Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Desktop and Taskbar are missing [RESOLVED]


  • This topic is locked This topic is locked

#1
reena

reena

    Member

  • Member
  • PipPip
  • 27 posts
Hi,
Here is my HijacklThis log . Can you please take a look and help me out to get back my desktop and taskbar?

Thanks
Reena

Logfile of HijackThis v1.99.1
Scan saved at 12:13:37 PM, on 6/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\ewido anti-malware\ewidoctrl.exe
D:\Program Files\ewido anti-malware\ewidoguard.exe
D:\Program Files\Remote Task Manager\RTMService.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
D:\Program Files\Netscape\Netscape Browser\netscape.exe
D:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ww.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapp...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = file:///C:/index.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
N4 - Mozilla: user_pref("browser.startup.homepage", "C:\\index.htm"); (C:\Documents and Settings\Ashish\Application Data\Mozilla\Profiles\default\3csd7o5w.slt\prefs.js)
N4 - Mozilla: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Ashish\Application Data\Mozilla\Profiles\default\3csd7o5w.slt\prefs.js)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: (no name) - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Stumble&Upon - {22D003CE-6952-46C5-80B9-D19B479620AB} - C:\WINDOWS\system32\s1918.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [THGuard] "D:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\RunOnce: [RegistryDefrag Success Message] "D:\Program Files\TuneUp Utilities 2006\RegistryDefrag.exe" /sm
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Add to Ads Filter... - res://D:\PROGRA~1\Helexis\ADSFIL~1\ADSFIL~1.DLL/3000
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Post link to del.icio.us - http://www.hatch.org...el-icio-us.html
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: StumbleUpon: &Blog This - res://C:\WINDOWS\system32\s1918.dll/blogimage
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: Ads Filter - {3485D476-CDBE-4D58-98EA-A6FE8059390D} - D:\PROGRA~1\Helexis\ADSFIL~1\ADSFIL~1.DLL
O9 - Extra 'Tools' menuitem: Ads Filter - {3485D476-CDBE-4D58-98EA-A6FE8059390D} - D:\PROGRA~1\Helexis\ADSFIL~1\ADSFIL~1.DLL
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (HKCU)
O16 - DPF: Yahoo! Literati - http://download.game...nts/y/tt1_x.cab
O16 - DPF: YExplorer1_8US.CAB - http://photos.yahoo....plorer1_8us.cab
O16 - DPF: {11111111-1111-1111-1111-111111111147} - file://C:\Program Files\Internet Explorer\6288.exe
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Program Files\Q330994.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1D4EE8CA-9B69-4C8F-8E7B-3E2940B329FA} - http://www.myfreecur...ady_liberty.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150...tzip/RdxIE2.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.googl...gleActivate.cab
O16 - DPF: {95844941-7934-4693-92D9-8202EA7B20ED} - http://www.stumbleupon.com/stumble.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.c...ymmapi_0727.dll
O18 - Protocol: atc - {5A8A8455-B97B-424D-8199-3954F7A62022} - (no file)
O18 - Protocol: ebk - {1E411CE8-FE8B-4973-B8E0-6EA2CC3C6B06} - C:\WINDOWS\System32\ebkp.dll
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Remote Task Manager service (RTM) - Unknown owner - D:\Program Files\Remote Task Manager\RTMService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - D:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

Attached Files

  • Attached File  HJ.txt   7.9KB   200 downloads

Edited by rambro, 08 June 2006 - 10:53 AM.

  • 0

Advertisements


#2
rambro

rambro

    Member 1K

  • Member
  • PipPipPipPip
  • 1,383 posts
Dear reena, :whistling:

Welcome to the Geeks to Go forums.

We are currently studying your log. :blink:
*************************************

Dear reena, can you please tell me what antivirus software you are using on your computer, for example (Norton Antivirus, McAfee Antivirus, or AVG Antivirus, etc.)?

If you do have antivirus software, can you tell me if the subscription on this software has expired?
****************************

Can you tell me in detail if your taskbar and desktop are still missing?

Dear reena, do not send the HijackThis log as an "attachment", just copy the contents of the HijackThis log from your notpad text file and past it in a reply to this post when I ask you for it in the future. :help:

Dear reena, start using the "Add/Reply" button in future posts, so all your posts can be kept in one "thread", that is, don't start a new topic!!!

rambro :)
  • 0

#3
reena

reena

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Hi Rambro,

Thanks for reply. I have avast antivirus software.But it has expired few months ago.I never realized that. will buy another one asap.

The main problem is missing taskbar and desktop since two weeks.no right click either.If I do ctrl-alt-del and use the file/run option and type in explorer, for a brief second explorer loads, the taskbar appears and then immediately explorer closes and nothing. Just the wallpaper.Same problem in safe mode
too.Internet explorer dont work either.

So far these things I have done besides whatever wannabe1 had suggested me to do.

** http://www.kellys-korner-xp.com/taskbarplus!.htm
** ftp://ftp.f-secure.com/anti-virus/tools/shellfix.reg but it couldnt import this file.
** tried with fixo.exe
** I have open new account,but same this happens there

Thanks
Reena

Edited by reena, 09 June 2006 - 01:52 PM.

  • 0

#4
rambro

rambro

    Member 1K

  • Member
  • PipPipPipPip
  • 1,383 posts
Dear reena, :whistling:

Forget about the new account you created.

Just make sure your old account that you are logged on to has "administrator" privileges.
***************************

Try these two things to try to get your desktop back.
  • Go to start -> Settings -> Control Panel -> double click on "Display". A "Display properties" dialog box should open up. Click on the "Desktop" Tab, click on the "Customize Desktop" button, click on the "Web" tab. Remove the check marks from any items listed in the "Web pages" box. Make sure that "Lock desktop items" is unchecked as well. Hit OK twice. See the following link: http://www.daniweb.c...hread13221.html

  • Go to start -> Settings -> Control Panel -> double click on "Display". Go to the "Themes" tab and in the "Theme" drop-down list box, choose either "Windows Classic" theme or "Windows XP" theme. Then press the "OK" button.
Let me know in detail if the above steps get your desktop back for you. :blink:

rambro :help:

Edited by rambro, 09 June 2006 - 05:25 PM.

  • 0

#5
reena

reena

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Hi Rambro,

My start menu is disable so I did open display property box by running file 'desk.cpl" .I clicked on the "Desktop" Tab---- "Customize Desktop" button, .But there is no "web" tab there.Infact, there is only one tab"general" is there..So i was unable to do further.

And yeah, I do have "administrator" privileges on my account.
Please let me know what to do further.

Thanks
Reena
  • 0

#6
rambro

rambro

    Member 1K

  • Member
  • PipPipPipPip
  • 1,383 posts
Dear reena, :whistling:

Did you try this part of the previous post?

Go to start -> Settings -> Control Panel -> double click on "Display". Go to the "Themes" tab and in the "Theme" drop-down list box, choose either "Windows Classic" theme or "Windows XP" theme. Then press the "OK" button.


rambro :blink:
  • 0

#7
reena

reena

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Hi Rambro,
I did try for second part.But couldnt get back my desktop and taskbar.

thanks
Reena
  • 0

#8
rambro

rambro

    Member 1K

  • Member
  • PipPipPipPip
  • 1,383 posts
Dear reena, :whistling:

Let us see if we can get your "taskbar" back through a registry edit.

Dear reena, I would like you to edit your "registry settings", but before you do that, I want you to make a back up copy of your "registry" in case something goes wrong. Here is how this is done:

Back up your current registry

1) Click on the Start button.

2) From the menu that appears, choose Run.

3) In the window that appears, there is a text area labeled Open. In that area, type "regedit" (without the quotation marks").

4) Click the OK button (or hit the Enter or Return key on your keyboard).

5) The Registry Editor window should open.

6) If My Computer is not highlighted, click on it once so that it is highlighted.

7) On the menu bar, click on Registry and then click on Export Registry File.

8) The Export Registry File window will appear. In the Save In drop-down box at the top, choose Desktop.

9) In the File Name box at the bottom, type "backup" (without the quotation marks), then click the Save button.

10) A backup copy of the entire registry will now be saved to your desktop in case something goes wrong.

Notes:

* To restore the registry from the backup file you made, follow the same steps as above, but in step 2 choose Import Registry File instead of Export Registry File. Or, alternatively, you could double-click on the backup file on the desktop and answer Yes when it asks if you want to import the information into the registry.
* Once you've made changes to the registry and you are sure that you no longer need the backup file you made, simply delete it from the desktop.

See the following link: http://helpdesk.umd....ndows_2000/555/. Pay attention to the following sections: Starting the Registry Editor and Backing Up the Registry.
**************************

Edit your registry

Go to the following link and click on it to open it up: http://www.kellys-ko...taskmanager.reg

Then from either your Internet Explorer browser or Mozilla FireFox browser, I want you to save this file to your "desktop" and save it as "taskmanager.reg".

Dear reena, you are basically creating a .reg file and saving it to your desktop.

Once the "taskmanager.reg" file is created on your desktop, go to your desktop, double-click on taskmanager.reg, and click Yes to merge it with the registry.

Restart your computer and then please post a new HijackThis log.

In addition, let me know in detail how your computer system is running after performing the above steps. :blink:

Let me know in detail if you get your "taskbar" back.

Dear reena, since you have limited or no Internet access, you might have to go to a good computer, burn the file on to a CD and take the CD to the infected computer in question and perform the steps in this post.

Good Luck!!! :help:
  • 0

#9
reena

reena

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Hi Rambro,

Thanks for your answer.

I have tried for edit registry through "http://www.kellys-ko...skmanager.reg". but havent changed anything. taskbar comes and stays only for a brieft second.
here is my HijackThis log


Logfile of HijackThis v1.99.1
Scan saved at 10:20:34 AM, on 6/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Ashish\Desktop\HijackThis.exe

N4 - Mozilla: user_pref("browser.startup.homepage", "http://home.netscape.com/"); (C:\Documents and Settings\Ashish\Application Data\Mozilla\Profiles\default\3csd7o5w.slt\prefs.js)
N4 - Mozilla: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Ashish\Application Data\Mozilla\Profiles\default\3csd7o5w.slt\prefs.js)
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [Windows Registry Repair Pro] D:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4

Thanks
Reena
  • 0

#10
rambro

rambro

    Member 1K

  • Member
  • PipPipPipPip
  • 1,383 posts
Dear reena, :whistling:

Lets get a couple of things straight here.

1. Do me a favor and only listen to and execute my instructions, since I am the one who working on your thread.

2. Don't add any new software to your computer system while we are trying to get rid of the spyware from your computer.

The following line: O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

This entry is not malware, but actually causing your computer to boot in "Selective Startup". This generally indicates that a user has disabled some of the startup items. In order to have the best view of your system's current status, we will need to disable Selective Startup. Please open msconfig and select the "Normal" startup option, then allow the machine to reboot. (Note: To get to the "System Configuration Utility" dialog box, go to start -> run -> type "msconfig" (without the quotes), the "Normal" startup option should be in the "General" tab. )

Please restart your computer and then post a new HijackThis log. :blink:

Look, I basically have a number of steps set up for you to do, so if one set of instructions don't work, I will try to give you another set of instructions to execute, untill we find a solution to your problem.

rambro :help:
  • 0

Advertisements


#11
reena

reena

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Hi Rambro,
Sorry about that. My husband was trying to fix something for his job. so anyway , I will let him know not to install any new software untill everything seems ok.
Here is my HijackThis log
Logfile of HijackThis v1.99.1
Scan saved at 12:42:37 PM, on 6/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Ashish\Desktop\HijackThis.exe
D:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
D:\Program Files\ewido anti-malware\ewidoctrl.exe
D:\Program Files\ewido anti-malware\ewidoguard.exe
C:\mysql\bin\mysqld-nt.exe
D:\Program Files\Remote Task Manager\RTMService.exe
D:\Program Files\Spyware Doctor\sdhelp.exe
D:\PROGRA~1\Serv-U\ServUDaemon.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe

F3 - REG:win.ini: load=??? ??? ??? ? ? ??
N4 - Mozilla: user_pref("browser.startup.homepage", "http://home.netscape.com/"); (C:\Documents and Settings\Ashish\Application Data\Mozilla\Profiles\default\3csd7o5w.slt\prefs.js)
N4 - Mozilla: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Ashish\Application Data\Mozilla\Profiles\default\3csd7o5w.slt\prefs.js)
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - D:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - D:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [{2CF0B992-5EEB-4143-99C0-5297EF71F444}] rundll32.exe C:\WINDOWS\System32\stlbdist.DLL,DllRunMain
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
O4 - HKLM\..\Run: [ZHRMWEO] C:\WINDOWS\ZHRMWEO.exe
O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
O4 - HKLM\..\Run: [winsync] C:\WINDOWS\system32\dsxddk.exe reg_run
O4 - HKLM\..\Run: [WinStart001.EXE] C:\WINDOWS\System\WinStart001.EXE -b
O4 - HKLM\..\Run: [Windows Defender] "D:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [windows auto update] msblast.exe
O4 - HKLM\..\Run: [WindowEnhancer] "C:\Program Files\winex\v2\winex.EXE" /U
O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - HKLM\..\Run: [WhenUSearchWHSE] "D:\Program Files\WhenUSearch\whse.exe"
O4 - HKLM\..\Run: [WhenUSearch] "D:\Program Files\WhenUSearch\Search.exe"
O4 - HKLM\..\Run: [WebTrapNT.exe] "C:\Program Files\Trend Micro\PC-cillin 2000\WebTrapNT.exe"
O4 - HKLM\..\Run: [WebScan] C:\PROGRA~1\ACCELE~1\ANTI-V~1\DEFSCA~1.EXE -k
O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe"
O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [VVSN] D:\Program Files\VVSN\VVSN.exe
O4 - HKLM\..\Run: [ViewMgr] D:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [vidctrl] C:\WINDOWS\system32\vidctrl\vidctrl.exe
O4 - HKLM\..\Run: [vdtmetpuuxpl] C:\WINDOWS\System32\ivhykbxx.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [UpdateStats] C:\Program Files\Media\Media\UpdateStats.exe
O4 - HKLM\..\Run: [Uninstall0002] "C:\Program Files\Common Files\Totem Shared\Uninstall0002\upd.exe" LASTCALL!adverts.stripsaver.com!StatsStripSaver
O4 - HKLM\..\Run: [Uninstall0001] "C:\Program Files\Common Files\Totem Shared\Uninstall0001\upd.exe" LASTCALL!adverts.stripsaver.com!StatsStripSaver
O4 - HKLM\..\Run: [uivefig] c:\windows\system32\tfjvqdq.exe
O4 - HKLM\..\Run: [tvs_b] C:\program files\tvs\tvs_b.exe
O4 - HKLM\..\Run: [tsvcin] C:\WINDOWS\system32\n20050308.EXE
O4 - HKLM\..\Run: [Tracker] D:\Program Files\MySoftware\MyInvoices\tracker.exe
O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe"
O4 - HKLM\..\Run: [THGuard] "D:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [TB_setup] C:\DOCUME~1\Ashish\LOCALS~1\Temp\tb_setup.exe /dcheck
O4 - HKLM\..\Run: [SWN2] D:\Program Files\Spyware Nuker\swnxt.exe /h
O4 - HKLM\..\Run: [svdqhlcfmxjx] C:\WINDOWS\System32\ivhykbxx.exe
O4 - HKLM\..\Run: [STOPzilla] D:\Program Files\STOPzilla!\STOPzilla.exe /install={0D3939DF-923C-4B4A-AB80-B0C1762A8BC4} /uilevel=3 /inithp=
O4 - HKLM\..\Run: [starmxn] c:\windows\system32\htolxdf.exe
O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\SpyHunter\SpyHunter.exe
O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\Ashish\LOCALS~1\Temp\se.dll,DllInstall
O4 - HKLM\..\Run: [SmcService] D:\PROGRA~1\Juniper\NETSCR~1\Sygate\smc.exe -startgui
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [SBHC] C:\Program Files\SuperBar\sbhc.exe
O4 - HKLM\..\Run: [SaveNow] C:\Program Files\SaveNow\SaveNow.exe
O4 - HKLM\..\Run: [RunWindowsUpdate] C:\WINDOWS\uptodate.exe
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load
O4 - HKLM\..\Run: [rrogjno] c:\windows\system32\cdfncyq.exe
O4 - HKLM\..\Run: [RegRun WinBait] C:\WINDOWS\winbait.exe
O4 - HKLM\..\Run: [qwvdxeh] c:\windows\system32\ngnjibv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [quffjh] c:\windows\system32\oazzpd.exe
O4 - HKLM\..\Run: [PromulGate] "C:\Program Files\DelFin\PromulGate\PgMonitr.exe"
O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2000\Pop3trap.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] D:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [OSS] c:\windows\system32\rlvknlg.exe -boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nsvduv] C:\WINDOWS\System32\ivhykbxx.exe
O4 - HKLM\..\Run: [Nsv] C:\WINDOWS\system32\nsvsvc\nsvsvc.exe
O4 - HKLM\..\Run: [Norton Program Scheduler Event Checker] C:\PROGRA~1\Navnt\npscheck.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 D:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [ncsdguw] c:\windows\system32\hpvbdfr.exe
O4 - HKLM\..\Run: [navapp] C:\Program Files\NavExcel\NavHelper\v2.0.4d\navapp.exe
O4 - HKLM\..\Run: [mswspl] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [msbb] C:\WINDOWS\msbb.exe
O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\NDetect.exe
O4 - HKLM\..\Run: [MediaLoads Installer] "C:\Program Files\DownloadWare\dw.exe" /H
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [LSPFix] C:\Program Files\Common Files\eAcceleration\LSPfix\LSPmonitor.exe normal
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [KeenValue] C:\Program Files\Common files\KeenValue\KeenValue.exe
O4 - HKLM\..\Run: [KaZooM] C:\Program Files\Blue Haven Media\KaZooM\KaZooM.exe
O4 - HKLM\..\Run: [KAZAA] C:\Program Files\KaZaA\Kazaa.exe /SYSTRAY
O4 - HKLM\..\Run: [KavSvc] C:\WINDOWS\system32\nplanr.exe reg_run
O4 - HKLM\..\Run: [jkrmnxp] C:\WINDOWS\System32\ivhykbxx.exe
O4 - HKLM\..\Run: [iymheyx] c:\windows\system32\wpayhqu.exe
O4 - HKLM\..\Run: [ivhykbxx] c:\windows\system32\ivhykbxx.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [intdctrr] C:\WINDOWS\System32\idctup20.exe
O4 - HKLM\..\Run: [IEDriver] C:\WINDOWS\System32\IEDriver\IEDriver.exe
O4 - HKLM\..\Run: [HP Software Update] "D:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "D:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [FlaCPY] "c:\Program Files\Common Files\Java\flacpy.exe"
O4 - HKLM\..\Run: [fhnbcxg] c:\w32\mtptt?????????
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [emsw.exe] C:\WINDOWS\emsw.exe
O4 - HKLM\..\Run: [eMailEncryption] C:\PROGRA~1\ACCELE~1\VELOZD~1\velozsys.exe runstart
O4 - HKLM\..\Run: [ebobkd] c:\dows\syste????????
