IE Only Displays Secure Sites on Favorites

    Hi there,

    OK, sounds like I have to move over to some other forums to resolve the Spybot and IE issue. I appreciate your help on the malware. A few strings ago I think you indicated that I was infected. I take it the steps we took regarding malware cleared that up? Below is the uninstall list. If you see anything, let me know.


    Adobe Acrobat 5.0
    Adobe Flash Player 9 ActiveX
    Ahead InCD EasyWrite Reader
    Ahead Nero BurnRights
    Ahead Nero Express
    AOL Coach Version 1.0(Build:20040229.1 en)
    AOL Instant Messenger (SM)
    AOL Uninstaller
    AppCore
    ArcSoft PhotoStudio 5
    ArcSoft Software Suite
    AV
    Bonjour
    Canon CanoScan Toolbox 4.1
    ccCommon
    CCScore
    CertGear PHR-SPHR Exam Simulator
    Creative Driver
    Creative Jukebox Driver
    Creative NOMAD II Driver
    DivX Codec
    Do More 5.0
    Do More 5.0
    DVD
    ESSBrwr
    ESSCDBK
    ESScore
    ESSgui
    ESShelp
    ESSini
    ESSPCD
    ESSPDock
    ESSSONIC
    ESSTOOLS
    essvatgt
    essvcpt
    Gateway Desktop Manager
    Gateway Power Management
    GTW V.92 Voicemodem
    HijackThis 2.0.2
    HLPPDOCK
    Hotfix for Windows XP (KB915865)
    HP Customer Participation Program 7.0
    HP Deskjet 3740
    HP Imaging Device Functions 7.0
    HP Photosmart and Deskjet 7.0 Software
    HP PhotoSmart C200 Photo Imaging Software
    HP PhotoSmart Photo Printing Software
    HP Photosmart Premier Software 6.5
    HP Software Update
    HP Solution Center 7.0
    HyperLoad
    Intel(R) PRO Ethernet Adapter and Software
    Intel(R) PROSet II
    Internet Worm Protection
    iPod for Windows 2005-10-12
    iRiver Manager
    iTunes
    KeyMaestro Input Device Driver V2.6.4-73AU
    KeyMaestro Mouse Driver
    kgcbaby
    kgcbase
    kgchday
    kgchlwn
    kgcinvt
    kgckids
    kgcmove
    kgcvday
    Kodak EasyShare software
    KSU
    LiveUpdate 3.2 (Symantec Corporation)
    LiveUpdate Notice (Symantec Corporation)
    Microsoft .NET Framework (English)
    Microsoft .NET Framework (English) v1.0.3705
    Microsoft .NET Framework 1.1
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office 2000 Professional
    Microsoft Picture It! Photo 7.0
    Microsoft PowerPoint 2002
    Microsoft Streets and Trips 2002
    Microsoft Word 2002
    Microsoft Works Suite Add-in for Microsoft Word
    Mozilla Firefox (2.0.0.7)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML4 Parser
    My DSC
    Network Play System (Patching)
    NOMAD Jukebox 3 Driver
    Norton AntiVirus
    Norton AntiVirus (Symantec Corporation)
    Norton AntiVirus Help
    Norton AntiVirus Parent MSI
    Norton AntiVirus SYMLT MSI
    Norton Protection Center
    Notifier
    NVIDIA Windows 2000/XP Display Drivers
    OfotoXMI
    OmniPage SE
    OTtBP
    OTtBPSDK
    PC-Doctor Consumer UI
    PC-Doctor Diagnostics
    PC-Doctor for Windows
    PC-Doctor Services
    PhoneTools
    QuickTime
    RealPlayer Basic
    Rhapsody Player Engine
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Media Player 9 (KB911565)
    Security Update for Windows Media Player 9 (KB917734)
    Security Update for Windows Media Player 9 (KB936782)
    Security Update for Windows XP (KB883939)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896422)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB896688)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899588)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB903235)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB905915)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB908531)
    Security Update for Windows XP (KB911280)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911567)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912812)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913446)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB916281)
    Security Update for Windows XP (KB917159)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB918899)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920214)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921398)
    Security Update for Windows XP (KB921503)
    Security Update for Windows XP (KB921883)
    Security Update for Windows XP (KB922616)
    Security Update for Windows XP (KB922760)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925454)
    Security Update for Windows XP (KB925486)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928090)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929123)
    Security Update for Windows XP (KB929969)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931768)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB933566)
    Security Update for Windows XP (KB933729)
    Security Update for Windows XP (KB935839)
    Security Update for Windows XP (KB935840)
    Security Update for Windows XP (KB936021)
    Security Update for Windows XP (KB937143)
    Security Update for Windows XP (KB938127)
    Security Update for Windows XP (KB938829)
    Security Update for Windows XP (KB939653)
    Security Update for Windows XP (KB941202)
    SFR
    SHASTA
    Shockwave
    SKIN0001
    SKINXSDK
    Sound Blaster Audigy
    SPBBC 32bit
    Spy Sweeper
    Spybot - Search & Destroy 1.3
    staticcr
    Symantec
    SymNet
    The Sims
    Ulead Photo Explorer 4.2
    Update for Windows XP (KB894391)
    Update for Windows XP (KB896727)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB927891)
    Update for Windows XP (KB929338)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB931836)
    Update for Windows XP (KB933360)
    Update for Windows XP (KB936357)
    Update for Windows XP (KB938828)
    Viewpoint Media Player
    Visual Statistics 2.0
    VPRINTOL
    Windows Installer 3.1 (KB893803)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows XP Hotfix - KB834707
    Windows XP Hotfix - KB867282
    Windows XP Hotfix - KB873333
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB885884
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890047
    Windows XP Hotfix - KB890175
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB890923
    Windows XP Hotfix - KB891781
    Windows XP Hotfix - KB893066
    Windows XP Hotfix - KB893086
    Windows XP Service Pack 2
    WIRELESS
    Wireless Keyboard & Mouse Driver
    WIWBAGPH
    WunderPhoto Screensaver
    Yahoo! Companion
    Cyro

  10. #10
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Spybot - Search & Destroy 1.3 <<< obsolete version of Spybot, probably why you are having issues with it.

    Viewpoint Media Player
    For your information, Viewpoint is installed by aol probably without your knowledge. I suggest you uninstall this resource waster in Add Remove programs.
    http://www.greatis.com/appdata/u/v/viewmgr.exe.htm
    http://www.spywareinfo.com/newslette....php#viewpoint
    http://www.clickz.com/news/article.php/3561546

    Update your antivirus software and run a complete system scan, post the results along with a new HJT log.

    Thanks
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •