1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Can not log into any forums, etc. Get an HTTP 400 Bad Request Error.

Discussion in 'Virus & Other Malware Removal' started by jenn511b, Jul 18, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. jenn511b

    jenn511b Thread Starter

    Joined:
    Jul 18, 2007
    Messages:
    8
    A few days ago, I started not being able to click on any links from my MSN.com homepage. I would click on one to read the article, and the page would just stay loading forever, it never would go to the article.

    Then last night I was doing my weekly maintenance on my laptop (clearing cookies, Temp files, etc) and after I did, I now can't log into any forums I try to log into. I put in my login ID and password, then click on submit or login, but the next screen is just blank. I get a HTTP 400 Bad Request error screen. I did some research thru Google, and found that if I turn off "friendly HTTP errors" in my Internet Options, it might help, so I did that, and nothing happened. The green bar at the bottom loads really fast and says Done, but nothing is there. I did some research and have tried running all the scans I know to run (AVG, Adaware, Defrag, CCleaner) in both regular and safe modes. Nothing came up as far as viruses etc. except one miunst.exe Generic2.JDK trojan horse, which I moved into the Virus Vault and deleted it after doing research and finding out what it was. (I had recently just uninstalled my mIRC program, and it was left from that.)

    I am running Windows XP, on a Dell Inspiron 1000 laptop. I am able to login to all websites, forums, etc on the other computer in our home network just fine, so I know it's something on my computer.

    Please help if you can...i'm completely baffled at what is going on.

    I have run a Hijack This scan, and will put the log from that in a reply post next.
     
  2. jenn511b

    jenn511b Thread Starter

    Joined:
    Jul 18, 2007
    Messages:
    8
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 6:54:17 PM, on 7/18/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\keyhook.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\WINDOWS\system32\sistray.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\PROGRA~1\Grisoft\AVG7\avgw.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Documents and Settings\Jennifer Benson\Desktop\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 66.134.252.243:80
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
    O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - D:\CDS300\__CDS2.dll (file missing)
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
     
  3. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Run HJT again and put a check in the following:

    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/dim2/def...ploader_v6.cab
    O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - D:\CDS300\__CDS2.dll (file missing)

    Close all applications and browser windows before you click "fix checked".


    Please download ATF Cleaner by Atribune.
    This program is for XP and Windows 2000 only

    • Double-click ATF-Cleaner.exe to run the program.
      Under Main choose: Select All
      Click the Empty Selected button.

    Click Exit on the Main menu to close the program.



    Download and scan with SUPERAntiSpyware Free for Home Users
    • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
    • An icon will be created on your desktop. Double-click that icon to launch the program.
    • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
    • Under "Configuration and Preferences", click the Preferences button.
    • Click the Scanning Control tab.
    • Under Scanner Options make sure the following are checked (leave all others unchecked):
      • Close browsers before scanning.
      • Scan for tracking cookies.
      • Terminate memory threats before quarantining.
    • Click the "Close" button to leave the control center screen.
    • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan.
    • Click "Next" to start the scan. Please be patient while it scans your computer.
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes".
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.
      • Click Preferences, then click the Statistics/Logs tab.
      • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
      • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
      • Please copy and paste the Scan Log results in your next reply with a new hijackthis log.
    • Click Close to exit the program.
     
  4. jenn511b

    jenn511b Thread Starter

    Joined:
    Jul 18, 2007
    Messages:
    8
    Here's the SuperAntiSpyware log:

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 07/19/2007 at 08:24 PM

    Application Version : 3.9.1008

    Core Rules Database Version : 3271
    Trace Rules Database Version: 1282

    Scan type : Complete Scan
    Total Scan Time : 01:32:36

    Memory items scanned : 379
    Memory threats detected : 0
    Registry items scanned : 5148
    Registry threats detected : 4
    File items scanned : 52569
    File threats detected : 0

    Registry Cleaner Trial
    HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}
    HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\Implemented Categories
    HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
    HKCR\CLSID\{205FF73B-CA67-11D5-99DD-444553540013}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}

    -------------------------------
    Here's the new HijackThis log after running SAS:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8:34:27 PM, on 7/19/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\keyhook.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\WINDOWS\system32\sistray.exe
    C:\Documents and Settings\Jennifer Benson\Desktop\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

    --
    End of file - 5286 bytes
     
  5. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    [​IMG] Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

    Ugrading Java:
    • Download the latest version of Java Runtime Environment (JRE) 6u2.
    • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
    • Click the "Download" button to the right.
    • Check the box that says: "Accept License Agreement".
    • The page will refresh.
    • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
    • Close any programs you may have running - especially your web browser.
    • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
    • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
    • Click the Remove or Change/Remove button.
    • Repeat as many times as necessary to remove each Java version.
    • Reboot your computer once all Java components are removed.
    • Then from your desktop double-click on the download to install the newest version.


    Looks fine. How is it running now? Any problems?
     
  6. jenn511b

    jenn511b Thread Starter

    Joined:
    Jul 18, 2007
    Messages:
    8
    Okay, I did all that, uninstalled all old versions of Java, and installed the one I downloaded and nothing's changed. I still can't send email through Outlook Express using my hotmail accounts, I can't log into any forums using log in ID's/passwords, my computer does seem to be running a bit faster maybe, but my main issue is still there.

    It's not really the "secure" (https) sites I'm having trouble with, it's mainly just your regular every day message board groups, and my email.

    I'm pasting in 2 links to print screens I did of what happens when I try to log into a forum. Before Logging In and After Logging in

    Here is the error that comes up in my Outlook Express when I just tried to send a test email to my other email account.
    'The server did not understand the request. Account: 'other email', server:'http://services.msn.com/svcs/hotmail/httpmail.asp', Protocol: HTTPMail, Server Response: 'Bad Request', Port: 0, Secure(SSL): No, Error Number: 0x800CCC31'

    I've gotten that a ton of times before, but it's only been when I wasn't connected to the Internet for whatever reason (power outage, bad weather, etc). But this time, I am able to log on just fine, I can view websites that don't involve me logging into anything, it's just when I have to log into one I have the problem. Also with my email, I can receive email and open and read it fine, it's just the sending that's messed up.

    Any more suggestions? I talked to the computer guy who does all of our company work and he suggested that my SSL needed to be repaired, but I didn't really get anywhere in my online research for doing that last night.

    I went ahead and just ran a quick HJT log in case it might show something that would help. Here's the new log:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8:52:35 PM, on 7/20/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\keyhook.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\WINDOWS\system32\sistray.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Documents and Settings\Jennifer Benson\Desktop\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

    --
    End of file - 5527 bytes
     
  7. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    From what I can find it seems to be cookie related. I would clear all of the cookies in my profile and go from there.
     
  8. jenn511b

    jenn511b Thread Starter

    Joined:
    Jul 18, 2007
    Messages:
    8
    I've deleted everything I know to delete, down to the files in the Downloaded Program Files folder. I still get the HTTP 400 Bad Request Error.

    I have run the full slate of scans and am including logs (and/or screen prints of the results) of each one. I did notice that my AVG found a 'kernel32.dll' as "changed" tonight....not really sure what that means or what it is. Could that be my problem??

    I ran a Spybot Scan first, and the results from that are here.

    Then I ran an Adaware scan, here's the log results from that.
    Ad-Aware SE Build 1.06r1
    Logfile Created on:Saturday, July 21, 2007 7:41:40 PM
    Created with Ad-Aware SE Personal, free for private use.
    Using definitions file:SE1R181 16.07.2007
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    References detected during the scan:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    MRU List(TAC index:0):12 total references
    Tracking Cookie(TAC index:3):1 total references
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Ad-Aware SE Settings
    ===========================
    Set : Search for negligible risk entries
    Set : Search for low-risk threats
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep-scan registry
    Set : Scan my IE Favorites for banned URLs
    Set : Scan my Hosts file

    Extended Ad-Aware SE Settings
    ===========================
    Set : Unload recognized processes & modules during scan
    Set : Scan registry for all users instead of current user only
    Set : Always try to unload modules before deletion
    Set : During removal, unload Explorer and IE if necessary
    Set : Let Windows remove files in use at next reboot
    Set : Delete quarantined objects after restoring
    Set : Include basic Ad-Aware settings in log file
    Set : Include additional Ad-Aware settings in log file
    Set : Include reference summary in log file
    Set : Include alternate data stream details in log file
    Set : Play sound at scan completion if scan locates critical objects

    7-21-2007 7:41:40 PM - Scan started. (Full System Scan)

    MRU List Object Recognized!
    Location: : C:\Documents and Settings\Jennifer Benson\Application Data\microsoft\office\recent
    Description : list of recently opened documents using microsoft office

    MRU List Object Recognized!
    Location: : C:\Documents and Settings\Jennifer Benson\recent
    Description : list of recently opened documents

    MRU List Object Recognized!
    Location: : software\microsoft\directdraw\mostrecentapplication
    Description : most recent application to use microsoft directdraw

    MRU List Object Recognized!
    Location: : S-1-5-21-1454471165-1770027372-725345543-1004\software\microsoft\directinput\mostrecentapplication
    Description : most recent application to use microsoft directinput

    MRU List Object Recognized!
    Location: : S-1-5-21-1454471165-1770027372-725345543-1004\software\microsoft\directinput\mostrecentapplication
    Description : most recent application to use microsoft directinput

    MRU List Object Recognized!
    Location: : S-1-5-21-1454471165-1770027372-725345543-1004\software\microsoft\internet explorer
    Description : last download directory used in microsoft internet explorer

    MRU List Object Recognized!
    Location: : S-1-5-21-1454471165-1770027372-725345543-1004\software\microsoft\office\9.0\common\open find\microsoft powerpoint\settings\save as\file name mru
    Description : list of recent documents saved by microsoft powerpoint

    MRU List Object Recognized!
    Location: : S-1-5-21-1454471165-1770027372-725345543-1004\software\microsoft\office\9.0\powerpoint\recent file list
    Description : list of recent files used by microsoft powerpoint

    MRU List Object Recognized!
    Location: : S-1-5-21-1454471165-1770027372-725345543-1004\software\microsoft\windows\currentversion\applets\paint\recent file list
    Description : list of files recently opened using microsoft paint

    MRU List Object Recognized!
    Location: : S-1-5-21-1454471165-1770027372-725345543-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
    Description : list of recent programs opened

    MRU List Object Recognized!
    Location: : S-1-5-21-1454471165-1770027372-725345543-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
    Description : list of recently saved files, stored according to file extension

    MRU List Object Recognized!
    Location: : S-1-5-21-1454471165-1770027372-725345543-1004\software\microsoft\windows\currentversion\explorer\recentdocs
    Description : list of recent documents opened

    Listing running processes
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    #:1 [smss.exe]
    FilePath : \SystemRoot\System32\
    ProcessID : 584
    ThreadCreationTime : 7-21-2007 11:26:03 PM
    BasePriority : Normal

    #:2 [csrss.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ProcessID : 632
    ThreadCreationTime : 7-21-2007 11:26:06 PM
    BasePriority : Normal


    #:3 [winlogon.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ProcessID : 660
    ThreadCreationTime : 7-21-2007 11:26:09 PM
    BasePriority : High


    #:4 [services.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 704
    ThreadCreationTime : 7-21-2007 11:26:09 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Services and Controller app
    InternalName : services.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : services.exe

    #:5 [lsass.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 716
    ThreadCreationTime : 7-21-2007 11:26:09 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : LSA Shell (Export Version)
    InternalName : lsass.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : lsass.exe

    #:6 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 876
    ThreadCreationTime : 7-21-2007 11:26:11 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:7 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 944
    ThreadCreationTime : 7-21-2007 11:26:11 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:8 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 996
    ThreadCreationTime : 7-21-2007 11:26:11 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:9 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1092
    ThreadCreationTime : 7-21-2007 11:26:13 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:10 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1156
    ThreadCreationTime : 7-21-2007 11:26:14 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:11 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1184
    ThreadCreationTime : 7-21-2007 11:26:14 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:12 [wltrysvc.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1368
    ThreadCreationTime : 7-21-2007 11:26:16 PM
    BasePriority : Normal


    #:13 [bcmwltry.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1380
    ThreadCreationTime : 7-21-2007 11:26:16 PM
    BasePriority : Normal
    FileVersion : 4.100.15.8
    ProductVersion : 4.100.15.8
    ProductName : Dell Wireless WLAN Card Wireless Network Controller
    CompanyName : Dell Inc.
    FileDescription : Dell Wireless WLAN Card Wireless Network Controller
    InternalName : bcmwltry.exe
    LegalCopyright : 1998-2006, Dell Inc. All Rights Reserved.
    OriginalFilename : bcmwltry.exe

    #:14 [spoolsv.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1440
    ThreadCreationTime : 7-21-2007 11:26:17 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
    ProductVersion : 5.1.2600.2696
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Spooler SubSystem App
    InternalName : spoolsv.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : spoolsv.exe

