Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet Explorer shuts down when opening


  • Please log in to reply
1 reply to this topic

#1 brycmarcus

brycmarcus

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:47 AM

Posted 08 November 2004 - 01:51 PM

Here is a copy of my hijackthis.log



Logfile of HijackThis v1.98.0
Scan saved at 1:32:13 PM, on 11/8/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Connected\AgentSrv.EXE
C:\Program Files\Network ICE\BlackICE\blackd.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\IFXSPMGT.exe
C:\WINDOWS\System32\IFXTCS.exe
C:\Program Files\Tivoli\lcf\bin\w32-ix86\mrt\LCFD.EXE
C:\WINDOWS\System32\mckautostart.exe
c:\windows\system32\mcknvsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\NALNTSRV.EXE
C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
C:\WINDOWS\system32\SUSREP~1.EXE
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\TIVOLI~1.EXE
C:\WINDOWS\RCSERV.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\NWTRAY.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Atheros\ACU\Utility\ACU.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\duodfo.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\Program Files\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker0.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\VPTray.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Documents and Settings\Nick Lane\Application Data\cacp.exe
C:\PROGRA~1\MYDAIL~1\MYDAIL~1.EXE
C:\WINDOWS\System32\??oolsv.exe
C:\Program Files\Connected\CBSysTray.exe
C:\Program Files\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker1.exe
C:\WINDOWS\System32\dpmw32.exe
C:\hijackthis\HijackThis.exe

F2 - REG:system.ini: UserInit=C:\Windows\System32\wsaupdater.exe,
O2 - BHO: MxTargetObj Class - {0000607D-D204-42C7-8E46-216055BF9918} - C:\WINDOWS\mxTarget.dll
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll
O2 - BHO: (no name) - {4DD6437A-ED16-2190-825B-61550DF5791E} - C:\WINDOWS\System32\hgkwc.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ScreenSaverReset] C:\windows\i386\fi\security\ScreenSaverReset.exe
O4 - HKLM\..\Run: [NDPS] C:\WINDOWS\System32\dpmw32.exe
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU_QSB] C:\Program Files\Atheros\ACU\Utility\ACU.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SwdisUsrPCN.nysta-34250-1-nicholas_lane] "C:\PROGRA~1\Tivoli\lcf\dat\1\cache\lib\w32-ix86\wdusrpcn.exe" "C:\Program Files\Tivoli\swdis\1\wdusrpcn.env"
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load
O4 - HKLM\..\Run: [vgkigfytpgiyc] C:\WINDOWS\System32\duodfo.exe
O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.exe
O4 - HKLM\..\Run: [msbb] c:\docume~1\nickla~1\locals~1\temp\msbb.exe
O4 - HKLM\..\Run: [Windows SA] C:\Program Files\WindowsSA\omniscient.exe
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - HKLM\..\Run: [AppInstaller] C:\WINDOWS\I386\fi\tivoli\AppInst\AppInst.EXE
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [wzulkj] C:\WINDOWS\wzulkj.exe
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker0] "C:\Program Files\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker0.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Lerm] C:\Documents and Settings\Nick Lane\Application Data\cacp.exe
O4 - HKCU\..\Run: [eZmmod] C:\PROGRA~1\ezula\mmod.exe
O4 - HKCU\..\Run: [MyDailyHoroscope] C:\PROGRA~1\MYDAIL~1\MYDAIL~1.EXE
O4 - HKCU\..\Run: [Ajlkgkpz] C:\WINDOWS\System32\??oolsv.exe
O4 - Startup: Connected TaskBar Icon.LNK = C:\Program Files\Connected\CBSysTray.exe
O4 - Global Startup: Connected TaskBar Icon.lnk = C:\Program Files\Connected\CBSysTray.exe
O4 - Global Startup: VPN Client.lnk = ?
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O15 - Trusted Zone: *.209.172.180.115
O15 - Trusted Zone: http://*.209.172.180.115
O15 - Trusted Zone: *.amadeus.com
O15 - Trusted Zone: *.amadeus.net
O15 - Trusted Zone: *.apple.com
O15 - Trusted Zone: *.ariba.com
O15 - Trusted Zone: http://*.ariba.com
O15 - Trusted Zone: *.bcop.com
O15 - Trusted Zone: http://*.bcop.com
O15 - Trusted Zone: *.bombardier.com
O15 - Trusted Zone: *.cdw.com
O15 - Trusted Zone: http://*.cdw.com
O15 - Trusted Zone: *.cii.co.il
O15 - Trusted Zone: *.compaq.com
O15 - Trusted Zone: http://*.compaq.com
O15 - Trusted Zone: *.danskebank.dk
O15 - Trusted Zone: *.easybank.at
O15 - Trusted Zone: *.mckinsey.edtlearning.com
O15 - Trusted Zone: http://*.mckinsey.edtlearning.com
O15 - Trusted Zone: *.elementk.com
O15 - Trusted Zone: http://*.elementk.com
O15 - Trusted Zone: *.four51.com
O15 - Trusted Zone: http://*.four51.com
O15 - Trusted Zone: *.grandandtoy.com
O15 - Trusted Zone: http://*.grandandtoy.com
O15 - Trusted Zone: *.hallmark.com
O15 - Trusted Zone: *.hbsinteractive.hbs.edu
O15 - Trusted Zone: http://*.hbsinteractive.hbs.edu
O15 - Trusted Zone: *.hbsinteractive.hbs.edu
O15 - Trusted Zone: http://*.hbsinteractive.hbs.edu
O15 - Trusted Zone: *.hp.com
O15 - Trusted Zone: http://*.hp.com
O15 - Trusted Zone: *.icp
O15 - Trusted Zone: *.infotrieve.com
O15 - Trusted Zone: *.interride.com
O15 - Trusted Zone: http://*.interride.com
O15 - Trusted Zone: *.knowledgenet.com
O15 - Trusted Zone: http://*.knowledgenet.com
O15 - Trusted Zone: *.gps.mckinsey.com
O15 - Trusted Zone: http://*.gps.mckinsey.com
O15 - Trusted Zone: icp.intranet.mckinsey.com
O15 - Trusted Zone: mb2.mckinsey.com
O15 - Trusted Zone: http://mb2.mckinsey.com
O15 - Trusted Zone: mb2dev.mckinsey.com
O15 - Trusted Zone: http://mb2dev.mckinsey.com
O15 - Trusted Zone: mb2qa.mckinsey.com
O15 - Trusted Zone: http://mb2qa.mckinsey.com
O15 - Trusted Zone: setup.intranet.mckinsey.com
O15 - Trusted Zone: *.mckinsey.de
O15 - Trusted Zone: http://*.mckinsey.de
O15 - Trusted Zone: *.nikkei.co.jp
O15 - Trusted Zone: *.onex.com
O15 - Trusted Zone: http://*.onex.com
O15 - Trusted Zone: *.real.com
O15 - Trusted Zone: *.scandinavian.com
O15 - Trusted Zone: *.scandinavian.net
O15 - Trusted Zone: *.setup
O15 - Trusted Zone: *.shi.com
O15 - Trusted Zone: http://*.shi.com
O15 - Trusted Zone: *.staatsbibliothek-berlin.de
O15 - Trusted Zone: *.stabikat.de
O15 - Trusted Zone: *.webex.com
O15 - Trusted Zone: http://*.webex.com
O15 - Trusted Zone: *.windowsmedia.com
O15 - Trusted Zone: *.workplace.com
O15 - Trusted Zone: http://*.workplace.com
O15 - Trusted Zone: *.wwworkplace.com
O15 - Trusted Zone: http://*.wwworkplace.com
O16 - DPF: {07637823-C894-4A52-B3F9-5D777FD8E36A} - http://www.mydailyhoroscope.net/mdh/install.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ads.mckinsey.com
O17 - HKLM\Software\..\Telephony: DomainName = ads.mckinsey.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{56CE9DBD-EF4C-4C32-A98F-B3BDDC711E5B}: Domain = McKinsey.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{B485B440-C066-4A9C-9C4A-A7E208E67DCA}: Domain = McKinsey.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ads.mckinsey.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = ads.mckinsey.com,sta.mckinsey.com,notes.mckinsey.com,intranet.mckinsey.com,tivoli.mckinsey.com,mckinsey.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ads.mckinsey.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = ads.mckinsey.com,sta.mckinsey.com,notes.mckinsey.com,intranet.mckinsey.com,tivoli.mckinsey.com,mckinsey.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = ads.mckinsey.com,sta.mckinsey.com,notes.mckinsey.com,intranet.mckinsey.com,tivoli.mckinsey.com,mckinsey.com

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,540 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:47 AM

Posted 08 November 2004 - 05:15 PM

You are using an outdated version of hijackthis. Please download the newer version.

Download HijackThis from:

HijackThis Download Site

Then post a new log




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users