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker0] "C:\Program Files\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker0.exe"
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker] wjview /cp:p "C:\Program Files\EbatesMoeMoneyMaker\System\Code" Main lp: "C:\Program Files\EbatesMoeMoneyMaker"
O4 - HKLM\..\Run: [eanth_critical_update_alert] C:\PROGRA~1\ACCELE~1\SYSTEM~1\sys_alert.exe /Startup
O4 - HKLM\..\Run: [EanthologyApp] C:\PROGRA~1\COMMON~1\EACCEL~1\EANTHO~1.EXE /b Startup
O4 - HKLM\..\Run: [dydeshare.exe] C:\WINDOWS\System32\dydeshare.exe
O4 - HKLM\..\Run: [dsqfifqz] C:\WINDOWS\System32\ivhykbxx.exe
O4 - HKLM\..\Run: [CMSMHOST] D:\Program Files\Cloudmark\Anti-Fraud Toolbar\IE\cmsmhost.exe /Server
O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [ClamWin] "D:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [checkrun] C:\windows\system32\elitecwy32.exe
O4 - HKLM\..\Run: [Blubster] C:\Program Files\Blubster\Blubster.exe SILENT
O4 - HKLM\..\Run: [Bargains] C:\Program Files\Bargain Buddy\bin\bargains.exe
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [@RegRunOnSecure] D:\PROGRA~1\Greatis\REGRUN~1\OnSecure.exe
O4 - HKLM\..\Run: [4X@95ME57C5BM8] C:\WINDOWS\System32\Geke3L.exe
O4 - HKLM\..\Run: [0BaDC] C:\WINDOWS\hfelxcfq.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [Windows Registry Repair Pro] D:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4
O4 - HKCU\..\Run: [Spyware Doctor] "D:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [WeatherCast] C:\Program Files\WeatherCast\Weather.exe /q
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
O4 - HKCU\..\Run: [Ugtlbkye] C:\WINDOWS\system32\??stem\javaw.exe
O4 - HKCU\..\Run: [Tukati:4] C:\Program Files\Tukati\Redistributor\4\TukatiRedistributor.exe -r:4 -x:2
O4 - HKCU\..\Run: [TimeLeft] D:\Program Files\TimeLeft\timeleft.exe
O4 - HKCU\..\Run: [The Easy Bee's Hive] D:\Program Files\Altercept\TheEasyBee Free\Binaries\ATCEgSvr.exe -logon
O4 - HKCU\..\Run: [SwiftToDoList] D:\Program Files\Swift To-Do List\Swift To-Do List.exe minimized
O4 - HKCU\..\Run: [Sticky Pad] C:\Program Files\StickyPad\StickyPad.exe
O4 - HKCU\..\Run: [SpyBlocs] C:\Program Files\eBlocs\SpyBlocs\GLFAA.exe
O4 - HKCU\..\Run: [SoniqueQuickStart] C:\Program Files\Sonique\sqstart.exe -nostick
O4 - HKCU\..\Run: [shimgvw] C:\WINDOWS\System32\shimgvw.exe
O4 - HKCU\..\Run: [ServUTrayIcon] D:\PROGRA~1\Serv-U\SERVUT~1.EXE
O4 - HKCU\..\Run: [rtutils] C:\WINDOWS\System32\rtutils.exe
O4 - HKCU\..\Run: [Reminder] C:\Program Files\Microsoft Money\System\reminder.exe
O4 - HKCU\..\Run: [Regrun2] D:\PROGRA~1\Greatis\REGRUN~1\WatchDog.exe
O4 - HKCU\..\Run: [RediffBOL] C:\Program Files\rediff.com\messenger\Bol.exe hide
O4 - HKCU\..\Run: [PlaxoUpdate] D:\Program Files\Plaxo\2.6.2.9\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [News Alert] C:\Program Files\MSNBC\Alert\NEWSALRT.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Iinl] C:\Program Files\sami\emia.exe
O4 - HKCU\..\Run: [HXIUL.EXE] C:\Program Files\Alset\HelpExpress\Ashish\HXIUL.EXE
O4 - HKCU\..\Run: [HELPEXP.EXE] C:\Program Files\Alset\HelpExpress\Ashish\Client\HelpExp.exe
O4 - HKCU\..\Run: [Grubclient] C:\Program Files\Grubclient\grubgui.exe /s
O4 - HKCU\..\Run: [GoToMeeting] D:\Program Files\Citrix\GoToMeeting\127\g2mstart.exe
O4 - HKCU\..\Run: [FileFreedom_Plugin] C:\Program Files\FileFreedom\wtm.exe
O4 - HKCU\..\Run: [eZmmod] C:\PROGRA~1\ezula\mmod.exe
O4 - HKCU\..\Run: [DW4] "D:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - HKCU\..\Run: [Crammer] C:\Program Files\crammerCrammer.exe
O4 - HKCU\..\Run: [ClockSync] C:\Program Files\ClockSync\Sync.exe /q
O4 - HKCU\..\Run: [Cacheman] D:\PROGRA~1\Cacheman\Cacheman.exe
O4 - HKCU\..\Run: [Babylon Translator] C:\Program Files\Babylon\Babylon.exe
O4 - HKCU\..\Run: [Active Desktop Calendar] D:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - Startup: BonziBUDDY.lnk = C:\Program Files\BonziBUDDY\BonziBDY.EXE
O4 - Startup: Konfabulator.lnk = D:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
O4 - Startup: LetMeType.lnk = D:\Program Files\LetMeType\default.lmt
O4 - Startup: LimeWire On Startup.lnk = D:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: PowerPro.lnk = C:\Program Files\PowerPro\powerpro.exe
O4 - Startup: QClip.lnk = D:\Program Files\QClip\qclip.exe
O4 - Startup: WinMySQLadmin.lnk = C:\mysql\bin\winmysqladmin.exe
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: 1.pl
O4 - Global Startup: 3DNA Desktop.lnk = C:\Program Files\3DNA\Resources\3dnasys.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
O4 - Global Startup: Desktop Search.lnk = C:\Program Files\Jeeves\Jeeves.exe
O4 - Global Startup: fishing.bat
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: KeenValue.lnk = C:\Program Files\Common Files\KeenValue\keenvalue.exe
O4 - Global Startup: MarketBrowser.lnk = C:\Program Files\MarketBrowser\lmt\mktbrws.exe
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: NetScreen-Remote.lnk = D:\Program Files\Juniper\NetScreen-Remote\SafeCfg.exe
O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = C:\Program Files\Navnt\navapw32.exe
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
O4 - Global Startup: Real-time Monitor.lnk = ?
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O4 - Global Startup: wincapper.com
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.01.0000.2217\en-us\bin\WindowsSearch.exe
O4 - Global Startup: winreg2.bat
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O23 - Service: Apache - Unknown owner - C:\Program Files\Apache Group\Apache\Apache.exe" --ntservice (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - D:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Imapi Helper - Alex Feinman - D:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Task Manager service (RTM) - Unknown owner - D:\Program Files\Remote Task Manager\RTMService.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - D:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Serv-U FTP Server (Serv-U) - Cat Soft - D:\PROGRA~1\Serv-U\ServUDaemon.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - D:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

