• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
mikee

about:blank problem

6 posts in this topic

i have tried using both spybot and ad-aware which n iether have solved my main problem. i have used hijack this to show my corrupted files. also there are search bars that are unwillingly put on my desktop and browser....please help

 

Logfile of HijackThis v1.97.7

Scan saved at 12:39:21 PM, on 6/20/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton AntiVirus\SAVScan.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\BRMFRSMG.EXE

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

C:\documents and settings\mike\local settings\temp\Jo.exe

C:\WINDOWS\System32\IEHost.exe

C:\WINDOWS\System32\cdywnqk.exe

C:\WINDOWS\System32\smlif11n.exe

C:\PROGRA~1\WHENUS~1\Search.exe

C:\Program Files\AutoUpdate\AutoUpdate.exe

C:\Program Files\Common Files\Dpi\dpi.exe

C:\Program Files\Common files\updmgr\updmgr.exe

C:\PROGRA~1\AWS\WEATHE~1\Weather.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\PROGRA~1\AIM\aim.exe

C:\Program Files\MProcessor\mprocessor.exe

C:\PROGRA~1\CLOCKS~1\Sync.exe

C:\WINDOWS\System32\srvfc.exe

C:\Program Files\WordWeb\wweb32.exe

C:\WINDOWS\system32\BundleOuter2704040512.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Documents and Settings\Mike\Local Settings\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe

C:\Program Files\Messenger\msmsgs.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\TEMP\sp.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\WINDOWS\TEMP\sp.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\WINDOWS\TEMP\sp.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\TEMP\sp.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\WINDOWS\TEMP\sp.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/en-us/srchasst/srchcust.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\WINDOWS\TEMP\sp.html

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://www.emachines.com/

R3 - URLSearchHook: IncrediFindBHO Class - {4FC95EDD-4796-4966-9049-29649C80111D} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~2.DLL

N2 - Netscape 6: user_pref("browser.startup.homepage", "www.msn.com"); (C:\Documents and Settings\Mike\Application Data\Mozilla\Profiles\default\qnxch4d3.slt\prefs.js)

N2 - Netscape 6: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CMozilla%5Csearchplugins%5Cgoogle.src"); (C:\Documents and Settings\Mike\Application Data\Mozilla\Profiles\default\qnxch4d3.slt\prefs.js)

O1 - Hosts: 69.20.16.183 #eautosearch

O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - C:\WINDOWS\mxTarget.dll

O2 - BHO: (no name) - {867BC981-5722-4D0D-BCFF-36F713F4492E} - C:\WINDOWS\System32\nkdkjd.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\en-us\msntb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_3_19_0.dll

O3 - Toolbar: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\Program Files\SEP\sep.dll

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

O4 - HKLM\..\Run: [Jo] C:\documents and settings\mike\local settings\temp\Jo.exe

O4 - HKLM\..\Run: [bakra] C:\WINDOWS\System32\IEHost.exe

O4 - HKLM\..\Run: [Dsi] C:\WINDOWS\System32\dp-him.exe

O4 - HKLM\..\Run: [ddwppb] C:\WINDOWS\System32\cdywnqk.exe

O4 - HKLM\..\Run: [27sT32O] smlif11n.exe

O4 - HKLM\..\Run: [WhenUSearch] C:\PROGRA~1\WHENUS~1\Search.exe

O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"

O4 - HKLM\..\Run: [Pcsv] C:\WINDOWS\system32\pcs\pcsvc.exe

O4 - HKLM\..\Run: [Dpi] C:\Program Files\Common Files\Dpi\dpi.exe

O4 - HKLM\..\Run: [updmgr] C:\Program Files\Common files\updmgr\updmgr.exe

O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl

O4 - HKCU\..\Run: [MProcessor] "C:\Program Files\\MProcessor\mprocessor.exe"

O4 - HKCU\..\Run: [ClockSync] C:\PROGRA~1\CLOCKS~1\Sync.exe /q

O4 - HKCU\..\Run: [Jw33RSi4X] srvfc.exe

O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe

O4 - Global Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe

O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\System32\wweb32.dll/lookup.html

O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)

O9 - Extra button: ICQ (HKLM)

O9 - Extra 'Tools' menuitem: ICQ (HKLM)

O9 - Extra button: AIM (HKLM)

O9 - Extra button: MoneySide (HKLM)

O9 - Extra button: Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Messenger (HKLM)

O9 - Extra button: WeatherBug (HKCU)

O10 - Unknown file in Winsock LSP: c:\windows\system32\inetadpt.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\inetadpt.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\inetadpt.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\inetadpt.dll

O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...director/sw.cab

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...etup1.0.0.8.cab

O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/minibug/tri...Transporter.cab?

O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...364/mcfscan.cab

Share this post


Link to post
Share on other sites

Does anyone know where this hijacker is coming from? I have seen 3 machines in the past week with it and would like to infect a Virtual PC to work on removal strategies, this thing is just killing our repair business.

Share this post


Link to post
Share on other sites

In my own case the same problem cames from the file nkdm.dll in the system 32 folder. Since I deleted nkdm.dll with killbox ,it's runing well

Share this post


Link to post
Share on other sites

well i think i might have gotten rid of all the spyware and trojans in my computer now i face another dilemma- i can not connect to the internet!! :wtf: I do have a guess why this maybe tho. Everytime i start my cpu, i get this message that says the common client program isnt working or something. The details mentioned that this program is responsible for sending the IP address to my ISP. That is my guess as to why it maynot be working, please repond with an answer if anyone can. Also, my Windows Media Player and some programs dont want to open.....why?! I have talked to the Geek squad (Best Buy) i still am having problems. Dont wanna take my tower to them since they charge $120 minimum to just run a diagnostic. I might have deleted a wrong file in the spyware removal process. PLease someone respond to this plea for help. One last thing, I am using my brother's computer to add to this thread. :D

Share this post


Link to post
Share on other sites

i have completely fixed my cpu, thanks for your help nando. i think youre the only person that responded with an attempt to help of the 2 weeks i had this post up. I had to use my system restore discs that came with my cpu...took like 20 mins.....thanks guys

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0