• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
bladerunner

browser redirection

2 posts in this topic

Here is a log taken with Hijack this:

 

Logfile of HijackThis v1.97.7

Scan saved at 17:05:38, on 28/07/2004

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

 

Running processes:

E:\WINDOWS\System32\smss.exe

E:\WINDOWS\system32\winlogon.exe

E:\WINDOWS\system32\services.exe

E:\WINDOWS\system32\lsass.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\System32\svchost.exe

E:\WINDOWS\Explorer.EXE

E:\WINDOWS\system32\spoolsv.exe

E:\PROGRA~1\Grisoft\AVG6\avgserv.exe

E:\Program Files\Common Files\Microsoft Shared\Media Manager\airsvcu.exe

E:\WINDOWS\System32\nvsvc32.exe

E:\WINDOWS\System32\svchost.exe

E:\Program Files\Messenger Plus! 3\MsgPlus.exe

E:\WINDOWS\System32\rundll32.exe

E:\Program Files\CiDial\CiDial.exe

E:\Program Files\Internet Explorer\IEXPLORE.EXE

E:\Program Files\BPFTP Server\G6FTPSrv.exe

E:\Program Files\Internet Explorer\IEXPLORE.EXE

E:\Program Files\mIRC\mirc.exe

E:\Program Files\Internet Explorer\IEXPLORE.EXE

D:\misc programs\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tesco.net

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = https://tesco.autoregister.net/cd

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {E3E0399C-08A0-3D25-5CC0-7DF728A6291E} - E:\PROGRA~1\LONGLO~1\drv name.dll

O3 - Toolbar: Crack Find Search - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB} - E:\WINDOWS\SrchPlug.dll

O3 - Toolbar: Ref Anti Roam - {6333BB76-E3BD-6302-B646-2B2CCBF78AFD} - E:\PROGRA~1\LONGLO~1\drv name.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\system32\msdxm.ocx

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Zone Labs Client] "E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [DXM6Patch_981116] E:\WINDOWS\p_981116.exe /Q:A

O8 - Extra context menu item: Download with GetRight - E:\Program Files\GetRight\GRdownload.htm

O8 - Extra context menu item: Open with GetRight Browser - E:\Program Files\GetRight\GRbrowse.htm

O9 - Extra button: Yahoo! Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)

O14 - IERESET.INF: START_PAGE_URL=http://www.tesco.net

O15 - Trusted Zone: http://register-tesco.qa.business.ntl.com

O15 - Trusted Zone: http://memberservices.tesco.net

O16 - DPF: NTLSignup - https://tesco.autoregister.net/tesco/NTLSignup.cab

O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab

O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by22fd.bay22.hotmail.msn.com/activex/HMAtchmt.ocx

O17 - HKLM\System\CCS\Services\Tcpip\..\{0B6A9F44-33CE-4667-AAB3-8D4F7BADCF09}: NameServer = 194.168.4.100 194.168.8.100

O17 - HKLM\System\CS1\Services\Tcpip\..\{0B6A9F44-33CE-4667-AAB3-8D4F7BADCF09}: NameServer = 194.168.4.100 194.168.8.100

 

Hope someone can help...thanks!

Share this post


Link to post
Share on other sites

Hi there! First of all, you need to do some serious updating of your Windows and Internet Explorer. Please click on Tools>Windows Update. Allow Microsoft to search for all updates, and install ALL critical updates, rebooting as necessary. This is a vital step to help keep your computer clean and safe.

 

Now, re-open HijackThis and scan for a new log. Place a checkmark next to each of the following entries:

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

 

 

O2 - BHO: (no name) - {E3E0399C-08A0-3D25-5CC0-7DF728A6291E} - E:\PROGRA~1\LONGLO~1\drv name.dll

 

O3 - Toolbar: Crack Find Search - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB} - E:\WINDOWS\SrchPlug.dll

 

O3 - Toolbar: Ref Anti Roam - {6333BB76-E3BD-6302-B646-2B2CCBF78AFD} - E:\PROGRA~1\LONGLO~1\drv name.dll

 

now, make sure ALL programs and windows other than HJT are closed, and with only HJT running and ONLY the entries above selected, click the "Fix Selected" button.

 

Scan for and post a fresh HJT log for us to check.

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0