• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
bisou

Hijackthis Log

4 posts in this topic

Here is my log - I ran the Hijack this program yesterday got this log however now my java script pop up windows are screwing up. They pop up but they are blank. :huh:

 

 

Here is the log.

**********************

ogfile of HijackThis v1.97.7

Scan saved at 7:06:51 PM, on 05/18/2004

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\QuickTime\qttask.exe

C:\PROGRA~1\Meal Five Dent\BatFirstEggs.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINDOWS\SYSTEM32\mapiicon.exe

C:\PROGRA~1\Grisoft\AVG6\avgserv.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE

C:\WINDOWS\System32\svchost.exe

C:\Documents and Settings\brigitte\Desktop\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://pop.popuptoast.com/9901/search/search.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.theanimalrescuesite.com/cgi-bin...nimalRescueSite

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://pop.popuptoast.com/9901/search/search.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by @Home Network - Version 1.7

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - Default URLSearchHook is missing

F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe

N1 - Netscape 4: user_pref("browser.startup.homepage", ""); (C:\Program Files\Netscape\Users\default\prefs.js)

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: 2020SEARCH2 - {4E7BD74F-2B8D-469E-92C6-CE7EB590A94D} - C:\WINDOWS\2020Search2.dll (file missing)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [systemTray] SysTray.Exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [ADSL_A2] A2Installed

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~2\AdvTools\ADVCHK.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [more rdr] C:\PROGRA~1\Meal Five Dent\BatFirstEggs.exe

O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [cpntmgc] C:\WINDOWS\navpmc\navpmc.exe

O4 - HKCU\..\Run: [instant Access] rundll32.exe EGDHTML_1027.dll,InstantAccess

O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe

O4 - Global Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe

O4 - Global Startup: ADSL Diagnostic Tools.LNK = C:\WINDOWS\SYSTEM32\mapiicon.exe

O9 - Extra button: Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Messenger (HKLM)

O9 - Extra button: @Home (HKCU)

O16 - DPF: Win32 Classes -

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/28881e28f40c00...ip/RdxIE601.cab

O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200312...meInstaller.exe

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...7964.7781365741

O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) - http://www.microsoft.com/security/controls/SassCln.CAB

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

 

*********

please tell me what i should fix..thanks for your help in advance.

Share this post


Link to post
Share on other sites

Download CWShredder

http://www.spywareinfo.com/~merijn/files/cwshredder.zip

Unzip...Run it......press "Fix", follow its prompts & instructions.. press 'Next', and allow it to fix all it finds.

 

Please put HJT in it's own permanent folder....

Click My Computer, then C:\

In the menu bar, File->New->Folder.

That will create a folder named New Folder, which you can rename to "HJT" or "HijackThis". Now you have C:\HJT\ folder.

 

Run Hijack.....Check the boxes next to all these items. Then close all windows except

HijackThis. Tell HijackThis to 'Fix checked'.

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://pop.popuptoast.com/9901/search/search.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://pop.popuptoast.com/9901/search/search.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - Default URLSearchHook is missing

F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe

O3 - Toolbar: 2020SEARCH2 - {4E7BD74F-2B8D-469E-92C6-CE7EB590A94D} - C:\WINDOWS\2020Search2.dll (file missing)

Did you download this, if not remove as well.....

O4 - HKLM\..\Run: [more rdr] C:\PROGRA~1\Meal Five Dent\BatFirstEggs.exe

O4 - HKCU\..\Run: [cpntmgc] C:\WINDOWS\navpmc\navpmc.exe

O4 - HKCU\..\Run: [instant Access] rundll32.exe EGDHTML_1027.dll,InstantAccess

O16 - DPF: Win32 Classes -

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/28881e28f40c00...ip/RdxIE601.cab

O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200312...meInstaller.exe

 

Reboot to SAFE mode (F8 on bootup)

How to start the computer in Safe mode

 

Show hidden files and folders-->

Show hidden files & folders

 

 

and delete the following folders marked in red.....

C:\WINDOWS\navpmc

C:\PROGRAM FILES\Meal Five Dent....if removed

 

reboot.....rescan....post new log....:)

Share this post


Link to post
Share on other sites

oh thank your so much for helping me ...I really appreciate it. :rolleyes:

here is the new log as you requested..is it cleaned up now?

 

-----------------

Logfile of HijackThis v1.97.7

Scan saved at 4:40:03 AM, on 05/20/2004

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\QuickTime\qttask.exe

C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Webshots\WebshotsTray.exe

C:\WINDOWS\SYSTEM32\mapiicon.exe

C:\PROGRA~1\Grisoft\AVG6\avgserv.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE

C:\WINDOWS\System32\svchost.exe

C:\Documents and Settings\brigitte\Desktop\HijackThis.exe

C:\WINDOWS\System32\wuauclt.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.theanimalrescuesite.com/cgi-bin...nimalRescueSite

N1 - Netscape 4: user_pref("browser.startup.homepage", ""); (C:\Program Files\Netscape\Users\default\prefs.js)

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1601.0\msgr.en-us.en-ca\msntb.dll

O4 - HKLM\..\Run: [systemTray] SysTray.Exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [ADSL_A2] A2Installed

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~2\AdvTools\ADVCHK.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe

O4 - Global Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe

O4 - Global Startup: ADSL Diagnostic Tools.LNK = C:\WINDOWS\SYSTEM32\mapiicon.exe

O9 - Extra button: Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Messenger (HKLM)

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...7964.7781365741

O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) - http://www.microsoft.com/security/controls/SassCln.CAB

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0