User Name Password Register
DaniWeb IT Discussion Community
Home
Forums
Tutorials
Blogs
Link Directory
All
What is DaniWeb IT Discussion Community?
You're currently browsing the Viruses, Spyware and other Nasties section within the Tech Talk category of DaniWeb, a massive community of 456,539 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 3,245 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Join our community!
Please support our Viruses, Spyware and other Nasties advertiser: 64-bit Windows Community
Views: 2930 | Replies: 21 | Solved
Reply
Page 1 of 3 1 23 >
Join Date: Oct 2007
Posts: 10
Reputation: sreddy is an unknown quantity at this point 
Rep Power: 2
Solved Threads: 0
sreddy sreddy is offline Offline
Newbie Poster

Help Internet Explorer v6 - Blank Page

  #1  
Oct 11th, 2007
The home page opens correctly when I open IE v6. Any click on the link on the home page works OK. However, when I enter any website address in the address bar and press enter, a new blank explorer page pops up and nothing happens. I cannot update to IE v7. If I right click a link on the home page and try to open in new window, the same blank page happens.

This is making me crazy. Please help!!! Thanks

I have windows XP (SP2). Norton, Spybot and Adaware did not show anything.

The log from Hijackthis is below:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 8:26:44 PM, on 10/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Drivers\trcboot.exe
C:\Program Files\IBM\Personal Communications\PCS_AGNT.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
c:\sdwork\issimsvc.exe
C:\notes\ntmulti.exe
C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\MyHelpService.exe
C:\PROGRA~1\AT&TNE~1\NetCfgSv.EXE
C:\WINDOWS\system32\HPZipm12.exe
c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\WINDOWS\WRTService.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\IBM\SQLLIB\BIN\db2jds.exe
C:\Program Files\IBM\SQLLIB\BIN\db2licd.exe
C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\Drivers\ldlcserv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.common_1.2.23\pmonmh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\PdaNet for Treo 700p\PdaNet.exe
C:\Program Files\PdaReach\PdaReach.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\PdaNet for Treo 700p\PdaNetUm.exe
C:\Program Files\PdaReach\UsbMan.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://w3.ibm.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>;localhost:49213;127.0.0.1
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ISAM SMT Service] "C:\Program Files\C4ebreg\isamsmt.exe"
O4 - HKLM\..\Run: [ISAMTray] "C:\Program Files\C4ebreg\isamtray.exe"
O4 - HKLM\..\Run: [stgclean] c:\sdwork\w32main2.exe /cleanup
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Thinkvantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [ISSI EZUpdate Service] "c:\sdwork\issimsvc.exe"
O4 - HKLM\..\Run: [pmonmh] C:\Program Files\IBM\My Help\plugins\\com.ibm.myhelp.common_1.2.23/pmonmh.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MyHelpService] "C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\delayStart.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files\PdaNet for Treo 700p\PdaNet.exe
O4 - Startup: PdaReach Desktop.lnk = C:\Program Files\PdaReach\PdaReach.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Lotus QuickStart.lnk = ?
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://w3.ibm.com
O15 - Trusted Zone: *.doginhispen.com
O15 - Trusted Zone: *.whataboutadog.com
O16 - DPF: ST MRC ST31IF1 PMR-90722999000 - https://www-1.ibm.com/sametime/stmee...RoomClient.cab
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab
O16 - DPF: {253A9D23-F982-11D4-8BE4-00D0B7E61414} (SiebelHTMLApplication Class) - https://w3-113.ibm.com/transform/crm...siebelhtml.cab
O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} (MSN Money Charting) - http://moneycentral.msn.com/cabs/pmupd806.exe
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/res...scbase2895.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1189615624093
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {68CDB19A-6305-4589-8C35-41E3502CD451} (Siebel Option Pack for IE 7.5.3) - https://w3-113.ibm.com/transform/crm...OptionPack.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1189615615984
O16 - DPF: {7261EE42-318E-490A-AE8F-77649DBA1ECA} (JNILoader Control) - https://www-1.ibm.com/sametime/stmee...TJNILoader.cab
O16 - DPF: {76E5AF9D-2B3E-4FEB-A31F-A9E63A27FA29} (IASRunner Class) - https://www-307.ibm.com/pc/support/a...tent/AcpIR.cab
O16 - DPF: {8F4F3368-54CA-4268-8225-0F4367472CF4} (MailClient Class) - https://w3-113.ibm.com/transform/crm...MailClient.cab
O16 - DPF: {9519B2A2-6592-4E41-8290-D0298459270C} (LNWebAssist Class) - http://w3.ibm.com/bluepages/scripts/lnwebassist.cab
O16 - DPF: {A4B28810-11A2-4956-82D1-B2DCBA4B2AFD} (gpwsx.plugin) - http://w3.ibm.com/tools/print/plugin/gpwsx.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://venividi.webex.com/client/T2...nt/ieatgpc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F32EAB2C-829C-43D0-A22B-802714949DA8}: Domain = ibm.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{F32EAB2C-829C-43D0-A22B-802714949DA8}: SearchList = ibm.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = IBM.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = IBM.COM
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\Browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\Browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AppnNode - IBM Corporation - C:\WINDOWS\system32\Drivers\appnnode.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: IBM Content Delivery Service (CDSClient) - Unknown owner - C:\Program Files\IBM\tivoli\CDSClient\cds\CDSWinSrv.exe
O23 - Service: DB2 - DB2-0 (DB2-0) - International Business Machines Corporation - C:\PROGRA~1\IBM\SQLLIB\bin\db2syscs.exe
O23 - Service: DB2DAS - DB2DAS00 (DB2DAS00) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\\bin\db2dasrrm.exe
O23 - Service: DB2 Governor (DB2GOVERNOR) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2govds.exe
O23 - Service: DB2 JDBC Applet Server (DB2JDS) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2jds.exe
O23 - Service: DB2 License Server (DB2LICD) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2licd.exe
O23 - Service: DB2 Security Server (DB2NTSECSERVER) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
O23 - Service: DB2 Remote Command Server (DB2REMOTECMD) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2rcmd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISAM SMT Service (ISAMsmt) - Unknown owner - C:\Program Files\C4ebreg\isamsmt.exe (file missing)
O23 - Service: ISSI EZUpdate (ISSIMon) - IBM Global Services - c:\sdwork\issimsvc.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: IBM Enterprise Extender (ldlcserv) - IBM Corporation - C:\WINDOWS\system32\Drivers\ldlcserv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\notes\ntmulti.exe
O23 - Service: My Help (MyHelp) - Unknown owner - C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\MyHelpService.exe
O23 - Service: Network Configuration Service (NetCfgSvr) - AT&T - C:\PROGRA~1\AT&TNE~1\NetCfgSv.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: IBM Trace Facility (TrcBoot) - IBM Corporation - C:\WINDOWS\system32\Drivers\trcboot.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: WRT Service (WRTService) - Unknown owner - C:\WINDOWS\WRTService.exe

--
End of file - 18316 bytes
AddThis Social Bookmark Button
Reply With Quote  
Join Date: May 2005
Posts: 2,792
Reputation: gerbil is on a distinguished road 
Rep Power: 9
Solved Threads: 144
gerbil gerbil is offline Offline
Posting Maven

Re: Internet Explorer v6 - Blank Page

  #2  
Oct 14th, 2007
Hello, Sreddy, if you still need help could you start off with this, please?
==Download this temp file cleaner from http://www.atribune.org/ccount/click.php?id=1 --click in the download window to run it, and when ATF Cleaner opens go Select all, and then Empty Selected.
Next click Firefox [if you have that browser..] at the top, Select All again, and Empty Selected again. Follow that procedure also if you have Opera.
Close ATF.
[If you wish, save ATF Cleaner to your desktop or a cleaning folder somewhere as it is a fairly useful tool for occasional use.]
==Download this file to your desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- to run it dclick combofix.exe and follow the prompts to start it. When finished, it will produce a log, C:\Combofix.txt - post that log in your next reply.
A word of caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.
And post a fresh hijackthis scan log also...
Deep, deep in the woods, but walking about.
Reply With Quote  
Join Date: Oct 2007
Posts: 10
Reputation: sreddy is an unknown quantity at this point 
Rep Power: 2
Solved Threads: 0
sreddy sreddy is offline Offline
Newbie Poster

Help Re: Internet Explorer v6 - Blank Page

  #3  
Oct 14th, 2007
Thanks for replying to the post. I still have the blank page problem.

I have run ATF Cleaner to clean all temporary files. Have run Combofix. Here is the log file:

ComboFix 07-10-12.4 - sreddy 2007-10-14 11:38:50.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1241 [GMT -4:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\WinBudget
C:\WINDOWS\Downloaded Program Files\Temp
C:\WINDOWS\system32\drivers\npf.sys

.
((((((((((((((((((((((((( Files Created from 2007-09-14 to 2007-10-14 )))))))))))))))))))))))))))))))
.

2007-10-14 11:38 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-11 17:41 109,744 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-10-11 17:41 48,816 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2007-10-10 22:05 <DIR> d-------- C:\My Google Gadgets
2007-10-10 19:14 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2007-10-10 17:43 <DIR> d-------- C:\Program Files\TrojanHunter 5.0
2007-10-09 23:15 <DIR> d-------- C:\Program Files\Windows Defender
2007-10-09 22:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-10-09 21:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-10-09 21:09 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-10-09 13:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-10-09 13:33 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-10-09 13:13 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Lavasoft
2007-10-09 13:13 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Lavasoft
2007-10-09 13:12 <DIR> d-------- C:\Program Files\Lavasoft
2007-10-08 18:23 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2007-10-08 14:47 116,224 --a--c--- C:\WINDOWS\system32\dllcache\xrxwiadr.dll
2007-10-08 14:47 27,648 --a--c--- C:\WINDOWS\system32\dllcache\xrxftplt.exe
2007-10-08 14:47 23,040 --a--c--- C:\WINDOWS\system32\dllcache\xrxwbtmp.dll
2007-10-08 14:47 17,408 --a--c--- C:\WINDOWS\system32\dllcache\xrxscnui.dll
2007-10-08 14:47 4,608 --a--c--- C:\WINDOWS\system32\dllcache\xrxflnch.exe
2007-10-08 14:46 771,581 --a--c--- C:\WINDOWS\system32\dllcache\winacisa.sys
2007-10-08 14:46 154,624 --a--c--- C:\WINDOWS\system32\dllcache\wlluc48.sys
2007-10-08 14:46 99,865 --a--c--- C:\WINDOWS\system32\dllcache\xlog.exe
2007-10-08 14:46 34,890 --a--c--- C:\WINDOWS\system32\dllcache\wlandrv2.sys
2007-10-08 14:46 19,455 --a--c--- C:\WINDOWS\system32\dllcache\wvchntxx.sys
2007-10-08 14:46 19,328 --a--c--- C:\WINDOWS\system32\dllcache\wstcodec.sys
2007-10-08 14:46 16,970 --a--c--- C:\WINDOWS\system32\dllcache\xem336n5.sys
2007-10-08 14:46 12,063 --a--c--- C:\WINDOWS\system32\dllcache\wsiintxx.sys
2007-10-08 14:46 8,832 --a--c--- C:\WINDOWS\system32\dllcache\wmiacpi.sys
2007-10-08 14:44 604,253 --a--c--- C:\WINDOWS\system32\dllcache\vmodem.sys
2007-10-08 14:44 397,502 --a--c--- C:\WINDOWS\system32\dllcache\vpctcom.sys
2007-10-08 14:44 249,402 --a--c--- C:\WINDOWS\system32\dllcache\vinwm.sys
2007-10-08 14:44 64,605 --a--c--- C:\WINDOWS\system32\dllcache\vvoice.sys
2007-10-08 14:44 53,760 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2007-10-08 14:44 24,576 --a--c--- C:\WINDOWS\system32\dllcache\viairda.sys
2007-10-08 14:44 19,528 --a--c--- C:\WINDOWS\system32\dllcache\w840nd.sys
2007-10-08 14:44 19,016 --a--c--- C:\WINDOWS\system32\dllcache\w926nd.sys
2007-10-08 14:42 94,720 --a--c--- C:\WINDOWS\system32\dllcache\umaxud32.dll
2007-10-08 14:42 69,632 --a--c--- C:\WINDOWS\system32\dllcache\umaxu12.dll
2007-10-08 14:42 59,264 --a--c--- C:\WINDOWS\system32\dllcache\usbaudio.sys
2007-10-08 14:42 50,688 --a--c--- C:\WINDOWS\system32\dllcache\umaxscan.dll
2007-10-08 14:42 50,176 --a--c--- C:\WINDOWS\system32\dllcache\umaxp60.dll
2007-10-08 14:42 32,384 --a--c--- C:\WINDOWS\system32\dllcache\usb101et.sys
2007-10-08 14:42 28,160 --a--c--- C:\WINDOWS\system32\dllcache\umaxu40.dll
2007-10-08 14:42 26,624 --a--c--- C:\WINDOWS\system32\dllcache\umaxu22.dll
2007-10-08 14:42 22,912 --a--c--- C:\WINDOWS\system32\dllcache\umaxpcls.sys
2007-10-08 14:41 525,568 --a--c--- C:\WINDOWS\system32\dllcache\tridxp.dll
2007-10-08 14:41 440,576 --a--c--- C:\WINDOWS\system32\dllcache\tridkb.dll
2007-10-08 14:41 216,064 --a--c--- C:\WINDOWS\system32\dllcache\um34scan.dll
2007-10-08 14:41 211,968 --a--c--- C:\WINDOWS\system32\dllcache\um54scan.dll
2007-10-08 14:41 166,784 --a--c--- C:\WINDOWS\system32\dllcache\tridxpm.sys
2007-10-08 14:41 159,232 --a--c--- C:\WINDOWS\system32\dllcache\tridkbm.sys
2007-10-08 14:41 47,616 --a--c--- C:\WINDOWS\system32\dllcache\umaxcam.dll
2007-10-08 14:41 11,520 --a--c--- C:\WINDOWS\system32\dllcache\twotrack.sys
2007-10-08 14:40 315,520 --a--c--- C:\WINDOWS\system32\dllcache\trid3d.dll
2007-10-08 14:40 241,664 --a--c--- C:\WINDOWS\system32\dllcache\tosdvd02.sys
2007-10-08 14:40 230,912 --a--c--- C:\WINDOWS\system32\dllcache\tosdvd03.sys
2007-10-08 14:40 222,336 --a--c--- C:\WINDOWS\system32\dllcache\trid3dm.sys
2007-10-08 14:40 82,432 --a--c--- C:\WINDOWS\system32\dllcache\tp4mon.exe
2007-10-08 14:40 42,496 --a--c--- C:\WINDOWS\system32\dllcache\tp4res.dll
2007-10-08 14:40 34,375 --a--c--- C:\WINDOWS\system32\dllcache\tpro4.sys
2007-10-08 14:40 31,744 --a--c--- C:\WINDOWS\system32\dllcache\tp4.dll
2007-10-08 14:40 28,232 --a--c--- C:\WINDOWS\system32\dllcache\tos4mo.sys
2007-10-08 14:39 149,376 --a--c--- C:\WINDOWS\system32\dllcache\tffsport.sys
2007-10-08 14:39 138,528 --a--c--- C:\WINDOWS\system32\dllcache\tgiulnt5.sys
2007-10-08 14:39 123,995 --a--c--- C:\WINDOWS\system32\dllcache\tjisdn.sys
2007-10-08 14:39 81,408 --a--c--- C:\WINDOWS\system32\dllcache\tgiul50.dll
2007-10-08 14:39 37,961 --a--c--- C:\WINDOWS\system32\dllcache\tdk100b.sys
2007-10-08 14:39 36,640 --a--c--- C:\WINDOWS\system32\dllcache\t2r4mini.sys
2007-10-08 14:39 30,464 --a--c--- C:\WINDOWS\system32\dllcache\tbatm155.sys
2007-10-08 14:39 17,129 --a--c--- C:\WINDOWS\system32\dllcache\tdkcd31.sys
2007-10-08 14:39 7,040 --a--c--- C:\WINDOWS\system32\dllcache\tandqic.sys
2007-10-08 14:37 285,760 --a--c--- C:\WINDOWS\system32\dllcache\stlnata.sys
2007-10-08 14:37 106,584 --a--c--- C:\WINDOWS\system32\dllcache\spdports.dll
2007-10-08 14:37 99,328 --a--c--- C:\WINDOWS\system32\dllcache\srusd.dll
2007-10-08 14:37 61,824 --a--c--- C:\WINDOWS\system32\dllcache\speed.sys
2007-10-08 14:37 53,248 --a--c--- C:\WINDOWS\system32\dllcache\stlncoin.dll
2007-10-08 14:37 48,736 --a--c--- C:\WINDOWS\system32\dllcache\srwlnd5.sys
2007-10-08 14:37 24,660 --a--c--- C:\WINDOWS\system32\dllcache\spxupchk.dll
2007-10-08 14:37 16,896 --a--c--- C:\WINDOWS\system32\dllcache\stcusb.sys
2007-10-08 14:36 147,200 --a--c--- C:\WINDOWS\system32\dllcache\smidispb.dll
2007-10-08 14:36 114,688 --a--c--- C:\WINDOWS\system32\dllcache\sonypi.dll
2007-10-08 14:36 58,368 --a--c--- C:\WINDOWS\system32\dllcache\smiminib.sys
2007-10-08 14:36 37,040 --a--c--- C:\WINDOWS\system32\dllcache\sonypi.sys
2007-10-08 14:36 20,752 --a--c--- C:\WINDOWS\system32\dllcache\sonync.sys
2007-10-08 14:36 9,600 --a--c--- C:\WINDOWS\system32\dllcache\sonymc.sys
2007-10-08 14:36 7,552 --a--c--- C:\WINDOWS\system32\dllcache\sonypvu1.sys
2007-10-08 14:36 7,552 --a--c--- C:\WINDOWS\system32\dllcache\sonyait.sys
2007-10-08 14:36 7,040 --a--c--- C:\WINDOWS\system32\dllcache\snyaitmc.sys
2007-10-08 14:33 386,560 --a--c--- C:\WINDOWS\system32\dllcache\sgiul50.dll
2007-10-08 14:33 161,568 --a--c--- C:\WINDOWS\system32\dllcache\sgsmusb.sys
2007-10-08 14:33 101,760 --a--c--- C:\WINDOWS\system32\dllcache\sis300ip.sys
2007-10-08 14:33 98,080 --a--c--- C:\WINDOWS\system32\dllcache\sgiulnt5.sys
2007-10-08 14:33 36,480 --a--c--- C:\WINDOWS\system32\dllcache\sfmanm.sys
2007-10-08 14:33 18,400 --a--c--- C:\WINDOWS\system32\dllcache\sgsmld.sys
2007-10-08 14:33 17,664 --a--c--- C:\WINDOWS\system32\dllcache\sermouse.sys
2007-10-08 14:33 6,912 --a--c--- C:\WINDOWS\system32\dllcache\seaddsmc.sys
2007-10-08 14:29 899,146 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2007-10-08 14:29 714,762 --a--c--- C:\WINDOWS\system32\dllcache\r2mdmkxx.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-13 11:21 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-10-11 21:42 --------- d-----w C:\Program Files\Symantec
2007-10-11 21:41 --------- d-----w C:\Program Files\Symantec Client Security
2007-10-11 21:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-10-11 18:30 --------- d-----w C:\Program Files\QuickTime
2007-10-11 02:42 --------- d-----w C:\Program Files\C4ebreg
2007-10-11 02:08 --------- d-----w C:\Program Files\Google
2007-10-08 12:59 --------- d-----w C:\Program Files\AT&T Network Client
2007-10-05 18:59 --------- d-----w C:\Program Files\WST
2007-10-02 18:27 --------- d-----w C:\Program Files\VideoraiPodConverter
2007-10-02 18:27 --------- d-----w C:\Program Files\iTunes
2007-09-07 18:23 57,344 ----a-w C:\WINDOWS\isamunin.exe
2007-09-07 18:17 7,012 ------w C:\WINDOWS\system32\drivers\PMEMNT.SYS
2007-08-30 19:14 --------- d-----w C:\Program Files\IBM
2007-08-22 00:04 --------- d-----w C:\Documents and Settings\Administrator\Application Data\IBM
2007-08-22 00:04 --------- d-----w C:\Documents and Settings\Administrator\Application Data\IBM
2007-08-15 12:43 --------- d-----w C:\Program Files\Java
2007-08-14 18:21 --------- d-----w C:\Program Files\Investintech.com Inc
2007-08-10 17:04 202,314 ----a-w C:\WINDOWS\system32\atasnt40.dll
2007-07-30 23:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-07-30 23:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-30 23:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-07-30 23:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-30 23:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-30 23:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-30 23:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-07-30 23:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-07-30 23:18 207,736 ----a-w C:\WINDOWS\system32\muweb.dll
2007-03-05 22:30 62,128 ----a-w C:\Documents and Settings\Administrator\Application Data\GDIPFONTCACHEV1.DAT
2007-03-05 22:30 62,128 ----a-w C:\Documents and Settings\Administrator\Application Data\GDIPFONTCACHEV1.DAT
2006-06-06 14:43 32,768 ----a-w C:\Documents and Settings\Administrator\Application Data\rndcinscheck.dll
2006-06-06 14:43 32,768 ----a-w C:\Documents and Settings\Administrator\Application Data\rndcinscheck.dll
2005-05-12 03:36 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.

((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w 624,248 2007-05-11 02:46:20 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\bak\Acrotray.exe
----a-w 620,152 2006-10-23 03:24:02 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

----a-w 925,696 2006-05-16 01:26:17 C:\Program Files\Analog Devices\Core\bak\smax4pnp.exe

----a-w 90,112 2006-05-10 16:12:06 C:\Program Files\ATI Technologies\ATI.ACE\bak\CLIStart.exe

----a-w 364,544 2007-09-07 18:23:03 C:\Program Files\C4ebreg\bak\c4ebreg.exe

----a-w 237,568 2007-09-07 18:23:12 C:\Program Files\C4ebreg\bak\isamtray.exe

----a-w 536,576 2006-12-10 23:36:32 C:\Program Files\Common Files\Lenovo\Scheduler\bak\scheduler_proxy.exe

----a-w 185,632 2007-08-12 11:55:38 C:\Program Files\Common Files\Real\Update_OB\bak\realsched.exe

----a-w 52,896 2006-07-20 00:26:04 C:\Program Files\Common Files\Symantec Shared\bak\ccApp.exe
----a-w 52,896 2006-07-19 23:26:04 C:\Program Files\Common Files\Symantec Shared\ccApp.exe

----a-w 3,739,648 2007-01-01 21:22:02 C:\Program Files\Google\Google Talk\bak\googletalk.exe

----a-w 68,856 2007-08-05 13:15:41 C:\Program Files\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe

----a-w 49,152 2005-05-12 03:12:54 C:\Program Files\HP\HP Software Update\bak\HPWuSchd2.exe
----a-w 49,152 2005-05-12 03:12:54 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

----a-w 81,920 2006-12-19 17:44:04 C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\bak\delayStart.exe

----a-w 28,672 2005-09-06 09:07:18 C:\Program Files\IBM\Personal Communications\bak\tpam.exe

----a-w 61,521 2004-08-16 00:34:14 C:\Program Files\IBM\SQLLIB\BIN\bak\db2systray.exe

----a-w 271,672 2007-07-31 22:44:42 C:\Program Files\iTunes\bak\iTunesHelper.exe

----a-w 132,496 2007-07-12 08:00:36 C:\Program Files\Java\jre1.6.0_02\bin\bak\jusched.exe

----a-w 94,208 2005-12-15 18:00:54 C:\Program Files\Lenovo\PkgMgr\HOTKEY\bak\TPHKMGR.exe

----a-w 286,720 2007-06-29 10:24:52 C:\Program Files\QuickTime\bak\QTTask.exe

----a-w 125,168 2006-09-28 01:33:44 C:\Program Files\Symantec Client Security\Symantec AntiVirus\bak\VPTray.exe
----a-w 125,168 2006-09-28 00:33:44 C:\Program Files\Symantec Client Security\Symantec AntiVirus\VPTray.exe

----a-w 512,000 2006-05-16 01:21:38 C:\Program Files\Synaptics\SynTP\bak\SynTPEnh.exe

----a-w 110,592 2006-05-16 01:21:40 C:\Program Files\Synaptics\SynTP\bak\SynTPLpr.exe

----a-w 409,600 2006-04-17 17:09:10 C:\Program Files\ThinkPad\ConnectUtilities\bak\ACTray.exe

----a-w 98,304 2006-04-17 16:59:10 C:\Program Files\ThinkPad\ConnectUtilities\bak\ACWLIcon.exe

----a-w 864,256 2005-10-28 19:04:44 C:\Program Files\ThinkPad\Utilities\bak\TpKmapAp.exe

----a-w 483,328 2005-11-11 18:32:35 C:\Program Files\VideoraiPodConverter\bak\VideoraiPodConverter.exe

----a-w 204,800 2007-07-09 13:15:00 C:\sdwork\bak\issimsvc.exe
----a-w 204,800 2007-10-10 10:58:00 C:\sdwork\issimsvc.exe

----a-w 262,144 2007-07-05 15:32:00 C:\sdwork\bak\w32main2.exe
----a-w 263,680 2007-10-11 11:14:00 C:\sdwork\W32MAIN2.EXE

----a-w 208,952 2004-08-04 05:00:00 C:\WINDOWS\ime\IMJP8_1\bak\IMJPMIG.EXE
----a-w 208,952 2004-08-04 05:00:00 C:\WINDOWS\ime\IMJP8_1\imjpmig.exe

----a-w 15,360 2004-08-04 05:00:00 C:\WINDOWS\system32\bak\ctfmon.exe
----a-w 15,360 2004-08-04 05:00:00 C:\WINDOWS\system32\ctfmon.exe

----a-w 127,035 2004-11-16 01:05:00 C:\WINDOWS\system32\dla\bak\tfswctrl.exe

----a-w 455,168 2004-08-04 05:00:00 C:\WINDOWS\system32\IME\TINTLGNT\bak\TINTSETP.EXE
----a-w 455,168 2004-08-04 05:00:00 C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 01:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 01:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 01:00]
"ISAM SMT Service"="C:\Program Files\C4ebreg\isamsmt.exe" []
"ISAMTray"="C:\Program Files\C4ebreg\isamtray.exe" []
"stgclean"="c:\sdwork\w32main2.exe" [2007-10-11 07:14]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" []
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" []
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" []
"TPHOTKEY"="C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe" []
"PWRMGRTR"="C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2006-05-15 21:23]
"BLOG"="C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2006-05-15 21:22]
"TpShocks"="TpShocks.exe" [2005-11-07 07:14 C:\WINDOWS\system32\TpShocks.exe]
"TP4EX"="tp4ex.exe" [2005-10-16 21:11 C:\WINDOWS\system32\TP4EX.exe]
"PSQLLauncher"="C:\Program Files\Thinkvantage Fingerprint Software\launcher.exe" []
"ISSI EZUpdate Service"="c:\sdwork\issimsvc.exe" [2007-10-10 06:58]
"pmonmh"="C:\Program Files\IBM\My Help\plugins\\com.ibm.myhelp.common_1.2.23/pmonmh.exe" [2007-03-29 13:12]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"MyHelpService"="C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\delayStart.exe" []
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-07-19 19:26]
"vptray"="C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe" [2006-09-27 20:33]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 23:24]
"defergui"="c:\sdwork\defergui.exe" [2007-07-09 09:14]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:00]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
PdaNet Desktop.lnk - C:\Program Files\PdaNet for Treo 700p\PdaNet.exe [2006-06-13 18:36:38]
PdaReach Desktop.lnk - C:\Program Files\PdaReach\PdaReach.exe [2006-05-19 13:39:50]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
PdaNet Desktop.lnk - C:\Program Files\PdaNet for Treo 700p\PdaNet.exe [2006-06-13 18:36:38]
PdaReach Desktop.lnk - C:\Program Files\PdaReach\PdaReach.exe [2006-05-19 13:39:50]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe [2005-11-01 11:10:32]
HotSync Manager.lnk - C:\Program Files\Palm\Hotsync.exe [2004-06-09 14:27:34]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-12 00:49:24]
Lotus QuickStart.lnk - C:\lotus\wordpro\ltsstart.exe [2003-04-07 20:00:00]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]
ACNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\atmgrtok]
atmgrtok.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pcsinst]
pcsinst.dll 2005-09-06 14:43 49152 C:\WINDOWS\system32\pcsinst.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
notifyf2.dll 2006-05-15 21:22 28672 C:\WINDOWS\system32\notifyf2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
tphklock.dll 2006-05-15 21:22 24576 C:\WINDOWS\system32\tphklock.dll

R0 Shockprf;Shockprf;C:\WINDOWS\system32\drivers\Shockprf.sys
R1 ANC;ANC;C:\WINDOWS\system32\drivers\ANC.SYS
R1 IBMTPCHK;IBMTPCHK;\??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys
R1 ShockMgr;ShockMgr;C:\WINDOWS\system32\drivers\ShockMgr.sys
R1 TPPWRIF;TPPWRIF;C:\WINDOWS\system32\drivers\Tppwrif.sys
R2 AppnApi;AppnApi;C:\WINDOWS\system32\drivers\appnapi.sys
R2 DB2-0;DB2 - DB2-0;C:\PROGRA~1\IBM\SQLLIB\bin\db2syscs.exe
R2 IBM_LLC2;IBM Personal Communications LLC2 Driver;C:\WINDOWS\system32\DRIVERS\llc2.sys
R2 MyHelp;My Help;C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\MyHelpService.exe
R2 NsTrcNT;NsTrcNT;C:\WINDOWS\system32\drivers\nstrcnt.sys
R2 pdlnctdl;Twinax CUT Adapter;C:\WINDOWS\system32\drivers\pdlnctdl.sys
R2 pdlndldl;IBM Enterprise Extender (HPR/IP);C:\WINDOWS\system32\drivers\pdlndldl.sys
R2 WRTService;WRT Service;C:\WINDOWS\WRTService.exe
R3 ABVPN2K;Net Firewall Miniport Interface;C:\WINDOWS\system32\DRIVERS\abvpn2k.sys
R3 AEAudioService;AEAudio Service;C:\WINDOWS\system32\drivers\AEAudio.sys
R3 Anydlc;Anydlc;C:\WINDOWS\system32\drivers\anydlc.sys
R3 Appn;Appn;C:\WINDOWS\system32\drivers\appn.sys
R3 AppnBase;AppnBase;C:\WINDOWS\system32\drivers\AppnBase.sys
R3 atmeltpm;atmeltpm;C:\WINDOWS\system32\DRIVERS\atmeltpm.sys
R3 avpnnic;AGN Virtual Network Adapter;C:\WINDOWS\system32\DRIVERS\avpnnic.sys
R3 KLOGNT;KLOGNT;C:\WINDOWS\system32\drivers\klognt.sys
R3 pdlnacom;PDLC Adapter -- COM;C:\WINDOWS\system32\drivers\pdlnacom.sys
R3 pdlnafac;PDLC Adapter Factory;C:\WINDOWS\system32\drivers\pdlnafac.sys
R3 pdlnatcm;Twinax Adapter Common;C:\WINDOWS\system32\drivers\pdlnatcm.sys
R3 pdlnatdl;Twinax Adapter;C:\WINDOWS\system32\drivers\pdlnatdl.sys
R3 pdlncbas;PDLC CxM Classes;C:\WINDOWS\system32\drivers\pdlncbas.sys
R3 pdlncfwk;PDLC Connection Manager;C:\WINDOWS\system32\drivers\pdlncfwk.sys
R3 pdlndint;PDLC DLC Classes;C:\WINDOWS\system32\drivers\pdlndint.sys
R3 pdlndlpb;PDLC LAPB;C:\WINDOWS\system32\drivers\pdlndlpb.sys
R3 pdlndoem;PDLC OEM Interface;C:\WINDOWS\system32\drivers\pdlndoem.sys
R3 pdlndqll;PDLC QLLC;C:\WINDOWS\system32\drivers\pdlndqll.sys
R3 pdlndsdl;PDLC SDLC;C:\WINDOWS\system32\drivers\pdlndsdl.sys
R3 pdlndtdl;Twinax DLC;C:\WINDOWS\system32\drivers\pdlndtdl.sys
R3 pdlnebas;PDLC Environment;C:\WINDOWS\system32\drivers\pdlnebas.sys
R3 pdlnecfg;PDLC Configuration;C:\WINDOWS\system32\drivers\pdlnecfg.sys
R3 pdlnemap;PDLC Mapper;C:\WINDOWS\system32\drivers\pdlnemap.sys
R3 pdlnemsg;PDLC Message Driver;C:\WINDOWS\system32\drivers\pdlnemsg.sys
R3 pdlnepkt;PDLC Buffer Manager;C:\WINDOWS\system32\drivers\pdlnepkt.sys
R3 pdlnshay;PDLC Hayes At signalling;C:\WINDOWS\system32\drivers\pdlnshay.sys
R3 pdlnslea;PDLC SDLC Leased;C:\WINDOWS\system32\drivers\pdlnslea.sys
R3 pdlnsv25;PDLC V25bis signalling;C:\WINDOWS\system32\drivers\pdlnsv25.sys
R3 pdlnsx25;PDLC X.25;C:\WINDOWS\system32\drivers\pdlnsx25.sys
R3 pnetmdm;PdaNet Modem;C:\WINDOWS\system32\DRIVERS\pnetmdm.sys
S3 CDSClient;IBM Content Delivery Service;C:\Program Files\IBM\tivoli\CDSClient\cds\CDSWinSrv.exe
S3 gwiopm;gwiopm;\??\C:\Program Files\wst\gwiopm.sys

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2007-10-09 00:18:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
"2007-10-13 00:30:35 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2007-10-13 19:41:10 C:\WINDOWS\Tasks\PMTask.job"
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-14 11:42:47
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
MyHelpService = "C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\delayStart.exe"?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-10-14 11:43:52
.
--- E O F ---

HijackThis log file is:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:56:34 AM, on 10/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Drivers\trcboot.exe
C:\Program Files\IBM\Personal Communications\PCS_AGNT.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
c:\sdwork\issimsvc.exe
C:\notes\ntmulti.exe
C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\MyHelpService.exe
C:\PROGRA~1\AT&TNE~1\NetCfgSv.EXE
c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\WINDOWS\WRTService.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\IBM\SQLLIB\BIN\db2jds.exe
C:\Program Files\IBM\SQLLIB\BIN\db2licd.exe
C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\Drivers\ldlcserv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.common_1.2.23\pmonmh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\PdaNet for Treo 700p\PdaNet.exe
C:\Program Files\PdaNet for Treo 700p\PdaNetUm.exe
C:\Program Files\PdaReach\PdaReach.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\PdaReach\UsbMan.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://w3.ibm.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>;localhost:49213;127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ISAM SMT Service] "C:\Program Files\C4ebreg\isamsmt.exe"
O4 - HKLM\..\Run: [ISAMTray] "C:\Program Files\C4ebreg\isamtray.exe"
O4 - HKLM\..\Run: [stgclean] c:\sdwork\w32main2.exe /cleanup
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Thinkvantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [ISSI EZUpdate Service] "c:\sdwork\issimsvc.exe"
O4 - HKLM\..\Run: [pmonmh] C:\Program Files\IBM\My Help\plugins\\com.ibm.myhelp.common_1.2.23/pmonmh.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MyHelpService] "C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\delayStart.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [defergui] c:\sdwork\defergui.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files\PdaNet for Treo 700p\PdaNet.exe
O4 - Startup: PdaReach Desktop.lnk = C:\Program Files\PdaReach\PdaReach.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Lotus QuickStart.lnk = ?
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://w3.ibm.com
O15 - Trusted Zone: *.doginhispen.com
O16 - DPF: ST MRC ST31IF1 PMR-90722999000 - https://www-1.ibm.com/sametime/stmee...RoomClient.cab
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install/00/alttiff.cab
O16 - DPF: {253A9D23-F982-11D4-8BE4-00D0B7E61414} (SiebelHTMLApplication Class) - https://w3-113.ibm.com/transform/crm...siebelhtml.cab
O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} (MSN Money Charting) - http://moneycentral.msn.com/cabs/pmupd806.exe
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/res...scbase2895.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1189615624093
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {68CDB19A-6305-4589-8C35-41E3502CD451} (Siebel Option Pack for IE 7.5.3) - https://w3-113.ibm.com/transform/crm...OptionPack.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1189615615984
O16 - DPF: {7261EE42-318E-490A-AE8F-77649DBA1ECA} (JNILoader Control) - https://www-1.ibm.com/sametime/stmee...TJNILoader.cab
O16 - DPF: {76E5AF9D-2B3E-4FEB-A31F-A9E63A27FA29} (IASRunner Class) - https://www-307.ibm.com/pc/support/a...tent/AcpIR.cab
O16 - DPF: {8F4F3368-54CA-4268-8225-0F4367472CF4} (MailClient Class) - https://w3-113.ibm.com/transform/crm...MailClient.cab
O16 - DPF: {9519B2A2-6592-4E41-8290-D0298459270C} (LNWebAssist Class) - http://w3.ibm.com/bluepages/scripts/lnwebassist.cab
O16 - DPF: {A4B28810-11A2-4956-82D1-B2DCBA4B2AFD} (gpwsx.plugin) - http://w3.ibm.com/tools/print/plugin/gpwsx.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://venividi.webex.com/client/T2...nt/ieatgpc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F32EAB2C-829C-43D0-A22B-802714949DA8}: Domain = ibm.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{F32EAB2C-829C-43D0-A22B-802714949DA8}: SearchList = ibm.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = IBM.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = IBM.COM
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\Browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\Browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AppnNode - IBM Corporation - C:\WINDOWS\system32\Drivers\appnnode.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: IBM Content Delivery Service (CDSClient) - Unknown owner - C:\Program Files\IBM\tivoli\CDSClient\cds\CDSWinSrv.exe
O23 - Service: DB2 - DB2-0 (DB2-0) - International Business Machines Corporation - C:\PROGRA~1\IBM\SQLLIB\bin\db2syscs.exe
O23 - Service: DB2DAS - DB2DAS00 (DB2DAS00) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\\bin\db2dasrrm.exe
O23 - Service: DB2 Governor (DB2GOVERNOR) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2govds.exe
O23 - Service: DB2 JDBC Applet Server (DB2JDS) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2jds.exe
O23 - Service: DB2 License Server (DB2LICD) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2licd.exe
O23 - Service: DB2 Security Server (DB2NTSECSERVER) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
O23 - Service: DB2 Remote Command Server (DB2REMOTECMD) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2rcmd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISAM SMT Service (ISAMsmt) - Unknown owner - C:\Program Files\C4ebreg\isamsmt.exe (file missing)
O23 - Service: ISSI EZUpdate (ISSIMon) - IBM Corp. - c:\sdwork\issimsvc.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: IBM Enterprise Extender (ldlcserv) - IBM Corporation - C:\WINDOWS\system32\Drivers\ldlcserv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\notes\ntmulti.exe
O23 - Service: My Help (MyHelp) - Unknown owner - C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\MyHelpService.exe
O23 - Service: Network Configuration Service (NetCfgSvr) - AT&T - C:\PROGRA~1\AT&TNE~1\NetCfgSv.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: IBM Trace Facility (TrcBoot) - IBM Corporation - C:\WINDOWS\system32\Drivers\trcboot.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: WRT Service (WRTService) - Unknown owner - C:\WINDOWS\WRTService.exe

--
End of file - 18266 bytes
Reply With Quote  
Join Date: May 2005
Posts: 2,792
Reputation: gerbil is on a distinguished road 
Rep Power: 9
Solved Threads: 144
gerbil gerbil is offline Offline
Posting Maven

Re: Internet Explorer v6 - Blank Page

  #4  
Oct 15th, 2007
Please use hijackthis to fis this entry:

O15 - Trusted Zone: *.doginhispen.com

You have a trojan downloader that has replaced many of your system files with infected copies, so next...
==Please dl this file from http://noahdfear.geekstogo.com/FindAWF.exe
-dclick the .exe to start the program, type 1 and enter to start the process. Please post the contents of the notepad that opens.
Deep, deep in the woods, but walking about.
Reply With Quote  
Join Date: Oct 2007
Posts: 10
Reputation: sreddy is an unknown quantity at this point 
Rep Power: 2
Solved Threads: 0
sreddy sreddy is offline Offline
Newbie Poster

Help Re: Internet Explorer v6 - Blank Page

  #5  
Oct 15th, 2007
Thanks a lot for your time. I have fixed the *.doginhispen.com entry using HijackThis.

Please find the output of FindAWF.exe:

Find AWF report by noahdfear ©2006
Version 1.40

The current date is: 10/15/2007
The current time is: 9:10:17.65


bak folders found
~~~~~~~~~~~


Directory of C:\SDWORK\BAK

07/09/2007 09:15 AM 204,800 issimsvc.exe
07/05/2007 11:32 AM 262,144 w32main2.exe
2 File(s) 466,944 bytes

Directory of C:\PROGRA~1\C4EBREG\BAK

09/07/2007 02:23 PM 364,544 c4ebreg.exe
09/07/2007 02:23 PM 237,568 isamtray.exe
2 File(s) 602,112 bytes

Directory of C:\PROGRA~1\ITUNES\BAK

07/31/2007 06:44 PM 271,672 iTunesHelper.exe
1 File(s) 271,672 bytes

Directory of C:\PROGRA~1\QUICKT~1\BAK

06/29/2007 06:24 AM 286,720 QTTask.exe
1 File(s) 286,720 bytes

Directory of C:\PROGRA~1\VIDEOR~1\BAK

11/11/2005 02:32 PM 483,328 VideoraiPodConverter.exe
1 File(s) 483,328 bytes

Directory of C:\WINDOWS\SYSTEM32\BAK

08/04/2004 01:00 AM 15,360 ctfmon.exe
1 File(s) 15,360 bytes

Directory of C:\PROGRA~1\ANALOG~1\CORE\BAK

05/15/2006 09:26 PM 925,696 smax4pnp.exe
1 File(s) 925,696 bytes

Directory of C:\PROGRA~1\ATITEC~1\ATI.ACE\BAK

05/10/2006 12:12 PM 90,112 CLIStart.exe
1 File(s) 90,112 bytes

Directory of C:\PROGRA~1\COMMON~1\SYMANT~1\BAK

07/19/2006 08:26 PM 52,896 ccApp.exe
1 File(s) 52,896 bytes

Directory of C:\PROGRA~1\GOOGLE\GOOGLE~2\BAK

01/01/2007 05:22 PM 3,739,648 googletalk.exe
1 File(s) 3,739,648 bytes

Directory of C:\PROGRA~1\GOOGLE\GOOGLE~4\BAK

08/05/2007 09:15 AM 68,856 GoogleToolbarNotifier.exe
1 File(s) 68,856 bytes

Directory of C:\PROGRA~1\HP\HPSOFT~1\BAK

05/11/2005 11:12 PM 49,152 HPWuSchd2.exe
1 File(s) 49,152 bytes

Directory of C:\PROGRA~1\IBM\PERSON~1\BAK

09/06/2005 05:07 AM 28,672 tpam.exe
1 File(s) 28,672 bytes

Directory of C:\PROGRA~1\SYMANT~2\SYMANT~2\BAK

09/27/2006 09:33 PM 125,168 VPTray.exe
1 File(s) 125,168 bytes

Directory of C:\PROGRA~1\SYNAPT~1\SYNTP\BAK

05/15/2006 09:21 PM 512,000 SynTPEnh.exe
05/15/2006 09:21 PM 110,592 SynTPLpr.exe
2 File(s) 622,592 bytes

Directory of C:\PROGRA~1\THINKPAD\CONNEC~1\BAK

04/17/2006 01:09 PM 409,600 ACTray.exe
04/17/2006 12:59 PM 98,304 ACWLIcon.exe
2 File(s) 507,904 bytes

Directory of C:\PROGRA~1\THINKPAD\UTILIT~1\BAK

10/28/2005 03:04 PM 864,256 TpKmapAp.exe
1 File(s) 864,256 bytes

Directory of C:\WINDOWS\IME\IMJP8_1\BAK

08/04/2004 01:00 AM 208,952 IMJPMIG.EXE
1 File(s) 208,952 bytes

Directory of C:\WINDOWS\SYSTEM32\DLA\BAK

11/15/2004 09:05 PM 127,035 tfswctrl.exe
1 File(s) 127,035 bytes

Directory of C:\PROGRA~1\ADOBE\ACROBA~3.0\ACROBAT\BAK

05/10/2007 10:46 PM 624,248 Acrotray.exe
1 File(s) 624,248 bytes

Directory of C:\PROGRA~1\COMMON~1\LENOVO\SCHEDU~1\BAK

12/10/2006 07:36 PM 536,576 scheduler_proxy.exe
1 File(s) 536,576 bytes

Directory of C:\PROGRA~1\COMMON~1\REAL\UPDATE~1\BAK

08/12/2007 07:55 AM 185,632 realsched.exe
1 File(s) 185,632 bytes

Directory of C:\PROGRA~1\IBM\MYHELP~1\PLUGINS\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\IBM\SQLLIB\BIN\BAK

08/15/2004 08:34 PM 61,521 db2systray.exe
1 File(s) 61,521 bytes

Directory of C:\PROGRA~1\JAVA\JRE16~1.0_0\BIN\BAK

07/12/2007 04:00 AM 132,496 jusched.exe
1 File(s) 132,496 bytes

Directory of C:\PROGRA~1\LENOVO\PKGMGR\HOTKEY\BAK

12/15/2005 02:00 PM 94,208 TPHKMGR.exe
1 File(s) 94,208 bytes

Directory of C:\WINDOWS\SYSTEM32\IME\TINTLGNT\BAK

08/04/2004 01:00 AM 455,168 TINTSETP.EXE
1 File(s) 455,168 bytes

Directory of C:\PROGRA~1\IBM\MYHELP~1\PLUGINS\COMIBM~1.INS\SERVICE\BAK

12/19/2006 01:44 PM 81,920 delayStart.exe
1 File(s) 81,920 bytes


Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

204800 Oct 10 2007 "C:\sdwork\issimsvc.exe"
204800 Jul 9 2007 "C:\sdwork\bak\issimsvc.exe"
263680 Oct 11 2007 "C:\sdwork\W32MAIN2.EXE"
262144 Jul 5 2007 "C:\sdwork\bak\w32main2.exe"
364544 Sep 7 2007 "C:\Program Files\C4ebreg\bak\c4ebreg.exe"
237568 Sep 7 2007 "C:\Program Files\C4ebreg\bak\isamtray.exe"
271672 Jul 31 2007 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Aug 6 2007 "C:\WINDOWS\Installer\{E0219810-16E4-437D-9165-93D7B22524F9}\iTunesIco.exe"
116024 Aug 6 2007 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.3.2.6\iTunesSetupAdmin.exe"
286720 Jun 29 2007 "C:\Program Files\QuickTime\bak\QTTask.exe"
483328 Nov 11 2005 "C:\Program Files\VideoraiPodConverter\bak\VideoraiPodConverter.exe"
15360 Aug 4 2004 "C:\WINDOWS\system32\ctfmon.exe"
8192 Dec 22 2005 "C:\i387\files\system\ctfmon.exe"
15360 Aug 4 2004 "C:\WINDOWS\system32\bak\ctfmon.exe"
925696 May 15 2006 "C:\Program Files\Analog Devices\Core\bak\smax4pnp.exe"
90112 May 10 2006 "C:\Program Files\ATI Technologies\ATI.ACE\bak\CLIStart.exe"
52896 Jul 19 2006 "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
52896 Jul 19 2006 "C:\Program Files\Common Files\Symantec Shared\bak\ccApp.exe"
1581768 Oct 29 2006 "C:\downloads\google\googletalk-setup.exe"
4997120 Sep 21 2006 "C:\Program Files\Google\Google Video Player\GoogleVideoPlayer.exe"
1145896 Aug 12 2007 "C:\Program Files\Common Files\Real\GToolbar\GoogleToolbarInstaller.exe"
3739648 Jan 1 2007 "C:\Program Files\Google\Google Talk\bak\googletalk.exe"
1606064 Jan 5 2007 "C:\Program Files\Google\Google Talk\googletalk-1.0.0.104\googletalk-setup-upgrade.exe"
68856 Aug 5 2007 "C:\Program Files\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe"
1581768 Oct 29 2006 "C:\downloads\google\googletalk-setup.exe"
4997120 Sep 21 2006 "C:\Program Files\Google\Google Video Player\GoogleVideoPlayer.exe"
1145896 Aug 12 2007 "C:\Program Files\Common Files\Real\GToolbar\GoogleToolbarInstaller.exe"
3739648 Jan 1 2007 "C:\Program Files\Google\Google Talk\bak\googletalk.exe"
1606064 Jan 5 2007 "C:\Program Files\Google\Google Talk\googletalk-1.0.0.104\googletalk-setup-upgrade.exe"
68856 Aug 5 2007 "C:\Program Files\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe"
49152 May 11 2005 "C:\Program Files\HP\HP Software Update\hpwuSchd2.exe"
49152 May 11 2005 "C:\Program Files\HP\HP Software Update\bak\HPWuSchd2.exe"
28672 Sep 6 2005 "C:\Program Files\IBM\Personal Communications\bak\tpam.exe"
125168 Sep 27 2006 "C:\Program Files\Symantec Client Security\Symantec AntiVirus\VPTray.exe"
125168 Sep 27 2006 "C:\Program Files\Symantec Client Security\Symantec AntiVirus\bak\VPTray.exe"
512000 May 15 2006 "C:\wxpdrive\repos\77GU04WW\SYNTPENH.EXE"
512000 May 15 2006 "C:\Program Files\Synaptics\SynTP\bak\SynTPEnh.exe"
512000 May 15 2006 "C:\Program Files\Synaptics\SynTP\Media\SYNTPENH.EXE"
110592 May 15 2006 "C:\wxpdrive\repos\77GU04WW\SYNTPLPR.EXE"
110592 May 15 2006 "C:\Program Files\Synaptics\SynTP\bak\SynTPLpr.exe"
110592 May 15 2006 "C:\Program Files\Synaptics\SynTP\Media\SYNTPLPR.EXE"
409600 Apr 17 2006 "C:\Program Files\ThinkPad\ConnectUtilities\bak\ACTray.exe"
98304 Apr 17 2006 "C:\Program Files\ThinkPad\ConnectUtilities\bak\ACWLIcon.exe"
864256 Oct 28 2005 "C:\Program Files\ThinkPad\Utilities\bak\TpKmapAp.exe"
208952 Aug 4 2004 "C:\WINDOWS\ime\IMJP8_1\imjpmig.exe"
208952 Aug 4 2004 "C:\WINDOWS\ime\IMJP8_1\bak\IMJPMIG.EXE"
127035 Nov 15 2004 "C:\Program Files\IBM DLA\install\tfswctrl.exe"
127035 Nov 15 2004 "C:\WINDOWS\system32\dla\bak\tfswctrl.exe"
620152 Oct 22 2006 "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe"
624248 May 10 2007 "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\bak\Acrotray.exe"
536576 Dec 10 2006 "C:\Program Files\Common Files\Lenovo\Scheduler\bak\scheduler_proxy.exe"
185632 Aug 12 2007 "C:\Program Files\Common Files\Real\Update_OB\bak\realsched.exe"
61521 Aug 15 2004 "C:\Program Files\IBM\SQLLIB\BIN\bak\db2systray.exe"
36975 Nov 10 2005 "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
49263 Nov 9 2006 "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
132496 Jul 12 2007 "C:\Program Files\Java\jre1.6.0_02\bin\bak\jusched.exe"
94208 Dec 15 2005 "C:\Program Files\Lenovo\PkgMgr\HOTKEY\bak\TPHKMGR.exe"
94208 May 15 2006 "C:\wxpdrive\repos\7AVU12WW\OSD\COMMON\TPHKMGR.EXE"
94208 Dec 15 2005 "C:\Drivers\W2K\Acconwin\HOTKEY\OSD\common\tphkmgr.exe"
455168 Aug 4 2004 "C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe"
455168 Aug 4 2004 "C:\WINDOWS\system32\IME\TINTLGNT\bak\TINTSETP.EXE"
81920 Dec 19 2006 "C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\bak\delayStart.exe"


end of report
Reply With Quote  
Join Date: May 2005
Posts: 2,792
Reputation: gerbil is on a distinguished road 
Rep Power: 9
Solved Threads: 144
gerbil gerbil is offline Offline
Posting Maven

Re: Internet Explorer v6 - Blank Page

  #6  
Oct 16th, 2007
FindAWF -option 2:dclick the .exe to start the program, select to restore files, into the text file that opens paste in all the text between the lines:
_____________________________________________________________
"C:\sdwork\bak\issimsvc.exe"
"C:\sdwork\bak\w32main2.exe"
"C:\Program Files\C4ebreg\bak\c4ebreg.exe"
"C:\Program Files\C4ebreg\bak\isamtray.exe"
"C:\Program Files\iTunes\bak\iTunesHelper.exe"
"C:\Program Files\QuickTime\bak\QTTask.exe"
"C:\Program Files\VideoraiPodConverter\bak\VideoraiPodConverter.exe"
"C:\WINDOWS\system32\bak\ctfmon.exe"
"C:\Program Files\Analog Devices\Core\bak\smax4pnp.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\bak\CLIStart.exe"
"C:\Program Files\Common Files\Symantec Shared\bak\ccApp.exe"
"C:\Program Files\Google\Google Talk\bak\googletalk.exe"
"C:\Program Files\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe"
"C:\Program Files\Google\Google Talk\bak\googletalk.exe"
"C:\Program Files\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe"
"C:\Program Files\HP\HP Software Update\bak\HPWuSchd2.exe"
"C:\Program Files\IBM\Personal Communications\bak\tpam.exe"
"C:\Program Files\Symantec Client Security\Symantec AntiVirus\bak\VPTray.exe"
"C:\Program Files\Synaptics\SynTP\bak\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\bak\SynTPLpr.exe"
"C:\Program Files\ThinkPad\ConnectUtilities\bak\ACTray.exe"
"C:\Program Files\ThinkPad\ConnectUtilities\bak\ACWLIcon.exe"
"C:\Program Files\ThinkPad\Utilities\bak\TpKmapAp.exe"
"C:\WINDOWS\ime\IMJP8_1\bak\IMJPMIG.EXE"
"C:\WINDOWS\system32\dla\bak\tfswctrl.exe"
"C:\Program Files\Adobe\Acrobat 8.0\Acrobat\bak\Acrotray.exe"
"C:\Program Files\Common Files\Lenovo\Scheduler\bak\scheduler_proxy.exe"
"C:\Program Files\Common Files\Real\Update_OB\bak\realsched.exe"
"C:\Program Files\IBM\SQLLIB\BIN\bak\db2systray.exe"
"C:\Program Files\Java\jre1.6.0_02\bin\bak\jusched.exe"
"C:\Program Files\Lenovo\PkgMgr\HOTKEY\bak\TPHKMGR.exe"
"C:\WINDOWS\system32\IME\TINTLGNT\bak\TINTSETP.EXE"
"C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\bak\delayStart.exe"
_____________________________________________________________

-close the text file and click Yes. Please post the contents of the notepad that opens.
=Please uninstall via CP all old versions of Java.
Deep, deep in the woods, but walking about.
Reply With Quote  
Join Date: Oct 2007
Posts: 10
Reputation: sreddy is an unknown quantity at this point 
Rep Power: 2
Solved Threads: 0
sreddy sreddy is offline Offline
Newbie Poster

Help Re: Internet Explorer v6 - Blank Page

  #7  
Oct 16th, 2007
I have run FindAWF with Option 2. I have also uninstalled older versions of Java. Thanks a lot for your time.


Find AWF report by noahdfear ©2006
Version 1.40
Option 2 run successfully

The current date is: 10/16/2007
The current time is: 8:22:21.51


bak folders found
~~~~~~~~~~~


Directory of C:\SDWORK\BAK

07/09/2007 09:15 AM 204,800 issimsvc.exe
07/05/2007 11:32 AM 262,144 w32main2.exe
2 File(s) 466,944 bytes

Directory of C:\PROGRA~1\C4EBREG\BAK

09/07/2007 02:23 PM 364,544 c4ebreg.exe
09/07/2007 02:23 PM 237,568 isamtray.exe
2 File(s) 602,112 bytes

Directory of C:\PROGRA~1\ITUNES\BAK

07/31/2007 06:44 PM 271,672 iTunesHelper.exe
1 File(s) 271,672 bytes

Directory of C:\PROGRA~1\QUICKT~1\BAK

06/29/2007 06:24 AM 286,720 QTTask.exe
1 File(s) 286,720 bytes

Directory of C:\PROGRA~1\VIDEOR~1\BAK

11/11/2005 02:32 PM 483,328 VideoraiPodConverter.exe
1 File(s) 483,328 bytes

Directory of C:\WINDOWS\SYSTEM32\BAK

08/04/2004 01:00 AM 15,360 ctfmon.exe
1 File(s) 15,360 bytes

Directory of C:\PROGRA~1\ANALOG~1\CORE\BAK

05/15/2006 09:26 PM 925,696 smax4pnp.exe
1 File(s) 925,696 bytes

Directory of C:\PROGRA~1\ATITEC~1\ATI.ACE\BAK

05/10/2006 12:12 PM 90,112 CLIStart.exe
1 File(s) 90,112 bytes

Directory of C:\PROGRA~1\COMMON~1\SYMANT~1\BAK

07/19/2006 08:26 PM 52,896 ccApp.exe
1 File(s) 52,896 bytes

Directory of C:\PROGRA~1\GOOGLE\GOOGLE~2\BAK

01/01/2007 05:22 PM 3,739,648 googletalk.exe
1 File(s) 3,739,648 bytes

Directory of C:\PROGRA~1\GOOGLE\GOOGLE~4\BAK

08/05/2007 09:15 AM 68,856 GoogleToolbarNotifier.exe
1 File(s) 68,856 bytes

Directory of C:\PROGRA~1\HP\HPSOFT~1\BAK

05/11/2005 11:12 PM 49,152 HPWuSchd2.exe
1 File(s) 49,152 bytes

Directory of C:\PROGRA~1\IBM\PERSON~1\BAK

09/06/2005 05:07 AM 28,672 tpam.exe
1 File(s) 28,672 bytes

Directory of C:\PROGRA~1\SYMANT~2\SYMANT~2\BAK

09/27/2006 09:33 PM 125,168 VPTray.exe
1 File(s) 125,168 bytes

Directory of C:\PROGRA~1\SYNAPT~1\SYNTP\BAK

05/15/2006 09:21 PM 512,000 SynTPEnh.exe
05/15/2006 09:21 PM 110,592 SynTPLpr.exe
2 File(s) 622,592 bytes

Directory of C:\PROGRA~1\THINKPAD\CONNEC~1\BAK

04/17/2006 01:09 PM 409,600 ACTray.exe
04/17/2006 12:59 PM 98,304 ACWLIcon.exe
2 File(s) 507,904 bytes

Directory of C:\PROGRA~1\THINKPAD\UTILIT~1\BAK

10/28/2005 03:04 PM 864,256 TpKmapAp.exe
1 File(s) 864,256 bytes

Directory of C:\WINDOWS\IME\IMJP8_1\BAK

08/04/2004 01:00 AM 208,952 IMJPMIG.EXE
1 File(s) 208,952 bytes

Directory of C:\WINDOWS\SYSTEM32\DLA\BAK

11/15/2004 09:05 PM 127,035 tfswctrl.exe
1 File(s) 127,035 bytes

Directory of C:\PROGRA~1\ADOBE\ACROBA~3.0\ACROBAT\BAK

05/10/2007 10:46 PM 624,248 Acrotray.exe
1 File(s) 624,248 bytes

Directory of C:\PROGRA~1\COMMON~1\LENOVO\SCHEDU~1\BAK

12/10/2006 07:36 PM 536,576 scheduler_proxy.exe
1 File(s) 536,576 bytes

Directory of C:\PROGRA~1\COMMON~1\REAL\UPDATE~1\BAK

08/12/2007 07:55 AM 185,632 realsched.exe
1 File(s) 185,632 bytes

Directory of C:\PROGRA~1\IBM\MYHELP~1\PLUGINS\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\IBM\SQLLIB\BIN\BAK

08/15/2004 08:34 PM 61,521 db2systray.exe
1 File(s) 61,521 bytes

Directory of C:\PROGRA~1\JAVA\JRE16~1.0_0\BIN\BAK

07/12/2007 04:00 AM 132,496 jusched.exe
1 File(s) 132,496 bytes

Directory of C:\PROGRA~1\LENOVO\PKGMGR\HOTKEY\BAK

12/15/2005 02:00 PM 94,208 TPHKMGR.exe
1 File(s) 94,208 bytes

Directory of C:\WINDOWS\SYSTEM32\IME\TINTLGNT\BAK

08/04/2004 01:00 AM 455,168 TINTSETP.EXE
1 File(s) 455,168 bytes

Directory of C:\PROGRA~1\IBM\MYHELP~1\PLUGINS\COMIBM~1.INS\SERVICE\BAK

12/19/2006 01:44 PM 81,920 delayStart.exe
1 File(s) 81,920 bytes


Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

204800 Jul 9 2007 "C:\sdwork\issimsvc.exe"
204800 Jul 9 2007 "C:\sdwork\bak\issimsvc.exe"
262144 Jul 5 2007 "C:\sdwork\w32main2.exe"
262144 Jul 5 2007 "C:\sdwork\bak\w32main2.exe"
364544 Sep 7 2007 "C:\Program Files\C4ebreg\c4ebreg.exe"
364544 Sep 7 2007 "C:\Program Files\C4ebreg\bak\c4ebreg.exe"
237568 Sep 7 2007 "C:\Program Files\C4ebreg\isamtray.exe"
237568 Sep 7 2007 "C:\Program Files\C4ebreg\bak\isamtray.exe"
271672 Jul 31 2007 "C:\Program Files\iTunes\iTunesHelper.exe"
271672 Jul 31 2007 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Aug 6 2007 "C:\WINDOWS\Installer\{E0219810-16E4-437D-9165-93D7B22524F9}\iTunesIco.exe"
116024 Aug 6 2007 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.3.2.6\iTunesSetupAdmin.exe"
286720 Jun 29 2007 "C:\Program Files\QuickTime\QTTask.exe"
286720 Jun 29 2007 "C:\Program Files\QuickTime\bak\QTTask.exe"
483328 Nov 11 2005 "C:\Program Files\VideoraiPodConverter\VideoraiPodConverter.exe"
483328 Nov 11 2005 "C:\Program Files\VideoraiPodConverter\bak\VideoraiPodConverter.exe"
15360 Aug 4 2004 "C:\WINDOWS\system32\ctfmon.exe"
8192 Dec 22 2005 "C:\i387\files\system\ctfmon.exe"
15360 Aug 4 2004 "C:\WINDOWS\system32\bak\ctfmon.exe"
925696 May 15 2006 "C:\Program Files\Analog Devices\Core\smax4pnp.exe"
925696 May 15 2006 "C:\Program Files\Analog Devices\Core\bak\smax4pnp.exe"
90112 May 10 2006 "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
90112 May 10 2006 "C:\Program Files\ATI Technologies\ATI.ACE\bak\CLIStart.exe"
52896 Jul 19 2006 "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
52896 Jul 19 2006 "C:\Program Files\Common Files\Symantec Shared\bak\ccApp.exe"
1581768 Oct 29 2006 "C:\downloads\google\googletalk-setup.exe"
1833520 Oct 15 2007 "C:\Documents and Settings\Administrator\Desktop\GoogleDesktopSetup.exe"
1833520 Oct 15 2007 "C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe"
3739648 Jan 1 2007 "C:\Program Files\Google\Google Talk\googletalk.exe"
4997120 Sep 21 2006 "C:\Program Files\Google\Google Video Player\GoogleVideoPlayer.exe"
68856 Aug 5 2007 "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
1145896 Aug 12 2007 "C:\Program Files\Common Files\Real\GToolbar\GoogleToolbarInstaller.exe"
3739648 Jan 1 2007 "C:\Program Files\Google\Google Talk\bak\googletalk.exe"
1606064 Jan 5 2007 "C:\Program Files\Google\Google Talk\googletalk-1.0.0.104\googletalk-setup-upgrade.exe"
68856 Aug 5 2007 "C:\Program Files\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe"
1581768 Oct 29 2006 "C:\downloads\google\googletalk-setup.exe"
1833520 Oct 15 2007 "C:\Documents and Settings\Administrator\Desktop\GoogleDesktopSetup.exe"
1833520 Oct 15 2007 "C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe"
3739648 Jan 1 2007 "C:\Program Files\Google\Google Talk\googletalk.exe"
4997120 Sep 21 2006 "C:\Program Files\Google\Google Video Player\GoogleVideoPlayer.exe"
68856 Aug 5 2007 "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
1145896 Aug 12 2007 "C:\Program Files\Common Files\Real\GToolbar\GoogleToolbarInstaller.exe"
3739648 Jan 1 2007 "C:\Program Files\Google\Google Talk\bak\googletalk.exe"
1606064 Jan 5 2007 "C:\Program Files\Google\Google Talk\googletalk-1.0.0.104\googletalk-setup-upgrade.exe"
68856 Aug 5 2007 "C:\Program Files\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe"
49152 May 11 2005 "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
49152 May 11 2005 "C:\Program Files\HP\HP Software Update\bak\HPWuSchd2.exe"
28672 Sep 6 2005 "C:\Program Files\IBM\Personal Communications\tpam.exe"
28672 Sep 6 2005 "C:\Program Files\IBM\Personal Communications\bak\tpam.exe"
125168 Sep 27 2006 "C:\Program Files\Symantec Client Security\Symantec AntiVirus\VPTray.exe"
125168 Sep 27 2006 "C:\Program Files\Symantec Client Security\Symantec AntiVirus\bak\VPTray.exe"
512000 May 15 2006 "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
512000 May 15 2006 "C:\wxpdrive\repos\77GU04WW\SYNTPENH.EXE"
512000 May 15 2006 "C:\Program Files\Synaptics\SynTP\bak\SynTPEnh.exe"
512000 May 15 2006 "C:\Program Files\Synaptics\SynTP\Media\SYNTPENH.EXE"
110592 May 15 2006 "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
110592 May 15 2006 "C:\wxpdrive\repos\77GU04WW\SYNTPLPR.EXE"
110592 May 15 2006 "C:\Program Files\Synaptics\SynTP\bak\SynTPLpr.exe"
110592 May 15 2006 "C:\Program Files\Synaptics\SynTP\Media\SYNTPLPR.EXE"
409600 Apr 17 2006 "C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe"
409600 Apr 17 2006 "C:\Program Files\ThinkPad\ConnectUtilities\bak\ACTray.exe"
98304 Apr 17 2006 "C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe"
98304 Apr 17 2006 "C:\Program Files\ThinkPad\ConnectUtilities\bak\ACWLIcon.exe"
864256 Oct 28 2005 "C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe"
864256 Oct 28 2005 "C:\Program Files\ThinkPad\Utilities\bak\TpKmapAp.exe"
208952 Aug 4 2004 "C:\WINDOWS\ime\IMJP8_1\IMJPMIG.EXE"
208952 Aug 4 2004 &