• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
RI03214

Help Cool Web Search

2 posts in this topic

ogfile of HijackThis v1.97.7

Scan saved at 19:00:16, on 14/07/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\Programmi\File comuni\EPSON\EBAPI\SAgent2.exe

C:\Programmi\Norton SystemWorks\Norton AntiVirus\navapsvc.exe

C:\Programmi\Norton SystemWorks\Norton Utilities\NPROTECT.EXE

C:\Programmi\File comuni\Real\Update_OB\realsched.exe

C:\Programmi\NetPumper\NetPumperIEProxy.exe

C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe

C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe

C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe

C:\Vari\Tools e utilities\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\PC\IMPOST~1\Temp\sp.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\PC\IMPOST~1\Temp\sp.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\PC\IMPOST~1\Temp\sp.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\PC\IMPOST~1\Temp\sp.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\PC\IMPOST~1\Temp\sp.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.msn.it

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = www.msn.it

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\PC\IMPOST~1\Temp\sp.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = www.msn.it

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = www.msn.it

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5FEC4ADF-6CCB-492B-85E0-D61219731A88} - C:\WINDOWS\System32\kcofeaa.dll

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll

O4 - HKLM\..\Run: [Ad-aware] "C:\Programmi\Lavasoft\Ad-aware 6\Ad-aware.exe" +c

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [NetPumper] "C:\Programmi\NetPumper\NetPumperIEProxy.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programmi\Java\j2re1.4.2_04\bin\jusched.exe

O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm

O8 - Extra context menu item: &Google Search - res://c:\programmi\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Backward &Links - res://c:\programmi\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\programmi\google\GoogleToolbar2.dll/cmcache.html

O8 - Extra context menu item: Download with NetPumper - C:\Programmi\NetPumper\AddUrl.htm

O8 - Extra context menu item: Si&milar Pages - res://c:\programmi\google\GoogleToolbar2.dll/cmsimilar.html

O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)

O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...8134.6002314815

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

 

 

 

CWShredder says that CWSearchx has been removed, but it's not rue my hompage is still about:blank

 

Please Help me

Edited by RI03214

Share this post


Link to post
Share on other sites

You have a hijack which can be removed using CWShredder but will be reinstalled by a hidden file. So first we have to find the hidden file and remove it.

 

Copy the contents of the quote box to Notepad.

Name the file Appinit.bat

Save as type All Files

Save on the Desktop.

 

Reg save "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows" windows1.hiv

ren windows1.hiv windows.txt

 

Double click on Appinit.bat

This will create a file on the desktop named windows.txt

 

Double click on the windows.txt file to open and copy and paste the entire contents into a reply to this post. The text will look funny but that is ok.

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0