wonder if you can possibly help. I have a problem with IE6 in that whenever I connect to the internet I find that my homepage cannot be displayed.
On looking at the internet settings my hompage had been greyed out (which made me think of malware). I ran spybot to no avail, same with adware.
I ran Browser Hijack Restore from Major Geeks and that freed up the ability to change my homepage but didn't allow the page to load.
I am running Zone Labs with antivirus but the problem persists even when this is shut off.
I am hamstrung at the moment at the moment since I cannot download patches and such (my internet connection is seemingly unavailable). I have been using a second hard drive in my machine to download the above software and burning to cd to copy across to the original offending hard drive. My time is being eaten up!
One thing that has changed (though not sure exactly why) is that originally the internet connection was showing many packets sent and received, even though I couldn't use the connection. Since freeing the homepage there are what I would say are the right packets being sent and received (the numbers don't change when the link is sitting there idle).
My hijack this log is as below, really hope you guys can help!
Logfile of HijackThis v1.99.1
Scan saved at 21:10:45, on 30/07/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\WINNT\System32\ZoneLabs\isafe.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\WINNT\System32\svchost.exe
c:\mysql\bin\mysqld-nt.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\ZONELABS\vsmon.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINNT\System32\taskmgr.exe
C:\Program Files\Zamaan's Software\Browser Hijack Retaliator 3\BHR3.exe
C:\SUSPEC~1\WinZip\winzip32.exe
C:\DOCUME~1\RAYBRO~1\LOCALS~1\Temp\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{A1E8C23C-51DE-4E06-ABB3-52828CF72A48}: NameServer = 195.92.195.95 195.92.195.94
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = UK.BA.COM,BAPLC.COM
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = UK.BA.COM,BAPLC.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = UK.BA.COM,BAPLC.COM
O23 - Service: Apache - Unknown owner - C:\Program Files\Apache Group\Apache\Apache.exe" --ntservice (file missing)
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINNT\System32\ZoneLabs\isafe.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: MySql - Unknown owner - c:\mysql\bin\mysqld-nt (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZONELABS\vsmon.exe