Hi to all. I'm new here and looking for major help. Currently I have a some really bad issues with my computer.

1. First any link in IE that opens a new window will not work. It produces a blank window that states Microsoft Internet Explorer on the title bar and nothing more.

2. Windows automatic update and System Restore do not work. When I go to windows.com and try to load updates I get the checking screen that goes nowhere. The home link and log links are not highlighted and are not linkable. I also cannot download service pack two.

3. My desktop constantly flashes and except for my wallpaper everything disappears. Occasionally the quick icons are gone.

Continued

I did a Hijack log

Logfile of HijackThis v1.97.7
Scan saved at 11:33:39 PM, on 11/29/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\WINDOWS\system32\tbctray.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\NORTON~3\NORTON~1\NPROTECT.EXE
C:\PROGRA~1\NORTON~3\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS10
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.optonline.net/Home
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus7.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus7.hpwis.com/
N3 - Netscape 7: # Mozilla User Preferences
// This is a generated file!

user_pref("browser.bookmarks.added_static_root", true);
user_pref("browser.download.dir", "G:\\Clips");
user_pref("browser.history.last_page_visited", "http://channels.netscape.com/ns/browsers/7/su_setup70.jsp");
user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CMozilla%5Csearchplugins%5Cgoogle.src");
user_pref("browser.startup.homepage_override.mstone", "rv:1.0.1");
user_pref("dom.disable_open_during_load", true);
user_pref("intl.charsetmenu.browser.cache", "UTF-8, windows-1252, ISO-8859-1");
user_pref("prefs.converted-to-utf8", true);
user_pref("privacy.popups.first_popup", false);
user_pref("privacy.popups.remove_blacklist", false);
user_pref("privacy.popups.sound_enabled", true);
user_pref("privacy.popups.sound_url", "G:\\Clips\\giveme25.wav");
user_pref("security.warn_submit_insecure", false);
user_pref("signon.SignonFileName", "86669735.s");
user_pref("timebomb.first_launch_time", "10987566
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Yahoo! Companion BHO - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Optimum Online Toolbar - {720B3C59-7EDE-44d1-AD9C-71106A7550AF} - C:\Program Files\OptimumOnline\insptbar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe -CheckReg
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\system32\tbctray.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: Optimum Online Cursor Search - C:\Documents and Settings\All Users\Application Data\Infospace\OptimumOnline\contextsearch.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Yahoo! Login (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Login (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://mail.optonline.net
O15 - Trusted Zone: *.streamload.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) - http://protect.microsoft.com/security/protect/wsa/shared/CAB/x86/msSecAdv.cab?1101593046968
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/26661742971d18dda503/netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098759938390
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://download.yahoo.com/dl/installs/ymail/ymmapi.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2F9D054-D2B5-4CE8-9BDF-8BF3A81DB7E9} (ProductIDGatherer.WindowsGatherer) - http://download.microsoft.com/download/a/3/7/a377aea1-7b14-4fa1-933c-43e657b37995/ProductIDGatherer.CAB
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.streamload.com/Upload/XUpload.ocx

I am running XP with service pack one
Norton Antivirus 2005
Webroot Spy Sweeper and Window Washer.

I have been using Firefox and I am starting to like it but my wife still uses IE. It is aggravating not being able to link any new window links.

I am more concerned with the update and restore problems. I ordereed SP2 on disk but realize that it si probably going to take 2-3 monthes to get it.

Any and all help will be greatly appreciated.

Happy holiday season to all and thank you for any and all help and suggestions

Sorry for the 3 posts but it is the only way I can post this cry for help.

1) dont use IE use A real brownser

2)get ad-adwear (http://www.lavasoftusa.com/)

I have run Ad-aware, Spybot and Spy Sweeper. Still having problems.

Just use FireFox

You have Norton AV installed so it's probably not a virus.
You are using Window Washer, I personally would advise against using any 'cleaning' program on XP; if you are not 100% sure of the value of the keys marked for removal, don't use it.
Many of the 'cleaning' programs remove important system keys.

See if system restore has been switched off:
Start > My Computer, and then click Properties.
Click the System Restore tab.
uncheck the "Turn off System Restore"

If system restore now works, go back to a point when you know XP was functioning correctly.
Do this before updating to SP2! important!

The Window Update link is not always correct, try a direct link:
http://v4.windowsupdate.microsoft.com/
or
http://v5.windowsupdate.microsoft.com/

lakers01 wrote:
don't use IE use A real browser
Not a viable option; many corporate and online banking sites will not work correctly in Firefox :(

Restore is not turned off. I should have been clearer. System restore runs and restarts my computer but always states UNABLE TO RESTORE no changes have been made to your computer. I have have tried 4 different dates.

I need IE for some of my banking and bill paying sites.

The direct links still do not work but thanks.

I don't see anything wrong in your log, but try downloading the newest version of HJT and post a new log.

Also Norton misses many viruses and trojans. See one of my other posts around here for a link to sysclean, trend micros free one-time removal tool.

Do you have multiple user accounts on your pc? If so, does this one have admin priviledges?

If all else fails find your hard drive manufacturers web site, download their diagnostics tool and check your pc. Then find a copy of memtest86 and run that. Then update drivers...

Also did you deliberately modify your netscape preferences with the stuff showing in the log? I can't find any info on the timebomb line...

btw opera has an 'identify as IE' mode that might get you into the banking sites, if you need to get there. (google 'opera')

Originally posted by DaveSW
I don't see anything wrong in your log, but try downloading the newest version of HJT and post a new log.

Also Norton misses many viruses and trojans. See one of my other posts around here for a link to sysclean, trend micros free one-time removal tool.

Do you have multiple user accounts on your pc? If so, does this one have admin priviledges?

If all else fails find your hard drive manufacturers web site, download their diagnostics tool and check your pc. Then find a copy of memtest86 and run that. Then update drivers...

Also did you deliberately modify your netscape preferences with the stuff showing in the log? I can't find any info on the timebomb line...

I do not have any other accounts but the main one.

I downloaded Hijack yesterday so I think it's the newest one.
I'll try the Compaq's web site .

Sorry I don't understand the timebomb question.

Thanks for the help.
Thanks.

If you feel comfortable editing your registry try reinstalling IE (http://www.theeldergeek.com/repair_reinstall_ie_and_oe_6.htm)

Originally posted by thirstyk
Sorry I don't understand the timebomb question.

Well these lines here:

N3 - Netscape 7: # Mozilla User Preferences
// This is a generated file!

user_pref("browser.bookmarks.added_static_root", true);
user_pref("browser.download.dir", "G:\\Clips");
user_pref("browser.history.last_page_visited", "http://channels.netscape.com/ns/browsers/7/su_setup70.jsp");
user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CMozilla%5Csearchplugins%5Cgoogle.src");
user_pref("browser.startup.homepage_override.mstone", "rv:1.0.1");
user_pref("dom.disable_open_during_load", true);
user_pref("intl.charsetmenu.browser.cache", "UTF-8, windows-1252, ISO-8859-1");
user_pref("prefs.converted-to-utf8", true);
user_pref("privacy.popups.first_popup", false);
user_pref("privacy.popups.remove_blacklist", false);
user_pref("privacy.popups.sound_enabled", true);
user_pref("privacy.popups.sound_url", "G:\\Clips\\giveme25.wav");
user_pref("security.warn_submit_insecure", false);
user_pref("signon.SignonFileName", "86669735.s");
user_pref("timebomb.first_launch_time", "10987566

are Netscape/Mozilla preferences. However, they are the sort of thing I would expect to see put there by advanced users. Some of them suppress error messages and popups. So if you didn't deliberately do that then maybe check the boxes next to them and fix them. You can always undo it from your backups in HJT if you did really want them.

BTW move HJT into a folder of it's own before doing anything.

Originally posted by Fang
If you feel comfortable editing your registry try reinstalling IE (http://www.theeldergeek.com/repair_reinstall_ie_and_oe_6.htm)

That took care of the IE problem .

YOU ARE THE MAN (OR WOMAN)!!!!!!!

Pleased the solution was relatively simple :D

Originally posted by DaveSW
Well these lines here:

are Netscape/Mozilla preferences. However, they are the sort of thing I would expect to see put there by advanced users. Some of them suppress error messages and popups. So if you didn't deliberately do that then maybe check the boxes next to them and fix them. You can always undo it from your backups in HJT if you did really want them.

BTW move HJT into a folder of it's own before doing anything.

I moved HJT.

When I installed window washer I think it set those parameters for Netscape because I didn't

So you've fixed problem 1, but 2 & 3 remain outstanding?
have you updated all your drivers?