I first noticed a problem when Internet Explorer had trouble opening and staying open>saying IE had terminated abnormally>asking if I wanted to restore previous session>ignoring when I answered either Y or N>blinking with a black screen>freezing the cursor>crashing to a blue screen.
I have 2 pgms called Internet Explorer, one in the "Program Files" folder and a second in the "Program Files (x86)" folder. I dont know if I am supposed to have 2 pgms.
I often have both Chrome and IE open at the same time. Chrome does not seem to have a problem. I can get to Outlook by using Chrome to call up msn.com and then logging in to Outlook on msn.com.
I tried to repair IE, but the best I could do was upgrade from IE10 to IE11. The problem didnt go away. I tried many things, including several MicrosoftFixIt programs. I have since noticed that some updates have failed, some Windows 7 files are missing or corrupt, and a variety of other bad things have happened. Additionally, I am puzzled that some items I thought I had removed show up in the logs below.
Windows 7 Home Premium v6.1a, Internet Explorer 11. More details in Belarc Advisor.
Some clues:
Code 8004FF80
Code 0x80070057 Root Cause RC_Data Store
Code 0x80070643 cancelled by wizard from MS Download page. Code indicates various IE issues.
FixIt jumped to IE Microsoft Automated Troubleshooting Services
Wizard cancelled Microsoft Security Essentials - 4.6.305.0 (KB2965031)
Several efforts led to message Your system administrator has set policies to prevent this installation. I AM THE SYSTEM ADMINISTRATOR!
I have backed up my personal data. I have removed all questionable programs previously downloaded from the web. Hit and miss, as I looked at the Properties of some (not all) files, I changed them to be compatible with Windows 7. I dont know where to go from here.
Below are the results and/ATTACHMENTS for TSG Sysinfo, HJT, GMER, and Belarc Advisor. I hope they help.
=========================================================================== ======
TSG Sysinfo
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 4056 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 1804 Mb
Hard Drives: C: Total - 461899 MB, Free - 356351 MB; F: Total - 476821 MB, Free - 311077 MB;
Motherboard: Dell Inc., 0G848F
Antivirus: Microsoft Security Essentials, Disabled
HijackThis
Received this msg: For some reason your system denied Write access to the Hosts file. If any Hijacked domains are in this file, HijackThis may NOT be able to fix this.
I then ran HijackThis as Administrator and got these results:
=======================
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 1:12:44 PM, on 9/23/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\Touchpad Blocker\TouchpadBlocker.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
F:\02 Technical\Techguys\2014 downloads icw problems\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about
:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Snaptop.exe] c:\program files (x86)\tools\snaptop\snaptop.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [TouchpadBlocker.exe] "C:\Program Files (x86)\Touchpad Blocker\TouchpadBlocker.exe" -startup
O4 - HKCU\..\Run: [ISUSPM] c:\programdata\flexnet\connect\11\isuspm.exe -scheduler
O4 - HKCU\..\Run: [HP Officejet Pro 8500 A910 (NET)] "C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "cn15gbr0nm:nw" -scfn "hp officejet pro 8500 a910 (net)" -AutoStart 1
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities v5.6.0.13\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\dudley\AppData\Local\Apps\2.0\MLRHZN8G.A30\07DJMBQW.24G\dell..tion _0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\Run: [HP Officejet Pro 8500 A910 (NET)] "C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe" -deviceID "CN15GBR0NM:NW" -scfn "HP Officejet Pro 8500 A910 (NET)" -AutoStart 1 (User 'Edward Kirsch')
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\Run: [Driver Support] C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe /applicationMode:systemTray /showWelcome:false (User 'Edward Kirsch')
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'Edward Kirsch')
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\Run: [TouchpadBlocker.exe] "C:\Program Files (x86)\Touchpad Blocker\TouchpadBlocker.exe" -startup (User 'Edward Kirsch')
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\Run: [DriverMax] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -agent (User 'Edward Kirsch')
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\Run: [Driver Manager] C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe /applicationMode:systemTray /showWelcome:false (User 'Edward Kirsch')
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\Run: [DellSystemDetect] C:\Users\Edward Kirsch\AppData\Local\Apps\2.0\X9Q893WR.DJR\TXECCXNL.QRB\dell..tion_0f612f64 9c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe (User 'Edward Kirsch')
O4 - HKUS\S-1-5-21-1625300122-3579882335-3230745189-1000\..\RunOnce: [Uninstall C:\Users\Edward Kirsch\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Edward Kirsch\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" (User 'Edward Kirsch')
O4 - S-1-5-21-1625300122-3579882335-3230745189-1000 Startup: Monitor Ink Alerts - HP Officejet Pro 8500 A910 (Network).lnk = ? (User 'Edward Kirsch')
O4 - S-1-5-21-1625300122-3579882335-3230745189-1000 User Startup: Monitor Ink Alerts - HP Officejet Pro 8500 A910 (Network).lnk = ? (User 'Edward Kirsch')
O4 - S-1-5-21-1625300122-3579882335-3230745189-1006 Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Marsha F Slucker')
O4 - S-1-5-21-1625300122-3579882335-3230745189-1006 Startup: Uninstall LastPass RunOnce.lnk = Marsha F Slucker\AppData\Roaming\lpuninstall.exe (User 'Marsha F Slucker')
O4 - S-1-5-21-1625300122-3579882335-3230745189-1006 User Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Marsha F Slucker')
O4 - S-1-5-21-1625300122-3579882335-3230745189-1006 User Startup: Uninstall LastPass RunOnce.lnk = Marsha F Slucker\AppData\Roaming\lpuninstall.exe (User 'Marsha F Slucker')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.6\LaunchEspresso.exe
O9 - Extra 'Tools' menuitem: HP Smart Print 2.6 - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.6\LaunchEspresso.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} -
http://h20614.www2.hp.com/ediags/gmd...pIdfPlugin.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) -
https://allianzlife.webex.com/client...t/ieatgpc1.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) -
http://utilities.pcpitstop.com/da2/PCPitStop2.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Unknown owner - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - F:\07 My Downloads\AVG AntiVirus Free 2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - F:\07 My Downloads\AVG AntiVirus Free 2014\avgwdsvc.exe
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KSafe service (KSafeSvc) - Kingsoft Corporation - C:\Program files (x86)\Kingsoft\PCDoctor\KSafeSvc.exe
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Unknown owner - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15178 bytes
=========================================================================== ===============
GMER see attached
=========================================================================== ===============
Belarc Advisor see attached
=========================================================================== ==========