• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
eny151

http://origin.midaddle.com/inBetween.aspx

6 posts in this topic

i have http://origin.midaddle.com/inBetween.aspx

it loads along with whatever page i click or open

for example http://origin.midaddle.com/inBetween.asp=www.yahoo.com

ad-aware and spybot dont remove or say anything about this anyone knows about this? if so let me know what i can do. here my log incase it will help out.

 

Logfile of HijackThis v1.98.0

Scan saved at 4:14:28 PM, on 7/24/2004

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\system32\srvany.exe

C:\winnt\system32\Shared\dllhost.exe

C:\WINNT\system32\srvany.exe

C:\WINNT\System32\svchost.exe

C:\winnt\system32\Shared\lsass.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\system32\srvany.exe

C:\WINNT\system32\srvany.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\Explorer.EXE

C:\WINNT\system32\tlntsvr.exe

C:\PROGRA~1\NORTON~1\navapw32.exe

C:\documents and settings\administrator\local settings\temp\R.exe

C:\documents and settings\administrator\local settings\temp\sjQKBFc2.exe

C:\WINNT\system32\ctfmon.exe

C:\winnt\system32\dhcp\files\mdll.exe

C:\WINNT\system32\wuauclt.exe

C:\Documents and Settings\Administrator\My Documents\hijack\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/customize/...://my.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/...rch/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/...://my.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.yahoo.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - Default URLSearchHook is missing

F0 - system.ini: Shell=

F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,

O2 - BHO: (no name) - SOFTWARE - (no file)

O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - (no file)

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\ycomp5_3_16_0.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - (no file)

O2 - BHO: WinPage Affiliate - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Program Files\Common Files\midaddle\midaddle.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\ycomp5_3_16_0.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe

O4 - HKLM\..\Run: [tsx] regedlt.exe

O4 - HKLM\..\Run: [Advanced Serial Client for Win32] asclt.exe

O4 - HKLM\..\Run: [Peer Manager] peere32.exe

O4 - HKLM\..\Run: [Windows Subsys] "C:\WINNT\system32\winload.exe" rundll32.dll,loadsubsys,loadwin32,loadsys,win32

O4 - HKLM\..\Run: [Application] C:\winnt\system32\dhcp\files\hiddenrun.exe mdll.exe

O4 - HKLM\..\Run: [R] C:\documents and settings\administrator\local settings\temp\R.exe

O4 - HKLM\..\Run: [53FV3sP] athontr.exe

O4 - HKLM\..\Run: [sjQKBFc2] C:\documents and settings\administrator\local settings\temp\sjQKBFc2.exe

O4 - HKLM\..\RunServices: [tsx] regedlt.exe

O4 - HKLM\..\RunServices: [Advanced Serial Client for Win32] asclt.exe

O4 - HKLM\..\RunServices: [Peer Manager] peere32.exe

O4 - HKLM\..\RunServices: [Windows Subsys] "C:\WINNT\system32\winload.exe" rundll32.dll,loadsubsys,loadwin32,loadsys,win32

O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe

O4 - HKCU\..\Run: [tsx] regedlt.exe

O4 - HKCU\..\Run: [Peer Manager] peere32.exe

O4 - HKCU\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe

O4 - HKCU\..\Run: [DealHelperDown] "C:\Documents and Settings\Administrator\Local Settings\Temp\ms3.tmp"

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab

O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/.../ymmapi_416.dll

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{A052CA1D-D99E-4F92-A865-DEC016CDB00C}: NameServer = 66.114.74.40,66.114.74.195

Share this post


Link to post
Share on other sites

Have Hijack This fix all of the following by placing a check in the appropriate boxes and hitting fix checked. Make sure all browser and all Windows Explorer windows are closed before fixing.

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/customize/...://my.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/...rch/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/...://my.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

 

R3 - Default URLSearchHook is missing

 

O2 - BHO: (no name) - SOFTWARE - (no file)

O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - (no file)

O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - (no file)

O2 - BHO: WinPage Affiliate - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Program Files\Common Files\midaddle\midaddle.dll

 

O4 - HKLM\..\Run: [tsx] regedlt.exe

O4 - HKLM\..\Run: [Advanced Serial Client for Win32] asclt.exe

O4 - HKLM\..\Run: [Peer Manager] peere32.exe

O4 - HKLM\..\Run: [Windows Subsys] "C:\WINNT\system32\winload.exe" rundll32.dll,loadsubsys,loadwin32,loadsys,win32

O4 - HKLM\..\Run: [Application] C:\winnt\system32\dhcp\files\hiddenrun.exe mdll.exe

O4 - HKLM\..\Run: [R] C:\documents and settings\administrator\local settings\temp\R.exe

O4 - HKLM\..\Run: [53FV3sP] athontr.exe

O4 - HKLM\..\Run: [sjQKBFc2] C:\documents and settings\administrator\local settings\temp\sjQKBFc2.exe

O4 - HKLM\..\RunServices: [tsx] regedlt.exe

O4 - HKLM\..\RunServices: [Advanced Serial Client for Win32] asclt.exe

O4 - HKLM\..\RunServices: [Peer Manager] peere32.exe

O4 - HKLM\..\RunServices: [Windows Subsys] "C:\WINNT\system32\winload.exe" rundll32.dll,loadsubsys,loadwin32,loadsys,win32

O4 - HKCU\..\Run: [tsx] regedlt.exe

O4 - HKCU\..\Run: [Peer Manager] peere32.exe

O4 - HKCU\..\Run: [DealHelperDown] "C:\Documents and Settings\Administrator\Local Settings\Temp\ms3.tmp"

Reboot and delete

 

files

regedlt.exe( note spelling! regedit.exe is a valid windows file)

athontr.exe

asclt.exe

peere32.exe

C:\WINNT\system32\winload.exe

 

All files in the C:\documents and settings\administrator\local settings\temp folder

 

folders

C:\winnt\system32\dhcp\files

 

These may be hidden files. See HERE for how to show hidden files.

 

Please post a followup Hijack this log, and say if your problems persist.

Share this post


Link to post
Share on other sites

ok i fixed what u said on hijack this. before i delete anything i wanna make sure where i will be deleting these files from. is from the regestry key regit. or is from my computer

Share this post


Link to post
Share on other sites

Hijack this will remove the registry entries as part of the fix. Just delete the listed files/folders from the drive.

Share this post


Link to post
Share on other sites

thanks everything is well. although is could not find regedlt.exe athontr.exe

asclt.exe

peere32.exe

C:\WINNT\system32\winload.exe

 

 

but everything is ok, thanks!!1

Share this post


Link to post
Share on other sites

If you can't find them then they're gone!

 

Glad we could help!

 

If you need this topic reopened, please request this by sending the moderating team an email with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0