Posted 10 December 2009 - 10:15 PM
hi all
I have this problem with my IE. I cannot browse the internet using IE6 but can with opera, netscape and firefox.
the following is hijackthis.log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:28:09, on 11/12/2009
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\SCardSvr.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
d:\PROGRA~1\eScan\VISTA\avpmapp.exe
d:\PROGRA~1\eScan\TRAYCSER.EXE
C:\WINNT\System32\svchost.exe
D:\Program Files\nero\Nero 7\InCD\InCDsrv.exe
d:\PROGRA~1\eScan\consctl.exe
d:\PROGRA~1\eScan\TRAYICOC.EXE
C:\Program Files\Common Files\MicroWorld\Agent\MWASER.EXE
C:\Program Files\Common Files\MicroWorld\Agent\MWAgent.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\Smartscaps.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\igfxpers.exe
C:\WINNT\System32\igfxsrvc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\PROGRA~1\eScan\ESCANIPC.EXE
D:\Program Files\nero\Nero 7\InCD\InCD.exe
D:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
d:\PROGRA~1\eScan\Vista\escanmon.exe
D:\Program Files\Digicert\dcCert\dcCertSvr.exe
D:\Program Files\Digicert\dcRevoke\dcRevokeMon.exe
D:\Program Files\Digicert\dcRevoke\dcRevokeSvr.exe
D:\Program Files\SmartTrust\SmartTrust Personal\NetDetacher\SmartDetacher.exe
D:\Program Files\SmartTrust\SmartTrust Personal\Csp\SmartCertmover.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
D:\Program Files\Opera7\opera.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
E:\cannot browse internet\HiJackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Caw ICT Bhg Pasca Perkhidmatan
N2 - Netscape 6: user_pref("browser.startup.homepage", "http:/www.google.com"); (C:\Documents and Settings\TRAINING\Application Data\Mozilla\Profiles\default\59yeox7g.slt\prefs.js)
N2 - Netscape 6: user_pref("browser.search.defaultengine", "engine://D%3A%5CProgram%20Files%5CNetscape%5CNetscape%206%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\TRAINING\Application Data\Mozilla\Profiles\default\59yeox7g.slt\prefs.js)
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - d:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - d:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Persistence] C:\WINNT\System32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [eScanIPC] d:\PROGRA~1\eScan\ESCANIPC.EXE
O4 - HKLM\..\Run: [MailScan Dispatcher] "d:\PROGRA~1\eScan\LAUNCH.EXE" /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [InCD] D:\Program Files\nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Startup: Shortcut to POPPeeper.lnk = D:\Program Files\POP Peeper\POPPeeper.exe
O4 - Global Startup: dcCert Server.lnk = D:\Program Files\Digicert\dcCert\dcCertSvr.exe
O4 - Global Startup: dcRevoke CRL Monitor.lnk = D:\Program Files\Digicert\dcRevoke\dcRevokeMon.exe
O4 - Global Startup: dcRevoke Server.lnk = D:\Program Files\Digicert\dcRevoke\dcRevokeSvr.exe
O4 - Global Startup: NetDetacher.lnk = D:\Program Files\SmartTrust\SmartTrust Personal\NetDetacher\SmartDetacher.exe
O4 - Global Startup: Orbit.lnk = D:\Program Files\Orbitdownloader\orbitdm.exe
O4 - Global Startup: powerimage.bat
O4 - Global Startup: SmartTrust CSP Certificate Utility.lnk = D:\Program Files\SmartTrust\SmartTrust Personal\Csp\SmartCertmover.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download by Orbit - res://d:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://d:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: + &Mass Downloader: download this file - D:\Program Files\Mass Downloader\Add_Url.htm
O8 - Extra context menu item: + Mass Downloader: download &All files - D:\Program Files\Mass Downloader\Add_All.htm
O8 - Extra context menu item: Do&wnload selected by Orbit - res://d:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://d:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download &this page with WebCloner - d:\Program Files\ProductsFoundry\WebCloner Pro 2.4\addthis.htm
O8 - Extra context menu item: Download all &images with WebCloner - d:\Program Files\ProductsFoundry\WebCloner Pro 2.4\addimg.htm
O8 - Extra context menu item: Download all &links with WebCloner - d:\Program Files\ProductsFoundry\WebCloner Pro 2.4\addurl.htm
O8 - Extra context menu item: Download selected images with WebCloner - d:\Program Files\ProductsFoundry\WebCloner Pro 2.4\addselimgs.htm
O8 - Extra context menu item: Download selected links with WebCloner - d:\Program Files\ProductsFoundry\WebCloner Pro 2.4\addsellinks.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O10 - Unknown file in Winsock LSP: c:\winnt\system32\nwprovau.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=http://www.google.com
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{67D044BD-F05D-4171-88BE-0106375EC3A6}: NameServer = 10.21.4.232,10.21.4.233
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: DB2 JDBC Applet Server (DB2JDS) - International Business Machines Corporation - D:\Program Files\IBM\SQLLIB\BIN\db2jds.exe
O23 - Service: DB2 Security Server (DB2NTSECSERVER) - International Business Machines Corporation - D:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: eScan Monitor Service - MicroWorld Technologies Inc. - d:\PROGRA~1\eScan\VISTA\avpmapp.exe
O23 - Service: eScan Client-Updater (eScan-trayicoc) - MicroWorld Technologies Inc. - d:\PROGRA~1\eScan\TRAYCSER.EXE
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: MWAgent - MicroWorld Technologies Inc. - C:\Program Files\Common Files\MicroWorld\Agent\MWASER.EXE
O23 - Service: NBService - Nero AG - D:\Program Files\nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SmartTrust Smart Card Server (Smartscaps) - SmartTrust - C:\WINNT\system32\Smartscaps.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 9951 bytes
Edit: Moved topic from Web Browsing/Email and Other Internet Applications to the more appropriate forum. ~ Animal