• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0


2 posts in this topic

Logfile of HijackThis v1.98.0

Scan saved at 9:24:48 PM, on 7/9/04

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)


Running processes:










C:\Program Files\support.com\bin\tgcmd.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

E:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe



C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe

C:\Program Files\Nikon\NkView6\NkvMon.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe


E:\Program Files\Norton AntiVirus\navapsvc.exe

E:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE



C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe



C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Messenger\msmsgs.exe

E:\Program Files\Norton AntiVirus\SAVScan.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe

C:\Program Files\Internet Explorer\iexplore.exe



R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\zeklb.dll/sp.html#96676

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://zeklb.dll/index.html#96676

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://zeklb.dll/index.html#96676

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\zeklb.dll/sp.html#96676

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\zeklb.dll/sp.html#96676

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://zeklb.dll/index.html#96676

R3 - Default URLSearchHook is missing

F0 - system.ini: Shell=

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,lmpdsrv.exe,

O2 - BHO: (no name) - {7C16C7E5-9CFA-188C-1391-6B30852F9DA6} - C:\WINDOWS\ntfa.dll

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\support.com\bin\tgcmd.exe" /server

O4 - HKLM\..\Run: [WinServices] lmpdsrv.exe

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Advanced Tools Check] E:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE

O4 - HKLM\..\Run: [RoxioDragToDisc] "E:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [ntio.exe] C:\WINDOWS\system32\ntio.exe

O4 - HKLM\..\RunOnce: [apior.exe] C:\WINDOWS\apior.exe

O4 - HKLM\..\RunOnce: [appif32.exe] C:\WINDOWS\appif32.exe

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"

O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe

O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)

O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)

O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -

O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/ac...ta/SymAData.dll

O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/ac.../ActiveData.cab

Share this post

Link to post
Share on other sites

Hello please download About:Buster and unzip it to your desktop. Start it, hit Ok, Start, And Ok again to start the scan. It will generate a log. Post that log along with a new Hijack this log here.

Edited by mmxx66

Share this post

Link to post
Share on other sites
Sign in to follow this  
Followers 0