hi. everytime i start my computer i get the task_agent error box stating "this program has performed an illegal operation....." and then when i close the box, another one appears that says APPLICATION ERROR on the top and inside "exception EConvert Error in module tas_agent.exe 00006752 Invalid argument to time encode. I was told awhile ago that this is b/c my printer is a hp but i think it has something to do with my task settings. what do u think?

I don't know about your task settings, but I would first remove and disconnect the printer to see if that is the cause.
If issue persists, troubleshoot other sites.

Hi honeyangel8, Welcome to CTH! Let's see what you have loading at startup. Go here and download, unzip and run StartupList. It will create a log file, copy the log and paste it in a reply.

http://www.lurkhere.com/~nicefiles/index.html

ok i downloaded it but then i clicked on the file and nothing happened. :(

Ok, You must not have a program installed for opening zipped files. Delete that one and go here and download and run the un-zipped version. (StartupList.exe)

http://www.d21c.com/Tom41

ok this is what it showed:

StartupList report, 2/22/03, 6:26:52 PM
StartupList version: 1.40.3
Started from : C:\WINDOWS\START MENU\PROGRAMS\STARTUPLIST.EXE
Detected: Windows 98 SE (Win9x 4.10.2222A)
Detected: Internet Explorer v6.00 (6.00.2600.0000)
* Using default options
==================================================

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\SISTRAY.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\IGFXTRAY.EXE
C:\WINDOWS\SYSTEM\HKCMD.EXE
C:\CFGSAFE\AUTOCHK.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\WINAMP3\WINAMPA.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\AOLTRAY.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOBNZ08.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\RNATHCHK.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSOL08.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\SLIDESHW\SNSICON.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.EXE
C:\PROGRAM FILES\COMMON FILES\GMT\GMT.EXE
C:\PROGRAM FILES\DATE MANAGER\DATEMANAGER.EXE
C:\PROGRAM FILES\PRECISIONTIME\PRECISIONTIME.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOEVM08.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSTS08.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\AOL.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\WAOL.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\WINAMP3\STUDIO.EXE
C:\WINDOWS\START MENU\PROGRAMS\STARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\America Online\StartUp]
America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0a\aoltray.exe
AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
officejet 6100.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
hp instant support.lnk = C:\Program Files\Hewlett-Packard\HP Instant Support DI\bin\matcli.exe
Snsicon.lnk = C:\SLIDESHW\Snsicon.exe
GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe

User shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\America Online\StartUp]
America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0a\aoltray.exe
AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
officejet 6100.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
hp instant support.lnk = C:\Program Files\Hewlett-Packard\HP Instant Support DI\bin\matcli.exe
Snsicon.lnk = C:\SLIDESHW\Snsicon.exe
GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ScanRegistry = C:\WINDOWS\scanregw.exe /autorun
TaskMonitor = C:\WINDOWS\taskmon.exe
SystemTray = SysTray.Exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SiS Tray = C:\WINDOWS\SYSTEM\SISTRAY.EXE
SiS KHooker = C:\WINDOWS\SYSTEM\khooker.exe
SiSSoundMan = C:\WINDOWS\SYSTEM\SoundMan.exe
SiSSetCDfmt = C:\WINDOWS\SYSTEM\SetCDfmt.exe
sp = regedit -s C:\WINDOWS\sp.reg
QuickTime Task = C:\WINDOWS\SYSTEM\QTTASK.EXE
Synchronization Manager = mobsync.exe /logon
IgfxTray = C:\WINDOWS\SYSTEM\igfxtray.exe
HotKeysCmds = C:\WINDOWS\SYSTEM\hkcmd.exe
ConfigSafe = C:\CFGSAFE\AUTOCHK.EXE
LoadQM = loadqm.exe
Share-to-Web Namespace Daemon = C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
StillImageMonitor = C:\WINDOWS\SYSTEM\STIMON.EXE
WinampAgent = "C:\Program Files\Winamp3\winampa.exe"
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
CMESys = "C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE"

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run Services

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Yahoo! Pager = C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
iolo Task Agent = C:\PROGRAM FILES\IOLO\COMMON\TASK AGENT\TASK_AGENT.EXE

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = rundll32.exe advpack.dll,UserInstStubWrapper {89820200-ECBD-11cf-8B85-00AA005B4383}

[>PerUser_MSN_Clean] *
StubPath = C:\WINDOWS\msnmgsr1.exe

[PerUser_LinkBar_URLs] *
StubPath = C:\WINDOWS\COMMAND\sulfnbk.exe /L

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = rundll32.exe advpack.dll,UserInstStubWrapper {44BBA840-CC51-11CF-AAFA-00AA00B6015C}

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = rundll32.exe advpack.dll,UserInstStubWrapper {7790769C-0471-11d2-AF11-00C04FA35D02}

[{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}] *
StubPath = C:\WINDOWS\SYSTEM\updcrl.exe -e -u C:\WINDOWS\SYSTEM\verisignpub1.crl

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=
run=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\SNSVR.scr
drivers=mmsystem.dll power.drv

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Enumerating Browser Helper Objects:

Yahoo! Companion BHO - C:\PROGRAM FILES\YAHOO!\COMMON\YCOMP5,0,2,0.DLL - {13F537F0-AF09-11d6-9029-0002B31F9E59}
CSBHO - C:\PROGRAM FILES\COMET\BIN\CSBHO.DLL - {D14D6793-9B65-11D3-80B6-00500487BDBA}
(no name) - C:\WINDOWS\APPLICATION DATA\OGTLYEEAPR.DLL - {D44B5436-B3E4-4595-B0E9-106690E70A58}
(no name) - C:\WINDOWS\IOPTI130.DLL - {F7F808F0-6F7D-442C-93E3-4A4827C2E4C8}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Tune-up Application Start.job
Maintenance-Defragment programs.job
Maintenance-ScanDisk.job
Maintenance-Disk cleanup.job
FRU Task #Hewlett-Packard#hp psc 2200 series#1040847877.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[{A45F39DC-3608-4237-8F0E-139F1BC49464}]
CODEBASE = http://www.julieandfriends.net/juliecam/juliecam.exe

[{41F17733-B041-4099-A042-B518BB6A408C}]
CODEBASE = http://a1540.g.akamai.net/7/1540/52/20020323/qtinstall.info.apple.com/qt505/us/win/QuickTimeInstaller.exe

[YahooYMailTo Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\YMMAPI.DLL
CODEBASE = http://us.dl1.yimg.com/download.yahoo.com/dl/installs/essentials/ymmapi_0727.dll

[{11111111-1111-1111-1111-111111111111}]
CODEBASE = http://fr4-download.nocreditcard.com/download/newdial-erp/2645/dialer.exe

[MSN Photo Upload Tool]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNPUPLD.DLL
CODEBASE = http://photos.msn.com/r/neutral/controls/MsnPUpld.cab?5,0,1730,0

[Brix6ie Control]
InProcServer32 = C:\WINDOWS\BRIX6IE.OCX
CODEBASE = http://a19.g.akamai.net/7/19/7125/1268/ftp.coupons.com/v6/brix6ie.cab

--------------------------------------------------
End of report, 9,777 bytes
Report generated in 0.634 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

Hi honeyangel8, First thing, Let's get rid of all this spyware that you have. (Gator, TinyBar, Lop Domains etc...)

1. Go to Add/Remove Programs and uninstall PrecisionTime,
Date Manager, Comet Cursor and anything listed for Gator

2. Click Start > Run > type msconfig and click OK
Click the startup tab and uncheck the following:

sp = regedit -s C:\WINDOWS\sp.reg (TinyBar)

CMESys = "C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE" (Gator)

Click apply/ok and reboot.

3. Download and run Spybot-S&D.

Download Spybot - Search & Destroy

http://beam.to/spybotsd


After installing, go to the Online tab, and search for and install all updates.

Next, go to the Settings tab > File Sets,and uncheck System Internals, Usage Tracking and Tracks.uti. These settings are not needed at the moment and you can always consult the "Help" files if you want to experiment later on.

Finally, after closing down Internet Explorer, hit 'Check for Problems', and have SpyBot remove all it finds. (If the scan has found something, the list will show it.)

There are three basic kinds of results:

Red entries indicate spyware problems that should be fixed to avoid security and/or privacy problems. This is the only kind of problem that is preselected to be fixed.

Black entries are system internals. If you do not know what they mean, I would suggest that you leave these alone and visit the support forum for more information.

Green entries indicate usage tracks. It can do no harm to remove these.

NOTE: SSD will sometimes not be able to remove all active components in the first 'run'. In that case you will get a dialog asking you to run SSD at next start. Click yes and reboot.
SSD will activate before the system puts these components 'in use', and it will then be able to 'fix' the rest.

4. After running Spybot, Click Start > Settings > Control Panel > Internet Options > Programs tab. Click the 'Reset Web Settings' button and OK.

5. Run startuplist again and copy and paste it in a reply.

i'm a little nervous about deleting that stuff. why shouldn't i have it on here? it's only a thing to show me the date and what have u. some of the stuff i need. i'm a little confused. and what do u mean by "gator"? i don't see anything in there called that. :(

When you installed Precision Time and Date Manager, 'Gator' was also installed. Gator is pure spyware.

Gator helps you to fill out forms and remember passwords. Gator targets consumers based on site visitation and/or historical behavior. Your personal information is stored on your computer in an encrypted file. Gator accesses this personal information on occasion, using your IP address to help diagnose. Gator provides aggregate statistics about its customers, traffic patterns, and related site information to third-party vendors. In order to provide this service, they collect information on your web usage.

"Gator tracks the sites that users visit and forwards that data back to the company's servers. Gator sells the use of this information to advertisers who can purchase the opportunity to make ads pop up at certain moments, such as when specific words appear on a screen. It also lets companies launch a pop-up ad when users visit a competitor's Web site."

To remove Gator, you must remove precision time and date manager.

Hi honeyangel8 - you can trust tb525's advice 100%. Gator is one of the most notorious pieces of crud that you can have on your PC. Have a look here (http://www.cexx.org/gator.htm). The below entry shows that you have it installed:

CMESys = "C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE

as well as all the other junk that tb525 has identifed.

so those two are the only ones i have to delete right? everything else is ok?

Trust the advise.

Remove GATOR and everything else indicated.

If your computer is not on 24/7 and you do not schedule things to be done at time intervals, then taskman is not needed. It can cause problems also. - MSTASK.EXE you should see a little icon next to your clock for taskman.

I would remove taskman in msconfig also, by unchecking the box. (When you uncheck a box in msconfig, you are not removing the software just stopping it from loading when windows starts up.)

Also as will be suggested, once the spyware is removed, download and run Ad-Aware (http://www.cybertechhelp.com/html/downloads/download.php/id/33) and run weekly to get rid of spyware.

honeyangel8,

Ok i'm adding my 2 cents worth.

That's a big startup group you have going even without Gator.

Ok, here is a little info, I hope is correct, on iolo Task Agent.

From what I can find, iolo Task Agent = C:\PROGRAM FILES\IOLO\COMMON\TASK AGENT\TASK_AGENT.EXE is part of iolo System Mechanic (http://www.iolo.com/sm/) and has a Startup Manager.

What version do you have? http://www.iolo.com/upgrade/smhistory.htm

Don't know what this is ConfigSafe = C:\CFGSAFE\AUTOCHK.EXE, unless it is this http://www.imaginelan.com/configsafe/

Something I don't see in your Startup group is Anti-Virus protection or a Firewall.

ok i did everthing tb525 told me to. this is what i got now:

StartupList report, 2/24/03, 7:46:53 PM
StartupList version: 1.40.3
Started from : C:\WINDOWS\START MENU\PROGRAMS\STARTUPLIST.EXE
Detected: Windows 98 SE (Win9x 4.10.2222A)
Detected: Internet Explorer v6.00 (6.00.2600.0000)
* Using default options
==================================================

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\SISTRAY.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\IGFXTRAY.EXE
C:\WINDOWS\SYSTEM\HKCMD.EXE
C:\CFGSAFE\AUTOCHK.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\WINAMP3\WINAMPA.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0A\AOLTRAY.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOBNZ08.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSOL08.EXE
C:\SLIDESHW\SNSICON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOEVM08.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP INSTANT SUPPORT DI\COMMON\MOTIVEDIRECTORY.EXE
C:\WINDOWS\SYSTEM\HPZIPM12.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSTS08.EXE
C:\WINDOWS\START MENU\PROGRAMS\STARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\America Online\StartUp]
America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0a\aoltray.exe
AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
officejet 6100.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
hp instant support.lnk = C:\Program Files\Hewlett-Packard\HP Instant Support DI\bin\matcli.exe
Snsicon.lnk = C:\SLIDESHW\Snsicon.exe
AdSubtract.lnk = C:\Program Files\AdSubtract\adsub.exe

User shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\America Online\StartUp]
America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0a\aoltray.exe
AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
officejet 6100.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
hp instant support.lnk = C:\Program Files\Hewlett-Packard\HP Instant Support DI\bin\matcli.exe
Snsicon.lnk = C:\SLIDESHW\Snsicon.exe
AdSubtract.lnk = C:\Program Files\AdSubtract\adsub.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ScanRegistry = C:\WINDOWS\scanregw.exe /autorun
TaskMonitor = C:\WINDOWS\taskmon.exe
SystemTray = SysTray.Exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SiS Tray = C:\WINDOWS\SYSTEM\SISTRAY.EXE
SiS KHooker = C:\WINDOWS\SYSTEM\khooker.exe
SiSSoundMan = C:\WINDOWS\SYSTEM\SoundMan.exe
SiSSetCDfmt = C:\WINDOWS\SYSTEM\SetCDfmt.exe
QuickTime Task = C:\WINDOWS\SYSTEM\QTTASK.EXE
Synchronization Manager = mobsync.exe /logon
IgfxTray = C:\WINDOWS\SYSTEM\igfxtray.exe
HotKeysCmds = C:\WINDOWS\SYSTEM\hkcmd.exe
ConfigSafe = C:\CFGSAFE\AUTOCHK.EXE
LoadQM = loadqm.exe
Share-to-Web Namespace Daemon = C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
StillImageMonitor = C:\WINDOWS\SYSTEM\STIMON.EXE
WinampAgent = "C:\Program Files\Winamp3\winampa.exe"
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run Services

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Yahoo! Pager = C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
iolo Task Agent = C:\PROGRAM FILES\IOLO\COMMON\TASK AGENT\TASK_AGENT.EXE

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = rundll32.exe advpack.dll,UserInstStubWrapper {89820200-ECBD-11cf-8B85-00AA005B4383}

[>PerUser_MSN_Clean] *
StubPath = C:\WINDOWS\msnmgsr1.exe

[PerUser_LinkBar_URLs] *
StubPath = C:\WINDOWS\COMMAND\sulfnbk.exe /L

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = rundll32.exe advpack.dll,UserInstStubWrapper {44BBA840-CC51-11CF-AAFA-00AA00B6015C}

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = rundll32.exe advpack.dll,UserInstStubWrapper {7790769C-0471-11d2-AF11-00C04FA35D02}

[{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}] *
StubPath = C:\WINDOWS\SYSTEM\updcrl.exe -e -u C:\WINDOWS\SYSTEM\verisignpub1.crl

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=
run=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\SNSVR.scr
drivers=mmsystem.dll power.drv

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present

--------------------------------------------------

C:\WINDOWS\WININIT.BAK listing:
(Created 24/2/2003, 19:10:56)

[rename]
NUL=C:\WINDOWS\TEMP\GUUA384.TMP
NUL=C:\WINDOWS\TEMP\GLB1A2B.EXE
NUL=C:\WINDOWS\TEMP\GLB1A2B.EXE

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Enumerating Browser Helper Objects:

Yahoo! Companion BHO - C:\PROGRAM FILES\YAHOO!\COMMON\YCOMP5,0,2,0.DLL - {13F537F0-AF09-11d6-9029-0002B31F9E59}
(no name) - C:\WINDOWS\IOPTI130.DLL - {F7F808F0-6F7D-442C-93E3-4A4827C2E4C8}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Tune-up Application Start.job
Maintenance-Defragment programs.job
Maintenance-ScanDisk.job
Maintenance-Disk cleanup.job
FRU Task #Hewlett-Packard#hp psc 2200 series#1040847877.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[{41F17733-B041-4099-A042-B518BB6A408C}]
CODEBASE = http://a1540.g.akamai.net/7/1540/52/20020323/qtinstall.info.apple.com/qt505/us/win/QuickTimeInstaller.exe

[YahooYMailTo Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\YMMAPI.DLL
CODEBASE = http://us.dl1.yimg.com/download.yahoo.com/dl/installs/essentials/ymmapi_0727.dll

[MSN Photo Upload Tool]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNPUPLD.DLL
CODEBASE = http://photos.msn.com/r/neutral/controls/MsnPUpld.cab?5,0,1730,0

[Brix6ie Control]
InProcServer32 = C:\WINDOWS\BRIX6IE.OCX
CODEBASE = http://a19.g.akamai.net/7/19/7125/1268/ftp.coupons.com/v6/brix6ie.cab

--------------------------------------------------
End of report, 8,907 bytes
Report generated in 0.457 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

ok i don't know if this has anything to do with what i did ..but this game i was playing that used a java console doesn't work now. is it connected or no? and how do i fix it? i unchecked the box for enabling java but it didn't help.

What game would that be?

Online of some sort I guess?

yea, virtualme. it's a online game. it's called stalker. and like i said it has a java console. and now it doesn't seem to be working after i did all that stuff tb525 advised me to do. can u help?yea, virtualme. it's a online game. it's called stalker. and like i said it has a java console. and now it doesn't seem to be working after i did all that stuff tb525 advised me to do. can u help?

sorry for the above typing i'm not used to this site yet

This it? S.T.A.L.K.E.R. Oblivion Lost (http://www.gamezone.com/gamesell/p21243.htm)

no it's not. it's just a game on this one site for students. does it matter what game it is?

You used SpyBot Search and Destroy, correct?

If so you can click on Recovery and search for a entry that pretains to the game or website maybe.

If you find it you can restore just that one and see what happens.

Then again that game may be where you picked up the Gator spyware (http://www.answersthatwork.com/Tasklist_pages/tasklist_c.htm).

Cmesys Cmesys.exe

(Gator) Background program which is part of the Gator GAIN software (Gator Advertising and Information Network). Gator GAIN is what we call adware (advertising spyware). Gator GAIN is used by software manufacturers to enable them to offer you the FREE use of their software – instead, they receive advertising revenue through the advertisements displayed by the Gator GAIN add-on whenever you are using their software.

Recommendation :
We are against all adware. Download SpyBot Search & Destroy from our Downloads area and use it to remove Gator and any other adware or spyware. Note, however, that in some cases removing adware will totally disable the application which installed it, and this maybe an application which is important to you, so you may want to initially only disable this with Startup Manager while you ascertain how Gator Gain got into your PC.

Gator was installed with Precision Time and Date Manager.


Click Tools > Internet Options > General tab. Click the 'settings' button, then click 'view objects' . If any of the ActiveX controls are listed as damaged, delete them.

forunately, there weren't any damaged files in there. also forget about my problem with the stalker console i just tried it again and it works. must of just been the website

i'm still having the problem with the error message. can somone tell me what to do next?