• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
greggs1girl

My music folder has a mind of it's own

8 posts in this topic

Hello. I have Spybot S&D & run it periodically & haven't had problems w/my computer in almost a year. Lately, I have been having some problems. When I am using a particular program (an agency manager program), when I give various commands, i.e. spell check, pring memo, etc. a particular music folder just starts playing on it's own. Can you look at my log and let me know if you see anything strange or just some things I need to get rid of? Thank you!

 

Logfile of HijackThis v1.97.7

Scan saved at 11:41:51 AM, on 7/16/2004

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\Program Files\Intel\ASF Agent\ASFAgent.exe

C:\Program Files\NavNT\defwatch.exe

C:\WINNT\System32\svchost.exe

C:\Program Files\Dell\OpenManage\Client\Iap.exe

C:\WINNT\System32\NMSSvc.exe

C:\Program Files\NavNT\rtvscan.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\system32\stisvc.exe

C:\WINNT\system32\mspmspsv.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\Explorer.EXE

C:\WINNT\System32\hkcmd.exe

C:\Program Files\NavNT\vptray.exe

C:\progra~1\scansoft\paperp~1\pptd40nt.exe

C:\Program Files\ScanSoft\PaperPort\viperusb.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Common Files\Dpi\dpi.exe

C:\WINNT\system32\internat.exe

C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe

C:\PROGRA~1\THEWEA~1\THEWEA~1.EXE

C:\WINNT\webshots.scr

F:\WINTAM\Homebase.exe

C:\WINNT\system32\ntvdm.exe

h:\WINTAM\tammsg.exe

C:\Program Files\Outlook Express\msimn.exe

h:\WINTAM\clntfile.exe

C:\unzipped\hijackthis[1]\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank

R3 - Default URLSearchHook is missing

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [igfxTray] C:\WINNT\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe

O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe

O4 - HKLM\..\Run: [PaperPort PTD] c:\progra~1\scansoft\paperp~1\pptd40nt.exe

O4 - HKLM\..\Run: [strobePro] C:\Program Files\ScanSoft\PaperPort\viperusb.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Dpi] C:\Program Files\Common Files\Dpi\dpi.exe

O4 - HKLM\..\Run: [Prein] C:\DOCUME~1\SUPERV~1\LOCALS~1\Temp\app4.tmp

O4 - HKCU\..\Run: [internat.exe] internat.exe

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"

O4 - HKCU\..\Run: [Desktop Weather 3] C:\PROGRA~1\THEWEA~1\THEWEA~1.EXE

O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O9 - Extra 'Tools' menuitem: MaxSpeed (HKLM)

O9 - Extra button: Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)

O9 - Extra button: Related (HKLM)

O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab

O16 - DPF: {16A6152E-9737-11D5-A6DC-00D0B721CA48} (PlugXCtl Class) - https://lht.lancer-ins.com/PlugX.cab

O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab

O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB

O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...7942.5368981482

O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/.../ymmapi_416.dll

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab

O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup144.cab

O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab

Share this post


Link to post
Share on other sites

greggs1girl,

 

A new version of HijackThis (version 1.98) is available here: http://www.spywareinfo.com/~merijn/downloads.html

 

Please update HijackThis by pressing: *Config* (lower right corner), then click: *Misc. Tools* at the top.

Next press *Check for online update*

You should see version 1.98.0 available.

Download the new version.

 

P.S. If you have any problems getting the update. Simply delete your old version of HijackThis and download the new version from the above link.

 

Please use the new version, post a new log, and we will take it from there.

Share this post


Link to post
Share on other sites

Here's my new log. Can't get rid of O18!!

 

Logfile of HijackThis v1.98.0

Scan saved at 1:48:24 PM, on 7/30/2004

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\Program Files\Intel\ASF Agent\ASFAgent.exe

C:\Program Files\NavNT\defwatch.exe

C:\WINNT\System32\svchost.exe

C:\Program Files\Dell\OpenManage\Client\Iap.exe

C:\WINNT\System32\NMSSvc.exe

C:\Program Files\NavNT\rtvscan.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\system32\stisvc.exe

C:\WINNT\system32\mspmspsv.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\Explorer.EXE

C:\WINNT\System32\hkcmd.exe

C:\Program Files\NavNT\vptray.exe

C:\progra~1\scansoft\paperp~1\pptd40nt.exe

C:\Program Files\ScanSoft\PaperPort\viperusb.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\QuickTime\qttask.exe

C:\WINNT\system32\internat.exe

C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe

C:\PROGRA~1\THEWEA~1\THEWEA~1.EXE

C:\WINNT\webshots.scr

C:\WINNT\system32\ntvdm.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\unzipped\hijackthis\HijackThis.exe

 

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [igfxTray] C:\WINNT\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe

O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe

O4 - HKLM\..\Run: [PaperPort PTD] c:\progra~1\scansoft\paperp~1\pptd40nt.exe

O4 - HKLM\..\Run: [strobePro] C:\Program Files\ScanSoft\PaperPort\viperusb.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [internat.exe] internat.exe

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"

O4 - HKCU\..\Run: [Desktop Weather 3] C:\PROGRA~1\THEWEA~1\THEWEA~1.EXE

O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab

O16 - DPF: {16A6152E-9737-11D5-A6DC-00D0B721CA48} (PlugXCtl Class) - https://lht.lancer-ins.com/PlugX.cab

O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab

O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/.../ymmapi_416.dll

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup144.cab

O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab

O18 - Protocol: tpro - {FF76A5DA-6158-4439-99FF-EDC1B3FE100C} - C:\PROGRA~1\Toolbar\toolbar.dll

Share this post


Link to post
Share on other sites

Believe that O18 is an IBIS Toolbar ' thing'. :thumbsdown:

 

Please proceed as follows:

 

Download AdAware from here: http://www.lavasoft.de/support/download/

Install the program and launch it.

 

First, in the main window, look in the bottom right corner and click on Check for updates now and download the latest reference files.

 

Next, configure Ad-aware for a Full Scan

Click on the Gear icon to access the preferences/settings

In the General window make sure the following are selected:

Automatically save log-file

Automatically quarantine objects prior to removal

Safe Mode (always request confirmation)

 

Click on the Scanning button on the left and select :

Scan Within Archives

Scan Active Processes

Scan Registry

Deep Scan Registry

Scan my IE favorites for banned URL’s

Scan my Hosts file

 

Under Click here to select drives + folders, choose:

All of your hard drives

 

Click on the Advanced button on the left and select:

Include additional process information

Include additional file information

Include environment information

Include additional object details

 

Click the Tweak button and select:

Under the Scanning Engine:

Unload recognized processes during scanning

Include basic Ad-aware settings in logfile

Include additional Ad-aware settings in logfile

 

Under the Cleaning Engine:

Let Windows remove files in use at next reboot

 

Click: Proceed to save the settings.

 

Click: Start

On the next screen choose: Activate in-depth Scan

Choose: Use Custom Scanning Options

 

Click Next and Ad-aware scans your hard drive(s) with the options selected.

 

When finished, right-click the window with all the entries, choose: Select All from the drop menu, and click Next.

Once AdAware has removed all the items, close the program

 

Restart the computer.

 

Make sure the version of Spybot Search and Destroy you have is 1.3

Click the button to ‘Search for Updates’ and download and install the Updates.

Next click the button ‘Check for Problems’

When Spybot finishes the scan, choose ‘Fix Selected Problems’ and allow Spybot to fix the RED entries.

Close the program, and reboot when done.

 

Close all windows and browser, run HijackThis again, and post a new log.

There is more work to do.

Edited by FZWG

Share this post


Link to post
Share on other sites

Yay! The O18 is gone!

 

Logfile of HijackThis v1.98.0

Scan saved at 1:48:09 PM, on 8/3/2004

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\Program Files\Intel\ASF Agent\ASFAgent.exe

C:\Program Files\NavNT\defwatch.exe

C:\WINNT\System32\svchost.exe

C:\Program Files\Dell\OpenManage\Client\Iap.exe

C:\WINNT\System32\NMSSvc.exe

C:\Program Files\NavNT\rtvscan.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\system32\stisvc.exe

C:\WINNT\system32\mspmspsv.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\Explorer.EXE

C:\WINNT\System32\hkcmd.exe

C:\Program Files\NavNT\vptray.exe

C:\progra~1\scansoft\paperp~1\pptd40nt.exe

C:\Program Files\ScanSoft\PaperPort\viperusb.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\QuickTime\qttask.exe

C:\WINNT\system32\internat.exe

C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe

C:\PROGRA~1\THEWEA~1\THEWEA~1.EXE

C:\WINNT\webshots.scr

C:\unzipped\hijackthis\HijackThis.exe

 

R3 - Default URLSearchHook is missing

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [igfxTray] C:\WINNT\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe

O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe

O4 - HKLM\..\Run: [PaperPort PTD] c:\progra~1\scansoft\paperp~1\pptd40nt.exe

O4 - HKLM\..\Run: [strobePro] C:\Program Files\ScanSoft\PaperPort\viperusb.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [internat.exe] internat.exe

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"

O4 - HKCU\..\Run: [Desktop Weather 3] C:\PROGRA~1\THEWEA~1\THEWEA~1.EXE

O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab

O16 - DPF: {16A6152E-9737-11D5-A6DC-00D0B721CA48} (PlugXCtl Class) - https://lht.lancer-ins.com/PlugX.cab

O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab

O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/.../ymmapi_416.dll

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup144.cab

O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab

Share this post


Link to post
Share on other sites

greggs1girl,

 

Glad that O18 went away!!

 

Once again, make sure all windows and browsers are closed before proceeding to run HijackThis and scan. Fix the following by placing a check in the appropriate box and selecting the: ‘Fix Checked’ button:

 

R3 - Default URLSearchHook is missing

 

Reboot.

 

Did not see anything else on the log flashing a red light.

 

It is a good idea to clean up Temporary Internet Files, Temporary Files, and the Recycle Bin.

Use the Disk Cleanup utility, as follows:

-Click Start>Run

-In the Open box, key in: cleanmgr

-Click: OK

-Place a check next to the categories mentioned above

-Click OK

-Click: Yes to proceed with the action

-Reboot

 

If you haven’t done so recently, go to the following website:

http://v4.windowsupdate.microsoft.com/en/default.asp

Use the Scan for Updates option, and download/install all the Critical Updates it offers.

 

Last, but not least, you can muster up your PC’s line of defense against malware. You already have an Anti-virus program. Make sure it is kept updated and run regularly.

 

Run AdAware configured for a Full Scan, and run it periodically.

Also run Spybot Search and Destroy, and check out its Immunize feature!

 

An excellent reference in developing a plan of defense is Tony Klein’s 'How Did I Get Infected In The First Place':

http://www.computercops.biz/postt7736.html

The information in the article has some useful programs that you could use.

 

Good luck!!

 

:wave:

Share this post


Link to post
Share on other sites

Thank you for your help. I just have one more question I was wondering if you could help me with. My music is still playing on it's own out of the blue ususally when I give a command. It only plays the same two songs. What do U think I should do? If I just removed these two songs from my music folder would it help?

Share this post


Link to post
Share on other sites

greggs1gir,

 

It might help to remove the 2 music files. They could be corrupted.

 

Abacast shows up in your log, which to my understanding is audio/video stream hosting software. If you have settings for this software, might try fiddling with those, and, if Abacast has a support area, might ask or check there.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0