• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
Guest Gneedhelp

CWS.Smartsearch.2 ?

10 posts in this topic

A friend mentioned that I may have one of the Cool Web Search variants, so I went to Merijn.org to see what I could do about it. Ad-aware, Spybot and Nortan had no effect on my relentless pop ups.

 

I downloaded and ran the CWShredder in an attempt to see if this was indeed what I had.

 

Partway through the check an error poped up that this program would immediately be shut down. I tried to run it again. This time the headers were all in jibberish and a box poped up that said my computer was infected by Smartsearch.2 , but CWsherdder had detected it and was spamming script to stop it. Clicked ok and continued the run because I had not noticed the changed Header. It stopped at the exact same place with the exact same results.

 

So I got HiJackthis. Maybe one of you can figure out what needs to be done. Here is the log.

 

Logfile of HijackThis v1.97.7

Scan saved at 12:04:45 PM, on 6/12/2004

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\System32\Ati2evxx.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\System32\svchost.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\system32\ZoneLabs\vsmon.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\xl.exe

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\Explorer.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Winamp\winampa.exe

C:\WINNT\system32\CTHELPER.EXE

C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe

C:\Program Files\BroadJump\Client Foundation\CFD.exe

C:\winnt\temp\0dAHmIpkX.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\WINNT\System32\Ujqz8QF.exe

C:\WINNT\System32\Sueb6rY.exe

C:\Documents and Settings\chad1\Desktop\HijackThis.exe

 

R3 - URLSearchHook: (no name) - _{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13} - (no file)

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE

O4 - HKLM\..\Run: [updReg] C:\WINNT\UpdReg.EXE

O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"

O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe

O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe

O4 - HKLM\..\Run: [0dAHmIpkX.exe] C:\winnt\temp\0dAHmIpkX.exe

O4 - HKLM\..\Run: [Dsi] C:\WINNT\System32\dp-k13w13.exe

O4 - HKLM\..\Run: [2##2FPS5G5L@NY] C:\WINNT\System32\Jks3.exe

O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [syoys] C:\WINNT\sqisdhwsj.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [TPF] C:\WINNT\system32\TPF.exe

O4 - HKCU\..\Run: [WNSI] C:\WINNT\System32\wnscpsu.exe

O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...8054.7184837963

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab

 

Thank you in advance.

Share this post


Link to post
Share on other sites

realized I had not fully followed the directions :whistle: here is the lHiJack log with it installed in it's own folder.

 

Logfile of HijackThis v1.97.7

Scan saved at 12:38:08 PM, on 6/12/2004

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\System32\Ati2evxx.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\System32\svchost.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\system32\ZoneLabs\vsmon.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\xl.exe

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\Explorer.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Winamp\winampa.exe

C:\WINNT\system32\CTHELPER.EXE

C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe

C:\Program Files\BroadJump\Client Foundation\CFD.exe

C:\winnt\temp\0dAHmIpkX.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\WINNT\System32\Ujqz8QF.exe

C:\WINNT\System32\Sueb6rY.exe

C:\HiJackThis\HijackThis.exe

 

R3 - URLSearchHook: (no name) - _{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13} - (no file)

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE

O4 - HKLM\..\Run: [updReg] C:\WINNT\UpdReg.EXE

O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"

O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe

O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe

O4 - HKLM\..\Run: [0dAHmIpkX.exe] C:\winnt\temp\0dAHmIpkX.exe

O4 - HKLM\..\Run: [Dsi] C:\WINNT\System32\dp-k13w13.exe

O4 - HKLM\..\Run: [2##2FPS5G5L@NY] C:\WINNT\System32\Jks3.exe

O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [syoys] C:\WINNT\sqisdhwsj.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [TPF] C:\WINNT\system32\TPF.exe

O4 - HKCU\..\Run: [WNSI] C:\WINNT\System32\wnscpsu.exe

O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...8054.7184837963

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab

Share this post


Link to post
Share on other sites

This indicates infection by the peper trojan:

[2##2FPS5G5L@NY] C:\WINNT\System32\Jks3.exe

 

Download Peper Fix from here - http://downloads.subratam.org/PeperFix.exe

Then Run the fixer (you must be online for the uninstall to be successful, make sure you allow it access through any firewall you have).

Run it twice with a reboot in between, just to make sure.

 

Then in HijackThis,

Tick the boxes next to all these, then close all browser and explorer windows, and tell HijackThis to "Fix checked". Then Reboot.

 

R3 - URLSearchHook: (no name) - _{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

 

O2 - BHO: (no name) - {D848A3CA-0BFB-4DE0-BA9E-A57F0CCA1C13} - (no file)

 

O4 - HKLM\..\Run: [0dAHmIpkX.exe] C:\winnt\temp\0dAHmIpkX.exe

O4 - HKLM\..\Run: [syoys] C:\WINNT\sqisdhwsj.exe

O4 - HKLM\..\Run: [Dsi] C:\WINNT\System32\dp-k13w13.exe

O4 - HKLM\..\Run: [TPF] C:\WINNT\system32\TPF.exe :alarm: worm

O4 - HKCU\..\Run: [WNSI] C:\WINNT\System32\wnscpsu.exe

 

Since you have a worm, run an online virus scan, http://www.pandasoftware.com/activescan/co...n_principal.htm

or http://housecall.trendmicro.com/

 

Then reboot one more time and post a fresh log.

There will likely be more to fix.

Share this post


Link to post
Share on other sites

Thank you for your help! The peper trojan still seems to be there though I followed your instructions and it removed items.

 

Another quick question is about those 016 things. Can they just be deleted? Anyway here is my fresh log:

 

 

Logfile of HijackThis v1.97.7

Scan saved at 12:44:07 AM, on 6/14/2004

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\System32\Ati2evxx.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\System32\svchost.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\system32\ZoneLabs\vsmon.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\xl.exe

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\Explorer.EXE

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Winamp\winampa.exe

C:\WINNT\system32\CTHELPER.EXE

C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe

C:\Program Files\BroadJump\Client Foundation\CFD.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\HiJackThis\HijackThis.exe

 

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE

O4 - HKLM\..\Run: [updReg] C:\WINNT\UpdReg.EXE

O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"

O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe

O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe

O4 - HKLM\..\Run: [2##2FPS5G5L@NY] C:\WINNT\System32\Jks3.exe

O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...8054.7184837963

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab

Edited by Gneedhelp

Share this post


Link to post
Share on other sites

YOU SHOULD TRY TO POST YOUR LOG UNDER MALWARE REMOVAL

 

NOBODY IS GOING TO HELP YOU HERE

 

 

P/S READ THE INSTRUCTIONS ON TOP

 

Thread has been moved, stockkbroker. We always move threads to the correct forum. -cnm

Edited by cnm

Share this post


Link to post
Share on other sites

Gneedhelp, That looks much better. Nice work. :)

 

See if you can uninstall Client Foundation via Control Panel Add/Remove.

 

The peper trojan appears to be mostly gone.

 

Tick and fix these, then reboot.

 

O4 - HKLM\..\Run: [updReg] C:\WINNT\UpdReg.EXE

O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe

O4 - HKLM\..\Run: [2##2FPS5G5L@NY] C:\WINNT\System32\Jks3.exe

 

The O16s are OK but can be fixed. They will be downloaded again if needed.

 

After fix and reboot, delete these files:

C:\WINNT\System32\Jks3.exe

C:\WINNT\system32\TPF.exe

C:\WINNT\System32\wnscpsu.exe

C:\WINNT\sqisdhwsj.exe

 

Some may already have been removed, but make sure you're set to show hidden and system files. How to Show System Files

Share this post


Link to post
Share on other sites

It is indeed running much better! Here is my fresh log:

 

 

Logfile of HijackThis v1.97.7

Scan saved at 1:55:53 PM, on 6/14/2004

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\System32\Ati2evxx.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\System32\svchost.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\system32\ZoneLabs\vsmon.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\xl.exe

C:\WINNT\system32\Ati2evxx.exe

C:\WINNT\Explorer.EXE

C:\Program Files\Winamp\winampa.exe

C:\WINNT\system32\CTHELPER.EXE

C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\HiJackThis\HijackThis.exe

 

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE

O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"

O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe

O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

 

 

 

 

Ok and I do admit to looking up a few things about the HiJackthis program in an effort to unclutter this computer's start up using this:

 

 

http://www.sysinfo.org/startuplist.php?fil...=50&offset=1500

 

HydraVisionDesktopManager was a U (user optional file) that I got rid of so the computer had a faster start up and it was never used. Unfortuanately I now get an error that says:

 

HydraVision Desktop Manager is already running.

 

Not a big problem I am guessing but how can I get the error stopped? (I only got rid of this and the Quicktime link. And yes I will ask next time before doing any of that :D )

 

 

HUGE thank you for your help so far!!

 

And my apologies to Stockbrocker guy...I did post in the wrong forum and did apologise for it. In fact I reposted here and since I double posted the problem, one was removed. I was working on this for about 24 straight hours before I found this forum and was a little overexcited to see a light at the end of the tunnel.

Edited by Gneedhelp

Share this post


Link to post
Share on other sites

Tick and fix this:

O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HydraVision\HydraDM.exe

That's the startup. Then reboot.

 

Looking your startups up in http://www.sysinfo.org/startuplist.php?fil...=50&offset=1500 was a fine idea.

The way to disable them as starup is to fix their O4..

 

You possibly might be able to uninstall HydraVisionDesktopManager via Control Panel Add/Remove? Which would get rid of any remainders, one hopes.

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0