i followed the instructions in the sticky thread and appeared to have removed begin2search. however it still doesn't work like it did before (start page does not load on this computer even when it loads on other computers)

at first i tried to use firefox instead of ie but it says "connection refused when attempting to contact _______ (insert any site)" (still gives same error).

the HJT log from safe mode: (attached because i'm currently unable to post links)

thanks for any help you can give.

Hello and welcome to Techspot.

Let Hijackthis get rid of the following.

O2 - BHO: Xbrowse Class - {83DC91DB-7896-43E3-B34D-A7D043F16BB1} - C:\Documents and Settings\All Users\Application Data\RDSA\rdsa.dll

I`m not to sure about this one I`ve done a google search but found nothing!!

O4 - HKLM\..\Run: [hpmvsb] C:\WINDOWS\system32\hpmvsb.exe ????

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

I think that`s about it.

Regards Howard

No point in throwing out innocent files:
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
if you still leave (some of) the baddies in!

In Safe Mode, Fix with HJT:
O2 - BHO: Xbrowse Class - {83DC91DB-7896-43E3-B34D-A7D043F16BB1} - C:\Documents and Settings\All Users\Application Data\RDSA\rdsa.dll
O2 - BHO: Xbrowse Class - {CE7EF827-47CC-48EB-B570-C367F1E1277E} - C:\Documents and Settings\All Users\Application Data\x1ff\x1ff.dll
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [hpmvsb] C:\WINDOWS\system32\hpmvsb.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?

Then reboot again in safe mode and find and delete:
c:\documents and settings\all users\application data\rdsa <--- FOLDER
c:\documents and settings\all users\application data\x1ff <--- FOLDER