• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
Baron

My HijackThis Log ..

6 posts in this topic

Logfile of HijackThis v1.97.7

Scan saved at 20:35:38, on 26/05/04

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v5.50 SP1 (5.50.4522.1800)

 

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\ACCSTAT.EXE

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\PROGRAM FILES\TV VIEWER\TVWAKEUP.EXE

C:\PROGRAM FILES\TV VIEWER\ANNCLIST.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\SYSTEM\RNAAPP.EXE

C:\WINDOWS\SYSTEM\TAPISRV.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\PROGRAM FILES\MICROSOFT HARDWARE\POINT32.EXE

C:\WINDOWS\SYSTEM\ATIPTAXX.EXE

C:\WINDOWS\STARTER.EXE

C:\WINDOWS\ptsnoop.exe

C:\WINDOWS\LOADQM.EXE

C:\PROGRAM FILES\COMMON FILES\ADAPTEC SHARED\CREATECD\CREATECD50.EXE

C:\PROGRAM FILES\ADAPTEC\EASY CD CREATOR 5\DIRECTCD\DIRECTCD.EXE

C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE

C:\PROGRAM FILES\PESTPATROL\PPCONTROL.EXE

C:\PROGRAM FILES\PESTPATROL\PPMEMCHECK.EXE

C:\PROGRAM FILES\PESTPATROL\COOKIEPATROL.EXE

C:\WINDOWS\SYSTEM\MSWHEEL.EXE

C:\WINDOWS\RunDLL.exe

C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE

C:\PROGRAM FILES\AIM\AIM.EXE

C:\WINDOWS\SYSTEM\SPOOL32.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\WINDOWS\SYSTEM\PSTORES.EXE

C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

 

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmyrequest.com/sp.php

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\SYSTEM\KCILJAA.DLL/sp.html (obfuscated)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\SYSTEM\KCILJAA.DLL/sp.html (obfuscated)

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\SYSTEM\KCILJAA.DLL/sp.html (obfuscated)

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\SYSTEM\KCILJAA.DLL/sp.html (obfuscated)

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\SYSTEM\KCILJAA.DLL/sp.html (obfuscated)

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\SYSTEM\KCILJAA.DLL/sp.html (obfuscated)

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.skyinet.net/~chu/sdgfhjksdfjklN...WIN-BUGSFIX.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = ,

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = ,

O1 - Hosts: 64.237.45.18 ad.doubleclick.net

O1 - Hosts: 64.237.45.18 aff.weatherbug.com

O1 - Hosts: 64.237.45.18 www.burstnet.com

O1 - Hosts: 64.237.45.18 oz.valueclick.com

O1 - Hosts: 64.237.45.18 a.tribalfusion.com

O1 - Hosts: 64.237.45.18 servedby.advertising.com

O1 - Hosts: 64.237.45.18 my.search

O1 - Hosts: 64.237.45.18 pagead2.googlesyndication.com

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {06D95EBE-1914-44CF-BDE3-C894A22B8286} - C:\WINDOWS\SYSTEM\KCILJAA.DLL

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O3 - Toolbar: AskCosmo! - {38D2A281-0444-433C-9ED6-A2851795F32A} - C:\PROGRAM FILES\COSMO POPUP BLOCKER\TRREADERBAR_.DLL

O4 - HKLM\..\Run: [scanRegistry] c:\windows\scanregw.exe /autorun

O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe

O4 - HKLM\..\Run: [systemTray] SysTray.Exe

O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe

O4 - HKLM\..\Run: [AtiQiPcl] AtiQiPcl.exe

O4 - HKLM\..\Run: [POINTER] C:\PROGRA~1\MICROS~1\point32.exe

O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe

O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe

O4 - HKLM\..\Run: [CountrySelection] pctptt.exe

O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [bpcpost.exe] c:\windows\SYSTEM\bpcpost.exe

O4 - HKLM\..\Run: [LINUX32] C:\WINDOWS\SYSTEM\LINUX32.vbs

O4 - HKLM\..\Run: [Password Check] c:\windows\GrabCookie.exe

O4 - HKLM\..\Run: [MCAgentExe] C:\Program Files\McAfee.com\Agent\mcagent.exe

O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE

O4 - HKLM\..\Run: [LoadQM] loadqm.exe

O4 - HKLM\..\Run: [CreateCD50] "c:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r

O4 - HKLM\..\Run: [AdaptecDirectCD] "c:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [PIOLET] C:\PROGRAM FILES\PIOLET\PIOLET.exe SILENT

O4 - HKLM\..\Run: [Cosmo Popup Blocker] C:\Program Files\Cosmo Popup Blocker\CosmoPopupBlocker.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [PestPatrol Control Center] C:\Program Files\PestPatrol\PPControl.exe

O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe

O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe

O4 - HKLM\..\Run: [DeadAIM] rundll32.exe C:\PROGRA~1\AIM\DeadAIM.ocm,ExportedCheckODLs

O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime

O4 - HKLM\..\Run: [zcri32vlsz] C:\SYMANTEC\PEWXEFRZSC.EXE

O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe

O4 - HKLM\..\RunServices: [TVWakeup] C:\Progra~1\TVView~1\tvwakeup.exe

O4 - HKLM\..\RunServices: [VidSvr]

O4 - HKLM\..\RunServices: [Announcements] C:\Program Files\TV Viewer\annclist.exe

O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY

O4 - HKCU\..\Run: [MsnMsgr] "c:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [myJabber v3.5] C:\PROGRAM FILES\MYJABBER\MYJABBER.exe

O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM\aim.exe -cnetwait.odl

O4 - HKCU\..\Run: [ares] "C:\PROGRAM FILES\ARES\ARES.EXE" -h

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet

O4 - HKCU\..\Run: [aimboot] %SystemRoot%\awinrar.exe

O4 - Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE

O9 - Extra button: AskCosmo! (HKLM)

O9 - Extra 'Tools' menuitem: AskCosmo! (HKLM)

O9 - Extra button: Messenger (HKLM)

O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)

O9 - Extra button: AIM (HKLM)

O14 - IERESET.INF: START_PAGE_URL=http://www.virgin.net/

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...director/sw.cab

O16 - DPF: {CC110316-5BE7-4AAA-AEDD-1A5B147BE34C} (MyWebOperator Class) - http://198.143.27.21/dialer_loader/uk.cab

O16 - DPF: {BD092CD7-AA66-4FF6-8CE1-D4E01489ED2B} (VacPro.UserControl1) - http://www.7adpower.com/dialer/EMSAT.CAB

O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033...all/xscan53.cab

O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - http://dload.ipbill.com/del/loader.cab

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab

Share this post


Link to post
Share on other sites

Also, im on a dial-up connection, and today when i browsed - it automatically dis-connected me, then wouldnt let me re-connect and said the modem was already in use.

 

ms-its: mhtml:file://c:\66.117.37.5:80\dexGB278.exe.mht!http://66.117.37.5:80/iex/2.chm::/1.htm

 

^ It had that wrote in its title thing, i noted it down as it struck me as odd. Hasnt happened before. Any ideas?

Share this post


Link to post
Share on other sites

If you need this topic reopened, please request this by sending the moderating team an email with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0