Computer Help forum

General discussion

Windows Explorer won't start. Do I have a virus?

by danigula / August 19, 2009 3:49 AM PDT

Hi,
I have a sony vaio laptop sz120p.
I've been having a lot of problems with it but have been resistant to reset my computer, delete everything and start fresh (since I have so much stuff in it).

My current issue is the windows explorer won't start. So I have to ctrl alt del and create new task: explorer. That's the only way I can have the start bar show.
I've read all forums about this issue, but nothing seems to resolve the problem.
I've done system restore and there were no restore points.
I've ran all kinds of anti-virus but it keeps saying I've got nothing. I even run it with my internet off to make sure. I had avg, avira and ad-aware.
Now my sound disapeared, just happened a few days ago. Not sure if it was after a windows update... but it was on the same day.

How do I fix this issue?
Thanks, Dani

Discussion is locked
You are posting a reply to: Windows Explorer won't start. Do I have a virus?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Windows Explorer won't start. Do I have a virus?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Just In Case It's Malware
by Grif Thomas Forum moderator / August 19, 2009 6:51 AM PDT

First, just in case it's a corrupted user profile, please log into the computer using another username with admin rights.. Does the computer work fine now? If so, your current profile is bad and you'll need to create a new one and copy your personal files over to the new one.. On the other hand, if that doesn't help.....

Please try this:

On a friend or family member's computer, download the Malwarebytes installer and update files from the links below, copy them to a CD or flash drive, then transfer the files to the problem machine and use them. If you can't start the computer into "normal" windows, try installing, updating, and running the scans AFTER the computer is started into Safe Mode.. I use the sites below to download the installer file and the manual updater:

Once downloaded and before transferring them to the problem machine, rename the program installer "mbam-setup.exe" file to something else like "Gogetum.exe", then copy the installer file and the update file to a CD or flash drive.. Transfer the file to the problem machine, then install the "Gogetum.exe" file, then run the update to get the program current.. After that, run a full system scan and delete anything it finds.

Malwarebytes Installer Download Link (Clicking on the links below will immediately start the download dialogue window.)
http://www.besttechie.net/tools/mbam-setup.exe

Malwarebytes Manual Updater link
http://www.malwarebytes.org/mbam/database/mbam-rules.exe

Next, download the SuperAntispyware program and the manual updater from the links below. After running the Malwarebytes tool above, if you still can't download and install it directly from the problem machine, download it on a friend or family member's computer as well. After installing and updating SuperAntispyware, run another full system scan and delete everything it finds as well. As before, you may need to rename the installer file to get the program to install.:

SuperAntispyware
http://www.superantispyware.com/

SuperAntispyware Manual Updater
http://www.superantispyware.com/definitions.html
____________

In a few situations, in order for the program to run, it was also necessary to rename the main "mbam.exe" file also after installing it.. It resides in the C:\Programs Files\Malwarebytes Antimalware folder....
_____________________

Hope this helps.

Grif

Collapse -
About malwarebites
by danigula / August 19, 2009 7:57 AM PDT

I already have malwarebites in my computer and it never finds anything.
Do I need to download it on a friends computer and install it on safe mode in order to work? Meaning, did you asked me to do that because you think I can't access the computer or because that tricks the virus?

If the second is true, then do i need to uninstall the program and then install it in safe mode?

Collapse -
By The Way, The Malware Log You Provided DID Find Something
by Grif Thomas Forum moderator / August 19, 2009 9:59 AM PDT
In reply to: About malwarebites

..and it was a trojan and it was quarantined..

As stated in my post below, the only reason I asked to download, rename, etc. on a second computer is because many infected computers will block the installation and running of Malwarebytes.. If you already have the program installed and it will update and run correctly, then fine, do so.

As to Safe Mode, it is frequently a good idea to run a full system scan while in Safe Mode because it makes it easier for removal tools to clean up the machine.. Many types of malware are "locked in" while in "normal" Windows and are harder to remove.

Hope this helps.

Grif

Collapse -
Past Mbam log
by danigula / August 19, 2009 8:13 AM PDT

The last scan that had issues was this one below back in may:

Malwarebytes' Anti-Malware 1.36
Database version: 2158
Windows 5.1.2600 Service Pack 3

5/21/2009 1:27:16 PM
mbam-log-2009-05-21 (13-27-16).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|)
Objects scanned: 315848
Time elapsed: 4 hour(s), 52 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nmsaccessu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\nmsaccessu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nmsaccessu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{d3073845-c655-42e7-b723-191ccfc41f0a} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\SnEngine.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SnAgOS.EXE (Trojan.Agent) -> Quarantined and deleted successfully.


And this one before that on the same day:

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Collapse -
That's A Log From May..
by Grif Thomas Forum moderator / August 19, 2009 9:56 AM PDT
In reply to: Past Mbam log

It's not important what was found in May although in May, it DID find something and quarantined it. It would be a surprise if you had another infection. Please update the program and run a full system scan using the program IF it will update correctly while on the computer. (The previous instructions to perform the download on a second computer is relevant when the malware prevents the program from running correctly on the computer.) If it doesn't find anything, good. We'll move on.. But if there's something on the computer that Malwarbytes and can remove, it's a start in the right direction..

Hope this helps.

Grif

Collapse -
I ran malware and avira last night
by danigula / August 20, 2009 2:53 PM PDT

Thanks for your help Grif.
Unfortunately no luck yet.
I ran avira and malware bites last night in safe mode. everything was turned off but avira and malwarebites.
Malware bites had the latest updates as well as avira.
Malwarebites found nothing.
Avira had 66 warnings. See below:


Avira AntiVir Personal
Report file date: Wednesday, August 19, 2009 18:13

Scanning for 1649119 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Save mode
Username : Administrator
Computer name : VAIO

Version information:
BUILD.DAT : 9.0.0.407 17961 Bytes 7/29/2009 10:34:00
AVSCAN.EXE : 9.0.3.7 466689 Bytes 8/5/2009 21:28:22
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 16:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 17:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 16:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 18:30:36
ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 6/24/2009 21:51:11
ANTIVIR2.VDF : 7.1.5.88 2668032 Bytes 8/10/2009 15:16:07
ANTIVIR3.VDF : 7.1.5.138 423936 Bytes 8/19/2009 18:53:23
Engineversion : 8.2.1.3
AEVDF.DLL : 8.1.1.1 106868 Bytes 4/30/2009 17:52:04
AESCRIPT.DLL : 8.1.2.25 459130 Bytes 8/13/2009 19:04:38
AESCN.DLL : 8.1.2.4 127348 Bytes 8/3/2009 21:55:59
AERDL.DLL : 8.1.2.4 430452 Bytes 8/3/2009 21:55:53
AEPACK.DLL : 8.1.3.18 401783 Bytes 5/27/2009 22:07:20
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 8/3/2009 21:55:35
AEHEUR.DLL : 8.1.0.155 1921400 Bytes 8/18/2009 19:02:26
AEHELP.DLL : 8.1.6.0 233846 Bytes 8/18/2009 19:01:01
AEGEN.DLL : 8.1.1.57 356725 Bytes 8/18/2009 19:00:52
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/9/2008 20:32:40
AECORE.DLL : 8.1.7.6 184694 Bytes 8/3/2009 21:54:02
AEBB.DLL : 8.1.0.3 53618 Bytes 10/9/2008 20:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 14:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 12/5/2008 16:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 20:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 16:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 21:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 16:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 21:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 14:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 16:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 5/15/2009 21:39:58
RCTEXT.DLL : 9.0.37.0 86785 Bytes 4/17/2009 16:19:48

Configuration settings for the scan:
Jobname.............................: ShlExt
Configuration file..................: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\069c297a.avp
Logging.............................: low
Primary action......................: quarantine
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: off
Scan registry.......................: off
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: high
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: Wednesday, August 19, 2009 18:13

Starting the file scan:

Begin scan in 'C:\' <Vaio HD>
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\dab58e131c5a07aa15882a\admparse.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\advpack.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\browseui.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\corpol.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\custsat.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\dxtmsft.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\dxtrans.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\extmgr.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\hmmapi.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\icardie.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\idndl.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\ie4uinit.exe
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\ieakeng.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\ieaksie.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\ieakui.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\ieapfltr.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\iecustom.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\iedkcs32.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\iedw.exe
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\ieencode.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\ieframe.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\iepeers.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\ieproxy.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\iernonce.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\iertutil.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\iesetup.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\ieui.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\iexplore.exe
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\imgutil.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\inseng.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\jgaw400.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\jgdw400.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\jgmd400.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\jgpl400.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\jgsd400.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\jgsh400.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\jscript.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\jsproxy.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\licmgr10.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\msfeeds.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\msfeedsbs.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\msfeedssync.exe
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\mshta.exe
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\mshtml.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\mshtmled.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\mshtmler.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\msls31.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\msrating.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\mstime.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\normaliz.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\occache.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\pngfilt.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\shdocvw.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\shlwapi.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\spmsg.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\spuninst.exe
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\spupdsvc.exe
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\triedit.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\url.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\urlmon.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\vbscript.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\vgx.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\webcheck.dll
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\winfxdocobj.exe
[WARNING] The file could not be opened!
C:\dab58e131c5a07aa15882a\wininet.dll
[WARNING] The file could not be opened!


End of the scan: Thursday, August 20, 2009 01:52
Used time: 7:38:42 Hour(s)

The scan has been done completely.

18431 Scanned directories
520759 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
66 Files cannot be scanned
520693 Files not concerned
13491 Archives were scanned
66 Warnings
1 Notes

What does that mean??????

D

Collapse -
summary of problems
by danigula / August 20, 2009 3:07 PM PDT

Also, i forgot to say, my computer search is blank. You know the one that shows the wizard or the dog and searches for files on the computer. That has also not been working for the longest time.
So:
system restore had no restore points.
search wizard opens window blank.
sound is not working.
computer runs ultra slow and makes lot of noise.
anti-virus finds no problems.
windows task manager shows over 60 processes. (is that a lot?)

If I run a hijackthis and post it here will it help?

Collapse -
About the sound
by danigula / August 20, 2009 3:10 PM PDT

Also, about the sound. So I plugged headphones and even though the volume is on max and I reinstalled the driver, there is no sound. But I just noticed when i put the headphones on, there is a very very low sound coming in the headphones, barely noticeable. Wierd!

Collapse -
Hijack this
by danigula / August 20, 2009 3:11 PM PDT

Here is the hijack this report:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:10:42 AM, on 8/21/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = Shocked
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Auto EPSON Stylus CX3800 Series on ROBERT-PC] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P44 "Auto EPSON Stylus CX3800 Series on ROBERT-PC" /O38 "\\ROBERT-PC\EPSON Stylus CX3800 Series" /M "Stylus CX3800"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\WINDOWS\system32\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\WINDOWS\system32\SHDOCVW.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=7&ar=msnhome
O16 - DPF: Web-Based Email Tools - http://email.secureserver.net/Download.CAB
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {0854D220-A90A-466D-BC02-6683183802B7} (PrintPreview Class) - http://sabor.fnismls.com/Paragon/Codebase/FNISPrintControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://img4.orkut.com/activex/10036/photouploader.cab
O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - https://secure.shared.live.com/Pa6vGqB728AxD-ckvrPc0A/etc/Microsoft.Live.Folders.RichUpload.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 12503 bytes

Collapse -
Looks Like It's Time To Do A Repair Install
by Grif Thomas Forum moderator / August 21, 2009 2:25 PM PDT
In reply to: Hijack this

At this point, there's enough corruption in your system that I recommend using your operating system disc and run a repair install.. It should fix the corrupted system files and get you back to working order.

And since you've done the HijackThis thing, you might consider following the steps in the link below to post you HJT log to a forum that interprets such things.

http://forums.cnet.com/5208-6132_102-0.html?threadID=255339

Hope this helps.

Grif

Collapse -
Repair install
by danigula / September 3, 2009 10:04 AM PDT

Hi Grif,
About the repair install, is that going to delete everything and start the computer from scratch? I have put the cd before but it says i have a different system because it is now xp with service pack 3. so it pretty much says the disk is old.
so how do i do it?

Collapse -
Tried Uninstalling SP3, Then Run the XP Disc? Or..
by Grif Thomas Forum moderator / September 4, 2009 8:08 AM PDT
In reply to: Repair install

You can make a SP3 slipstreamed disc and that should do it as well.. Either way, you should be able to run the repair without needing a full reformat.. Of course, there are no guarantees.. Good backups are always the best bet, just in case problems occur.

Hope this helps.

Grif

Collapse -
I have a virus in my window
by onapthanh / October 23, 2013 10:48 PM PDT
In reply to: Hijack this

just in case it's a corrupted user profile, please log into the computer using another username with admin rights.. Does the computer work fine now? If so, your current profile is bad and you'll need to create a new one and copy your personal files over to the new one. I've read all forums about this issue, but nothing seems to resolve the problem.
I've done system restore and there were no restore points.
I've ran all kinds of anti-virus but it keeps saying I've got nothing. I even run it with my internet off to make sure. I had avg, avira and ad-aware.
Now my sound disapeared, just happened a few days ago. Not sure if it was after a windows update... but it was on the same day.

Collapse -
This Thread Is FOUR Years Old.. If You....
by Grif Thomas Forum moderator / October 24, 2013 4:06 AM PDT

....are having issues with your computer, please start a new thread so your problem can be taken care of.. When doing so, please make sure you give us all the details about your machine and exactly what the problem is.

Locking this thread.

Hope this helps.

Grif

Popular Forums
icon
Computer Help 49,613 discussions
icon
Computer Newbies 10,349 discussions
icon
Laptops 19,436 discussions
icon
Security 30,426 discussions
icon
TVs & Home Theaters 20,308 discussions
icon
Windows 10 360 discussions
icon
Phones 15,802 discussions
icon
Windows 7 7,351 discussions
icon
Networking & Wireless 14,641 discussions

Smartphone tip

Hoarding photos on your phone?

Those picture are hogging memory and could be slowing down your phone.