Jump to content


Photo

Oh, Please help - i'm miserable!!!


  • Please log in to reply
1 reply to this topic

#1 waynenowland

waynenowland

    Member

  • New Member
  • Pip
  • 1 posts

Posted 30 June 2004 - 11:23 AM

Hello all,

I have read the faq and have updated and run both Spy Bot and Ad-Aware (as well as CWshredder), but am still having problems. Here is my Hijackthis log. Any assistance most appreciated!!

O4 - HKCU\..\Run: [NewsStand.Scheduler] "C:\Program Files\NewsStand\Reader\ADLSched.exe"
O4 - HKCU\..\Run: [OfotoNow USB Detection] C:\WINNT\System32\RunDLL32.exe C:\PROGRA~1\Ofoto\OfotoNow\OFUSBS.DLL,WatchForConnection OfotoNow
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [nwwks] C:\WINNT\System32\nwwks.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: AUTOCHK.LNK = C:\CFGSAFE\AUTOCHK.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Quicken Startup.lnk = C:\QUICKENW\QWDLLS.EXE
O4 - Global Startup: Billminder.lnk = C:\QUICKENW\BILLMIND.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\Exif Launcher\QuickDCF.exe
O4 - Global Startup: FlashPath Monitor.lnk = C:\Program Files\SmartDisk\FlashPath\sdstat.exe
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: RtlWake.lnk = C:\Program Files\Realtek\Rtl8180\RtlWake.exe
O4 - Global Startup: Droplets Dripline Agent.lnk = C:\Program Files\Droplet\Dripline.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://c:\winnt\downloaded program files\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\winnt\downloaded program files\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\winnt\downloaded program files\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\winnt\downloaded program files\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\winnt\downloaded program files\GoogleToolbar2.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: MaxSpeed (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Real.com (HKLM)
O12 - Plugin for .au: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: Yahoo! Chat - http://cs5.chat.sc5....m/c381/chat.cab
O16 - DPF: {00000000-7B59-11D3-BC98-005004131771} (VgCompanion Class) - http://www.videogate...iecompanion.exe
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.micros...tes/ieawsdc.cab
O16 - DPF: {0DD4833D-DFFA-11D3-94D7-0050DAC353B6} (DndCtrl Class) - http://www.ofoto.com/OfotoDND.cab
O16 - DPF: {133FB0BC-5EB8-11D2-AA17-00104B0753B3} (Artizan.Artiload) - http://128.1.0.90/sa...ve/Artiload.CAB
O16 - DPF: {16A31F60-60A4-4E06-A23F-0F7682A6A2C9} (AMSIDvalet.IDbot) - http://128.1.0.90/sa.../AMSIDvalet.CAB
O16 - DPF: {1C955F3B-5B32-4393-A05D-24B4970CD2A1} - http://stream10k.red...cabs/videox.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yaho...talls/yinst.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.micr...922/wmv9VCM.CAB
O16 - DPF: {358D1451-9F77-4D6E-97EE-89BF9AA3A8CC} (CBDAMS.ctlCBDAMS) - http://128.1.0.90/sa...tive/CBDAMS.CAB
O16 - DPF: {42B9A659-1A02-11D3-A58E-00104B0753B3} (PageMaster.Controler) - http://128.1.0.90/sa.../PageMaster.CAB
O16 - DPF: {44705D5B-A145-11D4-9DD0-00805F010928} (GetWord.AMSDocument) - http://128.1.0.90/sa...ive/GetWord.CAB
O16 - DPF: {51562FAD-DC70-11D2-BFF0-00105A97F884} (AMSCopyMergeControl.AMSCopyMerge) - http://128.1.0.90/sa...MSCopyMerge.CAB
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150...ip/RdxIE601.cab
O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) - http://office.micros...ontent/opuc.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - https://www-3.ibm.co...ad/IbmEgath.cab
O16 - DPF: {943FDFA6-C7FE-11D2-AA17-3C3A09C10000} (AMSTransfer.main) - http://128.1.0.90/sa...AMSTransfer.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupd...7848.5571064815
O16 - DPF: {A1B77D23-31EE-11D2-AA17-00104B0753B3} (asynchtree.tree) - http://128.1.0.90/sa.../asynchtree.CAB
O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - http://dload.ipbill.com/del/loader.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {C4DD002B-53B1-11D2-AA17-00104B0753B3} (AsynchGrid.Grid) - http://128.1.0.90/sa.../AsynchGrid.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://officeupdate....nloads/outc.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca04.righ...l/java/RntX.cab
O16 - DPF: {F5131C24-E56D-11CF-B78A-444553540000} (Ikonic Menu Control) - http://128.1.0.90/sa...tive/ikmenu.cab

#2 dave38

dave38

    Devout Murphyite!

  • Emeritus
  • PipPipPipPipPip
  • 8,508 posts

Posted 30 June 2004 - 02:07 PM

Please post the ENTIRE log, including header. Then we can give appropriate advice.
Be wary of strong drink. It may make you shoot at tax collectors, and miss!
Please support SWI forum




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button