thanks
Reena
  • 0

#12
rambro

rambro

    Member 1K

  • Member
  • PipPipPipPip
  • 1,383 posts
Dear reena, :whistling:

Let me tell you what is going on with your computer system. Basically your computer system is loaded with spyware!!!

It will probably take me a couple of day to analyze your HijackThis log. However, I want to try this approach and see if it will work. I will give you instructions on how to generate a "Add/Remove Software list" log using your HijackThis applcation. Then I will tell you what applications to uninstall, then I will have you re-run your HijackThis application and post another HijackThis log. Therefore I would like you to do the following:

I would like you to generate a "Add/Remove Software list" log using the HijackThis application. Here is how you can do this:

Restart your computer.
  • Open Hijackthis, In the lower right corner click the "Config..." (Configuration) button.
  • Once in the "Configuration" panel, click "Misc Tools" button.
  • Then click the "Open Uninstall Manager..." button.
  • The "Add/Remove Programs Manager" panel should appear.
  • In this panel click the "Save list" button.
  • Save the "uninstall_list.txt" file to its default location.
  • Then copy and paste the notepad text that appears in the generated "unistall_list.txt" file in a reply to this post.

  • 0

#13
reena

reena

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Hi Rambro,
Here is the contains of Unistall_list.txt file.
Acoustica MP3 CD Burner
ActivePerl 5.6.1 Build 633
ActivePerl 5.8.7 Build 813
Ad-Aware SE Personal
Adobe Download Manager 2.0 (Remove Only)
Adobe Photoshop 6.0
Adobe Photoshop Album 2.0 Starter Edition
Adobe Photoshop Elements
Adobe Product/Adobe Studio Update 10/2001
Adobe Reader 7.0.7
Adobe SVG Viewer 3.0
AlphaZIP [Trial]
AnalogX DLLArchive
Apache HTTP Server 1.3.33
Arena 1.08
Arles Image Web Page Creator 6.1.7
avast! Antivirus
Bazooka Spyware Scanner
Beat Monitor 2.0.0
BitTorrent 4.2.0
Bug Doctor 3.0.3.8
Cacheman 5.50
Celestia 1.3.2
Cisco Systems VPN Client 4.8.00.0440
ClamWin Free Antivirus 0.88.1
CleanUp!
ClocX (1.5b1)
Cloudmark Anti-Fraud Toolbar for Microsoft Internet Explorer
CONCEPT X7
Cryn - The Dark Reflection
Data Access Objects (DAO) 3.0
DefragMentor Lite 1.0
Democracy Player 0.8.0
DFX for Windows Media Player
Diary Defender
DigitalPrint 1.1
DivX 5.0.2 Pro Bundle
DVgate
Easy Calendar Maker Eval
eMusic - 100 Free MP3 offer
Enigma
EPSON Printer Software
ESM
ewido anti-malware
Experience VAIO
Far Manager v1.70
FeedReader
FireAnt RC1
FireStorm CD & DVD
Flock Developer Preview - 0.5pre
Forge Of Fate
FreeMind
FreshUI
GenealogyJ 2.3.2
GenoPro
GMail Drive Shell Extension
GNU Ghostscript Fonts
Google Gmail Notifier
Google Toolbar for Internet Explorer
Graphviz
GSview 4.4
GTK+ 1.3.0-20030717-1 runtime environment
Helexis Ads Filter
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 1.99.1
HijackThis 1.99.1
Holding Pattern Screen Saver
Home Improvement 1-2-3
Hotfix for Windows XP (KB915865)
HP Image Zone 3.5
HP PSC & OfficeJet 3.5
hp psc 1310 series
HP Software Update
iabc_0.7
ImageStation
Infowalker
InterChess 2.43
Invisible IRC Proxy (Remove only)
iPod for Windows 2005-03-23
ISO Recorder
iTunes
Java 2 Runtime Environment Standard Edition v1.3.1_01
Java 2 Runtime Environment, SE v1.4.0
Java 2 Runtime Environment, SE v1.4.1
Java 2 Runtime Environment, SE v1.4.2
Java 2 Runtime Environment, SE v1.4.2_01
Java 2 SDK, SE v1.4.1
Java 3D 1.3.1 (DirectX) Runtime
Java Web Start
KDE PIM 2.2.3
Keyboard Layout Manager 32 bit
kiki the nanobot 0.9.2
K-Lite Mega Codec Pack 1.53
Lake Scenes Screen Saver
Lernout & Hauspie TruVoice American English TTS Engine
LetMeType
LimeWire 4.9.37
LiveUpdate
Lucent Technologies Soft Modem AMR
Macromedia Flash 5
Macromedia Shockwave Player
MateMaster 1.5
MateMaster 1.5 (C:\Program Files\MateMaster 1.5\)
Microsoft .NET Framework 1.1
Microsoft Data Access Components KB870669
Microsoft Excel Viewer 97
Microsoft Money 2006
Microsoft Office
Microsoft Office Excel Viewer 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft PowerPoint Viewer 97
Microsoft Project 98
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visio Professional 2002 SR-1 [English]
Microsoft Visio Viewer 2002
Microsoft Visual C++
Microsoft Windows Journal Viewer
Microsoft Windows Logo
milkbone (remove only)
MineSweeper3D (remove only)
mIRC
Ml_Icons 0.3
Motion JPEG Software Decoder
MovieShaker 3.3
Mozilla Firefox (1.5.0.4)
Mozilla Sunbird 0.3a1
Mozilla Thunderbird (1.5.0.2)
MP3 CD Converter 4.00
MP3 CD Maker
MP3 HTML Generator 3.08
MSDE
MSN Music Assistant
MSXML 4.0
MSXML 4.0
Music Visualizer Library
My IPs
MyInvoices & Estimates Deluxe
MySQL Server 5.0
MySQL Servers and Clients 3.23.52
MySQL-Front 2.4
Netscape Browser (remove only)
NetScreen Remote Login
newLISP (remove only)
News Alert
NoteWorthy Composer
NuParadigm RSS Screensaver
NVIDIA Windows 2000/XP Display Drivers
Nvu 1.0
ObjectDock
Opera 9.0
PaintBuster
Panda ActiveScan
PCMT 0.10
PDF-XChange 3.0
PE Builder 3.1.10a
PersonalBrain 3.0
PersonalBrain Exporter
PHP 4.3.9
Picasa 2
PicoPlayerSplashScreen
Plaxo Toolbar for Outlook and Outlook Express
PowerDVD
PowerPro (remove only)
Python 2.3.2
QClip (remove only)
QuickTime
QuickVCD Player v3.0
Quotables Screensaver
Radio@Netscape
ReadPlease 2002/ReadPlease PLUS 2002
RealPlayer
RealProducer Basic 8.5
ReasonAble
RegistryFix v5.5
RegRun Security Suite Gold
Remote Task Manager
RGBoid 1.0
Robosapien Dance Machine 1.0
Robosapien Dance Machine 2.2.1.4
Ruby 1.8.1-13 (uninstall)
SC UniPad 1.10
Scid 3.6.1
Screenblast ACID 2.0a
Screenblast Sound Forge 1.0b
Screensaver_nightnight_PC
SDL_Perl (remove only)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Serv-U
Shareaza v1.8
Shockwave
SiS Audio Driver
SiS Compatible VGA V2.07f.01
Slickr
Sonic's Beatnik Player
SonicStage 1.2.00
SonicStage CD-R Writing Module
SonicStage Simple Burner 1.0
Sonique
Sony Certificate PCH
Sony DV Shared Library
Spid the Spider
Spybot - Search & Destroy 1.4
Spyware Doctor 3.8
StartUp Manager
Stellarium 0.7.1
Support Actions Win2K,WinXP
Swift To-Do List 3.00
Synapse Media Player
TanGo
Taskman
TaxACT 2003
TaxACT 2004
TaxCut Deluxe 2005
Teachmaster 3.3
TeenPattiPartyNET
Teleport Pro
TextPad 4.6
The GIMP 1.2.5-20030729-1
The Jazz Midi Sequencer
tinySpell 1.3
Total Recorder 4.3
Total Video Converter 2.52
Trellian LiveUpgrade v2.0
Trellian Toolbar v1.05
TrojanHunter 4.5
True Sword
TuneUp Utilities 2006
Tweak UI
UControl Scan and Remove
UltraVNC v1.0.1
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB900930)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
UrduPlugin
VAIO Action Setup
VAIO Brezza Wallpaper
VAIO Clock Screen Saver
VAIO Grid Wallpaper
VAIO Help & Support
VAIO Registration
VAIO Serenus Wallpaper
VAIO Support
VAIO System Information
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar (Remove Only)
Visual Music
WAtomic 1.2
Weather Services
Web Screen Saver
WebDummy! v3.0
WebGUI
Webshots!
WebSite-Watcher
Winamp (remove only)
WinCvs 1.2
Windows Defender
Windows Defender Signatures
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 9 Hotfix [See KB885492 for more information]
Windows Registry Repair Pro
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888162
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver
WinZip
WordPerfect Office 2002 OEM
WordWeb
XEmacs
X-VCD Player
Yahoo! extras
Yahoo! Go for TV 0.1.34
Yahoo! Login
Yahoo! Messenger
Yahoo! Messenger Explorer Bar
Yahoo! Toolbar
YAPC


Thanks
Reena
  • 0

#14
rambro

rambro

    Member 1K

  • Member
  • PipPipPipPip
  • 1,383 posts
Dear reena, :whistling:

Looking at the "Add/Remove Software list" log from your previous post, please uninstall the following programs through your "Add or Remove" programs via your control panel:

AlphaZIP [Trial]
avast! Antivirus
Bazooka Spyware Scanner
Bug Doctor 3.0.3.8
Cacheman 5.50
ClamWin Free Antivirus 0.88.1
LimeWire 4.9.37
LiveUpdate
QuickTime
RegRun Security Suite Gold
Screenblast ACID 2.0a
Screenblast Sound Forge 1.0b
Spid the Spider
True Sword
UControl Scan and Remove
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar (Remove Only)
Windows Defender
Windows Defender Signatures

********************************************

Dear reena, is it really necessary that you have to have all those programs in your add or remove programs?

Is their any programs in your Add or Remove programs that you don't use and you can uninstall?

Is it necessary for you to have mulitple programs that basically do the same thing or perform the say function?

Is it necessary that you have to have those multiple screen saver programs, ftp programs, registry fix programs, game programs (chess), computer repair programs, grammer and vocabulary checking programs?

It looks like that you might be a "Web designer or Web developer" from looking at some of the programs on your computer system, however, please try to reduce the number of programs you don't use in your Add or Remove programs in your control panel.
***************************

Since I had you delete your mulitple antivirus software programs and mulitple antispyware programs on your computer system (you only need one of each, plus one good firewall program). I want you to install one "free" antivirus program and run it to see if you can clear some of the spyware from your computer system. I will now provide you with the following information:

Since I had you uninstall your antivirus programs, AVG makes an excellent free antivirus client, as do AntiVir or avast!.
I suggest you install and run one of these anitivirus software programs.

Here are the steps you should take to install your new antivirus software:1. Create a folder on your desktop and name it "Antivirus"
2. Download the .exe or .zip file to this folder but do not run the executable or zip files respectively at this time.
3. Restart your computer, without connecting to the "Internet".
4. Uninstall your old antivirus software through the "Add/Remove" programs via your Control Panel.
5. Install your new antivirus software, without connecting to the "Internet".
6. Restart your computer and re-connect to the "Internet" and run your new antivirus software and fix anything it finds (i.e. in your case, if you cannot connect to the Internet through your browser, run your new antivirus software anyway and fix anything it finds).
Restart your computer and then please post a new HijackThis log.

In addition, let me know in detail how your computer system is running after performing the above steps. :blink:
  • 0

#15
reena

reena

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Hi Rambro,

I have deleted programs that you have suggested and some more too.I did install AVG antivirus software,the way you have discribed. But couldnt get back my desktop and taskbar.

Here is my HijackThis log,after scanning with AVG.

Logfile of HijackThis v1.99.1
Scan saved at 11:20:43 AM, on 6/15/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Apache Group\Apache\Apache.exe
D:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Apache Group\Apache\Apache.exe
D:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
D:\Program Files\ewido anti-malware\ewidoctrl.exe
D:\Program Files\ewido anti-malware\ewidoguard.exe
C:\mysql\bin\mysqld-nt.exe
D:\PROGRA~1\Serv-U\ServUDaemon.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Yahoo!\Messenger\YPager.exe
D:\Program Files\Netscape\Netscape Browser\netscape.exe
C:\Documents and Settings\Ashish\Desktop\HijackThis.exe

F3 - REG:win.ini: load=??? ??? ??? ? ? ??
N4 - Mozilla: user_pref("browser.startup.homepage", "http://home.netscape.com/"); (C:\Documents and Settings\Ashish\Application Data\Mozilla\Profiles\default\3csd7o5w.slt\prefs.js)
N4 - Mozilla: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Ashish\Application Data\Mozilla\Profiles\default\3csd7o5w.slt\prefs.js)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [{2CF0B992-5EEB-4143-99C0-5297EF71F444}] rundll32.exe C:\WINDOWS\System32\stlbdist.DLL,DllRunMain
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
O4 - HKLM\..\Run: [ZHRMWEO] C:\WINDOWS\ZHRMWEO.exe
O4 - HKLM\..\Run: [winsync] C:\WINDOWS\system32\dsxddk.exe reg_run
O4 - HKLM\..\Run: [WinStart001.EXE] C:\WINDOWS\System\WinStart001.EXE -b
O4 - HKLM\..\Run: [windows auto update] msblast.exe
O4 - HKLM\..\Run: [WindowEnhancer] "C:\Program Files\winex\v2\winex.EXE" /U
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - HKLM\..\Run: [WhenUSearchWHSE] "D:\Program Files\WhenUSearch\whse.exe"
O4 - HKLM\..\Run: [WhenUSearch] "D:\Program Files\WhenUSearch\Search.exe"
O4 - HKLM\..\Run: [WebTrapNT.exe] "C:\Program Files\Trend Micro\PC-cillin 2000\WebTrapNT.exe"
O4 - HKLM\..\Run: [WebScan] C:\PROGRA~1\ACCELE~1\ANTI-V~1\DEFSCA~1.EXE -k
O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe"
O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [VVSN] D:\Program Files\VVSN\VVSN.exe
O4 - HKLM\..\Run: [vidctrl] C:\WINDOWS\system32\vidctrl\vidctrl.exe
O4 - HKLM\..\Run: [vdtmetpuuxpl] C:\WINDOWS\System32\ivhykbxx.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [UpdateStats] C:\Program Files\Media\Media\UpdateStats.exe
O4 - HKLM\..\Run: [Uninstall0002] "C:\Program Files\Common Files\Totem Shared\Uninstall0002\upd.exe" LASTCALL!adverts.stripsaver.com!StatsStripSaver
O4 - HKLM\..\Run: [uivefig] c:\windows\system32\tfjvqdq.exe
O4 - HKLM\..\Run: [tvs_b] C:\program files\tvs\tvs_b.exe
O4 - HKLM\..\Run: [tsvcin] C:\WINDOWS\system32\n20050308.EXE
O4 - HKLM\..\Run: [Tracker] D:\Program Files\MySoftware\MyInvoices\tracker.exe
O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe"
O4 - HKLM\..\Run: [THGuard] "D:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [TB_setup] C:\DOCUME~1\Ashish\LOCALS~1\Temp\tb_setup.exe /dcheck
O4 - HKLM\..\Run: [SWN2] D:\Program Files\Spyware Nuker\swnxt.exe /h
O4 - HKLM\..\Run: [svdqhlcfmxjx] C:\WINDOWS\System32\ivhykbxx.exe
O4 - HKLM\..\Run: [starmxn] c:\windows\system32\htolxdf.exe
O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\SpyHunter\SpyHunter.exe
O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\Ashish\LOCALS~1\Temp\se.dll,DllInstall
O4 - HKLM\..\Run: [SmcService] D:\PROGRA~1\Juniper\NETSCR~1\Sygate\smc.exe -startgui
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [SBHC] C:\Program Files\SuperBar\sbhc.exe
O4 - HKLM\..\Run: [SaveNow] C:\Program Files\SaveNow\SaveNow.exe
O4 - HKLM\..\Run: [RunWindowsUpdate] C:\WINDOWS\uptodate.exe
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load
O4 - HKLM\..\Run: [rrogjno] c:\windows\system32\cdfncyq.exe
O4 - HKLM\..\Run: [qwvdxeh] c:\windows\system32\ngnjibv.exe
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [quffjh] c:\windows\system32\oazzpd.exe
O4 - HKLM\..\Run: [PromulGate] "C:\Program Files\DelFin\PromulGate\PgMonitr.exe"
O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2000\Pop3trap.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] D:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [OSS] c:\windows\system32\rlvknlg.exe -boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nsvduv] C:\WINDOWS\System32\ivhykbxx.exe
O4 - HKLM\..\Run: [Nsv] C:\WINDOWS\system32\nsvsvc\nsvsvc.exe
O4 - HKLM\..\Run: [Norton Program Scheduler Event Checker] C:\PROGRA~1\Navnt\npscheck.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 D:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [ncsdguw] c:\windows\system32\hpvbdfr.exe
O4 - HKLM\..\Run: [navapp] C:\Program Files\NavExcel\NavHelper\v2.0.4d\navapp.exe
O4 - HKLM\..\Run: [mswspl] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [msbb] C:\WINDOWS\msbb.exe
O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\NDetect.exe
O4 - HKLM\..\Run: [MediaLoads Installer] "C:\Program Files\DownloadWare\dw.exe" /H
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [LSPFix] C:\Program Files\Common Files\eAcceleration\LSPfix\LSPmonitor.exe normal
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [KeenValue] C:\Program Files\Common files\KeenValue\KeenValue.exe
O4 - HKLM\..\Run: [KaZooM] C:\Program Files\Blue Haven Media\KaZooM\KaZooM.exe
O4 - HKLM\..\Run: [KavSvc] C:\WINDOWS\system32\nplanr.exe reg_run
