Hello my IE7 is popping up on its own and launching web pages, also when I
Launch Firefox it launches IE. I know it can be uninstalled, also my virus
scanners and spy ware scanners do not detect anything. what can I do to
repair IE7 in Vista ?

I would start here:

Kaspersky Virus Scan
http://usa.kaspersky.com/products_se...us-scanner.php

Panda Total Scan
http://www.nanoscan.com/as/v1/princi...px?track=40916

Trend Micro Housecall
http://housecall.trendmicro.com/

Sophos Threat Detection Test
http://www.sophos.com/products/free-...tion-test.html

Malware Removal and Prevention (CastleCops)
http://wiki.castlecops.com/Malware_R...:_Introduction

If you are able to identify the infection but unable to remove it you
may find help here:

Eset Virus Removers
http://www.eset.com/download/free-virus-remover.php

and if all else fails...

TrendMicro HiJack This
http://www.trendsecure.com/portal/en...hijackthis.php

---
Leonard Grey
Errare humanum est

Daarrheel wrote:
> Hello my IE7 is popping up on its own and launching web pages, also when I
> Launch Firefox it launches IE. I know it can be uninstalled, also my virus
> scanners and spy ware scanners do not detect anything. what can I do to
> repair IE7 in Vista ?

http://www.elephantboycomputers.com/...moving_Malware

--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.

"Daarrheel" <Daarrheel@discussions.microsoft.com> wrote in message news:AEEA79F7-2C96-46ED-B2BA-88BD17F64139@microsoft.com...
> Hello my IE7 is popping up on its own and launching web pages, also when I
> Launch Firefox it launches IE. I know it can be uninstalled, also my virus
> scanners and spy ware scanners do not detect anything. what can I do to
> repair IE7 in Vista ?

I have already done all this, Defender, AVG, Norton, Mcafee, Yahoo and
Comcast have all not detected anything wrong with my computer. Whatever is in
my IE seems to not be a detectable problem but it is one still. I have had to
unplug my speakers cause it will sometimes launch into a webpage that plays
loud sounds.

Any other sugestions before I have to completely reload my system =(

"Leonard Grey" wrote:

> I would start here:
>
> Kaspersky Virus Scan
> http://usa.kaspersky.com/products_se...us-scanner.php
>
> Panda Total Scan
> http://www.nanoscan.com/as/v1/princi...px?track=40916
>
> Trend Micro Housecall
> http://housecall.trendmicro.com/
>
> Sophos Threat Detection Test
> http://www.sophos.com/products/free-...tion-test.html
>
> Malware Removal and Prevention (CastleCops)
> http://wiki.castlecops.com/Malware_R...:_Introduction
>
> If you are able to identify the infection but unable to remove it you
> may find help here:
>
> Eset Virus Removers
> http://www.eset.com/download/free-virus-remover.php
>
> and if all else fails...
>
> TrendMicro HiJack This
> http://www.trendsecure.com/portal/en...hijackthis.php
>
> ---
> Leonard Grey
> Errare humanum est
>
> Daarrheel wrote:
> > Hello my IE7 is popping up on its own and launching web pages, also when I
> > Launch Firefox it launches IE. I know it can be uninstalled, also my virus
> > scanners and spy ware scanners do not detect anything. what can I do to
> > repair IE7 in Vista ?
>

Those are my suggestions and you haven't followed them. Maybe you'd
rather show your computer to a technician? Makes no difference to me if
you want to reload your system - up to you.

---
Leonard Grey
Errare humanum est

Daarrheel wrote:
> I have already done all this, Defender, AVG, Norton, Mcafee, Yahoo and
> Comcast have all not detected anything wrong with my computer. Whatever is in
> my IE seems to not be a detectable problem but it is one still. I have had to
> unplug my speakers cause it will sometimes launch into a webpage that plays
> loud sounds.
>
> Any other sugestions before I have to completely reload my system =(
>
> "Leonard Grey" wrote:
>
>> I would start here:
>>
>> Kaspersky Virus Scan
>> http://usa.kaspersky.com/products_se...us-scanner.php
>>
>> Panda Total Scan
>> http://www.nanoscan.com/as/v1/princi...px?track=40916
>>
>> Trend Micro Housecall
>> http://housecall.trendmicro.com/
>>
>> Sophos Threat Detection Test
>> http://www.sophos.com/products/free-...tion-test.html
>>
>> Malware Removal and Prevention (CastleCops)
>> http://wiki.castlecops.com/Malware_R...:_Introduction
>>
>> If you are able to identify the infection but unable to remove it you
>> may find help here:
>>
>> Eset Virus Removers
>> http://www.eset.com/download/free-virus-remover.php
>>
>> and if all else fails...
>>
>> TrendMicro HiJack This
>> http://www.trendsecure.com/portal/en...hijackthis.php
>>
>> ---
>> Leonard Grey
>> Errare humanum est
>>
>> Daarrheel wrote:
>>> Hello my IE7 is popping up on its own and launching web pages, also when I
>>> Launch Firefox it launches IE. I know it can be uninstalled, also my virus
>>> scanners and spy ware scanners do not detect anything. what can I do to
>>> repair IE7 in Vista ?

I have followed your suggestions as I stated Malware and spyware checkers
ect... are not finding it, and your suggesting I use ever checker on the net
as per your list of them. I have also done the Hijackthis log and currently
looking it over. But thanks for reading my last post and determining I
haven't done so =)

As I am anoyed enough already that there is a bug in my IE7 that cant be
located and my IE7 cant be removed or even reinstalled that I know of (Thanks
Microsoft!). Yahoo has a Spyware tool I used it and no luck finding anything,
Comcast also has one, same results. AVG is supposed to be one of the best on
the net (Supplied by the same people as Hijackthis) also no luck. Norton and
Mcafee also find nothing. I shall try useing all the other spywares on your
list if so needed however....... I was simply asking if there were other
sugestions other then the obvious spyware removal tools that have yet to find
anything =)

"Leonard Grey" wrote:

> Those are my suggestions and you haven't followed them. Maybe you'd
> rather show your computer to a technician? Makes no difference to me if
> you want to reload your system - up to you.
>
> ---
> Leonard Grey
> Errare humanum est
>
> Daarrheel wrote:
> > I have already done all this, Defender, AVG, Norton, Mcafee, Yahoo and
> > Comcast have all not detected anything wrong with my computer. Whatever is in
> > my IE seems to not be a detectable problem but it is one still. I have had to
> > unplug my speakers cause it will sometimes launch into a webpage that plays
> > loud sounds.
> >
> > Any other sugestions before I have to completely reload my system =(
> >
> > "Leonard Grey" wrote:
> >
> >> I would start here:
> >>
> >> Kaspersky Virus Scan
> >> http://usa.kaspersky.com/products_se...us-scanner.php
> >>
> >> Panda Total Scan
> >> http://www.nanoscan.com/as/v1/princi...px?track=40916
> >>
> >> Trend Micro Housecall
> >> http://housecall.trendmicro.com/
> >>
> >> Sophos Threat Detection Test
> >> http://www.sophos.com/products/free-...tion-test.html
> >>
> >> Malware Removal and Prevention (CastleCops)
> >> http://wiki.castlecops.com/Malware_R...:_Introduction
> >>
> >> If you are able to identify the infection but unable to remove it you
> >> may find help here:
> >>
> >> Eset Virus Removers
> >> http://www.eset.com/download/free-virus-remover.php
> >>
> >> and if all else fails...
> >>
> >> TrendMicro HiJack This
> >> http://www.trendsecure.com/portal/en...hijackthis.php
> >>
> >> ---
> >> Leonard Grey
> >> Errare humanum est
> >>
> >> Daarrheel wrote:
> >>> Hello my IE7 is popping up on its own and launching web pages, also when I
> >>> Launch Firefox it launches IE. I know it can be uninstalled, also my virus
> >>> scanners and spy ware scanners do not detect anything. what can I do to
> >>> repair IE7 in Vista ?
>

Malware (an all-inclusive term for all kinds of malicious software) is
often very difficult to detect and/or remove. You frequently have to try
many scanners before you find one that can identify and (hopefully)
remove what's infected a computer. Sometimes there's nothing you can do
no matter what you try.

Because of this - and because malware is just **** annoying - I
suggested you show your computer a to a technician. It may save you from
a clean install.

I would not recommend trying to decipher a HiJack This log.
Interpretation of HiJack This is best left to the pros and there are
many web sites with experts who do this for you.

I don't know who told you that "AVG is supposed to be one of the best on
the net" but even if it were you might still need to use other
scanners, as I explained above. BTW, AVG is from Grisoft and HiJack This
was created by Merijn Bellekom, who recently sold it to Trend Micro.

---
Leonard Grey
Errare humanum est

Daarrheel wrote:
> I have followed your suggestions as I stated Malware and spyware checkers
> ect... are not finding it, and your suggesting I use ever checker on the net
> as per your list of them. I have also done the Hijackthis log and currently
> looking it over. But thanks for reading my last post and determining I
> haven't done so =)
>
> As I am anoyed enough already that there is a bug in my IE7 that cant be
> located and my IE7 cant be removed or even reinstalled that I know of (Thanks
> Microsoft!). Yahoo has a Spyware tool I used it and no luck finding anything,
> Comcast also has one, same results. AVG is supposed to be one of the best on
> the net (Supplied by the same people as Hijackthis) also no luck. Norton and
> Mcafee also find nothing. I shall try useing all the other spywares on your
> list if so needed however....... I was simply asking if there were other
> sugestions other then the obvious spyware removal tools that have yet to find
> anything =)
>
> "Leonard Grey" wrote:
>
>> Those are my suggestions and you haven't followed them. Maybe you'd
>> rather show your computer to a technician? Makes no difference to me if
>> you want to reload your system - up to you.
>>
>> ---
>> Leonard Grey
>> Errare humanum est
>>
>> Daarrheel wrote:
>>> I have already done all this, Defender, AVG, Norton, Mcafee, Yahoo and
>>> Comcast have all not detected anything wrong with my computer. Whatever is in
>>> my IE seems to not be a detectable problem but it is one still. I have had to
>>> unplug my speakers cause it will sometimes launch into a webpage that plays
>>> loud sounds.
>>>
>>> Any other sugestions before I have to completely reload my system =(
>>>
>>> "Leonard Grey" wrote:
>>>
>>>> I would start here:
>>>>
>>>> Kaspersky Virus Scan
>>>> http://usa.kaspersky.com/products_se...us-scanner.php
>>>>
>>>> Panda Total Scan
>>>> http://www.nanoscan.com/as/v1/princi...px?track=40916
>>>>
>>>> Trend Micro Housecall
>>>> http://housecall.trendmicro.com/
>>>>
>>>> Sophos Threat Detection Test
>>>> http://www.sophos.com/products/free-...tion-test.html
>>>>
>>>> Malware Removal and Prevention (CastleCops)
>>>> http://wiki.castlecops.com/Malware_R...:_Introduction
>>>>
>>>> If you are able to identify the infection but unable to remove it you
>>>> may find help here:
>>>>
>>>> Eset Virus Removers
>>>> http://www.eset.com/download/free-virus-remover.php
>>>>
>>>> and if all else fails...
>>>>
>>>> TrendMicro HiJack This
>>>> http://www.trendsecure.com/portal/en...hijackthis.php
>>>>
>>>> ---
>>>> Leonard Grey
>>>> Errare humanum est
>>>>
>>>> Daarrheel wrote:
>>>>> Hello my IE7 is popping up on its own and launching web pages, also when I
>>>>> Launch Firefox it launches IE. I know it can be uninstalled, also my virus
>>>>> scanners and spy ware scanners do not detect anything. what can I do to
>>>>> repair IE7 in Vista ?

You are absolutly right about AVG..... I was thinking of another program
from Trendmicro. So far I have booted to safemode and run scanners of many
kinds and nothing is having an effect. They have removed all knids of cookies
and even an adware program, I was hopeful after that, however I restarted and
the problem persists. It seems to have only effected my browser. If I run
Firefox, it will launch my IE7 and send me to vairous webs, if I launch IE7
it just starts launching more windows tabs. I was thinking a reload of IE7
may fix this but no thank you to Windows for giving this option =(

I guess I was hoping for some kinda cure from here like....
Here is how you can reload IE7 !!! or
I had this problem and here is how to fix it !!!
lol your advice has been helpful and I thank you.

I will attempt a few more things and wait another day and check this forum
throughout the day and see if anything that works comes along =) Also I do
attend a computer school and I am in the middle of my OS course so I will
take this computer to my instructor and see if he has an idea.

"Leonard Grey" wrote:

> Malware (an all-inclusive term for all kinds of malicious software) is
> often very difficult to detect and/or remove. You frequently have to try
> many scanners before you find one that can identify and (hopefully)
> remove what's infected a computer. Sometimes there's nothing you can do
> no matter what you try.
>
> Because of this - and because malware is just **** annoying - I
> suggested you show your computer a to a technician. It may save you from
> a clean install.
>
> I would not recommend trying to decipher a HiJack This log.
> Interpretation of HiJack This is best left to the pros and there are
> many web sites with experts who do this for you.
>
> I don't know who told you that "AVG is supposed to be one of the best on
> the net" but even if it were you might still need to use other
> scanners, as I explained above. BTW, AVG is from Grisoft and HiJack This
> was created by Merijn Bellekom, who recently sold it to Trend Micro.
>
> ---
> Leonard Grey
> Errare humanum est
>
> Daarrheel wrote:
> > I have followed your suggestions as I stated Malware and spyware checkers
> > ect... are not finding it, and your suggesting I use ever checker on the net
> > as per your list of them. I have also done the Hijackthis log and currently
> > looking it over. But thanks for reading my last post and determining I
> > haven't done so =)
> >
> > As I am anoyed enough already that there is a bug in my IE7 that cant be
> > located and my IE7 cant be removed or even reinstalled that I know of (Thanks
> > Microsoft!). Yahoo has a Spyware tool I used it and no luck finding anything,
> > Comcast also has one, same results. AVG is supposed to be one of the best on
> > the net (Supplied by the same people as Hijackthis) also no luck. Norton and
> > Mcafee also find nothing. I shall try useing all the other spywares on your
> > list if so needed however....... I was simply asking if there were other
> > sugestions other then the obvious spyware removal tools that have yet to find
> > anything =)
> >
> > "Leonard Grey" wrote:
> >
> >> Those are my suggestions and you haven't followed them. Maybe you'd
> >> rather show your computer to a technician? Makes no difference to me if
> >> you want to reload your system - up to you.
> >>
> >> ---
> >> Leonard Grey
> >> Errare humanum est
> >>
> >> Daarrheel wrote:
> >>> I have already done all this, Defender, AVG, Norton, Mcafee, Yahoo and
> >>> Comcast have all not detected anything wrong with my computer. Whatever is in
> >>> my IE seems to not be a detectable problem but it is one still. I have had to
> >>> unplug my speakers cause it will sometimes launch into a webpage that plays
> >>> loud sounds.
> >>>
> >>> Any other sugestions before I have to completely reload my system =(
> >>>
> >>> "Leonard Grey" wrote:
> >>>
> >>>> I would start here:
> >>>>
> >>>> Kaspersky Virus Scan
> >>>> http://usa.kaspersky.com/products_se...us-scanner.php
> >>>>
> >>>> Panda Total Scan
> >>>> http://www.nanoscan.com/as/v1/princi...px?track=40916
> >>>>
> >>>> Trend Micro Housecall
> >>>> http://housecall.trendmicro.com/
> >>>>
> >>>> Sophos Threat Detection Test
> >>>> http://www.sophos.com/products/free-...tion-test.html
> >>>>
> >>>> Malware Removal and Prevention (CastleCops)
> >>>> http://wiki.castlecops.com/Malware_R...:_Introduction
> >>>>
> >>>> If you are able to identify the infection but unable to remove it you
> >>>> may find help here:
> >>>>
> >>>> Eset Virus Removers
> >>>> http://www.eset.com/download/free-virus-remover.php
> >>>>
> >>>> and if all else fails...
> >>>>
> >>>> TrendMicro HiJack This
> >>>> http://www.trendsecure.com/portal/en...hijackthis.php
> >>>>
> >>>> ---
> >>>> Leonard Grey
> >>>> Errare humanum est
> >>>>
> >>>> Daarrheel wrote:
> >>>>> Hello my IE7 is popping up on its own and launching web pages, also when I
> >>>>> Launch Firefox it launches IE. I know it can be uninstalled, also my virus
> >>>>> scanners and spy ware scanners do not detect anything. what can I do to
> >>>>> repair IE7 in Vista ?
>

"Daarrheel" <Daarrheel@discussions.microsoft.com> wrote in message
news:1B262A4F-D3C5-4C65-BB79-D40758A395BD@microsoft.com...
>
> You are absolutly right about AVG..... I was thinking of another program
> from Trendmicro. So far I have booted to safemode and run scanners of many
> kinds and nothing is having an effect. They have removed all knids of
> cookies
> and even an adware program, I was hopeful after that, however I restarted
> and
> the problem persists. It seems to have only effected my browser. If I run
> Firefox, it will launch my IE7 and send me to vairous webs, if I launch
> IE7
> it just starts launching more windows tabs. I was thinking a reload of IE7
> may fix this but no thank you to Windows for giving this option =(

Was the other program you were thinking of CWShredder as that is one of the
common browser hijack removal tools:

http://us.trendmicro.com/us/products...der/index.html

Worth a try if you have not done so already.

Graham.

Run a /thorough/ check for hijackware, including posting your hijackthis log
to an appropriate forum.

Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_R...:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/...moving_Malware

When all else fails, HijackThis v1.99.1
(http://aumha.org/downloads/hijackthis.zip) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware with
assistance from an expert. **Post your log to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums for expert
analysis, not here.**

If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.

PS: Replace AVG Anti-Virus!
--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE, OE, Security, Shell/User)
AumHa VSOP & Admin; DTS-L.org

Daarrheel wrote:
> Hello my IE7 is popping up on its own and launching web pages, also when I
> Launch Firefox it launches IE. I know it can be uninstalled, also my virus
> scanners and spy ware scanners do not detect anything. what can I do to
> repair IE7 in Vista ?

"Daarrheel" wrote:

> Hello my IE7 is popping up on its own and launching web pages, also when I
> Launch Firefox it launches IE. I know it can be uninstalled, also my virus
> scanners and spy ware scanners do not detect anything. what can I do to
> repair IE7 in Vista ?Here is the Hijack this log file:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 4:48:34 PM, on 7/3/2007
Platform: Windows Vista (WinNT 6.00.1904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Windows\System32\kmw_run.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe
C:\Windows\system32\WerCon.exe
C:\Users\Jeff\Desktop\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.comcast.net/toolbar2.0/search/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} -
C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {066A2CDC-319E-4460-BA45-C24562CD51AA} -
C:\Windows\system32\byxxyyx.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} -
C:\Windows\system32\julgwajh.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} -
C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program
Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} -
C:\Program Files\Yahoo!\Search\YSearchSuggest.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}
- C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {CDB132BC-3892-4476-8797-C515A5A4C114} -
C:\Users\Jeff\AppData\Local\Temp\ddayy.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} -
C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType
Pro\itype.exe"
O4 - HKLM\..\Run: [kmw_run.exe] kmw_run.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG
Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [icq.com] rundll32.exe
"C:\Windows\system32\oryhstka.dll",forkonce
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe
C:\Users\Jeff\AppData\Local\Temp\ddayy.dll,CreateP rotectProc
O4 - HKCU\..\Run: [icq.com] rundll32.exe
"C:\Windows\system32\oryhstka.dll",forkonce
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program
Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program
Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}
- C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) -
C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer
ActiveX Control) - http://a.download.toontown.com/sv1.0.27.6/ttinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control)
- http://dlm.tools.akamai.com/dlmanage...ex-2.2.1.2.cab
O20 - Winlogon Notify: byxxyyx - byxxyyx.dll (file missing)
O20 - Winlogon Notify: ddayy - C:\Users\Jeff\AppData\Local\Temp\ddayy.dll
O22 - SharedTaskScheduler: Component Categories cache daemon -
{8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program
Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. -
C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program
Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DomainService - Unknown owner -
C:\Windows\system32\dmrwikug.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program
Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe (file
missing)
O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program
Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE (file
missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc.
- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. -
C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware,
Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image
Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. -
C:\Windows\system32\vmnat.exe
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock.Net, Inc -
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.ex e
O23 - Service: XAudioService - Conexant Systems, Inc. -
C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6554 bytes

HiJack This logs are not analyzed in this newsgroup.

---
Leonard Grey
Errare humanum est

Daarrheel wrote:
>
> "Daarrheel" wrote:
>
>> Hello my IE7 is popping up on its own and launching web pages, also when I
>> Launch Firefox it launches IE. I know it can be uninstalled, also my virus
>> scanners and spy ware scanners do not detect anything. what can I do to
>> repair IE7 in Vista ?Here is the Hijack this log file:
>
> Logfile of Trend Micro HijackThis v2.0.0 (BETA)
> Scan saved at 4:48:34 PM, on 7/3/2007
> Platform: Windows Vista (WinNT 6.00.1904)
> Boot mode: Normal
>
> Running processes:
> C:\Windows\system32\Dwm.exe
> C:\Windows\system32\taskeng.exe
> C:\Windows\Explorer.EXE
> C:\Windows\RtHDVCpl.exe
> C:\Program Files\Microsoft IntelliType Pro\itype.exe
> C:\Windows\System32\kmw_run.exe
> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
> C:\Windows\ehome\ehtray.exe
> C:\Windows\System32\rundll32.exe
> C:\Windows\ehome\ehmsas.exe
> C:\Windows\System32\mobsync.exe
> C:\Program Files\Internet Explorer\ieuser.exe
> C:\Program Files\Internet Explorer\iexplore.exe
> C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe
> C:\Windows\system32\WerCon.exe
> C:\Users\Jeff\Desktop\HiJackThis_v2.exe
>
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
> http://go.microsoft.com/fwlink/?LinkId=54896
> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
> http://go.microsoft.com/fwlink/?LinkId=69157
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
> http://go.microsoft.com/fwlink/?LinkId=54896
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
> http://go.microsoft.com/fwlink/?LinkId=54896
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
> http://go.microsoft.com/fwlink/?LinkId=69157
> R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
> http://www.comcast.net/toolbar2.0/search/
> R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
> O1 - Hosts: ::1 localhost
> O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} -
> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
> O2 - BHO: (no name) - {066A2CDC-319E-4460-BA45-C24562CD51AA} -
> C:\Windows\system32\byxxyyx.dll (file missing)
> O2 - BHO: Adobe PDF Reader Link Helper -
> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common
> Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
> O2 - BHO: (no name) - {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} -
> C:\Windows\system32\julgwajh.dll
> O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} -
> C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
> O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program
> Files\Spybot - Search & Destroy\SDHelper.dll
> O2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} -
> C:\Program Files\Yahoo!\Search\YSearchSuggest.dll
> O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}
> - C:\Program Files\Yahoo!\Common\yiesrvc.dll
> O2 - BHO: (no name) - {CDB132BC-3892-4476-8797-C515A5A4C114} -
> C:\Users\Jeff\AppData\Local\Temp\ddayy.dll
> O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
> O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} -
> C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
> O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
> O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType
> Pro\itype.exe"
> O4 - HKLM\..\Run: [kmw_run.exe] kmw_run.exe
> O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG
> Anti-Spyware 7.5\avgas.exe" /minimized
> O4 - HKLM\..\Run: [icq.com] rundll32.exe
> "C:\Windows\system32\oryhstka.dll",forkonce
> O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
> O4 - HKCU\..\Run: [cmds] rundll32.exe
> C:\Users\Jeff\AppData\Local\Temp\ddayy.dll,CreateP rotectProc
> O4 - HKCU\..\Run: [icq.com] rundll32.exe
> "C:\Windows\system32\oryhstka.dll",forkonce
> O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program
> Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
> O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program
> Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
> O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}
> - C:\Program Files\Yahoo!\Common\yiesrvc.dll
> O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
> C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
> O13 - Gopher Prefix:
> O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) -
> C:\Program Files\Yahoo!\Common\Yinsthelper.dll
> O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer
> ActiveX Control) - http://a.download.toontown.com/sv1.0.27.6/ttinst.cab
> O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
> http://fpdownload2.macromedia.com/ge...sh/swflash.cab
> O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control)
> - http://dlm.tools.akamai.com/dlmanage...ex-2.2.1.2.cab
> O20 - Winlogon Notify: byxxyyx - byxxyyx.dll (file missing)
> O20 - Winlogon Notify: ddayy - C:\Users\Jeff\AppData\Local\Temp\ddayy.dll
> O22 - SharedTaskScheduler: Component Categories cache daemon -
> {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
> O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program
> Files\Lavasoft\Ad-Aware 2007\aawservice.exe
> O23 - Service: Ati External Event Utility - ATI Technologies Inc. -
> C:\Windows\system32\Ati2evxx.exe
> O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program
> Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
> O23 - Service: DomainService - Unknown owner -
> C:\Windows\system32\dmrwikug.exe (file missing)
> O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
> Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel
> 32\IDriverT.exe
> O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program
> Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe (file
> missing)
> O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program
> Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE (file
> missing)
> O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc.
> - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
> O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. -
> C:\Windows\system32\vmnetdhcp.exe
> O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware,
> Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image
> Editing\vmount2.exe
> O23 - Service: VMware NAT Service - VMware, Inc. -
> C:\Windows\system32\vmnat.exe
> O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock.Net, Inc -
> C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.ex e
> O23 - Service: XAudioService - Conexant Systems, Inc. -
> C:\Windows\system32\DRIVERS\xaudio.exe
>
> --
> End of file - 6554 bytes

Repost:

When all else fails, HijackThis v1.99.1
(http://aumha.org/downloads/hijackthis.zip) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware with
assistance from an expert. **Post your log to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums for expert
analysis, not here.**
--
~PA Bear

Daarrheel wrote:
> "Daarrheel" wrote:
>> Hello my IE7 is popping up on its own and launching web pages, also when
>> I
>> Launch Firefox it launches IE. I know it can be uninstalled, also my
>> virus
>> scanners and spy ware scanners do not detect anything. what can I do to
>> repair IE7 in Vista ?Here is the Hijack this log file:
<snip>

Daarrheel, you should know I have the EXACT SAME PROBLEM with Vista Ultimate.
Don't know how it happened, and nothing I do works. Tried Hijack This, AVG
Anti-Spy, CWShredder, AdAware 2007 and SuperAntiSpyware, plus serveral others
and nothing detects this bug. I think it's related to "mgrs.exe" (which I
discovered with Security Task Manager 1.7) and disabled it via the registry
however BOTH IE7 AND FIREFOX are infected. Neither browser will link to any
proper url from a search engine, I must type in a direct url. Both browsers
take me to a Russian Google Adserver with links in English when performing a
search. And of course IE7 pops up at any time and replicates four junk
addresses before stopping. (and yes, I flushed the DNS cache, more than
once). They don't seem to go anywhere, which makes me think it is disabled,
however without a proper firewall available for Vista yet I can't say for
sure. And the problem began once I changed default search engines from
Windows Live to Google. I cannot install the either the Google or Yahoo
toolbars, and no longer have access to Windows Update.

I haven't tried the everything at the Elephant Boy link yet, and may still
do so. However at this point I'd say it's probably easier to just wipe and
reinstall. FYI - I triple boot XP MCE 2005 (on two drives), openSUSE and
Vista, and am writing from XP now; otherwise I'd have never found your post
because I can't live without Google. AND ONE LAST THING - I attempted to
alter properties from a Domain Administrator Login in Vista for certain
system 32 and temp files which may contain the malware and CANNOT CREATE NEW
PERMISSIONS IN THESE FILES AT ALL. And although this may be a condition of
the virus itself I blame it on Microsoft because: 1) I can create new
permissions in other system32 files not as intricatly tied to the OS and 2)
It's par for the course for Redmond, less end-user control means creater
dependance on them for my "Windows Experience". So don't get downhaearted by
PhanBoyz like LG, you can tell he drank their Kool-Aid a long time ago.

Peace and Out, trp


"Daarrheel" wrote:

>
> You are absolutly right about AVG..... I was thinking of another program
> from Trendmicro. So far I have booted to safemode and run scanners of many
> kinds and nothing is having an effect. They have removed all knids of cookies
> and even an adware program, I was hopeful after that, however I restarted and
> the problem persists. It seems to have only effected my browser. If I run
> Firefox, it will launch my IE7 and send me to vairous webs, if I launch IE7
> it just starts launching more windows tabs. I was thinking a reload of IE7
> may fix this but no thank you to Windows for giving this option =(
>
> I guess I was hoping for some kinda cure from here like....
> Here is how you can reload IE7 !!! or
> I had this problem and here is how to fix it !!!
> lol your advice has been helpful and I thank you.
>
> I will attempt a few more things and wait another day and check this forum
> throughout the day and see if anything that works comes along =) Also I do
> attend a computer school and I am in the middle of my OS course so I will
> take this computer to my instructor and see if he has an idea.
>
> "Leonard Grey" wrote:
>
> > Malware (an all-inclusive term for all kinds of malicious software) is
> > often very difficult to detect and/or remove. You frequently have to try
> > many scanners before you find one that can identify and (hopefully)
> > remove what's infected a computer. Sometimes there's nothing you can do
> > no matter what you try.
> >
> > Because of this - and because malware is just **** annoying - I
> > suggested you show your computer a to a technician. It may save you from
> > a clean install.
> >
> > I would not recommend trying to decipher a HiJack This log.
> > Interpretation of HiJack This is best left to the pros and there are
> > many web sites with experts who do this for you.
> >
> > I don't know who told you that "AVG is supposed to be one of the best on
> > the net" but even if it were you might still need to use other
> > scanners, as I explained above. BTW, AVG is from Grisoft and HiJack This
> > was created by Merijn Bellekom, who recently sold it to Trend Micro.
> >
> > ---
> > Leonard Grey
> > Errare humanum est
> >
> > Daarrheel wrote:
> > > I have followed your suggestions as I stated Malware and spyware checkers
> > > ect... are not finding it, and your suggesting I use ever checker on the net
> > > as per your list of them. I have also done the Hijackthis log and currently
> > > looking it over. But thanks for reading my last post and determining I
> > > haven't done so =)
> > >
> > > As I am anoyed enough already that there is a bug in my IE7 that cant be
> > > located and my IE7 cant be removed or even reinstalled that I know of (Thanks
> > > Microsoft!). Yahoo has a Spyware tool I used it and no luck finding anything,
> > > Comcast also has one, same results. AVG is supposed to be one of the best on
> > > the net (Supplied by the same people as Hijackthis) also no luck. Norton and
> > > Mcafee also find nothing. I shall try useing all the other spywares on your
> > > list if so needed however....... I was simply asking if there were other
> > > sugestions other then the obvious spyware removal tools that have yet to find
> > > anything =)
> > >
> > > "Leonard Grey" wrote:
> > >
> > >> Those are my suggestions and you haven't followed them. Maybe you'd
> > >> rather show your computer to a technician? Makes no difference to me if
> > >> you want to reload your system - up to you.
> > >>
> > >> ---
> > >> Leonard Grey
> > >> Errare humanum est
> > >>
> > >> Daarrheel wrote:
> > >>> I have already done all this, Defender, AVG, Norton, Mcafee, Yahoo and
> > >>> Comcast have all not detected anything wrong with my computer. Whatever is in
> > >>> my IE seems to not be a detectable problem but it is one still. I have had to
> > >>> unplug my speakers cause it will sometimes launch into a webpage that plays
> > >>> loud sounds.
> > >>>
> > >>> Any other sugestions before I have to completely reload my system =(
> > >>>
> > >>> "Leonard Grey" wrote:
> > >>>
> > >>>> I would start here:
> > >>>>
> > >>>> Kaspersky Virus Scan
> > >>>> http://usa.kaspersky.com/products_se...us-scanner.php
> > >>>>
> > >>>> Panda Total Scan
> > >>>> http://www.nanoscan.com/as/v1/princi...px?track=40916
> > >>>>
> > >>>> Trend Micro Housecall
> > >>>> http://housecall.trendmicro.com/
> > >>>>
> > >>>> Sophos Threat Detection Test
> > >>>> http://www.sophos.com/products/free-...tion-test.html
> > >>>>
> > >>>> Malware Removal and Prevention (CastleCops)
> > >>>> http://wiki.castlecops.com/Malware_R...:_Introduction
> > >>>>
> > >>>> If you are able to identify the infection but unable to remove it you
> > >>>> may find help here:
> > >>>>
> > >>>> Eset Virus Removers
> > >>>> http://www.eset.com/download/free-virus-remover.php
> > >>>>
> > >>>> and if all else fails...
> > >>>>
> > >>>> TrendMicro HiJack This
> > >>>> http://www.trendsecure.com/portal/en...hijackthis.php
> > >>>>
> > >>>> ---
> > >>>> Leonard Grey
> > >>>> Errare humanum est
> > >>>>
> > >>>> Daarrheel wrote:
> > >>>>> Hello my IE7 is popping up on its own and launching web pages, also when I
> > >>>>> Launch Firefox it launches IE. I know it can be uninstalled, also my virus
> > >>>>> scanners and spy ware scanners do not detect anything. what can I do to
> > >>>>> repair IE7 in Vista ?
> >

And one more thing . . .

After a third attempt at an AVG Anti-Spy scan it found Downloader.Alphabet.k
imbedded within System32/syswin6000.exe, it's one of the CG variants out
there. After removal to the Recycle Bin it replicated itself inside the Bin,
and once emptied imbedded itself in one of the System Volume Info/restore
folders. After removing this file, and after another clean scan by Anti-Spy,
both IE7 and Firefox and the search tools were still redirecting to Russian
Google Adservers, as they had before. Tonight I simply wiped the partition
and re-installed Vista, no problems so far.

At this point I won't run Vista for a primary partition (and not just
because of this incident but for a number of reasons, which boil down to the
point that in my opinion Vista is still an inferior OS compared to either XP
or Linux) until the first service pack is released, about Thanksgiving or
Christmas I imagine. So my advice is to simply wipe and re-install, and hope
for the best.

PS: Go get a beta verison of Outpost Firewall for Vista; my own next step
will be to get this and see how well it works.

Peace and Out, trp

"TheRedPriest" wrote:

> Daarrheel, you should know I have the EXACT SAME PROBLEM with Vista Ultimate.
> Don't know how it happened, and nothing I do works. Tried Hijack This, AVG
> Anti-Spy, CWShredder, AdAware 2007 and SuperAntiSpyware, plus serveral others
> and nothing detects this bug. I think it's related to "mgrs.exe" (which I
> discovered with Security Task Manager 1.7) and disabled it via the registry
> however BOTH IE7 AND FIREFOX are infected. Neither browser will link to any
> proper url from a search engine, I must type in a direct url. Both browsers
> take me to a Russian Google Adserver with links in English when performing a
> search. And of course IE7 pops up at any time and replicates four junk
> addresses before stopping. (and yes, I flushed the DNS cache, more than
> once). They don't seem to go anywhere, which makes me think it is disabled,
> however without a proper firewall available for Vista yet I can't say for
> sure. And the problem began once I changed default search engines from
> Windows Live to Google. I cannot install the either the Google or Yahoo
> toolbars, and no longer have access to Windows Update.
>
> I haven't tried the everything at the Elephant Boy link yet, and may still
> do so. However at this point I'd say it's probably easier to just wipe and
> reinstall. FYI - I triple boot XP MCE 2005 (on two drives), openSUSE and
> Vista, and am writing from XP now; otherwise I'd have never found your post
> because I can't live without Google. AND ONE LAST THING - I attempted to
> alter properties from a Domain Administrator Login in Vista for certain
> system 32 and temp files which may contain the malware and CANNOT CREATE NEW
> PERMISSIONS IN THESE FILES AT ALL. And although this may be a condition of
> the virus itself I blame it on Microsoft because: 1) I can create new
> permissions in other system32 files not as intricatly tied to the OS and 2)
> It's par for the course for Redmond, less end-user control means creater
> dependance on them for my "Windows Experience". So don't get downhaearted by
> PhanBoyz like LG, you can tell he drank their Kool-Aid a long time ago.
>
> Peace and Out, trp
>
>
> "Daarrheel" wrote:
>
> >
> > You are absolutly right about AVG..... I was thinking of another program
> > from Trendmicro. So far I have booted to safemode and run scanners of many
> > kinds and nothing is having an effect. They have removed all knids of cookies
> > and even an adware program, I was hopeful after that, however I restarted and
> > the problem persists. It seems to have only effected my browser. If I run
> > Firefox, it will launch my IE7 and send me to vairous webs, if I launch IE7
> > it just starts launching more windows tabs. I was thinking a reload of IE7
> > may fix this but no thank you to Windows for giving this option =(
> >
> > I guess I was hoping for some kinda cure from here like....
> > Here is how you can reload IE7 !!! or
> > I had this problem and here is how to fix it !!!
> > lol your advice has been helpful and I thank you.
> >
> > I will attempt a few more things and wait another day and check this forum
> > throughout the day and see if anything that works comes along =) Also I do
> > attend a computer school and I am in the middle of my OS course so I will
> > take this computer to my instructor and see if he has an idea.
> >
> > "Leonard Grey" wrote:
> >
> > > Malware (an all-inclusive term for all kinds of malicious software) is
> > > often very difficult to detect and/or remove. You frequently have to try
> > > many scanners before you find one that can identify and (hopefully)
> > > remove what's infected a computer. Sometimes there's nothing you can do
> > > no matter what you try.
> > >
> > > Because of this - and because malware is just **** annoying - I
> > > suggested you show your computer a to a technician. It may save you from
> > > a clean install.
> > >
> > > I would not recommend trying to decipher a HiJack This log.
> > > Interpretation of HiJack This is best left to the pros and there are
> > > many web sites with experts who do this for you.
> > >
> > > I don't know who told you that "AVG is supposed to be one of the best on
> > > the net" but even if it were you might still need to use other
> > > scanners, as I explained above. BTW, AVG is from Grisoft and HiJack This
> > > was created by Merijn Bellekom, who recently sold it to Trend Micro.
> > >
> > > ---
> > > Leonard Grey
> > > Errare humanum est
> > >
> > > Daarrheel wrote:
> > > > I have followed your suggestions as I stated Malware and spyware checkers
> > > > ect... are not finding it, and your suggesting I use ever checker on the net
> > > > as per your list of them. I have also done the Hijackthis log and currently
> > > > looking it over. But thanks for reading my last post and determining I
> > > > haven't done so =)
> > > >
> > > > As I am anoyed enough already that there is a bug in my IE7 that cant be
> > > > located and my IE7 cant be removed or even reinstalled that I know of (Thanks
> > > > Microsoft!). Yahoo has a Spyware tool I used it and no luck finding anything,
> > > > Comcast also has one, same results. AVG is supposed to be one of the best on
> > > > the net (Supplied by the same people as Hijackthis) also no luck. Norton and
> > > > Mcafee also find nothing. I shall try useing all the other spywares on your
> > > > list if so needed however....... I was simply asking if there were other
> > > > sugestions other then the obvious spyware removal tools that have yet to find
> > > > anything =)
> > > >
> > > > "Leonard Grey" wrote:
> > > >
> > > >> Those are my suggestions and you haven't followed them. Maybe you'd
> > > >> rather show your computer to a technician? Makes no difference to me if
> > > >> you want to reload your system - up to you.
> > > >>
> > > >> ---
> > > >> Leonard Grey
> > > >> Errare humanum est
> > > >>
> > > >> Daarrheel wrote:
> > > >>> I have already done all this, Defender, AVG, Norton, Mcafee, Yahoo and
> > > >>> Comcast have all not detected anything wrong with my computer. Whatever is in
> > > >>> my IE seems to not be a detectable problem but it is one still. I have had to
> > > >>> unplug my speakers cause it will sometimes launch into a webpage that plays
> > > >>> loud sounds.
> > > >>>
> > > >>> Any other sugestions before I have to completely reload my system =(
> > > >>>
> > > >>> "Leonard Grey" wrote:
> > > >>>
> > > >>>> I would start here:
> > > >>>>
> > > >>>> Kaspersky Virus Scan
> > > >>>> http://usa.kaspersky.com/products_se...us-scanner.php
> > > >>>>
> > > >>>> Panda Total Scan
> > > >>>> http://www.nanoscan.com/as/v1/princi...px?track=40916
> > > >>>>
> > > >>>> Trend Micro Housecall
> > > >>>> http://housecall.trendmicro.com/
> > > >>>>
> > > >>>> Sophos Threat Detection Test
> > > >>>> http://www.sophos.com/products/free-...tion-test.html
> > > >>>>
> > > >>>> Malware Removal and Prevention (CastleCops)
> > > >>>> http://wiki.castlecops.com/Malware_R...:_Introduction
> > > >>>>
> > > >>>> If you are able to identify the infection but unable to remove it you
> > > >>>> may find help here:
> > > >>>>
> > > >>>> Eset Virus Removers
> > > >>>> http://www.eset.com/download/free-virus-remover.php
> > > >>>>
> > > >>>> and if all else fails...
> > > >>>>
> > > >>>> TrendMicro HiJack This
> > > >>>> http://www.trendsecure.com/portal/en...hijackthis.php
> > > >>>>
> > > >>>> ---
> > > >>>> Leonard Grey
> > > >>>> Errare humanum est
> > > >>>>
> > > >>>> Daarrheel wrote:
> > > >>>>> Hello my IE7 is popping up on its own and launching web pages, also when I
> > > >>>>> Launch Firefox it launches IE. I know it can be uninstalled, also my virus
> > > >>>>> scanners and spy ware scanners do not detect anything. what can I do to
> > > >>>>> repair IE7 in Vista ?
> > >