• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
mattahw

my logfile

2 posts in this topic

Logfile of HijackThis v1.97.7

Scan saved at 3:43:47, on 2004-6-19

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE

C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe

C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\F-Secure\Anti-Virus\fssm32.exe

C:\Program Files\F-Secure\Common\FSMA32.EXE

C:\Program Files\F-Secure\Common\FSMB32.EXE

C:\Program Files\F-Secure\Common\FCH32.EXE

C:\Program Files\F-Secure\Common\FAMEH32.EXE

C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe

C:\Program Files\F-Secure\Common\FNRB32.EXE

C:\Program Files\F-Secure\Common\FIH32.EXE

C:\Program Files\F-Secure\Anti-Virus\fsav32.exe

C:\WINDOWS\System32\taskmgr.exe

C:\WINDOWS\System32\s3hotkey.exe

C:\WINDOWS\System32\S3Tray2.exe

C:\WINDOWS\System32\TFNF5.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\WINDOWS\System32\TPWRTRAY.EXE

C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe

C:\Program Files\Drag'n Drop CD\BinFiles\DragDrop.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Program Files\F-Secure\Common\FSM32.EXE

C:\WINDOWS\System32\conime.exe

C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe

C:\WINDOWS\VM_STI.EXE

C:\WINDOWS\System32\Rundll32.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

C:\Program Files\Nikon\NkView6\NkvMon.exe

C:\Program Files\Winamp\winamp.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

F:\software\problem\HijackThis.exe

 

R3 - Default URLSearchHook is missing

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [s3Hotkey] s3hotkey.exe

O4 - HKLM\..\Run: [s3TRAY2] S3Tray2.exe

O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe

O4 - HKLM\..\Run: [TFNF5] TFNF5.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe

O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE

O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 20

O4 - HKLM\..\Run: [Drag'n Drop CD] C:\Program Files\Drag'n Drop CD\BinFiles\DragDrop.exe /StartUp

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [Music01 Server] C:\Program Files\J River\Media Jukebox\Music01 Server.exe

O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot

O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE USB PC Camera 301P

O4 - HKLM\..\Run: [FineReader7NewsReaderPro] "C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe"

O4 - HKLM\..\Run: [bIE] Rundll32 C:\WINDOWS\DOWNLO~1\BDPlugin.dll,Rundll32

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - Startup: NTUSER.DAT

O4 - Startup: ntuser.dat.LOG

O4 - Startup: ntuser.ini

O4 - Startup: pgm.asv

O4 - Global Startup: NTUSER.DAT

O4 - Global Startup: NTUSER.DAT.LOG

O9 - Extra button: Real.com (HKLM)

O9 - Extra button: Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Messenger (HKLM)

O14 - IERESET.INF: START_PAGE_URL=http://pc.toshiba-asia.com

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab

O16 - DPF: {4B4620DA-9C9F-4396-9FDF-D5EC301700A4} (toSee Player Object) - http://61.144.56.198/intf/tsplay/tsplay.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab

O16 - DPF: {955A270C-7D06-4129-9559-CDB5AA9AA6E8} (PowerPlayer Object) - http://vod.jlonline.com/plugin/PowerPlayer.cab

O16 - DPF: {991EB39C-C4B8-466E-99C1-ECCC44E2CED8} (PlayerPlugin Class) - http://61.144.56.17/guangzhou/OsoonPlugin.cab

O16 - DPF: {A8A0582B-725E-455E-8D23-6C3B012E8B78} (LiveOcx Control) - http://61.138.223.4/clntocx/3cxplayer1.cab

O16 - DPF: {AE9CC548-B709-4820-9677-2A254AA9797F} (PlayerPlugin Class) - http://61.144.56.17/OsoonPlugin.cab

O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - http://bar.baidu.com/update/IESearch.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O16 - DPF: {E3489C0D-D07D-4281-A4A7-ADA8E9A0893F} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab

O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\System32\mshtml.dll

Share this post


Link to post
Share on other sites

Hi mattahw,

 

Please select the following entries in HijackThis:

 

R3 - Default URLSearchHook is missing

 

O4 - HKLM\..\Run: [bIE] Rundll32 C:\WINDOWS\DOWNLO~1\BDPlugin.dll,Rundll32

O4 - Startup: NTUSER.DAT

O4 - Startup: ntuser.dat.LOG

O4 - Startup: ntuser.ini

O4 - Global Startup: NTUSER.DAT

O4 - Global Startup: NTUSER.DAT.LOG

 

O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - http://bar.baidu.com/update/IESearch.cab

O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - %SystemRoot%\System32\mshtml.dll

 

Close all browser/windows except HijackThis. Click Fix.

 

Reboot. Re-scan using HijackThis.

 

Kindly post a fresh log.

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0