split-second title in MyIE2

Computing.Net > Forums > Security and Virus > split-second title in MyIE2

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

split-second title in MyIE2

Name: Miguel
Date: August 2, 2003 at 23:57:10 Pacific
OS: Windows 98
CPU/Ram: 200/48

Comment:

Hi;
I use MyIE2 and I have it set to open to a blank page (about:blank).
I've noticed that when I open MyIE2 and it first starts up, for a splt second before it goes to the about:blank page, the title bar says "MyIE2-[Jacka**]". I have no idea why this is, and that's what really bugs me. Any ideas?

Sponsored Link

Ads by Google

Response Number 1

Name: Tom41
Date: August 3, 2003 at 00:16:13 Pacific

Reply:

It sounds like a hijacker, Download 'Hijack This!'. Unzip, doubleclick HijackThis.exe, and hit "Scan".
When the scan is finished, click "Save Log", and copy and paste it in a reply.
HijackThis!

Response Number 2

Name: Jim Beau
Date: August 3, 2003 at 07:27:19 Pacific

Reply:

I agree with Tom41.
That sounds like it may be browser hijack.
JB

Response Number 3

Name: Miguel
Date: August 3, 2003 at 19:09:33 Pacific

Reply:

Hi;
I downloaded HijackThis last night after looking at some computing.net threads about browser hijackers. I changed and/or deleted some of what it found already, but that particular problem (the mysterious "Jacka**" website in the titlebar) is still there; I just checked. So here is the HijackThis log from last night, followed by the log that I ran just now.
By the way, ShellOn.exe is a shell switcher. I'm experimenting with another shell besides Explorer, is why.
I also have a tweak set up through Xteq X-Systems Setup so that I can type "g" plus a space plus whatever words I want to search on, in the address bar, and it will perform a google search. Not sure if that shows up below also.
Logfile of HijackThis v1.96.0
Scan saved at 12:42:03 AM, on 8/3/03
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.exe
C:\WINDOWS\SYSTEM\SPOOL32.exe
C:\WINDOWS\SYSTEM\MPREXE.exe
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.exe
C:\WINDOWS\TASKMON.exe
C:\WINDOWS\SYSTEM\SYSTRAY.exe
C:\PROGRAM FILES\NETWAITING\MOH.exe
C:\WINDOWS\SYSTEM\PELMICED.exe
C:\PROGRAM FILES\DOUGHNUT\DOUGHNUT.exe
C:\PROGRAM FILES\QUICKRESOURCE201\QUICKRESOURCE.exe
C:\PROGRAM FILES\X2ALPHA\XPLORER2.exe
C:\DESKTOP\HIJACKTHIS.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://mommykiss.com/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchv.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = -
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = "http://www.google.com/keyword/%s (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = http://approvedlinks.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Use Custom Search URL =
F0 - system.ini: Shell=C:\PROGRA~1\SHELLO~1\SHELLON.exe
O2 - BHO: WinShow module - {6CC1C918-AE8B-4373-A5B4-28BA1851E39A} - C:\WINDOWS\WINSHOW.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.exe
O4 - HKLM\..\Run: [ModemOnHold] C:\PROGRAM FILES\NETWAITING\MOH.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] PELMICED.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKCU\..\Run: [shellwm] C:\PROGRAM FILES\SHELLWM\shellwm.exe
O4 - Startup: CacheSentry.lnk = C:\Program Files\CacheSentry\CacheSentry.exe
O4 - Startup: Doughnut.lnk = C:\Program Files\Doughnut\Doughnut.exe
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: TranspIcon.exe.lnk = C:\Program Files\Transparent Icon\TranspIcon.exe
O4 - Startup: QuickResource.exe.lnk = C:\Program Files\quickresource201\QuickResource.exe
O4 - User Startup: CacheSentry.lnk = C:\Program Files\CacheSentry\CacheSentry.exe
O4 - User Startup: Doughnut.lnk = C:\Program Files\Doughnut\Doughnut.exe
O4 - User Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - User Startup: TranspIcon.exe.lnk = C:\Program Files\Transparent Icon\TranspIcon.exe
O4 - User Startup: QuickResource.exe.lnk = C:\Program Files\quickresource201\QuickResource.exe
O8 - Extra context menu item: Download using Download &Express - file://C:\Program Files\Download Express\Add_Url.htm
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37628.994224537
O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://officeupdate.microsoft.com/TemplateGallery/downloads/outc.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {D32C3BAD-5213-49BD-A7D5-E6DE6C0D8249} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
------------------
Logfile of HijackThis v1.96.0
Scan saved at 7:00:45 PM, on 8/3/03
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.exe
C:\WINDOWS\SYSTEM\SPOOL32.exe
C:\WINDOWS\SYSTEM\MPREXE.exe
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.exe
C:\WINDOWS\TASKMON.exe
C:\WINDOWS\SYSTEM\SYSTRAY.exe
C:\WINDOWS\SYSTEM\PELMICED.exe
C:\PROGRAM FILES\DOUGHNUT\DOUGHNUT.exe
C:\PROGRAM FILES\QUICKRESOURCE201\QUICKRESOURCE.exe
C:\PROGRAM FILES\NETWAITING\MOH.exe
C:\WINDOWS\SYSTEM\RNAAPP.exe
C:\WINDOWS\SYSTEM\TAPISRV.exe
C:\WINDOWS\SYSTEM\PSTORES.exe
C:\WINDOWS\NOTEPAD.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.exe
C:\METHLAB\HIJACKTHIS.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = -
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = "http://www.google.com/keyword/%s (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Use Custom Search URL =
F0 - system.ini: Shell=C:\PROGRA~1\SHELLO~1\SHELLON.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.exe
O4 - HKLM\..\Run: [ModemOnHold] C:\PROGRAM FILES\NETWAITING\MOH.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] PELMICED.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKCU\..\Run: [shellwm] C:\PROGRAM FILES\SHELLWM\shellwm.exe
O4 - Startup: CacheSentry.lnk = C:\Program Files\CacheSentry\CacheSentry.exe
O4 - Startup: Doughnut.lnk = C:\Program Files\Doughnut\Doughnut.exe
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: TranspIcon.exe.lnk = C:\Program Files\Transparent Icon\TranspIcon.exe
O4 - Startup: QuickResource.exe.lnk = C:\Program Files\quickresource201\QuickResource.exe
O4 - User Startup: CacheSentry.lnk = C:\Program Files\CacheSentry\CacheSentry.exe
O4 - User Startup: Doughnut.lnk = C:\Program Files\Doughnut\Doughnut.exe
O4 - User Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - User Startup: TranspIcon.exe.lnk = C:\Program Files\Transparent Icon\TranspIcon.exe
O4 - User Startup: QuickResource.exe.lnk = C:\Program Files\quickresource201\QuickResource.exe
O8 - Extra context menu item: Download using Download &Express - file://C:\Program Files\Download Express\Add_Url.htm
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37628.994224537
O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://officeupdate.microsoft.com/TemplateGallery/downloads/outc.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {D32C3BAD-5213-49BD-A7D5-E6DE6C0D8249} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab

Sponsored Link

Ads by Google

transparency in quark UNIX Certification title html split row shell if [ x$1] html shell crontab second quickbasic 4.5 download microsoft quickbasic 4.5 download c desktop path batch title	title scroll another word for want download WSUSSCN2.CAB hpvdj50.ini download rundll32.dll Mystery.scr {36fc9e60-c465-11cf-8056-444553540000} ftdisk 45 edit window title found.00
See More

SpywareBlaster update...

Had a Trojan - now what

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Security and Virus Forum Home

Sponsored links

Ads by Google

Results for: split-second title in MyIE2

Internet explorer 7 keeps crashing

Summary

www.computing.net/answers/security/internet-explorer-7-keeps-crashing/20196.html

Prorat Trojan-- more tricks

Summary

www.computing.net/answers/security/prorat-trojan-more-tricks/12651.html

Bugbear, not found in scan ?

Summary

www.computing.net/answers/security/bugbear-not-found-in-scan-/6031.html

From the Geek Dictionary
video card - An overpriced amalgamation of silicon, copper and aluminum that is capable ...

Ask a Question!

Weekly Poll
Do you think Comcast should have bought NBC?

Poll Finishes In 7 Days.
Discuss in The Lounge
Poll History

Recent Posts
Rank and breaking ties using other data

Processor upgrade

Still need help

Convert .EXE to .EX_

Network Problem

All Awaiting Reply

Tom's News
Nintendo DS Flash Cards are Legal Says Judge

Go Retro: Dragon's Lair Confirmed for iPhone

Sony's PSPgo May Get External UMD Reader

Report: Teen Internet Addicts Likely to Self-Harm

Violent Games Still Marketed to Kids, Says FTC

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE