|
| If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|||||||
|
|
Thread Tools | Display Modes |
|
#1
July 18th 04, 07:33 PM
|
|||
|
|||
Internet Explorer
Cannot open browser.
Get message 'Explorer has caused an error in unknown. Explorer will now close.' Reinstalled service pack 6. Ran spybot and norton system works windoc and diskdoc. Any advice would be welcome. 
|
|
#2
July 18th 04, 07:48 PM
|
|||
|
|||
|
Internet Explorer
Explorer errors in unknown are nearly always the result of having unwanted
malware on the system, often a parasite of some form. This might be a good time to download yourself a copy of the free Ad-Aware 6.0 from Lavasoft (http://www.lavasoftusa.com/software/adaware/) and also SpyBot Search & Destroy (http://www.safer-networking.org/) and use them to check your system for other commercial parasites remembering that they are only as good as when you last updated their reference files. I also use a program called BHODemon (http://www.definitivesolutions.com/bhodemon.htm that checks for unwanted Browser Help Objects and SpywareBlaster (http://www.wilderssecurity.net/spywareblaster.html) which can help prevent some parasites getting a grip on your PC. Just is case the problem is due to a new version of the CoolWebSearch parasite you might want to download and run the CWShredder which targets that specific parasite. Unfortunately neither AdAware or SpyBot seem to be able as yet to fully detect all the various versions of the CoolWebSearch parasite as it keeps changing. For more details of the CoolWebSearch parasite see http://www.spywareinfo.com/~merijn/cwschronicles.html. CWShredder, merijn's removal tool, can be downloaded from either: http://www.zerosrealm.com/downloads/CWShredder.zip or http://www.spywareinfo.com/~merijn/files/cwshredder.zip Finally if you still continue to experience problems download a copy of HijackThis from (http://www.spywareinfo.com/~merijn/downloads.html). Create a folder called hijackthis on C: and copy the file you downloaded to that folder. Close as many applications as you can including all instances of Internet Explorer and then run hijackthis.exe and post back the log, provided that it isn't too long, to this thread, otherwise to the HijackThis Forum at http://forums.spywareinfo.com/ or alternatively http://forum.aumha.org/viewforum.php?f=30 and hopefully this will enable someone to identify the cause of your problem. See also: Dealing with Unwanted Malware, Parasites, Toolbars and Search Engines http://mvps.org/winhelp2002/unwanted.htm and also Browser Hijacking http://www.spywareinfo.com/articles/hijacked/ --? Mike Maltby MS-MVP Jeff H wrote: Cannot open browser. Get message 'Explorer has caused an error in unknown. Explorer will now close.' Reinstalled service pack 6. Ran spybot and norton system works windoc and diskdoc. Any advice would be welcome.
|
|
#3
July 18th 04, 09:36 PM
|
|||
|
|||
|
Internet Explorer
Thanks for the feedback. I ran Ad Aware and deleted about
92 items. Spybot Search and Destroy removed another item or two. BHO demon identified a couple BHO's that they hadn't seen before. These are pasted below. BHODemon 2.0.0.13 Report File: C:\My Documents\addsx32_BHODemonInfo.txt Clsid: {97ABD58E-49D9-85CF-3F16-AC9529E45433} DLL Path: C:\WINDOWS\SYSTEM\addsx32.dll Modified Date: Thursday, June 24, 2004 09:28:46 Created Date: Thursday, June 24, 2004 09:28:45 Enabled?: Yes Size (bytes): 91,136 MD5 Checksum: 2123fcefa87ff536d13d5dfb73232b6f Status: Unknown BHODemon 2.0.0.13 Report File: C:\My Documents\{52CF3EB4-FD29-DF6D-430F-8C449DA50F02}_BHODemonInfo.txt Clsid: {52CF3EB4-FD29-DF6D-430F-8C449DA50F02} Enabled?: Yes Status: Unknown HiJack This provided the following list. Since i didn't know what was 'too long' I am pasting below. IE still won't open with the same 'unknown' error message. If you think this was too much stuff, I'll use the other route you recommended. Logfile of HijackThis v1.98.0 Scan saved at 4:25:08 PM, on 7/18/2004 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\PCTVOICE.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVAPW32.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\WINDOWS\SYSTEM\LEXBCES.EXE C:\PROGRAM FILES\VISIONEER ONETOUCH\ONETOUCHMON.EXE C:\WINDOWS\LOADQM.EXE C:\WINDOWS\SYSTEM\RPCSS.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM\QTTASK.EXE C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE C:\PROGRAM FILES\BHODEMON 2\BHODEMON.EXE C:\PROGRAM FILES\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =3D http://desktop.presario.net/scripts/...edir.dll?c=3D= 3c00&s=3Dconsumer&LC=3D0409 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =3D http://g.msn.es/0SEESES/SAOS01 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =3D http://search.presario.net/scripts/r...edir.dll?c=3D= 3c00&s=3Dsearchbar&LC=3D0409 R3 - Default URLSearchHook is missing N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.msn.com"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\g5jt0t1o.slt\prefs.j s) N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csea rchplugins%5C= SBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\g5jt0t1o.slt\prefs.j s) O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: (no name) - {52CF3EB4-FD29-DF6D-430F-8C449DA50F02} - (no file) O2 - BHO: Class - {97ABD58E-49D9-85CF-3F16-AC9529E45433} - C:\WINDOWS\SYSTEM\ADDSX32.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [PCTVOICE] pctvoice.exe O4 - HKLM\..\Run: [LexStart] Lexstart.exe O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\NORTON~1\NAVAPW32.EXE O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\nprotect.exe O4 - HKLM\..\Run: [OneTouch Monitor] C:\PROGRA~1\VISION~1\ONETOU~2.EXE O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\nprotect.exe O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks" O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE" O4 - Startup: Compaq Knowledge Center.lnk.disabled O4 - Startup: PTP Manager.lnk.disabled O4 - Startup: Image Transfer.lnk.disabled O4 - Startup: BHODemon 2.0.lnk =3D C:\Program Files\BHODemon 2\BHODemon.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE10\EXCEL.EXE/3000 O9 - Extra button: Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= avbabelfish&c=3D3c00&LC=3D0409 (file missing) O9 - Extra 'Tools' menuitem: AV &Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= avbabelfish&c=3D3c00&LC=3D0409 (file missing) O9 - Extra button: (no name) - {06FE5D02-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= avlinksearch&c=3D3c00&LC=3D0409 (file missing) O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL - {06FE5D02-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= avlinksearch&c=3D3c00&LC=3D0409 (file missing) O9 - Extra button: (no name) - {06FE5D03-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= avhostsearch&c=3D3c00&LC=3D0409 (file missing) O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host - {06FE5D03-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= avhostsearch&c=3D3c00&LC=3D0409 (file missing) O9 - Extra button: (no name) - {06FE5D04-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= altavista&c=3D3c00&LC=3D0409 (file missing) O9 - Extra 'Tools' menuitem: AV Live - {06FE5D04-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= altavista&c=3D3c00&LC=3D0409 (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=3D O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O16 - DPF: {BD11A280-2E73-11CF-B6CF-00C0C0C0CDDD} - http://213.150.35.16/dialer/de/dac631.cab O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://help.rr.com/Foundrysdccommon/...ad/tgctlar.cab O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/...apple.com/aba= rth/us/win/QuickTimeInstaller.exe O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab O18 - Protocol: relatedlinks - {CD8D1CAA-FE4A-45DF-A06C-028AAF1821DE} - (no file) O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - (no file) O21 - SSODL: AUHook - {BCBCD383-3E06-11D3-91A9-00C04F68105C} - C:\WINDOWS\SYSTEM\AUHOOK.DLL -----Original Message----- Explorer errors in unknown are nearly always the result of having unwanted malware on the system, often a parasite of some form. This might be a good time to download yourself a copy of the free Ad-Aware 6.0 from Lavasoft (http://www.lavasoftusa.com/software/adaware/) and also SpyBot Search & Destroy (http://www.safer-networking.org/) and use them to check your system for other commercial parasites remembering that they are only as good as when you last updated their reference files. I also use a program called BHODemon (http://www.definitivesolutions.com/bhodemon.htm that checks for unwanted Browser Help Objects and SpywareBlaster (http://www.wilderssecurity.net/spywareblaster.html) which can help prevent some parasites getting a grip on your PC. Just is case the problem is due to a new version of the CoolWebSearch parasite you might want to download and run the CWShredder which targets that specific parasite. Unfortunately neither AdAware or SpyBot seem to be able as yet to fully detect all the various versions of the CoolWebSearch parasite as it keeps changing. For more details of the CoolWebSearch parasite see http://www.spywareinfo.com/~merijn/cwschronicles.html. CWShredder, merijn's removal tool, can be downloaded from either: http://www.zerosrealm.com/downloads/CWShredder.zip or http://www.spywareinfo.com/~merijn/files/cwshredder.zip Finally if you still continue to experience problems download a copy of HijackThis from (http://www.spywareinfo.com/~merijn/downloads.html). Create a folder called hijackthis on C: and copy the file you downloaded to that folder. Close as many applications as you can including all instances of Internet Explorer and then run hijackthis.exe and post back the log, provided that it isn't too long, to this thread, otherwise to the HijackThis Forum at http://forums.spywareinfo.com/ or alternatively http://forum.aumha.org/viewforum.php?f=3D30 and hopefully this will enable someone to identify the cause of your problem. See also: Dealing with Unwanted Malware, Parasites, Toolbars and Search Engines http://mvps.org/winhelp2002/unwanted.htm and also Browser Hijacking http://www.spywareinfo.com/articles/hijacked/ --=81 Mike Maltby MS-MVP Jeff H wrote: Cannot open browser. Get message 'Explorer has caused an error in unknown. Explorer will now close.' Reinstalled service pack 6. Ran spybot and norton system works windoc and diskdoc. Any advice would be welcome.=20 .
|
|
#5
July 18th 04, 11:15 PM
|
|||
|
|||
|
Internet Explorer
Mike, thank you for your kind assistance. I posted on the
'hijack this' forum as well. You told me the same things that they did. I removed the offending items and IE now starts up for me. It was really nice to get a prompt response from this post as well as the other. =20 -----Original Message----- Jeff, As I possibly mentioned this isn't really the best place for deep analysis of=20 such posts so will only make a few comments: BHODemon: I'd certainly disable addsx32.dll if you have not already done so. Likewise the reference to {52CF3EB4-FD29-DF6D-430F-8C449DA50F02} although=20 there appears to be no file involved. HijackThis: I don't think you want O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - (no file) You seem to have removed the associated file (msopt.dll and ) but is I think=20 part of the CoolWebSearch parasite. I'd also remove O18 - Protocol: relatedlinks - {CD8D1CAA-FE4A-45DF-A06C-028AAF1821DE} - (no file) I also don't like the look of O16 - DPF: {BD11A280-2E73-11CF-B6CF-00C0C0C0CDDD} - http://213.150.35.16/dialer/de/dac631.cab I hope this is of some help and that you can resolve your problem and get rid=20 of the message 'Explorer has caused an error in unknown. Explorer will now=20 close.' Regards, --=20 Mike Maltby MS-MVP Jeff H wrote: Thanks for the feedback. I ran Ad Aware and deleted about 92 items. Spybot Search and Destroy removed another item or two. BHO demon identified a couple BHO's that they hadn't seen before. These are pasted below. BHODemon 2.0.0.13 Report File: C:\My Documents\addsx32_BHODemonInfo.txt Clsid: {97ABD58E-49D9-85CF-3F16-AC9529E45433} DLL Path: C:\WINDOWS\SYSTEM\addsx32.dll Modified Date: Thursday, June 24, 2004 09:28:46 Created Date: Thursday, June 24, 2004 09:28:45 Enabled?: Yes Size (bytes): 91,136 MD5 Checksum: 2123fcefa87ff536d13d5dfb73232b6f Status: Unknown BHODemon 2.0.0.13 Report File: C:\My Documents\{52CF3EB4-FD29-DF6D-430F-8C449DA50F02}_BHODemonInfo.txt Clsid: {52CF3EB4-FD29-DF6D-430F-8C449DA50F02} Enabled?: Yes Status: Unknown HiJack This provided the following list. Since i didn't know what was 'too long' I am pasting below. IE still won't open with the same 'unknown' error message. If you think this was too much stuff, I'll use the other route you recommended. Logfile of HijackThis v1.98.0 Scan saved at 4:25:08 PM, on 7/18/2004 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\PCTVOICE.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVAPW32.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\WINDOWS\SYSTEM\LEXBCES.EXE C:\PROGRAM FILES\VISIONEER ONETOUCH\ONETOUCHMON.EXE C:\WINDOWS\LOADQM.EXE C:\WINDOWS\SYSTEM\RPCSS.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM\QTTASK.EXE C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE C:\PROGRAM FILES\BHODEMON 2\BHODEMON.EXE C:\PROGRAM FILES\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =3D http://desktop.presario.net/scripts/...edir.dll?c=3D= 3c00&s=3Dconsumer&LC=3D0409 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =3D http://g.msn.es/0SEESES/SAOS01 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =3D http://search.presario.net/scripts/r...edir.dll?c=3D= 3c00&s=3Dsearchbar&LC=3D0409 R3 - Default URLSearchHook is missing N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.msn.com"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\g5jt0t1o.slt\prefs.j s) N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csea rchplugins%5C= SBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\g5jt0t1o.slt\prefs.j s) O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: (no name) - {52CF3EB4-FD29-DF6D-430F-8C449DA50F02} - (no file) O2 - BHO: Class - {97ABD58E-49D9-85CF-3F16-AC9529E45433} - C:\WINDOWS\SYSTEM\ADDSX32.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [PCTVOICE] pctvoice.exe O4 - HKLM\..\Run: [LexStart] Lexstart.exe O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\NORTON~1\NAVAPW32.EXE O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\nprotect.exe O4 - HKLM\..\Run: [OneTouch Monitor] C:\PROGRA~1\VISION~1\ONETOU~2.EXE O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\nprotect.exe O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks" O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE" O4 - Startup: Compaq Knowledge Center.lnk.disabled O4 - Startup: PTP Manager.lnk.disabled O4 - Startup: Image Transfer.lnk.disabled O4 - Startup: BHODemon 2.0.lnk =3D C:\Program Files\BHODemon 2\BHODemon.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE10\EXCEL.EXE/3000 O9 - Extra button: Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= avbabelfish&c=3D3c00&LC=3D0409 (file missing) O9 - Extra 'Tools' menuitem: AV &Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= avbabelfish&c=3D3c00&LC=3D0409 (file missing) O9 - Extra button: (no name) - {06FE5D02-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= avlinksearch&c=3D3c00&LC=3D0409 (file missing) O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL - {06FE5D02-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= avlinksearch&c=3D3c00&LC=3D0409 (file missing) O9 - Extra button: (no name) - {06FE5D03-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= avhostsearch&c=3D3c00&LC=3D0409 (file missing) O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host - {06FE5D03-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= avhostsearch&c=3D3c00&LC=3D0409 (file missing) O9 - Extra button: (no name) - {06FE5D04-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= altavista&c=3D3c00&LC=3D0409 (file missing) O9 - Extra 'Tools' menuitem: AV Live - {06FE5D04-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/r...edir.dll?s=3D= altavista&c=3D3c00&LC=3D0409 (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=3D O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab O16 - DPF: {BD11A280-2E73-11CF-B6CF-00C0C0C0CDDD} - http://213.150.35.16/dialer/de/dac631.cab O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://help.rr.com/Foundrysdccommon/...ad/tgctlar.cab O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/...apple.com/aba= rth/us/win/QuickTimeInstaller.exe O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab O18 - Protocol: relatedlinks - {CD8D1CAA-FE4A-45DF-A06C-028AAF1821DE} - (no file) O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - (no file) O21 - SSODL: AUHook - {BCBCD383-3E06-11D3-91A9-00C04F68105C} - C:\WINDOWS\SYSTEM\AUHOOK.DLL .
|
|
#6
July 18th 04, 11:54 PM
|
|||
|
|||
|
Internet Explorer
Jeff,
Thanks for the feedback but remember that it was you who did the hard work. :-) All I and those at the HijackThis forum did was point you in the right direction. Regards, -- Mike Maltby MS-MVP Jeff H wrote: Mike, thank you for your kind assistance. I posted on the 'hijack this' forum as well. You told me the same things that they did. I removed the offending items and IE now starts up for me. It was really nice to get a prompt response from this post as well as the other.
|
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Internet Explorer 6, pooner.a virus + other headaches | JustME | Internet | 1 | July 16th 04 12:57 PM |
| Intermittent Internet Explorer Performance | Xtra_Zero | Improving Performance | 0 | June 23rd 04 09:34 PM |
| Internet Explorer problem | Francis Marsden | General | 8 | June 15th 04 07:59 PM |
| PLEASE HELP ME! - error in internet explorer, internet explorer will now close! | bdmeekin | Software & Applications | 6 | May 30th 04 01:49 AM |
| Intermittent Internet Explorer performance | Xtra_Zero | Improving Performance | 0 | May 27th 04 06:13 AM |
Linear Mode