O4 - HKLM\..\Run: [jkrmnxp] C:\WINDOWS\System32\ivhykbxx.exe
O4 - HKLM\..\Run: [iymheyx] c:\windows\system32\wpayhqu.exe
O4 - HKLM\..\Run: [ivhykbxx] c:\windows\system32\ivhykbxx.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [intdctrr] C:\WINDOWS\System32\idctup20.exe
O4 - HKLM\..\Run: [IEDriver] C:\WINDOWS\System32\IEDriver\IEDriver.exe
O4 - HKLM\..\Run: [HP Software Update] "D:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "D:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [FlaCPY] "c:\Program Files\Common Files\Java\flacpy.exe"
O4 - HKLM\..\Run: [fhnbcxg] c:\w32\mtptt?????????
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [emsw.exe] C:\WINDOWS\emsw.exe
O4 - HKLM\..\Run: [eMailEncryption] C:\PROGRA~1\ACCELE~1\VELOZD~1\velozsys.exe runstart
O4 - HKLM\..\Run: [ebobkd] c:\dows\syste????????
O4 - HKLM\..\Run: [eanth_critical_update_alert] C:\PROGRA~1\ACCELE~1\SYSTEM~1\sys_alert.exe /Startup
O4 - HKLM\..\Run: [EanthologyApp] C:\PROGRA~1\COMMON~1\EACCEL~1\EANTHO~1.EXE /b Startup
O4 - HKLM\..\Run: [dydeshare.exe] C:\WINDOWS\System32\dydeshare.exe
O4 - HKLM\..\Run: [dsqfifqz] C:\WINDOWS\System32\ivhykbxx.exe
O4 - HKLM\..\Run: [CMSMHOST] D:\Program Files\Cloudmark\Anti-Fraud Toolbar\IE\cmsmhost.exe /Server
O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [checkrun] C:\windows\system32\elitecwy32.exe
O4 - HKLM\..\Run: [Blubster] C:\Program Files\Blubster\Blubster.exe SILENT
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [4X@95ME57C5BM8] C:\WINDOWS\System32\Geke3L.exe
O4 - HKLM\..\Run: [0BaDC] C:\WINDOWS\hfelxcfq.exe
O4 - HKLM\..\Run: [BDMCon] "D:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "D:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
O4 - HKCU\..\Run: [Ugtlbkye] C:\WINDOWS\system32\??stem\javaw.exe
O4 - HKCU\..\Run: [Tukati:4] C:\Program Files\Tukati\Redistributor\4\TukatiRedistributor.exe -r:4 -x:2
O4 - HKCU\..\Run: [TimeLeft] D:\Program Files\TimeLeft\timeleft.exe
O4 - HKCU\..\Run: [The Easy Bee's Hive] D:\Program Files\Altercept\TheEasyBee Free\Binaries\ATCEgSvr.exe -logon
O4 - HKCU\..\Run: [SwiftToDoList] D:\Program Files\Swift To-Do List\Swift To-Do List.exe minimized
O4 - HKCU\..\Run: [SpyBlocs] C:\Program Files\eBlocs\SpyBlocs\GLFAA.exe
O4 - HKCU\..\Run: [SoniqueQuickStart] C:\Program Files\Sonique\sqstart.exe -nostick
O4 - HKCU\..\Run: [shimgvw] C:\WINDOWS\System32\shimgvw.exe
O4 - HKCU\..\Run: [ServUTrayIcon] D:\PROGRA~1\Serv-U\SERVUT~1.EXE
O4 - HKCU\..\Run: [rtutils] C:\WINDOWS\System32\rtutils.exe
O4 - HKCU\..\Run: [Reminder] C:\Program Files\Microsoft Money\System\reminder.exe
O4 - HKCU\..\Run: [RediffBOL] C:\Program Files\rediff.com\messenger\Bol.exe hide
O4 - HKCU\..\Run: [PlaxoUpdate] D:\Program Files\Plaxo\2.6.2.9\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [News Alert] C:\Program Files\MSNBC\Alert\NEWSALRT.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Iinl] C:\Program Files\sami\emia.exe
O4 - HKCU\..\Run: [HXIUL.EXE] C:\Program Files\Alset\HelpExpress\Ashish\HXIUL.EXE
O4 - HKCU\..\Run: [HELPEXP.EXE] C:\Program Files\Alset\HelpExpress\Ashish\Client\HelpExp.exe
O4 - HKCU\..\Run: [Grubclient] C:\Program Files\Grubclient\grubgui.exe /s
O4 - HKCU\..\Run: [FileFreedom_Plugin] C:\Program Files\FileFreedom\wtm.exe
O4 - HKCU\..\Run: [eZmmod] C:\PROGRA~1\ezula\mmod.exe
O4 - HKCU\..\Run: [Crammer] C:\Program Files\crammerCrammer.exe
O4 - HKCU\..\Run: [ClockSync] C:\Program Files\ClockSync\Sync.exe /q
O4 - HKCU\..\Run: [Cacheman] D:\PROGRA~1\Cacheman\Cacheman.exe
O4 - Startup: Konfabulator.lnk = D:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
O4 - Startup: PowerPro.lnk = C:\Program Files\PowerPro\powerpro.exe
O4 - Startup: QClip.lnk = D:\Program Files\QClip\qclip.exe
O4 - Startup: WinMySQLadmin.lnk = C:\mysql\bin\winmysqladmin.exe
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: 1.pl
O4 - Global Startup: 3DNA Desktop.lnk = C:\Program Files\3DNA\Resources\3dnasys.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
O4 - Global Startup: fishing.bat
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: KeenValue.lnk = C:\Program Files\Common Files\KeenValue\keenvalue.exe
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files\Apache Group\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: NetScreen-Remote.lnk = D:\Program Files\Juniper\NetScreen-Remote\SafeCfg.exe
O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = C:\Program Files\Navnt\navapw32.exe
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Real-time Monitor.lnk = ?
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O4 - Global Startup: wincapper.com
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.01.0000.2217\en-us\bin\WindowsSearch.exe
O4 - Global Startup: winreg2.bat
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O20 - AppInit_DLLs: C:\WINDOWS\System32\comggkc.dll
O23 - Service: Apache - Unknown owner - C:\Program Files\Apache Group\Apache\Apache.exe" --ntservice (file missing)
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - D:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Imapi Helper - Alex Feinman - D:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Serv-U FTP Server (Serv-U) - Cat Soft - D:\PROGRA~1\Serv-U\ServUDaemon.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - D:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Thanks
Reena
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP