Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: [1]   Go Down

Author Topic: first add ons disabled, then won't reboot  (Read 7148 times)

0 Members and 1 Guest are viewing this topic.

Clovis

    Topic Starter


    Rookie

    first add ons disabled, then won't reboot
    « on: November 01, 2008, 01:29:19 PM »
    I may not have all the info on this system as it was custom built, but here's what I have so far:

    Processor:                AMD
    RAM:                         8 gig
    Total Memory:          1047552K
    Hard Drive:               Maxtor 7H500F0
                                     Bootable Add-In Cards
    CDROM:                    LITE-ON DVDRW SHW-160P6S
    Network:                  NVIDIA Boot Agent 242.0535



    I recently started getting an "add ons disabled" message.  Then the computer stopped booting. 

    Thanks Again! 

    Clovis
    Logged

    Carbon Dudeoxide

    • Global Moderator

      • Mastermind
      • Thanked: 169
      • Yes
      • Yes
      • Yes
    • Certifications: List
    • Experience: Guru
    • OS: Mac OS
    Re: first add ons disabled, then won't reboot
    « Reply #1 on: November 01, 2008, 11:18:44 PM »
    Quote

    I recently started getting an "add ons disabled" message.  Then the computer stopped booting.
    We need more information. Please look here: http://www.computerhope.com/forum/index.php/topic,33586.html
    Logged

    Clovis

      Topic Starter


      Rookie

      Re: first add ons disabled, then won't reboot
      « Reply #2 on: November 02, 2008, 06:07:14 AM »
      I'm running WindowsXP with Internet Explorer 7.
      Logged

      Carbon Dudeoxide

      • Global Moderator

        • Mastermind
        • Thanked: 169
        • Yes
        • Yes
        • Yes
      • Certifications: List
      • Experience: Guru
      • OS: Mac OS
      Re: first add ons disabled, then won't reboot
      « Reply #3 on: November 02, 2008, 07:05:00 AM »
      What is the exact error message?

      What did you do before the problem? (downloads/installs/hardware changes/ect....)

      What happens now? What EXACTLY happens when you press the power button?
      Logged

      Clovis

        Topic Starter


        Rookie

        Re: first add ons disabled, then won't reboot
        « Reply #4 on: November 02, 2008, 03:27:36 PM »
        Thanks for getting back.

        I was surfing the net viewing some videos.  No new hardware installs or downloads that I'm aware of.

        I have two unfamiliar programs on the Add and Remove Programs list.  One is Check Point SSL Network Extender Components Shell.  The other is Check Point SSL Network Extender Service.

        I'm not actually getting an error message when I hit the power button.  I get a black screen with a Windows XP logo and a dotted blue line that scrolls for ten seconds then the screen shuts off.  After one second it comes back on but now the blue dotted line is not moving.  Nothing else happens - just a freeze on the logo screen.

        I can also get the screen that allows me to start in safe mode with networking capability.



        Logged

        Clovis

          Topic Starter


          Rookie

          Re: first add ons disabled, then won't reboot
          « Reply #5 on: November 02, 2008, 05:43:31 PM »
          Got a couple of logs.  For the other programs I got "cannot open in safe mode" or "system administrator has set policies to prevent this installation."

          MBAM LOG

          Logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 5:21:14 PM, on 11/2/2008
          Platform: Windows XP SP3 (WinNT 5.01.2600)
          MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
          Boot mode: Safe mode with network support

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\Explorer.EXE
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\WINDOWS\system32\ctfmon.exe
          C:\Program Files\Trend Micro\HijackThis\sniper.exe.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
          O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
          O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
          O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
          O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
          O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
          O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
          O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
          O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
          O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe"
          O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
          O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
          O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
          O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
          O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\VistaDriveIcon\DrvIcon.exe
          O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
          O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
          O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
          O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
          O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
          O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
          O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
          O4 - HKLM\..\Run: [HotSync] "C:\Program Files\PalmSource\Desktop\HotSync.exe" -AllUsers
          O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Downloads\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
          O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Downloads\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
          O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
          O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
          O4 - HKCU\..\Run: [VisualTaskTips] "C:\Program Files\VisualTaskTips\VisualTaskTips.exe" noTrayIcon
          O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
          O4 - HKCU\..\RunOnce: [WCIEClnOnce] C:\Program Files\blcorp\WCCSC\WCOC\WCNSCln.exe /WCI
          O4 - Startup: Thoosje Sidebar.lnk = C:\Program Files\Thoosje Sidebar V2.3\Thoosje Vista Sidebar.exe
          O4 - Startup: WinFlip.lnk = C:\Program Files\WinFlip\WinFlip.exe
          O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
          O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
          O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
          O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
          O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
          O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
          O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
          O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
          O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - https://portal.connect.cps.edu/sre/ICSScanner.cab
          O16 - DPF: {B4CB50E4-0309-4906-86EA-10B6641C8392} (SlimClient Class) - https://portal.connect.cps.edu/SNX/CSHELL/extender.cab
          O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
          O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
          O23 - Service: Symantec pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
          O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
          O23 - Service: Check Point SSL Network Extender (cpextender) - Check Point Software Technologies - C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
          O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
          O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
          O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
          O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
          O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
          O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
          O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
          O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
          O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
          O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
          O23 - Service: UWCService - Business Logic Corporation - C:\Program Files\blcorp\WCCSC\WCOC\UWCSrvc.exe

          --
          End of file - 8634 bytes

          SNIPER LOG

          Logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 5:21:14 PM, on 11/2/2008
          Platform: Windows XP SP3 (WinNT 5.01.2600)
          MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
          Boot mode: Safe mode with network support

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\Explorer.EXE
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\WINDOWS\system32\ctfmon.exe
          C:\Program Files\Trend Micro\HijackThis\sniper.exe.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
          O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
          O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
          O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
          O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
          O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
          O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
          O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
          O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
          O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe"
          O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
          O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
          O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
          O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
          O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\VistaDriveIcon\DrvIcon.exe
          O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
          O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
          O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
          O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
          O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
          O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
          O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
          O4 - HKLM\..\Run: [HotSync] "C:\Program Files\PalmSource\Desktop\HotSync.exe" -AllUsers
          O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Downloads\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
          O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Downloads\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
          O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
          O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
          O4 - HKCU\..\Run: [VisualTaskTips] "C:\Program Files\VisualTaskTips\VisualTaskTips.exe" noTrayIcon
          O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
          O4 - HKCU\..\RunOnce: [WCIEClnOnce] C:\Program Files\blcorp\WCCSC\WCOC\WCNSCln.exe /WCI
          O4 - Startup: Thoosje Sidebar.lnk = C:\Program Files\Thoosje Sidebar V2.3\Thoosje Vista Sidebar.exe
          O4 - Startup: WinFlip.lnk = C:\Program Files\WinFlip\WinFlip.exe
          O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
          O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
          O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
          O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
          O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
          O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
          O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
          O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
          O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - https://portal.connect.cps.edu/sre/ICSScanner.cab
          O16 - DPF: {B4CB50E4-0309-4906-86EA-10B6641C8392} (SlimClient Class) - https://portal.connect.cps.edu/SNX/CSHELL/extender.cab
          O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
          O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
          O23 - Service: Symantec pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
          O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
          O23 - Service: Check Point SSL Network Extender (cpextender) - Check Point Software Technologies - C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
          O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
          O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
          O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
          O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
          O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
          O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
          O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
          O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
          O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
          O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
          O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
          O23 - Service: UWCService - Business Logic Corporation - C:\Program Files\blcorp\WCCSC\WCOC\UWCSrvc.exe

          --
          End of file - 8634 bytes
          Logged

          Clovis

            Topic Starter


            Rookie

            Re: first add ons disabled, then won't reboot
            « Reply #6 on: November 02, 2008, 05:50:59 PM »
            Here are the logs as attachments.

            [Saving space - attachment deleted by admin]
            Logged

            evilfantasy

            • Malware Removal Specialist
            • Moderator


              • Genius
            • Calm like a bomb
              • Thanked: 493
            • Experience: Experienced
            • OS: Windows 11
            Re: first add ons disabled, then won't reboot
            « Reply #7 on: November 03, 2008, 07:53:00 PM »
            I'm not sure this is a malware problem but we can have a closer look.

            Please print these instructions as they will be needed later when Internet access is not available.

            Download SDFix by AndyManchesta and save it to your desktop.

            When using this tool, you must use the Administrator's account or an account with Administrative rights
            • Double click SDFix.exe and it will extract the files to %systemdrive%
            • (this is the drive that contains the Windows Directory, typically C:\SDFix).
            • DO NOT use it just yet.
            Reboot your computer in Safe Mode using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

            Open the SDFix folder and double click RunThis.bat to start the script.
            • Type Y to begin the cleanup process.
            • It will remove any Trojan Services or Registry Entries found then prompt you to press any key to Reboot.
            • Press any Key and it will restart the PC.
            • When the PC restarts, the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
            • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.
            • Copy and paste the contents of the results file Report.txt in your next reply along with a new HijackThis log (from normal boot mode).
            Logged

            Clovis

              Topic Starter


              Rookie

              Re: first add ons disabled, then won't reboot
              « Reply #8 on: November 03, 2008, 08:36:39 PM »
              Hello.

              Everything ran fine but we're still frozen on the black xp screen.

              The log is attached.  I still can't boot up in normal mode to give you another highjackthis log.

              Is there a way to remove questionable registry files while in safe mode?  If I did would it make a difference?

              [Saving space - attachment deleted by admin]
              Logged

              evilfantasy

              • Malware Removal Specialist
              • Moderator


                • Genius
              • Calm like a bomb
                • Thanked: 493
              • Experience: Experienced
              • OS: Windows 11
              Re: first add ons disabled, then won't reboot
              « Reply #9 on: November 03, 2008, 08:48:43 PM »
              I'm not sure that this is malware related.

              Quote
              Is there a way to remove questionable registry files while in safe mode?

              What files?

              Do you have an XP CD?

              If so, place it in your CD ROM drive and follow the instructions below:
              • Click on Start > Run and type sfc /scannow then press Enter (note the space between scf and /scannow)
                • Let this run undisturbed until the window with the blue  progress bar goes away
              SFC - Which stands for System File Checker, retrieves the correct version of the file from %Systemroot%\System32\Dllcache or the Windows installation source files, and then replaces the incorrect file.
              Logged
              Pages: [1]   Go Up
              « previous next »