internet explorer se zapira

Imam XP-je in Internet explorer 6.0.
Vedno ko kliknem na eno stran – kot naprimer
se mi Internet explorer zapre. Saj z večino strani ni problemov, nekatere, ki jih najdem na googlu pa nikakor ne morem odpreti.
kako rešit problem?

Poizkusi pobrisati začasne datoteke – orodja – internetne možnosti
brisanje datotek…

sicer pa v fire foxu dela to normalno.

Stran dela normalo tudi v IE. Res je, pobriši vse nepotrebne datoteke in kakšne scan proti nesnagi, pa bo.

Lp, Max

zbrisal sem temporary internet files, vendar problem ostaja.
Stran se mi nalaga in nato se mi IE zapre.

Pa ti javi kakšno napako, ali kaj podobnega.
Ali imaš vse popravke in SP2 instalirane, namreč meni v IE z vsemi popravki vred stran lepo prikaže..

Sem naredil Windows update, in mi je eno stvar popravilo, sicer pa imam naštimano na avtomatsko. Kater SP imam pa ne vem, ker ne znam pogledat.

Vem pa, da mi je ta stran pred kakšnim letom, še preden sem dodajal kakšne popravke v windowse delala.

Ko kliknem na povezavo se mi sicer obrne na to stran, vidim da se nekaj nalaga, vedim nekaj teksta, po kakšni sekundi ali dveh – še preden se stran naloži do konca pa vse skupaj izgine brez da bi javilo kakšno napako.

Izgleda, da je nekaj na tej strani – in tudi na nekaterih drugih straneh, kar IE ne prebavi.

No, za vsak slučaj preglej računalnik še s tem:

Da bomo vidli kaj bo…

Lp, Max

adware in spyboot redno laufam in brišem napake. In to ni rešilo problema.

hijack this mi je pa našel zdej precej stvari, vendar zdej ne vem kaj naj brišem in kaj ne.

Ma nalimaj sem tisti log, pa boš zvedel, kaj je viška.

Jp, skopiraj log od hijackthis, pa se bo videlo kaj je za stran. Verjetno kar precej stvari 🙂

Lp, Max

Evo log:

Logfile of HijackThis v1.99.1
Scan saved at 10:51:31, on 5.9.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\COSIDS\BIN\TbMux32.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\CA\eTrust\InoculateIT\InoRpc.exe
C:\Program Files\CA\eTrust\InoculateIT\InoRT.exe
C:\Program Files\CA\eTrust\InoculateIT\InoTask.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\System32\spnsrvnt.exe
C:\PROGRA~1\COSIDS\APACHE~1\APACHE\ApchT2kW.exe
C:\PROGRA~1\COSIDS\APACHE~1\APACHE\ApchT2kW.exe
C:\PROGRA~1\JAVASOFT\JRE\132E6D~1.1\bin\java.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\tp4serv.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE
C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\WINRV3E.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\BitTorrent\btdownloadgui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot – Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Download\Hijack this\HijackThis\HijackThis.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sb/*http://www.yahoo.com/search/ie.html
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://med.over.net/phorum/list.php?f=17
R3 – Default URLSearchHook is missing
O2 – BHO: Yahoo! Companion BHO – {02478D38-C3F9-4efb-9B51-7695ECA05670} – C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 – BHO: AcroIEHlprObj Class – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: WebCGMHlprObj Class – {56B38F40-4E70-11d4-A076-0080AD86BA2F} – C:\WINDOWS\cgmopenbho.dll
O2 – BHO: (no name) – {5B80C35F-52BF-514B-C17D-7A157412E399} – C:\WINDOWS\System32\htu.dll (file missing)
O2 – BHO: (no name) – {7EDC1489-D260-D991-4B30-DB38053C9190} – C:\WINDOWS\System32\trwzpybv.dll
O2 – BHO: (no name) – {E85F58C5-E2B2-8040-BB31-A3C07B0E22C1} – C:\WINDOWS\system32\apifn.dll (file missing)
O3 – Toolbar: &Radio – {8E718888-423F-11D2-876E-00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 – HKLM\..\Run: [TrackPointSrv] tp4serv.exe
O4 – HKLM\..\Run: [TP4EX] tp4ex.exe
O4 – HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 – HKLM\..\Run: [QCTRAY] C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE
O4 – HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 – HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 – HKLM\..\Run: [TkBellExe] “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 – HKLM\..\Run: [CloneCDTray] “C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe” /s
O4 – HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\eTrust\INOCUL~1\realmon.exe -s
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 – HKLM\..\Run: [Wdrvfig7] C:\WINDOWS\WINRV3E.EXE
O4 – HKCU\..\Run: [MsnMsgr] “C:\Program Files\MSN Messenger\MsnMsgr.Exe” /background
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O6 – HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 – HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 – HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 – HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra ‘Tools’ menuitem: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O12 – Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 – Trusted Zone: *.05p.com
O15 – Trusted Zone: *.awmdabest.com
O15 – Trusted Zone: *.clickspring.net
O15 – Trusted Zone: *.iframedollars.biz
O15 – Trusted Zone: http://mitglied.lycos.de
O15 – Trusted Zone: *.mt-download.com
O15 – Trusted Zone: *.my-internet.info
O15 – Trusted Zone: *.scoobidoo.com
O15 – Trusted Zone: *.searchmiracle.com
O15 – Trusted Zone: *.skoobidoo.com
O15 – Trusted Zone: *.slotchbar.com
O15 – Trusted Zone: *.windupdates.com
O15 – Trusted Zone: *.ysbweb.com
O15 – Trusted Zone: *.05p.com (HKLM)
O15 – Trusted Zone: *.awmdabest.com (HKLM)
O15 – Trusted Zone: *.clickspring.net (HKLM)
O15 – Trusted Zone: *.iframedollars.biz (HKLM)
O15 – Trusted Zone: *.mt-download.com (HKLM)
O15 – Trusted Zone: *.my-internet.info (HKLM)
O15 – Trusted Zone: *.scoobidoo.com (HKLM)
O15 – Trusted Zone: *.searchmiracle.com (HKLM)
O15 – Trusted Zone: *.skoobidoo.com (HKLM)
O15 – Trusted Zone: *.slotchbar.com (HKLM)
O15 – Trusted Zone: *.windupdates.com (HKLM)
O15 – Trusted Zone: *.ysbweb.com (HKLM)
O15 – Trusted IP range: 213.159.117.202
O15 – Trusted IP range: 213.159.117.202 (HKLM)
O16 – DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) – http://cartman/officescan/ClientInstall/WinNTChk.cab
O16 – DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupIniCtrl Class) – http://cartman/officescan/clientinstall/setupini.cab
O16 – DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) – http://cartman/officescan/clientinstall/setup.cab
O16 – DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) – http://cartman/officescan/clientinstall/RemoveCtrl.cab
O16 – DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} – http://iframedollars.biz/tb/loader2.ocx
O16 – DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 – DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) – http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 – DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) – http://www.symantec.com/techsupp/activedata/SymAData.dll
O16 – DPF: {D18B7EC3-EECA-11D3-8E71-0000E82C6C0D} – http://www.slotchbar.com/ist/softwares/remove/ist_remove.cab
O17 – HKLM\System\CCS\Services\Tcpip\Parameters: Domain = adriatic.snt.eu
O17 – HKLM\Software\..\Telephony: DomainName = adriatic.snt.eu
O17 – HKLM\System\CCS\Services\Tcpip\..\{2F05481C-9E8D-4DC7-894A-7D0122D35C99}: NameServer = 193.189.160.11 193.189.160.12
O17 – HKLM\System\CS2\Services\Tcpip\Parameters: Domain = adriatic.snt.eu
O23 – Service: Ati HotKey Poller – Unknown owner – C:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: CA License Client (CA_LIC_CLNT) – Computer Associates – C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 – Service: CA License Server (CA_LIC_SRVR) – Computer Associates – C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 – Service: COSIDS_TB – TransAction Software, D 81737 Munich – C:\PROGRA~1\COSIDS\BIN\TbMux32.exe
O23 – Service: Cisco Systems, Inc. VPN Service (CVPND) – Cisco Systems, Inc. – C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 – Service: Gear Security Service (GEARSecurity) – GEAR Software – C:\WINDOWS\System32\GEARSec.exe
O23 – Service: IBM PM Service (IBMPMSVC) – Unknown owner – C:\WINDOWS\System32\ibmpmsvc.exe
O23 – Service: eTrust Antivirus RPC Server (InoRPC) – Computer Associates International, Inc. – C:\Program Files\CA\eTrust\InoculateIT\InoRpc.exe
O23 – Service: eTrust Antivirus Realtime Server (InoRT) – Computer Associates International, Inc. – C:\Program Files\CA\eTrust\InoculateIT\InoRT.exe
O23 – Service: eTrust Antivirus Job Server (InoTask) – Computer Associates International, Inc. – C:\Program Files\CA\eTrust\InoculateIT\InoTask.exe
O23 – Service: iPod Service (iPodService) – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: Event Log Watch (LogWatch) – Computer Associates – C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 – Service: QCONSVC – Unknown owner – C:\WINDOWS\System32\QCONSVC.EXE
O23 – Service: SentinelSuperProNet Server (SuperProServer) – Unknown owner – C:\WINDOWS\System32\spnsrvnt.exe
O23 – Service: TIS 2000 Apache Web Server – Unknown owner – C:\PROGRA~1\COSIDS\APACHE~1\APACHE\ApchT2kW.exe

Po mojem skromnem mnenju, bi tale dva morala it kar ven.

O4 – HKLM\..\Run: [Wdrvfig7] C:\WINDOWS\WINRV3E.EXE
O16 – DPF: {D18B7EC3-EECA-11D3-8E71-0000E82C6C0D} – http://www.slotchbar.com/ist/softwares/remove/ist_remove.cab

Posebno WINRV3E.EXE je nevarna zadevica – poglej še v Program Files
če imaš tudi te:

keycl\keytrial.exe
keycl\readme.txt

in vse lepo zbriši. Če je potrebno, najprej pobij proces WINRV3E.EXE…

Po moje bi lahko tole brisal:

C:\WINDOWS\WINRV3E.EXE (%windir%\winrv3e.exe, winrv3e.exe is a Spyware.KeyCollect).

R3 – Default URLSearchHook is missing

O2 – BHO: (no name) – {5B80C35F-52BF-514B-C17D-7A157412E399} – C:\WINDOWS\System32\htu.dll (file missing)

O2 – BHO: (no name) – {E85F58C5-E2B2-8040-BB31-A3C07B0E22C1} – C:\WINDOWS\system32\apifn.dll (file missing)

O2 – BHO: (no name) – {7EDC1489-D260-D991-4B30-DB38053C9190} –
C:\WINDOWS\System32\trwzpybv.dll —> ne vem kaj je

O4 – HKLM\..\Run: [Wdrvfig7] C:\WINDOWS\WINRV3E.EXE

O16 – DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} – http://iframedollars.biz/tb/loader2.ocx

Bo še kdo kaj predlagal…

lp, Max

Glede brisanja WINRV3E.EXE, poglej v register, če je še kje ostal kakšen del:

Click Start > Run.

Type regedit, then click OK.

Navigate to the key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

In the right plane, delete the value:

“Wdrvfig7” = “%Windir%\WINRV3E.EXE”

Exit the Registry Editor.

Lp, Max

Sem zbrisal vse, kar sta predlagala, razen keycl\keytrial.exe in
keycl\readme.txt (to je en program ki mi včasih pride prav), vendar problem ostaja isti.

mah poglej v event viewer kaj noter piše,
oz. pregledovalnik dogodkov – kar v vse poglej, saj mora pisati kaj
ni ok.

Sem zdejle nekajkrat pognal internet explorer in hotel odpret tisto stran, in vedno se je IE zaprl. Nato sem pogledal v event viewer, vendar v nobenem od treh logov (application, security, system) ni bilo zabeleženega nobenega dogodka ob tem času.

Probaj še to, da nastavitve za IE nastaviš na Default: Odpri IE –> Tools –> Internet Options… —> Advanced —> Retore Defaults

Je kakšna razlika? Si inštaliral kakšen Flash Player, Shockwave Player, Java…?

Lp, Max