0

In trying to keep Win XP running as long as possible I've used various software programs including Rocketdock, which I think is brilliant. It runs very smoothly and I have it set to run at startup. Normally there is no problem, but every so often I find it missing after starting up. I start up Rocketdock manually and when I go to check the Rocketdock settings I find the 'run at startup' box is unchecked. I correct this and it will run correctly at startup for the next few times. Then, for no apparent reason, it is missing from startup again.

I cannot figure out what is happening. Anyone got any ideas?

4
Contributors
26
Replies
27
Views
6 Years
Discussion Span
Last Post by caperjack
0

What security software do you have on your computer (list all of them) and have you scanned recently? If so, what was found?

0

I use Kaspersky security suite, which apart from running scans also does a total scan weekly. It has always stopped any problems and I haven't had to deal with a virus etc since starting to use it some years ago. I also use Soluto to try to impove startup times, but I have never removed Rocketdock from startup with Soluto.

0

sometime ,but only sometimes ,a restart is in order when you make a settings change ,so set it to boot at start up,shutdown and reboot windows right away .not saying it will work but doesn't cost anything to try it

0

Thanks, I'll try that. In any case it will work for a while. So I'll report back next week!

0

malwarebytes is a great program to have and use on a regular basics

Edited by caperjack: n/a

0

I ran Mbam and it found 8 apparently minor problems which I have deleted. See log below. While I was running Mbam Rocketdock crashed and I had to reopen on restart.


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6482

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

01/05/2011 14:58:45
mbam-log-2011-05-01 (14-58-31).txt

Scan type: Full scan (C:\|)
Objects scanned: 313698
Time elapsed: 2 hour(s), 40 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogoff (PUM.Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\wendy joint\favorites\error cleaner.url (Rogue.Link) -> No action taken.
c:\WINDOWS\system32\config\systemprofile\favorites\error cleaner.url (Rogue.Link) -> No action taken.
c:\documents and settings\wendy joint\favorites\privacy protector.url (Rogue.Link) -> No action taken.
c:\WINDOWS\system32\config\systemprofile\favorites\privacy protector.url (Rogue.Link) -> No action taken.
c:\documents and settings\wendy joint\favorites\spyware&malware protection.url (Rogue.Link) -> No action taken.
c:\WINDOWS\system32\config\systemprofile\favorites\spyware&malware protection.url (Rogue.Link) -> No action taken.

0

I thought your problem was caused by being infected and I was right. It just goes to show that Kaspersky is nowhere near as good as they like you to think it is.

It says "No Action Taken" next to each entry. You need to re-run Mbam and get it to remove all it finds.

0

Sorry, I did do that, but sent the wrong log. Think this may be the right one:


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6482

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

01/05/2011 15:04:17
mbam-log-2011-05-01 (15-04-17).txt

Scan type: Full scan (C:\|)
Objects scanned: 313698
Time elapsed: 2 hour(s), 40 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogoff (PUM.Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\wendy joint\favorites\error cleaner.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\favorites\error cleaner.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\documents and settings\wendy joint\favorites\privacy protector.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\favorites\privacy protector.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\documents and settings\wendy joint\favorites\spyware&malware protection.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\favorites\spyware&malware protection.url (Rogue.Link) -> Quarantined and deleted successfully.

0

Doesn't seem to be cured. Missing from start-up again this morning. I'm wondering if I have some sort of incompatible program running. As I told you Rocketdock crashed while I was running Mbam. I did keep the crash log report, but it means little to me. I recently had trouble with system crashes caused by my video drivers, but I thought I had solved that by updating the drivers. Perhaps there is some residual problem? The trouble with trying to keep an old system running, snags do occur from time to time. It might perhaps be the Logitech Quickcam, which I try to stop running at startup.

0

Might be worth checking the condition of your hard drive. The free version of hdd regenerator 2011 will scan your hard drive and fix a limited number of errors if you have any. - http://www.dposoft.net/

0

I had some difficulty running HDD regenerator due to continued running of some unknown programs. I used msconfig sys to check, but couldn't identify any. So in the finish I ran CHKDSK which found no bad sectors, but did clean up some minor inconsistencies. So far things are running smoothly, so it may well have helped, thanks.


Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.

A disk check has been scheduled.
Windows will now check the disk.
Cleaning up minor inconsistencies on the drive.
Cleaning up 145 unused index entries from index $SII of file 0x9.
Cleaning up 145 unused index entries from index $SDH of file 0x9.
Cleaning up 145 unused security descriptors.
CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
Windows has made corrections to the file system.

488303707 KB total disk space.
50233400 KB in 159741 files.
57608 KB in 16787 indexes.
0 KB in bad sectors.
295075 KB in use by the system.
65536 KB occupied by the log file.
437717624 KB available on disk.

4096 bytes in each allocation unit.
122075926 total allocation units on disk.
109429406 allocation units available on disk.

Internal Info:
00 b9 02 00 99 b1 02 00 ff e4 03 00 00 00 00 00 ................
73 19 00 00 04 00 00 00 65 04 00 00 00 00 00 00 s.......e.......
aa 27 fc 0e 00 00 00 00 4c 1e 28 5e 00 00 00 00 .'......L.(^....
9c b4 b9 13 00 00 00 00 8a dc ae 9f 04 00 00 00 ................
b2 5e 33 c3 0c 00 00 00 18 a2 ec ec 11 00 00 00 .^3.............
20 71 bb 8a 00 00 00 00 a0 38 07 00 fd 6f 02 00 q.......8...o..
00 00 00 00 00 e0 00 fa 0b 00 00 00 93 41 00 00 .............A..

Windows has finished checking your disk.
Please wait while your computer restarts.

0

Tried Housecall - no threats. Also downloaded Hijackthis 2.04 and attach log. No idea if there is anything to worry about, but to my untutored eye seems OK.Can't quite see why Google Chrome is repeated so many times.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:01:55, on 03/05/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security

2011\avp.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Soluto\SolutoService.exe
C:\Program Files\Soluto\soluto.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security

2011\avp.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Update\1.3.21.53\GoogleCrashHandler.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\rthdcpl.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common

Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Accessories\RocketDock\RocketDock.exe
c:\program files\accessories\kalender\kalender.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\canon\myprinter\bjmyprt.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Wendy Joint\My

Documents\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://g.uk.msn.com/USCON/7
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL

= http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL

= http://g.uk.msn.com/USCON/7
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =

http://g.uk.msn.com/USCON/7
R3 - URLSearchHook: uTorrentBar Toolbar -

{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program

Files\uTorrentBar\tbuTor.dll
F2 - REG:system.ini:

UserInit=C:\WINDOWS\system32\userinit.exe,C:\Program

Files\Soluto\soluto.exe /userinit,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -

C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer

- {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and

Settings\All Users\Application

Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} -

C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} -

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security

2011\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no

file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -

C:\Program Files\Microsoft\Search Enhancement Pack\Search

Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper -

{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common

Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -

C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

- C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -

{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program

Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper -

{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows

Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} -

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security

2011\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl -

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program

Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar -

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows

Live\Toolbar\wltcore.dll
O3 - Toolbar: uTorrentBar Toolbar -

{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program

Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D}

- C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky

Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [thunderbird.exe] C:\Program Files\Mozilla

Thunderbird\thunderbird.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program

Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program

Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Wendy

Joint\Local Settings\Application Data\Google\Update\GoogleUpdate.exe"

/c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE

(User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE

(User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows

Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program

Files\Kaspersky Lab\Kaspersky Internet Security

2011\ie_banner_deny.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver -

res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel -

res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}

- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer -

{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows

Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote -

{2670000A-7350-4f3c-8081-5663EE0C6C49} -

C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote -

{2670000A-7350-4f3c-8081-5663EE0C6C49} -

C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: &Virtual Keyboard -

{4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky

Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Skype Plug-In -

{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program

Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In -

{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program

Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: URLs c&heck -

{CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky

Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583}

- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}

- C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)

-

http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/clien

t/muweb_site.cab?1240420719296
O16 - DPF: {8C922C73-FFFA-45A3-B2C2-BC1E30074267} (WalkmanRegistrar

Object) - http://www.sony.fr/bravia/RegistrationAgent.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) -

http://utilities.pcpitstop.com/da2/PCPitStop2.cab
O18 - Protocol: bwfile-8876480 -

{9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype-ie-addon-data -

{91774881-D725-4E58-B298-07617B9B86A8} - C:\Program

Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -

C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll,

C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll
O22 - SharedTaskScheduler: Browseui preloader -

{438755C2-A8BA-11D1-B96B-00A0C90312E1} -

C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon -

{8C7461EF-2B13-11d2-BE35-3078302C2030} -

C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -

C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO

- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security

2011\avp.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc.

- C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google

Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program

Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun

Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common

Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program

Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Microsoft Office Diagnostics Service (odserv) - Unknown

owner - C:\Program Files\Common Files\Microsoft

Shared\OFFICE12\ODSERV.EXE (file missing)
O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Program

Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file

missing)
O23 - Service: Rapport Management Service (RapportMgmtService) -

Trusteer Ltd. - C:\Program

Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto -

C:\Program Files\Soluto\SolutoService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program

Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 14194 bytes

0

You seem to have a lot of incomplete registry entries in that log. Could you download Ccleaner and run the registry cleaner several times until it finds no more problems. You wont need to save a backup of what it deletes.

Ccleaner can be found here - http://www.piriform.com/ccleaner

Once done, re-run HIJackThis and post a fresh log as an attachment!

0

I usually use easycleaner, but must admit I was quite taken with ccleaner. I've run it on registry a few times and last 2 times it was clear. I also managed to delete some of my saved passwords, but no matter. The last time I opened rocketdock did not open at start-up. But I will keep trying and hope it starts behaving itself!

0

Here's the Hijackthis log:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:27:55, on 03/05/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security

2011\avp.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Soluto\SolutoService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Soluto\soluto.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security

2011\avp.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Update\1.3.21.53\GoogleCrashHandler.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Accessories\RocketDock\RocketDock.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\rthdcpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common

Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\accessories\kalender\kalender.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\canon\myprinter\bjmyprt.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Wendy Joint\Local Settings\Application

Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Wendy Joint\My

Documents\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://g.uk.msn.com/USCON/7
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL

= http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL

= http://g.uk.msn.com/USCON/7
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =

http://g.uk.msn.com/USCON/7
R3 - URLSearchHook: uTorrentBar Toolbar -

{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program

Files\uTorrentBar\tbuTor.dll
F2 - REG:system.ini:

UserInit=C:\WINDOWS\system32\userinit.exe,C:\Program

Files\Soluto\soluto.exe /userinit,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -

C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer

- {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and

Settings\All Users\Application

Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} -

C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} -

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security

2011\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no

file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -

C:\Program Files\Microsoft\Search Enhancement Pack\Search

Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper -

{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common

Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -

C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

- C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -

{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program

Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper -

{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows

Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} -

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security

2011\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl -

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program

Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar -

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows

Live\Toolbar\wltcore.dll
O3 - Toolbar: uTorrentBar Toolbar -

{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program

Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D}

- C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky

Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [thunderbird.exe] C:\Program Files\Mozilla

Thunderbird\thunderbird.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program

Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program

Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Wendy

Joint\Local Settings\Application Data\Google\Update\GoogleUpdate.exe"

/c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE

(User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE

(User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows

Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program

Files\Kaspersky Lab\Kaspersky Internet Security

2011\ie_banner_deny.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver -

res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel -

res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}

- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer -

{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows

Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote -

{2670000A-7350-4f3c-8081-5663EE0C6C49} -

C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote -

{2670000A-7350-4f3c-8081-5663EE0C6C49} -

C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: &Virtual Keyboard -

{4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky

Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Skype Plug-In -

{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program

Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In -

{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program

Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: URLs c&heck -

{CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky

Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583}

- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}

- C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)

-

http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/clien

t/muweb_site.cab?1240420719296
O16 - DPF: {8C922C73-FFFA-45A3-B2C2-BC1E30074267} (WalkmanRegistrar

Object) - http://www.sony.fr/bravia/RegistrationAgent.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) -

http://utilities.pcpitstop.com/da2/PCPitStop2.cab
O18 - Protocol: bwfile-8876480 -

{9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program

Files\Logitech\Desktop

Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype-ie-addon-data -

{91774881-D725-4E58-B298-07617B9B86A8} - C:\Program

Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -

C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll,

C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll
O22 - SharedTaskScheduler: Browseui preloader -

{438755C2-A8BA-11D1-B96B-00A0C90312E1} -

C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon -

{8C7461EF-2B13-11d2-BE35-3078302C2030} -

C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -

C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO

- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security

2011\avp.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc.

- C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google

Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program

Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun

Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common

Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program

Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Rapport Management Service (RapportMgmtService) -

Trusteer Ltd. - C:\Program

Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto -

C:\Program Files\Soluto\SolutoService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program

Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 14070 bytes

0

Hmm, it's looking like your registry has become corrupted. I am at work at the mo but when I have gotten home and have some spare time, I will post some instructions on what to do next!

0

I'm not surprised, it's been running a long time, although I have run easycleaner from time to time. Thanks a lot for all your effort. I'd like to keep this thing running a bit longer if I can. Really need a new computer - saving up.

0

Run HJT again then place a tick in the box next to each of the following entries (if found).

C:\Program Files\Common
C:\Documents and Settings\Wendy Joint\My
http://g.uk.msn.com/USCON/7
about:blank
http://go.microsoft.com/fwlink/?LinkId=69157
= http://go.microsoft.com/fwlink/?LinkId=54896
http://go.microsoft.com/fwlink/?LinkId=54896
http://go.microsoft.com/fwlink/?LinkId=69157
= http://g.uk.msn.com/USCON/7
http://g.uk.msn.com/USCON/7
R3 - URLSearchHook: uTorrentBar Toolbar -
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program
Files\uTorrentBar\tbuTor.dll
F2 - REG:system.ini:
UserInit=C:\WINDOWS\system32\userinit.exe,C:\Program
Files\Soluto\soluto.exe /userinit,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -
C:\Program Files\Common
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer
- {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} -
C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no
C:\Program Files\Microsoft\Search Enhancement Pack\Search
Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
- C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -
{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper -
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows
Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl -
O3 - Toolbar: &Windows Live Toolbar -
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows
Live\Toolbar\wltcore.dll
O3 - Toolbar: uTorrentBar Toolbar -
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program
Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D}
- C:\Program Files\ConduitEngine\ConduitEngine.dll
Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [thunderbird.exe] C:\Program Files\Mozilla
(User 'SYSTEM')
(User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows
O8 - Extra context menu item: Add to Anti-Banner - C:\Program
res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer -
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows
O9 - Extra button: Send to OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: &Virtual Keyboard -

Once all are ticked, click the "Fix Checked" button then re-run HJT and post it's latest log.

0

Thanks very much for your help. I'm going to keep a note of that list and make the changes at a later stage bit by bit, once I've removed Soluto and ConduitEngine. I'm a bit concerned about avp.exe as I think this may affect Kaspersky Security suite. Skype also I'll leave for the timebeing, although I use it rarely. Anyway You've given me a lot of assistance and I think we should call it solved for now. If anything else unexpected happens I'll post a new thread. Can't wait to start from scratch on a new system!

0

All those entries are incomplete and therefore not working.

You could always do a registry backup beforehand. To do this, click start then run and type regedit in the box and press enter.
In regedit, click file then export. Save the resulting file somewhere where you will easily find it and give it a name you wont forget. To restore your registry, do as before but click import then point to the file you previously saved.

0

hijack will backup removed items ,to replace you just use the tool section to replace anything you remove

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.