IE opening randomlyHJT log included

Home Forums Client Operating Systems Windows 2000 Pro, XP Pro IE opening randomlyHJT log included

Viewing 1 post (of 1 total)
  • Author
    Posts
  • Avatar
    mmullins
    Member
    #130124

    I have a laptop that was infested with spyware and ran a few fixer tools (combofix, vunofix, etc.) which seems to have removed most of the issues i was having but, while im browsing the web (with firefox) IE will randomly pop up with a blank page and never load anything. i have attempted several things found on google. i was hoping someone could take a look at my HijackThis log with the hopes that someone would see something that i dont. any help is greatly appreciated.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 6:45:38 PM, on 2/1/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:WINDOWSSystem32smss.exe
    C:WINDOWSsystem32winlogon.exe
    C:WINDOWSsystem32services.exe
    C:WINDOWSsystem32lsass.exe
    C:WINDOWSsystem32svchost.exe
    C:WINDOWSSystem32svchost.exe
    C:Program FilesIntelWirelessBinEvtEng.exe
    C:Program FilesIntelWirelessBinS24EvMon.exe
    C:Program FilesIntelWirelessBinWLKeeper.exe
    C:WINDOWSsystem32spoolsv.exe
    C:Program FilesIntelWirelessBinZcfgSvc.exe
    C:WINDOWSExplorer.EXE
    C:WINDOWSsystem32hkcmd.exe
    C:Program FilesJavaj2re1.4.2_03binjusched.exe
    C:Program FilesSynapticsSynTPSynTPLpr.exe
    C:Program FilesSynapticsSynTPSynTPEnh.exe
    C:Program FilesIntelWirelessBinifrmewrk.exe
    C:Program FilesDellQuickSetquickset.exe
    C:Program FilesMicrosoft IntelliPointpoint32.exe
    C:WINDOWSsystem32ctfmon.exe
    C:Program FilesSpybot – Search & DestroyTeaTimer.exe
    C:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe
    C:Program FilesDigital Line DetectDLG.exe
    C:Program FilesToshibaBluetooth Toshiba StackTosA2dp.exe
    C:Program FilesHamachihamachi.exe
    C:Program FilesToshibaBluetooth Toshiba StackTosBtHsp.exe
    C:WINDOWSsystem32basfipm.exe
    C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
    C:Program FilesDellNICCONFIGSVCNICCONFIGSVC.exe
    C:Program FilesIntelWirelessBinRegSrvc.exe
    C:WINDOWSsystem32svchost.exe
    C:Program FilesRealVNCWinVNCWinVNC.exe
    C:Program FilesCompact Wireless-G USB Adapter Wireless Network MonitorWLService.exe
    C:Program FilesCompact Wireless-G USB Adapter Wireless Network MonitorWUSB54GC.exe
    C:DOCUMENTS AND SETTINGSADMINISTRATORDESKTOPPROCEXP.EXE
    C:WINDOWSsystem32notepad.exe
    C:Program FilesMozilla Firefoxfirefox.exe
    C:WINDOWSsystem32mstsc.exe
    C:Program FilesInternet ExplorerIEXPLORE.EXE
    C:Program FilesTrend MicroHijackThisHijackThis.exe

    R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 – HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 – BHO: AcroIEHlprObj Class – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
    O2 – BHO: Spybot-S&D IE Protection – {53707962-6F74-2D53-2644-206D7942484F} – C:PROGRA~1SPYBOT~1SDHelper.dll
    O2 – BHO: (no name) – {de9f9b1a-90eb-482f-99f1-4e28470171d5} – (no file)
    O4 – HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe
    O4 – HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
    O4 – HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavaj2re1.4.2_03binjusched.exe
    O4 – HKLM..Run: [SynTPLpr] C:Program FilesSynapticsSynTPSynTPLpr.exe
    O4 – HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
    O4 – HKLM..Run: [IntelWireless] C:Program FilesIntelWirelessBinifrmewrk.exe /tf Intel PROSet/Wireless
    O4 – HKLM..Run: [Dell QuickSet] C:Program FilesDellQuickSetquickset.exe
    O4 – HKLM..Run: [WinVNC] “C:Program FilesRealVNCWinVNCWinVNC.exe” -servicehelper
    O4 – HKLM..Run: [TkBellExe] “C:Program FilesCommon FilesRealUpdate_OBrealsched.exe” -osboot
    O4 – HKLM..Run: [IntelliPoint] “C:Program FilesMicrosoft IntelliPointpoint32.exe”
    O4 – HKLM..Run: [QuickTime Task] “C:Program FilesQuickTimeqttask.exe” -atboottime
    O4 – HKLM..RunOnce: [SpybotDeletingA8292] command /c del “C:WINDOWSsystem32driverscore.cache.dsk”
    O4 – HKLM..RunOnce: [SpybotDeletingC6275] cmd /c del “C:WINDOWSsystem32driverscore.cache.dsk”
    O4 – HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
    O4 – HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot – Search & DestroyTeaTimer.exe
    O4 – Startup: hamachi.lnk = C:Program FilesHamachihamachi.exe
    O4 – Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
    O4 – Global Startup: Bluetooth Manager.lnk = ?
    O4 – Global Startup: Digital Line Detect.lnk = ?
    O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
    O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:Program FilesJavaj2re1.4.2_03binnpjpi142_03.dll
    O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:Program FilesJavaj2re1.4.2_03binnpjpi142_03.dll
    O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
    O9 – Extra button: (no name) – {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} – C:PROGRA~1SPYBOT~1SDHelper.dll
    O9 – Extra ‘Tools’ menuitem: Spybot – Search & Destroy Configuration – {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} – C:PROGRA~1SPYBOT~1SDHelper.dll
    O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:WINDOWSNetwork Diagnosticxpnetdiag.exe
    O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:WINDOWSNetwork Diagnosticxpnetdiag.exe
    O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:Program FilesMessengermsmsgs.exe
    O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:Program FilesMessengermsmsgs.exe
    O14 – IERESET.INF: START_PAGE_URL=http://www.thomashospital.com/
    O16 – DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) –
    O16 – DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) – http://lads.myspace.com/upload/MySpaceUploader1005.cab
    O17 – HKLMSystemCCSServicesTcpipParameters: Domain = admin
    O17 – HKLMSoftware..Telephony: DomainName = admin
    O17 – HKLMSystemCS1ServicesTcpipParameters: Domain = admin
    O17 – HKLMSystemCS3ServicesTcpipParameters: Domain = admin
    O23 – Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) – Broadcom Corp. – C:WINDOWSsystem32basfipm.exe
    O23 – Service: EvtEng – Intel Corporation – C:Program FilesIntelWirelessBinEvtEng.exe
    O23 – Service: Microsoft cache control (MSControlService) – Unknown owner – C:WINDOWSsystem32windows (file missing)
    O23 – Service: NICCONFIGSVC – Dell Inc. – C:Program FilesDellNICCONFIGSVCNICCONFIGSVC.exe
    O23 – Service: RegSrvc – Intel Corporation – C:Program FilesIntelWirelessBinRegSrvc.exe
    O23 – Service: Spectrum24 Event Monitor (S24EventMonitor) – Intel Corporation – C:Program FilesIntelWirelessBinS24EvMon.exe
    O23 – Service: VNC Server (winvnc) – RealVNC Ltd. – C:Program FilesRealVNCWinVNCWinVNC.exe
    O23 – Service: WLANKEEPER – Intel® Corporation – C:Program FilesIntelWirelessBinWLKeeper.exe
    O23 – Service: WUSB54GCSVC – GEMTEKS – C:Program FilesCompact Wireless-G USB Adapter Wireless Network MonitorWLService.exe

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.