| Computing.Net: Over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to sign up now, it's free! |
IE 6.0 problem
|
Original Message
|
Name: dd2maker
Date: December 29, 2003 at 06:41:28 Pacific
Subject: IE 6.0 problemOS: win 2003 serverCPU/Ram: P IV 2.4/1G |
Comment: need help for following problems:
can't got some secure pages like hotmail login and some pages display nothing.
also I did Adware and Spywarebod updating and scanning, nothing found.
i got HijackThis log below:
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\The Cleaner\tca.exe
C:\Program Files\The Cleaner\tcm.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe
C:\My download\HijackThis.exe O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O4 - HKLM\..\Run: [tcactive] C:\Program Files\The Cleaner\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\Program Files\The Cleaner\tcm.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/2499d0bf3d7361174b20/netzip/RdxIE601.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = noviant.com
O17 - HKLM\Software\..\Telephony: DomainName = noviant.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FB88D04-126F-403A-A36F-DBB91A15379E}: NameServer = 216.211.192.2,216.211.192.6
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = noviant.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = noviant.com
Report Offensive Message For Removal
|
|
Response Number 1
|
Name: safeTsurfa
Date: December 29, 2003 at 10:53:45 Pacific
|
Reply: (edit)From your logs, disable the following as they are totally unnecessary and sucking resources:
C:\Program Files\Common Files\Real\Update_OB\realsched.exe O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE If you haven't already done so, I also recommend you disable the FindFast indexer in Office, as that is completely obsolete and the worst hog of all. As to your immediate problem, did you check HOSTS, cookie permissions, firewall configuration and rules, IE6's Privacy and Security settings?
 Report Offensive Follow Up For Removal
|
|
Response Number 2
|
Name: dd2maker
Date: December 29, 2003 at 19:04:58 Pacific
|
Reply: (edit)thanks safeTsurfa, I checked hosts file and I found list like these ( part of them below:) 127.0.0.1 100.6.87.194.dynamic.dol.ru
127.0.0.1 1000stars.ru
127.0.0.1 101.6.87.194.dynamic.dol.ru
127.0.0.1 102.6.87.194.dynamic.dol.ru
127.0.0.1 103.6.87.194.dynamic.dol.ru
127.0.0.1 104.6.87.194.dynamic.dol.ru
127.0.0.1 a192-232-16-66.deploy.akamaitechnologies.com
127.0.0.1 a192-232-16-67.deploy.akamaitechnologies.com
127.0.0.1 a192-232-16-68.deploy.akamaitechnologies.com
127.0.0.1 a192-232-16-69.deploy.akamaitechnologies.com
127.0.0.1 a192-232-16-70.deploy.akamaitechnologies.com
127.0.0.1 a2.g.akamai.net
127.0.0.1 a2.g.akamaitech.net are these wrong?
also,how can I disable those files as your description. thanks.
Report Offensive Follow Up For Removal
|
|
Response Number 3
|
Name: safeTsurfa
Date: December 30, 2003 at 06:46:29 Pacific
|
Reply: (edit)Most of what I said to disable can be done using the settings in their program, others by modifying MSconfig using Run > MSCONFIG then use the startup tab to disable selected services and run at startups. As for the hosts file, all looks good. Although sometimes you will need akamaitechnologies enabled for such things as program updates (I believe MS use them for certain services) and downloads. To do this, simply place Hash+space (# ) in front of the 127.0.0.1 to comment out the required line so it is skipped by the browser check.
Report Offensive Follow Up For Removal
|
Post Locked
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
Go to Security and Virus Forum Home
