Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Windows XP Windows XP
Search Search
Search for:
Tech Support Guy > > >

Solved: slow startup


(!)

bombaykid's Avatar
bombaykid bombaykid is offline
Member with 203 posts.
THREAD STARTER
 
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 04:00 PM #1
Solved: slow startup
slow startup
I have dell computer with following:
Microsoft Wndows xp
home edition
Verson 2002
Intel
Pentium 4 cpu 3.00Ghz
2.99 Ghz, 2.00GB of Ram
Hard drive 149 GB
Use 35.00GB
Free 149 GB

My computer takes 5 to 7 min. to start and I do not know what to do. Can you sent me step by step instruction what should I do?


Here is HJT Report

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:50:40 PM, on 9/10/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ASTSRV.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\Program Files\Nitro PDF\Express\NitroPDFExpressDriverService.exe
C:\WINDOWS\system32\NLSSRV32.EXE
C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\SelectRebates\SelectRebates.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\PK\Application Data\mjusbsp\magicJack.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://snt143.mail.live.com/mail/In...20&fid=1&fav=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: blekko search bar - {1be04434-6b9f-48c8-8675-94c640d5b293} - C:\Program Files\blekkotb_sa5\blekkotb_019X.dll
O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\IPS\IPSBHO.DLL
O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: BHO_PROJECT - {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - C:\Program Files\OpenApp\bho_project.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ShopAtHomeIEHelper - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
O2 - BHO: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll
O3 - Toolbar: ShopAtHome.com Toolbar - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
O3 - Toolbar: blekko search bar - {1be04434-6b9f-48c8-8675-94c640d5b293} - C:\Program Files\blekkotb_sa5\blekkotb_019X.dll
O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll
O4 - HKLM\..\Run: [SelectRebates] C:\Program Files\SelectRebates\SelectRebates.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\PK\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PK\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: &Search - http://tbedits.mapsgalaxy.com/one-to...012072722&cv=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\ASTSRV.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - COMPANYVERS_NAME - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NitroPDFExpressDriverCreatorReadSpool (NitroExpressDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Express\NitroPDFExpressDriverService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE
O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 11250 bytes
TheShooter93's Avatar
TheShooter93   (Cody) TheShooter93 is online now TheShooter93 has a Profile Picture
Computer Specs
Member with 9,879 posts.
 
Join Date: Jul 2008
Location: Orlando, Florida
Experience: Advanced
10-Sep-2012, 04:15 PM #2
Only Trusted Advisors or Malware Removal Experts are allowed to analyze HijackThis logs or help with malware removal of any kind.

If anyone without these designations offers advice on malware removal, do not follow them, and report their post.

---------------------------------------

Click Start.

In the search bar, type MSCONFIG and hit Enter. Click the "Startup" tab.

Write down only the names in the "Startup Item" column that have a checkmark next to them.

If the "Startup Item" column isn't wide enough to see the entire name of any of them, widen the column.

Submit those names here in a vertical list.

Make sure to spell them EXACTLY as you see them there.
bombaykid's Avatar
bombaykid bombaykid is offline
Member with 203 posts.
THREAD STARTER
 
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 04:27 PM #3
Slow start up
Here is Start up items:

selectrebates
reader_sl
Adobearm
Brmfcwind
brctrcen
39srchmn
googletalk
realsched
ctfmon
cdloader2
googleupdate
blues_harp28's Avatar
Trusted Advisor with 15,960 posts.
 
Join Date: Jan 2005
Location: London England
10-Sep-2012, 04:29 PM #4
In addition to the above.

Download MalwareBytes and SuperAntiSpyware to your desktop.
Download the Free versions of both programs.

MalwareBytes

SuperAntiSpyware

Once they are downloaded to your desktop.
Close all open browser windows.

MalwareBytes
Click on the Install icon - allow it to update during the install process.
Start Malwarebytes Anti-Malware.
Click on Scanner > then quick scan > then Scan.
Any infections or problems will be highlighted in red.
After the scan is finished - Click - Show Results.
Check that all entries are selected.
Click - Remove Selected.
You may be prompted to restart to finish the removal process.
If Yes - restart your Pc.

Start Malwarebytes again.
Click on the Logs Tab.
Highlight the scan log entry.
Click - Open.
The scan log will appear in Notepad.
Copy and paste it in your next post.

SuperAntiSpyware
Click on the install icon - allow it to update during the install process.
Select the Quick Scan option.
Click Scan your Computer.
Any infections or problems will be highlighted in red.
After the scan is finished.
Click Continue.
Check that everything is listed.
Click Remove Threats.
Click OK - then click Finish
You may be prompted to restart to finish the removal process.
If Yes - restart your Pc.

Start SuperAntiSpyware again.
Click View Scan Logs.
Highlight the scan log entry.
Click - View Selected Log.
The scan log will appear in Notepad.
Copy and paste in your next post.
__________________
Superantispyware
Malwarebytes
blues_harp28's Avatar
Trusted Advisor with 15,960 posts.
 
Join Date: Jan 2005
Location: London England
10-Sep-2012, 05:04 PM #5
Once you have posted the logs from Malwarebytes and Superantispyware.
Start Hjt log - click Scan.
Once the page has opened - put a Tick mark against these entries if they still show in the Hjt log and click Fix

Double check that only these entries are Ticked.

R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

O2 - BHO: blekko search bar - {1be04434-6b9f-48c8-8675-94c640d5b293} - C:\Program Files\blekkotb_sa5\blekkotb_019X.dll

O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll

O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

O2 - BHO: BHO_PROJECT - {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - C:\Program Files\OpenApp\bho_project.dll

O2 - BHO: ShopAtHomeIEHelper - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll

O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll

O8 - Extra context menu item: &Search - http://tbedits.mapsgalaxy.com/one-to...012072722&cv=1


Close Hjt log.
Restart your Pc.
bombaykid's Avatar
bombaykid bombaykid is offline
Member with 203 posts.
THREAD STARTER
 
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 05:56 PM #6
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.01.13.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
PK :: BOMBAYKID [administrator]

8/10/2012 5:36:14 PM
mbam-log-2012-08-10 (17-36-14).txt

Scan type: Custom scan
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
Objects scanned: 1
Time elapsed: 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/10/2012 at 02:24 PM

Application Version : 5.5.1016

Core Rules Database Version : 9202
Trace Rules Database Version: 7014

Scan type : Quick Scan
Total Scan Time : 00:21:04

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 562
Memory threats detected : 2
Registry items scanned : 29614
Registry threats detected : 38
File items scanned : 10493
File threats detected : 108

Adware.ShopAtHomeSelect
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\InprocServer32
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\InprocServer32#ThreadingModel
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\ProgID
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\Programmable
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\TypeLib
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\VersionIndependentProgID
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4b58-9603-8E54238219E2}
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
HKCR\ToolBand.ShopAtHomeIEHelper.1
HKCR\ToolBand.ShopAtHomeIEHelper.1\CLSID
HKCR\ToolBand.ShopAtHomeIEHelper
HKCR\ToolBand.ShopAtHomeIEHelper\CLSID
HKCR\ToolBand.ShopAtHomeIEHelper\CurVer
HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}
HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0
HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\0
HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\0\win32
HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\FLAGS
HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\HELPDIR
C:\PROGRAM FILES\SELECTREBATES\TOOLBAR\SHOPATHOMETOOLBAR.DLL
HKU\S-1-5-21-602162358-448539723-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Adware.ShopAtHome/SelectRebates
[SelectRebates] C:\PROGRAM FILES\SELECTREBATES\SELECTREBATES.EXE
C:\PROGRAM FILES\SELECTREBATES\SELECTREBATES.EXE
C:\PROGRAM FILES\SELECTREBATES\SELECTREBATES.EXE

Browser Hijacker.Tubby
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#NoModify
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#NoRepair
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayIcon
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayVersion
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#URLInfoAbout
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#Publisher
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#EstimatedSize

Adware.SelectRebates
C:\Program Files\SELECTREBATES\FFToolbar\chrome\sahtoolbar.jar
C:\Program Files\SELECTREBATES\FFToolbar\chrome
C:\Program Files\SELECTREBATES\FFToolbar\chrome.manifest
C:\Program Files\SELECTREBATES\FFToolbar\defaults\preferences\sahtoolbar.js
C:\Program Files\SELECTREBATES\FFToolbar\defaults\preferences
C:\Program Files\SELECTREBATES\FFToolbar\defaults
C:\Program Files\SELECTREBATES\FFToolbar\install.rdf
C:\Program Files\SELECTREBATES\FFToolbar
C:\Program Files\SELECTREBATES\SahImages\alert.png
C:\Program Files\SELECTREBATES\SahImages\check.png
C:\Program Files\SELECTREBATES\SahImages\close.png
C:\Program Files\SELECTREBATES\SahImages\popupDefault.gif
C:\Program Files\SELECTREBATES\SahImages
C:\Program Files\SELECTREBATES\SelectAlerts.dat
C:\Program Files\SELECTREBATES\SelectRebates.ini
C:\Program Files\SELECTREBATES\SelectRebatesA.dat
C:\Program Files\SELECTREBATES\SelectRebatesApi.exe
C:\Program Files\SELECTREBATES\SelectRebatesB.dat
C:\Program Files\SELECTREBATES\SelectRebatesBT.dat
C:\Program Files\SELECTREBATES\SelectRebatesDownload.exe
C:\Program Files\SELECTREBATES\SelectRebatesH.dat
C:\Program Files\SELECTREBATES\SelectRebatesUninstall.exe
C:\Program Files\SELECTREBATES\SRebates.dll
C:\Program Files\SELECTREBATES\SRFF3.dll
C:\Program Files\SELECTREBATES\Toolbar\AddtoList.bmp
C:\Program Files\SELECTREBATES\Toolbar\basis.xml
C:\Program Files\SELECTREBATES\Toolbar\Basis.xml.dym
C:\Program Files\SELECTREBATES\Toolbar\Blank.bmp
C:\Program Files\SELECTREBATES\Toolbar\Cache
C:\Program Files\SELECTREBATES\Toolbar\CashBack.bmp
C:\Program Files\SELECTREBATES\Toolbar\Coupons.bmp
C:\Program Files\SELECTREBATES\Toolbar\GroceryCoupon.bmp
C:\Program Files\SELECTREBATES\Toolbar\icons.bmp
C:\Program Files\SELECTREBATES\Toolbar\ImageCache
C:\Program Files\SELECTREBATES\Toolbar\i_magnifying.bmp
C:\Program Files\SELECTREBATES\Toolbar\logo.bmp
C:\Program Files\SELECTREBATES\Toolbar\logo_24.bmp
C:\Program Files\SELECTREBATES\Toolbar\logo_HotSpots.bmp
C:\Program Files\SELECTREBATES\Toolbar\ReviewSite.bmp
C:\Program Files\SELECTREBATES\Toolbar\RightControls.dym
C:\Program Files\SELECTREBATES\Toolbar\sahtb-alert.bmp
C:\Program Files\SELECTREBATES\Toolbar\sahtb-go.bmp
C:\Program Files\SELECTREBATES\Toolbar\sahtb-grocerycoupons.bmp
C:\Program Files\SELECTREBATES\Toolbar\sahtb-icons.bmp
C:\Program Files\SELECTREBATES\Toolbar\sahtb-restaurant.bmp
C:\Program Files\SELECTREBATES\Toolbar\sahtb-wishlist.bmp
C:\Program Files\SELECTREBATES\Toolbar\Scissors.bmp
C:\Program Files\SELECTREBATES\Toolbar
C:\Program Files\SELECTREBATES

Adware.Zugo
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
HKU\S-1-5-21-602162358-448539723-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
HKU\S-1-5-21-602162358-448539723-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{9D425283-D487-4337-BAB6-AB8354A81457}
HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}

Disabled.FolderOption
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\FOLDER\HID DEN\SHOWALL#CHECKEDVALUE

Heur.Agent/Gen-WhiteBox
C:\TORRENT.EXE

Adware.Tracking Cookie
C:\Documents and Settings\PK\Cookies\OY2VS8ZZ.txt [ /ads.cleveland.com ]
C:\Documents and Settings\PK\Cookies\CKJYANDP.txt [ /adserver.adtechus.com ]
C:\Documents and Settings\PK\Cookies\BH5MZAGO.txt [ /lucidmedia.com ]
C:\Documents and Settings\PK\Cookies\KYTN9Q27.txt [ /edge.jeetyetmedia.com ]
C:\Documents and Settings\PK\Cookies\0T121HKH.txt [ /rotator.hadj1.adjuggler.net ]
C:\Documents and Settings\PK\Cookies\Z9Q9GGU7.txt [ /realmedia.com ]
C:\Documents and Settings\PK\Cookies\YWMEHM0N.txt [ /statcounter.com ]
C:\Documents and Settings\PK\Cookies\VVE6DA4P.txt [ /liveperson.net ]
C:\Documents and Settings\PK\Cookies\M9FZUWJA.txt [ /www.googleadservices.com ]
C:\Documents and Settings\PK\Cookies\USE6HNLQ.txt [ /ads.syracuse.com ]
C:\Documents and Settings\PK\Cookies\M8J95UC7.txt [ /jump.tvitrack.com ]
C:\Documents and Settings\PK\Cookies\IB63XYOB.txt [ /legolas-media.com ]
C:\Documents and Settings\PK\Cookies\M1C84MO3.txt [ /jeetyetmedia.com ]
C:\Documents and Settings\PK\Cookies\4BAL3GO4.txt [ /ar.atwola.com ]
C:\Documents and Settings\PK\Cookies\R7F1O1FL.txt [ /a1.interclick.com ]
C:\Documents and Settings\PK\Cookies\AUDU8X60.txt [ /ads.nj.com ]
C:\Documents and Settings\PK\Cookies\JVWOG2W3.txt [ /ads.masslive.com ]
C:\Documents and Settings\PK\Cookies\N4HU4QPM.txt [ /collective-media.net ]
C:\Documents and Settings\PK\Cookies\5K83VQST.txt [ /amazon-adsystem.com ]
C:\Documents and Settings\PK\Cookies\UNEV6GNL.txt [ /friendfinder.com ]
C:\Documents and Settings\PK\Cookies\J6INY0YB.txt [ /ads.al.com ]
C:\Documents and Settings\PK\Cookies\RSK0F2K2.txt [ /mediaservices-d.openxenterprise.com ]
C:\Documents and Settings\PK\Cookies\5ZINO372.txt [ /ads.pubmatic.com ]
C:\Documents and Settings\PK\Cookies\WMHISD7H.txt [ /ads.oregonlive.com ]
C:\Documents and Settings\PK\Cookies\T1ICXO11.txt [ /lfstmedia.com ]
C:\Documents and Settings\PK\Cookies\0UWQ1K19.txt [ /accounts.google.com ]
C:\Documents and Settings\PK\Cookies\AMH1V6Y3.txt [ /burstnet.com ]
C:\Documents and Settings\PK\Cookies\UM2XZY11.txt [ /media6degrees.com ]
C:\Documents and Settings\PK\Cookies\A12SF3SR.txt [ /interclick.com ]
C:\Documents and Settings\PK\Cookies\KWME61K7.txt [ /adxpose.com ]
C:\Documents and Settings\PK\Cookies\9WCXUOWX.txt [ /ads.nola.com ]
C:\Documents and Settings\PK\Cookies\OGE89BJ1.txt [ /ad.360yield.com ]
C:\Documents and Settings\PK\Cookies\BYLNQGJE.txt [ /openx.jeetyetmedia.com ]
C:\Documents and Settings\PK\Cookies\VZHJYIOY.txt [ /media.adfrontiers.com ]
C:\Documents and Settings\PK\Cookies\89BFY1C3.txt [ /yieldmanager.net ]
C:\Documents and Settings\PK\Cookies\XVUZ3B7A.txt [ /www.bftrack.com ]
C:\Documents and Settings\PK\Cookies\KS2P0CYL.txt [ /invitemedia.com ]
C:\Documents and Settings\PK\Cookies\JNF2QMP8.txt [ /traveladvertising.com ]
C:\Documents and Settings\PK\Cookies\CDBJDGU5.txt [ /ads.pennlive.com ]
C:\Documents and Settings\PK\Cookies\67VF0AEJ.txt [ /at.atwola.com ]
C:\Documents and Settings\PK\Cookies\S4PTOMKL.txt [ /ads.mlive.com ]
C:\Documents and Settings\PK\Cookies\CN67HCYA.txt [ /server.iad.liveperson.net ]
C:\Documents and Settings\PK\Cookies\FNK8TIJ8.txt [ /2o7.net ]
C:\Documents and Settings\PK\Cookies\MGBOQ130.txt [ /clickfuse.com ]
C:\Documents and Settings\PK\Cookies\YHMACCNM.txt [ /adinterax.com ]
C:\Documents and Settings\PK\Cookies\IQOOH07G.txt [ /media2.legacy.com ]
C:\Documents and Settings\PK\Cookies\IDR82O64.txt [ /ad.yieldmanager.com ]
C:\Documents and Settings\PK\Cookies\O7NM4AVQ.txt [ /tacoda.at.atwola.com ]
C:\Documents and Settings\PK\Cookies\9V3YAMPX.txt [ /atwola.com ]
C:\Documents and Settings\PK\Cookies\59U5UUKR.txt [ /weil.rotator.hadj1.adjuggler.net ]
C:\Documents and Settings\PK\Cookies\3C3TBC6Q.txt [ /indianfriendfinder.com ]
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\Cookies\4RXCF18Y.txt [ Cookie:administrator@atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\Cookies\administrator@revsci[1].txt [ Cookie:administrator@revsci.net/ ]
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\Cookies\administrator@microsoftwindows.112.2o7[1].txt [ Cookie:administrator@microsoftwindows.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\Cookies\administrator@serving-sys[1].txt [ Cookie:administrator@serving-sys.com/ ]

Adware.SelectRebates[SAH]
C:\PROGRAM FILES\SELECTREBATES\SREBATES.DLL

PUP.CNETInstaller
C:\DOCUMENTS AND SETTINGS\PK\DESKTOP\UNUSEPROGRAMS\CNET2_IESPELLSETUP264573_EXE.EXE
bombaykid's Avatar
bombaykid bombaykid is offline
Member with 203 posts.
THREAD STARTER
 
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 06:03 PM #7
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:55:06 PM, on 9/10/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\ASTSRV.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\Program Files\Nitro PDF\Express\NitroPDFExpressDriverService.exe
C:\WINDOWS\system32\NLSSRV32.EXE
C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\PK\Application Data\mjusbsp\magicJack.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://snt143.mail.live.com/mail/In...20&fid=1&fav=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll
O3 - Toolbar: ShopAtHome.com Toolbar - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (file missing)
O3 - Toolbar: (no name) - {1be04434-6b9f-48c8-8675-94c640d5b293} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\PK\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PK\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\ASTSRV.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NitroPDFExpressDriverCreatorReadSpool (NitroExpressDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Express\NitroPDFExpressDriverService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE
O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 9969 bytes
blues_harp28's Avatar
Trusted Advisor with 15,960 posts.
 
Join Date: Jan 2005
Location: London England
10-Sep-2012, 06:13 PM #8
Start > Run > Type
msconfig
In msconfig - Start up tab.
Untick all entries - [You only need Norton to run at startup - it is not in the list but it will still load at startup]

[Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
[ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun

[googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
[TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot

[ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
[cdloader] "C:\Documents and Settings\PK\Application Data\mjusbsp\cdloader2.exe" MAGICJACK

[Google Update] "C:\Documents and Settings\PK\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
[SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe


Apply > Ok > Reboot your Pc.

The System Configuration Utility box appear on retstart - saying changes have been made.
Tick the box on the lower left and then OK.

Any entry can be re-enabled using msconfig - if it needs to be

------

Post the uninstall log from Hjt log
Start HiJackThis.
At the bottom right - Other Stuff
Click on Config > Misc Tools.
Click > Open Uninstall Manager.
Click > Save List.
Save the uninstall list file on your desktop.
It will then open in Notepad.
Click Edit > Select All > Copy-and-Paste the uninstall list in the reply box.
bombaykid's Avatar
bombaykid bombaykid is offline
Member with 203 posts.
THREAD STARTER
 
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 06:23 PM #9
It is still taking 8 min to restar computer and open IE .

Un tick every thing in startup and now I am restaring, lets see how long does it take
bombaykid's Avatar
bombaykid bombaykid is offline
Member with 203 posts.
THREAD STARTER
 
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 06:32 PM #10
it took 5 min to restart computer and open IE, Magic jack did not load
blues_harp28's Avatar
Trusted Advisor with 15,960 posts.
 
Join Date: Jan 2005
Location: London England
10-Sep-2012, 06:38 PM #11
If you need Magic Jack to load at startup - retick it in msconfig.

Clean out Temp Files.
Open the Start Menu.
In the Start Search area.
Type.
Cleanmgr

Press Enter.
Check [tick] Temporary files Only.
Click on OK.
Then Click on Delete Files.

-----

Post the uninstall log from Hjt log
Start HiJackThis.
At the bottom right - Other Stuff
Click on Config > Misc Tools.
Click > Open Uninstall Manager.
Click > Save List.
Save the uninstall list file on your desktop.
It will then open in Notepad.
Click Edit > Select All > Copy-and-Paste the uninstall list in the reply box.
bombaykid's Avatar
bombaykid bombaykid is offline
Member with 203 posts.
THREAD STARTER
 
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 06:52 PM #12
It is taking long time to clean temp. files. Disk cleaning is still going on , It is clearing temp file.
bombaykid's Avatar
bombaykid bombaykid is offline
Member with 203 posts.
THREAD STARTER
 
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 06:53 PM #13
ok it stop now, I will restart my computer now and see how long does it take.
bombaykid's Avatar
bombaykid bombaykid is offline
Member with 203 posts.
THREAD STARTER
 
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 07:02 PM #14
Still taking 7 min to restart computer and open IE
blues_harp28's Avatar
Trusted Advisor with 15,960 posts.
 
Join Date: Jan 2005
Location: London England
10-Sep-2012, 07:04 PM #15
When did you last Defrag the hard drive?
Right click My Computer>Open
Right click - Local disk - should be C:
Click Properties.
Tools > Defragmentation

Post the uninstall log from Hjt log
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