    #:15 [avgamsvr.exe]
    FilePath : C:\PROGRA~1\Grisoft\AVG7\
    ProcessID : 1544
    ThreadCreationTime : 7-21-2007 11:26:17 PM
    BasePriority : Normal
    FileVersion : 7.5.0.453
    ProductVersion : 7.5.0.453
    ProductName : AVG Anti-Virus system
    CompanyName : GRISOFT, s.r.o.
    FileDescription : AVG Alert Manager
    InternalName : avgamsvr
    LegalCopyright : Copyright © 2007 GRISOFT, s.r.o.
    OriginalFilename : avgamsvr.EXE

    #:16 [avgupsvc.exe]
    FilePath : C:\PROGRA~1\Grisoft\AVG7\
    ProcessID : 1556
    ThreadCreationTime : 7-21-2007 11:26:17 PM
    BasePriority : Normal
    FileVersion : 7.5.0.420
    ProductVersion : 7.5.0.420
    ProductName : AVG 7.5 Anti-Virus System
    CompanyName : GRISOFT, s.r.o.
    FileDescription : AVG Update Service
    InternalName : avgupsvc
    LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
    OriginalFilename : avgupdsvc.EXE

    #:17 [avgemc.exe]
    FilePath : C:\PROGRA~1\Grisoft\AVG7\
    ProcessID : 1568
    ThreadCreationTime : 7-21-2007 11:26:17 PM
    BasePriority : Normal
    FileVersion : 7.5.0.474
    ProductVersion : 7.5.0.474
    ProductName : AVG Anti-Virus system
    CompanyName : GRISOFT, s.r.o.
    FileDescription : AVG E-Mail Scanner
    InternalName : avgemc
    LegalCopyright : Copyright © 2007 GRISOFT, s.r.o.
    OriginalFilename : avgemc.exe

    #:18 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1660
    ThreadCreationTime : 7-21-2007 11:26:18 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:19 [spkrmon.exe]
    FilePath : C:\Program Files\Analog Devices\SoundMAX\
    ProcessID : 1764
    ThreadCreationTime : 7-21-2007 11:26:18 PM
    BasePriority : Normal
    FileVersion : 1, 0, 0, 4
    ProductVersion : 1, 0, 0, 4
    ProductName : spkrmon Module
    FileDescription : SoundMAX SpeakerMonitor service
    InternalName : spkrmon
    LegalCopyright : Copyright 2003
    OriginalFilename : spkrmon.EXE

    #:20 [wmpnetwk.exe]
    FilePath : C:\Program Files\Windows Media Player\
    ProcessID : 2012
    ThreadCreationTime : 7-21-2007 11:26:20 PM
    BasePriority : Normal
    FileVersion : 11.0.5721.5145 (WMP_11.061018-2006)
    ProductVersion : 11.0.5721.5145
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Windows Media Player Network Sharing Service
    InternalName : Windows Media Player Network Sharing Service
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : WMPNetwk.exe

    #:21 [alg.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 308
    ThreadCreationTime : 7-21-2007 11:26:22 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Application Layer Gateway Service
    InternalName : ALG.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : ALG.exe

    #:22 [explorer.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 476
    ThreadCreationTime : 7-21-2007 11:26:26 PM
    BasePriority : Normal
    FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 6.00.2900.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Windows Explorer
    InternalName : explorer
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : EXPLORER.EXE

    #:23 [keyhook.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1752
    ThreadCreationTime : 7-21-2007 11:26:33 PM
    BasePriority : Normal
    FileVersion : 0.0.0.3590
    ProductVersion : 0.0.0.3590
    ProductName : SIS (R) Compatible Super VGA keyboard daemon
    CompanyName : Silicon Integrated Systems Corporation
    FileDescription : SiS Compatible Super VGA Keyboard Daemon
    InternalName : KEYHOOK 3.59.50
    LegalCopyright : Copyright (C) Silicon Integrated Systems Corp. 1998-2004
    OriginalFilename : KEYHOOK.EXE
    Comments : SiS Compatible Super VGA Keyboard Daemon

    #:24 [realsched.exe]
    FilePath : C:\Program Files\Common Files\Real\Update_OB\
    ProcessID : 1904
    ThreadCreationTime : 7-21-2007 11:26:34 PM
    BasePriority : Normal
    FileVersion : 0.1.0.3292
    ProductVersion : 0.1.0.3292
    ProductName : RealPlayer (32-bit)
    CompanyName : RealNetworks, Inc.
    FileDescription : RealNetworks Scheduler
    InternalName : schedapp
    LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
    LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
    OriginalFilename : realsched.exe

    #:25 [wltray.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1924
    ThreadCreationTime : 7-21-2007 11:26:34 PM
    BasePriority : Normal
    FileVersion : 4.100.15.8
    ProductVersion : 4.100.15.8
    ProductName : Dell Wireless WLAN Card Wireless Network Tray Applet
    CompanyName : Dell Inc.
    FileDescription : Dell Wireless WLAN Card Wireless Network Tray Applet
    InternalName : wltray.exe
    LegalCopyright : 1998-2006, Dell Inc. All Rights Reserved.
    OriginalFilename : wltray.exe

    #:26 [avgcc.exe]
    FilePath : C:\PROGRA~1\Grisoft\AVG7\
    ProcessID : 1948
    ThreadCreationTime : 7-21-2007 11:26:35 PM
    BasePriority : Normal
    FileVersion : 7.5.0.460
    ProductVersion : 7.5.0.460
    ProductName : AVG Anti-Virus system
    CompanyName : GRISOFT, s.r.o.
    FileDescription : AVG Control Center
    InternalName : AvgCC
    LegalCopyright : Copyright © 2007 GRISOFT, s.r.o.
    OriginalFilename : AvgCC.EXE

    #:27 [jusched.exe]
    FilePath : C:\Program Files\Java\jre1.6.0_02\bin\
    ProcessID : 1956
    ThreadCreationTime : 7-21-2007 11:26:35 PM
    BasePriority : Normal


    #:28 [dsagnt.exe]
    FilePath : C:\Program Files\DellSupport\
    ProcessID : 1968
    ThreadCreationTime : 7-21-2007 11:26:35 PM
    BasePriority : Below Normal
    FileVersion : 3, 0, 0, 197
    ProductVersion : 3, 0, 0, 197
    ProductName : Dell Support
    CompanyName : Gteko Ltd.
    FileDescription : Dell Support
    InternalName : AUAgent
    LegalCopyright : Copyright (C) 2000 - 2007 Gteko Ltd.
    OriginalFilename : AUAgent.exe

    #:29 [ctfmon.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 2032
    ThreadCreationTime : 7-21-2007 11:26:36 PM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : CTF Loader
    InternalName : CTFMON
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : CTFMON.EXE

    #:30 [wmpnscfg.exe]
    FilePath : C:\Program Files\Windows Media Player\
    ProcessID : 2060
    ThreadCreationTime : 7-21-2007 11:26:36 PM
    BasePriority : Normal
    FileVersion : 11.0.5721.5145 (WMP_11.061018-2006)
    ProductVersion : 11.0.5721.5145
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Windows Media Player Network Sharing Service Configuration Application
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : WMPNSCFG.EXE

    #:31 [superantispyware.exe]
    FilePath : C:\Program Files\SUPERAntiSpyware\
    ProcessID : 2072
    ThreadCreationTime : 7-21-2007 11:26:37 PM
    BasePriority : Normal
    FileVersion : 3, 9, 0, 1008
    ProductVersion : 3, 9, 0, 1008
    ProductName : SUPERAntiSpyware
    CompanyName : SUPERAntiSpyware.com
    FileDescription : SUPERAntiSpyware
    InternalName : SUPERAntiSpyware
    LegalCopyright : Copyright (C) 2005-2007 by SUPERAntiSpyware.com and SUPERAdBlocker.com
    OriginalFilename : SUPERAntiSpyware.exe

    #:32 [sistray.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 2104
    ThreadCreationTime : 7-21-2007 11:26:38 PM
    BasePriority : Normal
    FileVersion : 0.0.0.3581
    ProductVersion : 0.0.0.3581
    ProductName : SiS (R) Compatible Super VGA SiSTray application
    CompanyName : Silicon Integrated Systems Corporation
    FileDescription : SiS Compatible Super VGA Tray Application
    InternalName : SISTRAY 3.58c.02-test02
    LegalCopyright : Copyright (C) Silicon Integrated Systems Corp. 1998-2004
    OriginalFilename : SISTRAY.EXE
    Comments : SiS Compatible Super VGA Tray Application

    #:33 [avgwb.dat]
    FilePath : C:\PROGRA~1\Grisoft\AVG7\
    ProcessID : 304
    ThreadCreationTime : 7-21-2007 11:33:02 PM
    BasePriority : Normal
    FileVersion : 7.5.0.458
    ProductVersion : 7.5.0.458
    ProductName : AVG Anti-Virus system
    CompanyName : GRISOFT, s.r.o.
    FileDescription : AVG Basic Interface
    InternalName : avgwb
    LegalCopyright : Copyright © 2007 GRISOFT, s.r.o.
    OriginalFilename : AVGWB.EXE

    #:34 [spybotsd.exe]
    FilePath : C:\Program Files\Spybot - Search & Destroy\
    ProcessID : 3300
    ThreadCreationTime : 7-21-2007 11:33:38 PM
    BasePriority : Normal
    FileVersion : 1, 3, 0, 12
    ProductVersion : 1, 3, 0, 12
    ProductName : SpyBot-S&D
    CompanyName : Safer Networking Limited
    FileDescription : Spybot - Search & Destroy
    InternalName : SpybotSD
    LegalCopyright : © 2000-2004 Patrick M. Kolla / Safer Networking Limited. Alle Rechte vorbehalten.
    LegalTrademarks : "Spybot" und "Spybot - Search & Destroy" sind registrierte Warenzeichen.
    OriginalFilename : SpyBotSD.exe
    Comments : Software zum Entfernen von Spyware und ähnlichen Bedrohungen.

    #:35 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 384
    ThreadCreationTime : 7-22-2007 12:07:27 AM
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:36 [ad-aware.exe]
    FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
    ProcessID : 1740
    ThreadCreationTime : 7-22-2007 12:37:57 AM
    BasePriority : Normal
    FileVersion : 6.2.0.236
    ProductVersion : SE 106
    ProductName : Lavasoft Ad-Aware SE
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-Aware SE Core application
    InternalName : Ad-Aware.exe
    LegalCopyright : Copyright © Lavasoft AB Sweden
    OriginalFilename : Ad-Aware.exe
    Comments : All Rights Reserved

    Memory scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 12

    Started registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Registry Scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 12

    Started deep registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Deep registry scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 12

    Started Tracking Cookie scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Tracking Cookie Object Recognized!
    Type : IECache Entry
    Data : [email protected][1].txt
    TAC Rating : 3
    Category : Data Miner
    Comment : Hits:2
    Value : Cookie:jennifer [email protected]/
    Expires : 7-19-2012 6:08:30 PM
    LastSync : Hits:2
    UseCount : 0
    Hits : 2

    Tracking cookie scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 1
    Objects found so far: 13

    Deep scanning and examining files (C:)
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Disk Scan Result for C:\
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 13

    Scanning Hosts file......
    Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Hosts file scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    1 entries scanned.
    New critical objects:0
    Objects found so far: 13

    Performing conditional scans...
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Conditional scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 13

    8:09:11 PM Scan Complete

    Summary Of This Scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Total scanning time:00:27:30.594
    Objects scanned:161160
    Objects identified:1
    Objects ignored:0
    New critical objects:1

    I also ran an AVG scan, then an HJT scan last. I'll add the logs of those into a new reply so the post length won't go over.
     
  9. jenn511b

    jenn511b Thread Starter

    Joined:
    Jul 18, 2007
    Messages:
    8
    Here's the results of the AVG scan - Link and showing the 'kernel32.dll' as 'changed' here

    Then I ran SASS - here's the log from that:
    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 07/22/2007 at 00:47 AM

    Application Version : 3.9.1008

    Core Rules Database Version : 3271
    Trace Rules Database Version: 1282

    Scan type : Complete Scan
    Total Scan Time : 03:38:27

    Memory items scanned : 402
    Memory threats detected : 0
    Registry items scanned : 4943
    Registry threats detected : 0
    File items scanned : 51408
    File threats detected : 0
    ---------------------------
    The last thing I ran was HJT, here's that log:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:50:37 AM, on 7/22/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\keyhook.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\DellSupport\DSAgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\WINDOWS\system32\sistray.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Documents and Settings\Jennifer Benson\Desktop\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
    --
    End of file - 5336 bytes

    One last thing I wanted to include, was screen prints of what happens when I try to send email through Hotmail. Before Sending and After Sending.
     
  10. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    I would remove IE7 and see if the same thing happens.
     
  11. jenn511b

    jenn511b Thread Starter

    Joined:
    Jul 18, 2007
    Messages:
    8
    OMG you are a genius! Uninstalling IE7 was the solution. Now, my question....can I redownload IE7 again, or should I not just press my luck? I really liked the layout of it, it was easy to use, but if it's gonna botch up my computer again later, I'll just deal with IE6. What caused my problem in the first place? Is there something I need to watch for now, so that it won't happen again later?

    Thanks so much for all your help!!
     
  12. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    I would create a new restore point and then download it again. If you have the same problem again you know how to fix it! ;)

    You're welcome!
     
  13. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/597525

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice