I am having problems opening up internet explorer I click on the icon and about 5 minutes later I get them to open up, If I click it 10X then 10 of them will open 5 minutes later. I am also having pop-ups etc. I have run Ad-aware 6.1 and spybot search and destroy. S&D finds nothing and ad-aware finds a few things that I erase and then I will run it again later and there are more maybe the same ones? Here is a highjack this log Please Help I have no Idea Thanks Ryun
Logfile of HijackThis v1.99.1
Scan saved at 11:28:34 AM, on 7/28/2005
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\hkcmd.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Ahead\NEROPH~2\data\xtras\mssysmgr.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\PROGRA~1\WINZIP\wzqkpick.exe
C:\Program Files\aeic\wcme.exe
C:\WINNT\system32\r?ndll.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Yahoo!\YOP\yop.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
O1 - Hosts: (null) onlineaccounts2.abbeynational.co.uk
O1 - Hosts: (null) www3.aibgbonline.co.uk
O1 - Hosts: (null) www.bank.alliance-leicester.co.uk
O1 - Hosts: (null) login.iblogin.com
O1 - Hosts: (null) ww2.bankofscotlandhalifax-online.co.uk
O1 - Hosts: (null) inet.barclays.co.uk
O1 - Hosts: (null) iibank.barclays.co.uk
O1 - Hosts: (null) iibank.cahoot.com
O1 - Hosts: (null) www3.coventrybuildingsociety.co.uk
O1 - Hosts: (null) ww.hsbc.co.uk
O1 - Hosts: (null) login.ebank.offshore.hsbc.co.je
O1 - Hosts: (null) ww3.online-offshore.lloydstsb.com
O1 - Hosts: (null) ww3.online-business.lloydstsb.co.uk
O1 - Hosts: (null) ww3.online.lloydstsb.co.uk
O1 - Hosts: (null) ww3.online.lloydstsb.co.uk
O1 - Hosts: (null) ww3.online-business.lloydstsb.co.uk
O1 - Hosts: (null) ob2.nationet.com
O1 - Hosts: (null) ww3.onlinebanking.natwestoffshore.com
O1 - Hosts: (null) ww1.nwolb.com
O1 - Hosts: (null) ww1.onlinebanking.iombank.com
O1 - Hosts: (null) ww1.www.rbsdigital.com
O1 - Hosts: (null) welcome.smile.co.uk
O1 - Hosts: (null) login.365online.com
O1 - Hosts: (null) wvw.citizensbankonline.com
O1 - Hosts: (null) esecure.regionsnet.com
O1 - Hosts: (null) rollb.associatedbank.com
O1 - Hosts: (null) upb.unionplanters.com
O1 - Hosts: (null) www.onlinebanking.huntington.com
O1 - Hosts: (null) inet.southtrustonlinebanking.com
O1 - Hosts: (null) logon.personal.wamu.com
O1 - Hosts: (null) login.compassweb.com
O1 - Hosts: (null) logon.firstmeritib.com
O1 - Hosts: (null) login.ccfcuonline.org
O1 - Hosts: (null) ww3.etimebanker.bankofthewest.com
O1 - Hosts: (null) ww2.onlinebanking.lasallebank.com
O1 - Hosts: (null) wvw.totallyfreebanking.com
O1 - Hosts: (null) www.online.wellsfargo.com
O1 - Hosts: (null) www.onlinebanking.bankofoklahoma.com
O1 - Hosts: (null) accounts4.keybank.com
O1 - Hosts: (null) logon.bankone.com
O1 - Hosts: (null) www.secure.tdbanknorth.com
O1 - Hosts: (null) www.secure.mvnt4.com
O1 - Hosts: (null) ww.mynfbonline.com
O1 - Hosts: (null) login.forumcuonline.com
O1 - Hosts: (null) www.eds.usersonlnet.com
O1 - Hosts: (null) www.onlineid.bankofamerica.com
O1 - Hosts: (null) wvw.e-gold.com
O1 - Hosts: (null) pcbs.peoples.com
O1 - Hosts: (null) www.global1.onlinebank.com
O1 - Hosts: (null) ww2.mybranch.lafcu.com
O1 - Hosts: (null) login.webbanking.comerica.com
O1 - Hosts: (null) web.banking.firsttennessee.com
O1 - Hosts: (null) logon.members1st.org
O1 - Hosts: (null) www.cib.ibanking-services.com
O1 - Hosts: (null) www.miwebbusbank.ebanking-services.com
O1 - Hosts: (null) wvw.paypal.com
O1 - Hosts: (null) www.signin.ebay.com
O1 - Hosts: (null) wvw.etrade.com
O1 - Hosts: (null) ww4.fleethomelink.fleet.com
O1 - Hosts: (null) ww3.connect.skyfi.com
O1 - Hosts: (null) www6.usbank.com
O1 - Hosts: (null) www.bvi.bancodevalencia.es
O1 - Hosts: (null) extrant.banesto.es
O1 - Hosts: (null) banesnt.banesto.es
O1 - Hosts: (null) activia.caixagalicia.es
O1 - Hosts: (null) www.bancae.caixapenedes.com
O1 - Hosts: (null) login.caixasabadell.net
O1 - Hosts: (null) oii.cajamadrid.es
O1 - Hosts: (null) login.cajamar.es
O1 - Hosts: (null) login.ccm.es
O1 - Hosts: (null) ww.unicaja.es
O1 - Hosts: (null) www5.bancopopular.es
O1 - Hosts: (null) ww3.bbvanet.com
O1 - Hosts: (null) ww.bayernlb.de
O1 - Hosts: (null) ww2.berliner-volksbank.de
O1 - Hosts: (null) ww7.homebanking-berlin.de
O1 - Hosts: (null) portal09.commerzbanking.de
O1 - Hosts: (null) www.meine.deutsche-bank.de
O1 - Hosts: (null) ww2.dresdner-privat.de
O1 - Hosts: (null) ww.e-banking.helaba.de
O1 - Hosts: (null) ww.hsh-nordbank.de
O1 - Hosts: (null) www.my.hypovereinsbank.de
O1 - Hosts: (null) ww3.homebanking-berlin.de
O1 - Hosts: (null) ww3.homebanking-berlin.de
O1 - Hosts: (null) www.banking.lbbw.de
O1 - Hosts: (null) lrp.sparkasse-banking.de
O1 - Hosts: (null) ww3.homebanking-niedersachsen.de
O1 - Hosts: (null) www.onlinebanking.norisbank.de
O1 - Hosts: (null) www.banking.postbank.de
O1 - Hosts: (null) wvw.internetbanking.gad.de
O1 - Hosts: (null) ww1.portal.izb.de
O1 - Hosts: (null) wvw.kunden-service.lbs.de
O1 - Hosts: (null) ibanking.seb.de
O1 - Hosts: (null) bw7.sparkasse-banking.de
O1 - Hosts: (null) ww2.homebanking-sparkasse.de
O1 - Hosts: (null) ww2.vr-networld-ebanking.de
O1 - Hosts: (null) ww.bics.fr
O1 - Hosts: (null) www.co.caixabank.fr
O1 - Hosts: (null) ww.creditmutuel.fr
O1 - Hosts: (null) internetbank.intesabci.it
O1 - Hosts: (null) ww.extensive.bancalombarda.it
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: HPOVASMD.BrowserSensor - {04047354-D353-11D2-B3EB-0060B03C5581} - C:\WINNT\Downloaded Program Files\hpBrSn24.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Msxml32DOMDocument Class - {6E28339B-7A2A-47B6-AEB2-46BA53782379} - C:\WINNT\System32\dllcache\msxml32.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\xtras\mssysmgr.exe
O4 - HKCU\..\Run: [Crtp] C:\Program Files\aeic\wcme.exe
O4 - HKCU\..\Run: [Kaiw] C:\WINNT\System32\r?ndll.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O16 - DPF: {04047354-D353-11D2-B3EB-0060B03C5581} (HPOVASMD.BrowserSensor) - https://dealerconnect.chrysler.com/wto/plugin/hpBrSn.cab
O16 - DPF: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} (WXcom Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/controls/ysftcntr/ysftcntr_current.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4053/ftp.coupons.com/r3302/cpbrkpie.cab
O16 - DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} (WWSpades Control) - http://www.worldwinner.com/games/v45/wwspades/wwspades.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E46192D8-0F5A-43EE-9223-F58BE7AEE625}: NameServer = 209.244.0.3 209.244.0.4
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe