[hermeticcharm]

Been having some problems. Specifically my web browsers stop working even though I'm connected to the internet and can still use instant messengers and play online games etc.

I've tried winsock fix. Seemed like the problem started after I got the ZoneAlarm firewall so I uninstalled it and put Windows firewall back on.

A few sites said to do this so here is my log if anyone could take a look at it greatly appreciated:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:39:37 PM, on 11/6/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://netflix.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files (x86)\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: VMC NetFlix Download Manager (NetFlixDownloadManager) - Unknown owner - C:\Program Files\Luttmann\vmcNetFlix\NetFlixDownloadManager.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14265 bytes

[rainforest123]

If you think you have malware, you need to report your thread to a moderator & ask her / him to move your thread to the malware removal sub forum at TGF.

Have you posted this problem / asked for assistance at other forums. If so, you might receive conflicting advice from experts here & experts there.

Please provide more specific information about your problems.
1. Which browsers?
2. Which sites?
3. Which ZA? After uninstalling it, did you run the ZA clean up tool?
4. What happens if you run IE w/ no add ons?
5. What happens if you run FireFox in FF's safe mode?
6. What happens if you boot to safe mode w/ networking?

Control panel > classic view
1. Admin tools > event viewer
Applications
Look for errors. Provide the details

System
Look for errors. Provide the details

2. Problem reports & solutions.
What is listed?

RF123

[rainforest123]

Did you notice this?

Quote:

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll

Which AVG are you running?

Check your hosts file.
c:\windows\system32\drivers\etc
It should be 1kb
Open it in Notepad.
It should look like this.

Quote:

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

Would you describe yourself as a beginning, intermediate or advanced computer user?

RF123

[hermeticcharm]

Thanks RF123. Okay so to start giving some more description: I'd say I am an intermediate computer user.

1.) Browsers: Internet Explorer, Firefox, Safari, Google Chrome, Opera (I have so many for testing web sites I make).
2.) All sites. The browsers will just stop working completely until after a reboot.
3.) Zone Alarms Free Firewall ver. 8.0.298.
4-6.) I can't answer these right now as it is not a constant problem and comes and goes. Next time it happens I will try this.

Recent Errors in Apps:
WMI (ID 10) Event

Quote:

- System

- Provider

[Name] Microsoft-Windows-WMI
[ Guid] {1edeee53-0afe-4609-b846-d8c0b2075b1f}
[ EventSourceName] WinMgmt

- EventID 10

[ Qualifiers] 49152

Version 0

Level 2

Task 0

Opcode 0

Keywords 0x80000000000000

- TimeCreated

[ SystemTime] 2009-11-07T03:36:13.000Z

EventRecordID 21847

Correlation

- Execution

[ ProcessID] 0
[ ThreadID] 0

Channel Application

Computer Alphred

Security


- EventData

//./root/CIMV2
SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99
0x80041003

Recent Warnings in Apps:
User Profile Service (ID 1530)

Quote:

- System

- Provider

[ Name] Microsoft-Windows-User Profiles Service
[ Guid] {89B1E9F0-5AFF-44A6-9B44-0A07A7CE5845}
[ EventSourceName] profsvc

- EventID 1530

[ Qualifiers] 32768

Version 0

Level 3

Task 0

Opcode 0

Keywords 0x80000000000000

- TimeCreated

[ SystemTime] 2009-11-07T03:34:43.000Z

EventRecordID 21830

Correlation

- Execution

[ ProcessID] 0
[ ThreadID] 0

Channel Application

Computer Alphred

- Security

[ UserID] S-1-5-18


- EventData

Detail 13 user registry handles leaked from \Registry\User\S-1-5-21-843502036-3138860383-3520835578-1000: Process 4420 (\Device\HarddiskVolume1\Users\Michael\AppData\Local\Google\Chrome\Applicat ion\chrome.exe) has opened key \REGISTRY\USER\S-1-5-21-843502036-3138860383-3520835578-1000 Process 4420 (\Device\HarddiskVolume1\Users\Michael\AppData\Local\Google\Chrome\Applicat ion\chrome.exe) has opened key \REGISTRY\USER\S-1-5-21-843502036-3138860383-3520835578-1000 Process 4420 (\Device\HarddiskVolume1\Users\Michael\AppData\Local\Google\Chrome\Applicat ion\chrome.exe) has opened key \REGISTRY\USER\S-1-5-21-843502036-3138860383-3520835578-1000 Process 4420 (\Device\HarddiskVolume1\Users\Michael\AppData\Local\Google\Chrome\Applicat ion\chrome.exe) has opened key \REGISTRY\USER\S-1-5-21-843502036-3138860383-3520835578-1000 Process 4420 (\Device\HarddiskVolume1\Users\Michael\AppData\Local\Google\Chrome\Applicat ion\chrome.exe) has opened key \REGISTRY\USER\S-1-5-21-843502036-3138860383-3520835578-1000 Process 4420 (\Device\HarddiskVolume1\Users\Michael\AppData\Local\Google\Chrome\Applicat ion\chrome.exe) has opened key \REGISTRY\USER\S-1-5-21-843502036-3138860383-3520835578-1000\Software\Microsoft\SystemCertificates\Disallowed Process 4420 (\Device\HarddiskVolume1\Users\Michael\AppData\Local\Google\Chrome\Applicat ion\chrome.exe) has opened key \REGISTRY\USER\S-1-5-21-843502036-3138860383-3520835578-1000\Software\Microsoft\SystemCertificates\TrustedPeople Process 4420 (\Device\HarddiskVolume1\Users\Michael\AppData\Local\Google\Chrome\Applicat ion\chrome.exe) has opened key \REGISTRY\USER\S-1-5-21-843502036-3138860383-3520835578-1000\Software\Policies\Microsoft\SystemCertificates Process 4420 (\Device\HarddiskVolume1\Users\Michael\AppData\Local\Google\Chrome\Applicat ion\chrome.exe) has opened key \REGISTRY\USER\S-1-5-21-843502036-3138860383-3520835578-1000\Software\Microsoft\SystemCertificates\Root Process 4420 (\Device\HarddiskVolume1\Users\Michael\AppData\Local\Google\Chrome\Applicat ion\chrome.exe) has opened key \REGISTRY\USER\S-1-5-21-843502036-3138860383-3520835578-1000\Software\Microsoft\SystemCertificates\trust Process 4420 (\Device\HarddiskVolume1\Users\Michael\AppData\Local\Google\Chrome\Applicat ion\chrome.exe) has opened key \REGISTRY\USER\S-1-5-21-843502036-3138860383-3520835578-1000\Software\Microsoft\SystemCertificates\SmartCardRoot Process 4420 (\Device\HarddiskVolume1\Users\Michael\AppData\Local\Google\Chrome\Applicat ion\chrome.exe) has opened key \REGISTRY\USER\S-1-5-21-843502036-3138860383-3520835578-1000\Software\Microsoft\SystemCertificates\My Process 4420 (\Device\HarddiskVolume1\Users\Michael\AppData\Local\Google\Chrome\Applicat ion\chrome.exe) has opened key \REGISTRY\USER\S-1-5-21-843502036-3138860383-3520835578-1000\Software\Microsoft\SystemCertificates\CA

Recent Errors in System:
Service Control Manager Eventlog Provider (ID 7026)

Quote:

- System

- Provider

[ Name] Service Control Manager
[ Guid] {555908D1-A6D7-4695-8E1E-26931D2012F4}
[ EventSourceName] Service Control Manager

- EventID 7026

[ Qualifiers] 49152

Version 0

Level 2

Task 0

Opcode 0

Keywords 0x80000000000000

- TimeCreated

[ SystemTime] 2009-11-07T03:36:16.000Z

EventRecordID 82230

Correlation

- Execution

[ ProcessID] 0
[ ThreadID] 0

Channel System

Computer Alphred

Security


- EventData

param1 SASDIFSV SASKUTIL

These seem to be files from SUPERantispyware being blocked due to incompatability.



Recent Warnings in System:
None

I did see the WormRadar.com BHO and looked it up seems to be AVGs link scanner, should I get rid of it?

Current AVG ver. 8.5.425

I have bene thinking about switching back to Avast! revently.

My hosts file is modified by Spybot Search and Destroy.

I should also note that I run CCleaner every now and then doing a full clean and registry fix.

I did not use the ZoneAlarm cleaner but I just ran it now and I am going to restart.

Also, I don't remember ever having Norton but maybe it came with the computer when I first got it and forgot. Regardless I've read around the Norton's sneaky little after files can cause this problem too so I ran Norton's removal tool as well.

[hermeticcharm]

Oh an also I have not posted at other forums yet. I am not immediately assuming it is any sort of malicious process which is why I am posting it here however if it unfolds to be something of that nature I will properly request a move.

[rainforest123]

????
I'm confused.

Is the issue that you cannot access web sites, or that you can access them, but at some point, AFTER accessing them, the page fails in some way? If so, how does it fail? An error message? A blank page? A black page? The browser closes?

ALL web pages, or only the ones you design? I have no skills at web page design.

REGISTRY FIX? Which? When? In what relationship to the onset of your problems?

I have no statistics, but I know that on many occasions, the cause of problems is a registry repair tool.

Try disabling worm radar in the add on sections of your browser[s].

Uninstall Spybot S & D. Then restore your hosts files. Check Spybot's site for information about uninstalling. I think you need to do something w/ Tea Timer.

RF123

[rainforest123]

You might want to use "report" to ask a moderator to move your thread to the web & email forum.

Quote:

Browsers, Email, and general Internet use.

http://forums.techguy.org/

I could be wrong.

RF123

[rainforest123]

Any progress?