Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Windows XP Windows XP
Go to first new post Internet Explorer
Go to first new post latop has no DVD playback?
Go to first new post Need help installing .msi software
Go to first new post Random "Input Out Of Range" er ...
Go to first new post yahoo
Go to first new post Problems with 2 PC's
Go to first new post Folder Delete
Go to first new post Hal.dll file missing and cannot boot to ...
Go to first new post NMI parity BSOD
Go to first new post How to reformat company laptop?
Go to first new post Screen Freezing (not a router issue)
Go to first new post .exe is not a valid win32 application
Go to first new post Screen Freeze.
Go to first new post Security Centre
Go to first new post Solved: how to back my pictures viewer t ...
Search Search
Search for:
Tech Support Guy Forums > > >

Solved: slow startup


(!)

Reply
Page 1 of 4 1 234
bombaykid's Avatar
Member with 203 posts.
THREAD STARTER
  
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 04:00 PM #1
Solved: slow startup
slow startup
I have dell computer with following:
Microsoft Wndows xp
home edition
Verson 2002
Intel
Pentium 4 cpu 3.00Ghz
2.99 Ghz, 2.00GB of Ram
Hard drive 149 GB
Use 35.00GB
Free 149 GB

My computer takes 5 to 7 min. to start and I do not know what to do. Can you sent me step by step instruction what should I do?


Here is HJT Report

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:50:40 PM, on 9/10/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ASTSRV.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\Program Files\Nitro PDF\Express\NitroPDFExpressDriverService.exe
C:\WINDOWS\system32\NLSSRV32.EXE
C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\SelectRebates\SelectRebates.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\PK\Application Data\mjusbsp\magicJack.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://snt143.mail.live.com/mail/In...20&fid=1&fav=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: blekko search bar - {1be04434-6b9f-48c8-8675-94c640d5b293} - C:\Program Files\blekkotb_sa5\blekkotb_019X.dll
O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\IPS\IPSBHO.DLL
O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: BHO_PROJECT - {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - C:\Program Files\OpenApp\bho_project.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ShopAtHomeIEHelper - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
O2 - BHO: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll
O3 - Toolbar: ShopAtHome.com Toolbar - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
O3 - Toolbar: blekko search bar - {1be04434-6b9f-48c8-8675-94c640d5b293} - C:\Program Files\blekkotb_sa5\blekkotb_019X.dll
O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll
O4 - HKLM\..\Run: [SelectRebates] C:\Program Files\SelectRebates\SelectRebates.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\PK\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PK\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: &Search - http://tbedits.mapsgalaxy.com/one-to...012072722&cv=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\ASTSRV.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - COMPANYVERS_NAME - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NitroPDFExpressDriverCreatorReadSpool (NitroExpressDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Express\NitroPDFExpressDriverService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE
O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 11250 bytes
TheShooter93's Avatar
TheShooter93   (Cody) TheShooter93 is offline TheShooter93 has a Profile Picture
Computer Specs
Member with 6,876 posts.
  
Join Date: Jul 2008
Location: Orlando, Florida
Experience: Advanced
10-Sep-2012, 04:15 PM #2
Only Trusted Advisors or Malware Removal Experts are allowed to analyze HijackThis logs or help with malware removal of any kind.

If anyone without these designations offers advice on malware removal, do not follow them, and report their post.

---------------------------------------

Click Start.

In the search bar, type MSCONFIG and hit Enter. Click the "Startup" tab.

Write down only the names in the "Startup Item" column that have a checkmark next to them.

If the "Startup Item" column isn't wide enough to see the entire name of any of them, widen the column.

Submit those names here in a vertical list.

Make sure to spell them EXACTLY as you see them there.
__________________
I am a junior at the University of Central Florida pursuing a degree in Information Technology and for this summer, I work full time.
Due to this, my schedule is very hectic. If I don't reply within 48 hours, send me a PM.
bombaykid's Avatar
Member with 203 posts.
THREAD STARTER
  
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 04:27 PM #3
Slow start up
Here is Start up items:

selectrebates
reader_sl
Adobearm
Brmfcwind
brctrcen
39srchmn
googletalk
realsched
ctfmon
cdloader2
googleupdate
blues_harp28's Avatar
Trusted Advisor with 13,786 posts.
  
Join Date: Jan 2005
Location: London England
10-Sep-2012, 04:29 PM #4
In addition to the above.

Download MalwareBytes and SuperAntiSpyware to your desktop.
Download the Free versions of both programs.

MalwareBytes

SuperAntiSpyware

Once they are downloaded to your desktop.
Close all open browser windows.

MalwareBytes
Click on the Install icon - allow it to update during the install process.
Start Malwarebytes Anti-Malware.
Click on Scanner > then quick scan > then Scan.
Any infections or problems will be highlighted in red.
After the scan is finished - Click - Show Results.
Check that all entries are selected.
Click - Remove Selected.
You may be prompted to restart to finish the removal process.
If Yes - restart your Pc.

Start Malwarebytes again.
Click on the Logs Tab.
Highlight the scan log entry.
Click - Open.
The scan log will appear in Notepad.
Copy and paste it in your next post.

SuperAntiSpyware
Click on the install icon - allow it to update during the install process.
Select the Quick Scan option.
Click Scan your Computer.
Any infections or problems will be highlighted in red.
After the scan is finished.
Click Continue.
Check that everything is listed.
Click Remove Threats.
Click OK - then click Finish
You may be prompted to restart to finish the removal process.
If Yes - restart your Pc.

Start SuperAntiSpyware again.
Click View Scan Logs.
Highlight the scan log entry.
Click - View Selected Log.
The scan log will appear in Notepad.
Copy and paste in your next post.
__________________
Superantispyware
Malwarebytes
blues_harp28's Avatar
Trusted Advisor with 13,786 posts.
  
Join Date: Jan 2005
Location: London England
10-Sep-2012, 05:04 PM #5
Once you have posted the logs from Malwarebytes and Superantispyware.
Start Hjt log - click Scan.
Once the page has opened - put a Tick mark against these entries if they still show in the Hjt log and click Fix

Double check that only these entries are Ticked.

R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

O2 - BHO: blekko search bar - {1be04434-6b9f-48c8-8675-94c640d5b293} - C:\Program Files\blekkotb_sa5\blekkotb_019X.dll

O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll

O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

O2 - BHO: BHO_PROJECT - {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - C:\Program Files\OpenApp\bho_project.dll

O2 - BHO: ShopAtHomeIEHelper - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll

O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll

O8 - Extra context menu item: &Search - http://tbedits.mapsgalaxy.com/one-to...012072722&cv=1

Close Hjt log.
Restart your Pc.
__________________
Superantispyware
Malwarebytes
bombaykid's Avatar
Member with 203 posts.
THREAD STARTER
  
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 05:56 PM #6
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.01.13.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
PK :: BOMBAYKID [administrator]

8/10/2012 5:36:14 PM
mbam-log-2012-08-10 (17-36-14).txt

Scan type: Custom scan
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
Objects scanned: 1
Time elapsed: 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/10/2012 at 02:24 PM

Application Version : 5.5.1016

Core Rules Database Version : 9202
Trace Rules Database Version: 7014

Scan type : Quick Scan
Total Scan Time : 00:21:04

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 562
Memory threats detected : 2
Registry items scanned : 29614
Registry threats detected : 38
File items scanned : 10493
File threats detected : 108

Adware.ShopAtHomeSelect
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\InprocServer32
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\InprocServer32#ThreadingModel
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\ProgID
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\Programmable
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\TypeLib
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\VersionIndependentProgID
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4b58-9603-8E54238219E2}
HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
HKCR\ToolBand.ShopAtHomeIEHelper.1
HKCR\ToolBand.ShopAtHomeIEHelper.1\CLSID
HKCR\ToolBand.ShopAtHomeIEHelper
HKCR\ToolBand.ShopAtHomeIEHelper\CLSID
HKCR\ToolBand.ShopAtHomeIEHelper\CurVer
HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}
HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0
HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\0
HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\0\win32
HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\FLAGS
HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\HELPDIR
C:\PROGRAM FILES\SELECTREBATES\TOOLBAR\SHOPATHOMETOOLBAR.DLL
HKU\S-1-5-21-602162358-448539723-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Adware.ShopAtHome/SelectRebates
[SelectRebates] C:\PROGRAM FILES\SELECTREBATES\SELECTREBATES.EXE
C:\PROGRAM FILES\SELECTREBATES\SELECTREBATES.EXE
C:\PROGRAM FILES\SELECTREBATES\SELECTREBATES.EXE

Browser Hijacker.Tubby
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#NoModify
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#NoRepair
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayIcon
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayVersion
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#URLInfoAbout
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#Publisher
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#EstimatedSize

Adware.SelectRebates
C:\Program Files\SELECTREBATES\FFToolbar\chrome\sahtoolbar.jar
C:\Program Files\SELECTREBATES\FFToolbar\chrome
C:\Program Files\SELECTREBATES\FFToolbar\chrome.manifest
C:\Program Files\SELECTREBATES\FFToolbar\defaults\preferences\sahtoolbar.js
C:\Program Files\SELECTREBATES\FFToolbar\defaults\preferences
C:\Program Files\SELECTREBATES\FFToolbar\defaults
C:\Program Files\SELECTREBATES\FFToolbar\install.rdf
C:\Program Files\SELECTREBATES\FFToolbar
C:\Program Files\SELECTREBATES\SahImages\alert.png
C:\Program Files\SELECTREBATES\SahImages\check.png
C:\Program Files\SELECTREBATES\SahImages\close.png
C:\Program Files\SELECTREBATES\SahImages\popupDefault.gif
C:\Program Files\SELECTREBATES\SahImages
C:\Program Files\SELECTREBATES\SelectAlerts.dat
C:\Program Files\SELECTREBATES\SelectRebates.ini
C:\Program Files\SELECTREBATES\SelectRebatesA.dat
C:\Program Files\SELECTREBATES\SelectRebatesApi.exe
C:\Program Files\SELECTREBATES\SelectRebatesB.dat
C:\Program Files\SELECTREBATES\SelectRebatesBT.dat
C:\Program Files\SELECTREBATES\SelectRebatesDownload.exe
C:\Program Files\SELECTREBATES\SelectRebatesH.dat
C:\Program Files\SELECTREBATES\SelectRebatesUninstall.exe
C:\Program Files\SELECTREBATES\SRebates.dll
C:\Program Files\SELECTREBATES\SRFF3.dll
C:\Program Files\SELECTREBATES\Toolbar\AddtoList.bmp
C:\Program Files\SELECTREBATES\Toolbar\basis.xml
C:\Program Files\SELECTREBATES\Toolbar\Basis.xml.dym
C:\Program Files\SELECTREBATES\Toolbar\Blank.bmp
C:\Program Files\SELECTREBATES\Toolbar\Cache
C:\Program Files\SELECTREBATES\Toolbar\CashBack.bmp
C:\Program Files\SELECTREBATES\Toolbar\Coupons.bmp
C:\Program Files\SELECTREBATES\Toolbar\GroceryCoupon.bmp
C:\Program Files\SELECTREBATES\Toolbar\icons.bmp
C:\Program Files\SELECTREBATES\Toolbar\ImageCache
C:\Program Files\SELECTREBATES\Toolbar\i_magnifying.bmp
C:\Program Files\SELECTREBATES\Toolbar\logo.bmp
C:\Program Files\SELECTREBATES\Toolbar\logo_24.bmp
C:\Program Files\SELECTREBATES\Toolbar\logo_HotSpots.bmp
C:\Program Files\SELECTREBATES\Toolbar\ReviewSite.bmp
C:\Program Files\SELECTREBATES\Toolbar\RightControls.dym
C:\Program Files\SELECTREBATES\Toolbar\sahtb-alert.bmp
C:\Program Files\SELECTREBATES\Toolbar\sahtb-go.bmp
C:\Program Files\SELECTREBATES\Toolbar\sahtb-grocerycoupons.bmp
C:\Program Files\SELECTREBATES\Toolbar\sahtb-icons.bmp
C:\Program Files\SELECTREBATES\Toolbar\sahtb-restaurant.bmp
C:\Program Files\SELECTREBATES\Toolbar\sahtb-wishlist.bmp
C:\Program Files\SELECTREBATES\Toolbar\Scissors.bmp
C:\Program Files\SELECTREBATES\Toolbar
C:\Program Files\SELECTREBATES

Adware.Zugo
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
HKU\S-1-5-21-602162358-448539723-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
HKU\S-1-5-21-602162358-448539723-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{9D425283-D487-4337-BAB6-AB8354A81457}
HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}

Disabled.FolderOption
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\FOLDER\HID DEN\SHOWALL#CHECKEDVALUE

Heur.Agent/Gen-WhiteBox
C:\TORRENT.EXE

Adware.Tracking Cookie
C:\Documents and Settings\PK\Cookies\OY2VS8ZZ.txt [ /ads.cleveland.com ]
C:\Documents and Settings\PK\Cookies\CKJYANDP.txt [ /adserver.adtechus.com ]
C:\Documents and Settings\PK\Cookies\BH5MZAGO.txt [ /lucidmedia.com ]
C:\Documents and Settings\PK\Cookies\KYTN9Q27.txt [ /edge.jeetyetmedia.com ]
C:\Documents and Settings\PK\Cookies\0T121HKH.txt [ /rotator.hadj1.adjuggler.net ]
C:\Documents and Settings\PK\Cookies\Z9Q9GGU7.txt [ /realmedia.com ]
C:\Documents and Settings\PK\Cookies\YWMEHM0N.txt [ /statcounter.com ]
C:\Documents and Settings\PK\Cookies\VVE6DA4P.txt [ /liveperson.net ]
C:\Documents and Settings\PK\Cookies\M9FZUWJA.txt [ /www.googleadservices.com ]
C:\Documents and Settings\PK\Cookies\USE6HNLQ.txt [ /ads.syracuse.com ]
C:\Documents and Settings\PK\Cookies\M8J95UC7.txt [ /jump.tvitrack.com ]
C:\Documents and Settings\PK\Cookies\IB63XYOB.txt [ /legolas-media.com ]
C:\Documents and Settings\PK\Cookies\M1C84MO3.txt [ /jeetyetmedia.com ]
C:\Documents and Settings\PK\Cookies\4BAL3GO4.txt [ /ar.atwola.com ]
C:\Documents and Settings\PK\Cookies\R7F1O1FL.txt [ /a1.interclick.com ]
C:\Documents and Settings\PK\Cookies\AUDU8X60.txt [ /ads.nj.com ]
C:\Documents and Settings\PK\Cookies\JVWOG2W3.txt [ /ads.masslive.com ]
C:\Documents and Settings\PK\Cookies\N4HU4QPM.txt [ /collective-media.net ]
C:\Documents and Settings\PK\Cookies\5K83VQST.txt [ /amazon-adsystem.com ]
C:\Documents and Settings\PK\Cookies\UNEV6GNL.txt [ /friendfinder.com ]
C:\Documents and Settings\PK\Cookies\J6INY0YB.txt [ /ads.al.com ]
C:\Documents and Settings\PK\Cookies\RSK0F2K2.txt [ /mediaservices-d.openxenterprise.com ]
C:\Documents and Settings\PK\Cookies\5ZINO372.txt [ /ads.pubmatic.com ]
C:\Documents and Settings\PK\Cookies\WMHISD7H.txt [ /ads.oregonlive.com ]
C:\Documents and Settings\PK\Cookies\T1ICXO11.txt [ /lfstmedia.com ]
C:\Documents and Settings\PK\Cookies\0UWQ1K19.txt [ /accounts.google.com ]
C:\Documents and Settings\PK\Cookies\AMH1V6Y3.txt [ /burstnet.com ]
C:\Documents and Settings\PK\Cookies\UM2XZY11.txt [ /media6degrees.com ]
C:\Documents and Settings\PK\Cookies\A12SF3SR.txt [ /interclick.com ]
C:\Documents and Settings\PK\Cookies\KWME61K7.txt [ /adxpose.com ]
C:\Documents and Settings\PK\Cookies\9WCXUOWX.txt [ /ads.nola.com ]
C:\Documents and Settings\PK\Cookies\OGE89BJ1.txt [ /ad.360yield.com ]
C:\Documents and Settings\PK\Cookies\BYLNQGJE.txt [ /openx.jeetyetmedia.com ]
C:\Documents and Settings\PK\Cookies\VZHJYIOY.txt [ /media.adfrontiers.com ]
C:\Documents and Settings\PK\Cookies\89BFY1C3.txt [ /yieldmanager.net ]
C:\Documents and Settings\PK\Cookies\XVUZ3B7A.txt [ /www.bftrack.com ]
C:\Documents and Settings\PK\Cookies\KS2P0CYL.txt [ /invitemedia.com ]
C:\Documents and Settings\PK\Cookies\JNF2QMP8.txt [ /traveladvertising.com ]
C:\Documents and Settings\PK\Cookies\CDBJDGU5.txt [ /ads.pennlive.com ]
C:\Documents and Settings\PK\Cookies\67VF0AEJ.txt [ /at.atwola.com ]
C:\Documents and Settings\PK\Cookies\S4PTOMKL.txt [ /ads.mlive.com ]
C:\Documents and Settings\PK\Cookies\CN67HCYA.txt [ /server.iad.liveperson.net ]
C:\Documents and Settings\PK\Cookies\FNK8TIJ8.txt [ /2o7.net ]
C:\Documents and Settings\PK\Cookies\MGBOQ130.txt [ /clickfuse.com ]
C:\Documents and Settings\PK\Cookies\YHMACCNM.txt [ /adinterax.com ]
C:\Documents and Settings\PK\Cookies\IQOOH07G.txt [ /media2.legacy.com ]
C:\Documents and Settings\PK\Cookies\IDR82O64.txt [ /ad.yieldmanager.com ]
C:\Documents and Settings\PK\Cookies\O7NM4AVQ.txt [ /tacoda.at.atwola.com ]
C:\Documents and Settings\PK\Cookies\9V3YAMPX.txt [ /atwola.com ]
C:\Documents and Settings\PK\Cookies\59U5UUKR.txt [ /weil.rotator.hadj1.adjuggler.net ]
C:\Documents and Settings\PK\Cookies\3C3TBC6Q.txt [ /indianfriendfinder.com ]
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\Cookies\4RXCF18Y.txt [ Cookie:administrator@atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\Cookies\administrator@revsci[1].txt [ Cookie:administrator@revsci.net/ ]
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\Cookies\administrator@microsoftwindows.112.2o7[1].txt [ Cookie:administrator@microsoftwindows.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\Cookies\administrator@serving-sys[1].txt [ Cookie:administrator@serving-sys.com/ ]

Adware.SelectRebates[SAH]
C:\PROGRAM FILES\SELECTREBATES\SREBATES.DLL

PUP.CNETInstaller
C:\DOCUMENTS AND SETTINGS\PK\DESKTOP\UNUSEPROGRAMS\CNET2_IESPELLSETUP264573_EXE.EXE
bombaykid's Avatar
Member with 203 posts.
THREAD STARTER
  
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 06:03 PM #7
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:55:06 PM, on 9/10/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\ASTSRV.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\Program Files\Nitro PDF\Express\NitroPDFExpressDriverService.exe
C:\WINDOWS\system32\NLSSRV32.EXE
C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\PK\Application Data\mjusbsp\magicJack.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://snt143.mail.live.com/mail/In...20&fid=1&fav=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll
O3 - Toolbar: ShopAtHome.com Toolbar - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (file missing)
O3 - Toolbar: (no name) - {1be04434-6b9f-48c8-8675-94c640d5b293} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\PK\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PK\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\ASTSRV.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NitroPDFExpressDriverCreatorReadSpool (NitroExpressDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Express\NitroPDFExpressDriverService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE
O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 9969 bytes
blues_harp28's Avatar
Trusted Advisor with 13,786 posts.
  
Join Date: Jan 2005
Location: London England
10-Sep-2012, 06:13 PM #8
Start > Run > Type
msconfig
In msconfig - Start up tab.
Untick all entries - [You only need Norton to run at startup - it is not in the list but it will still load at startup]

[Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
[ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun

[googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
[TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot

[ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
[cdloader] "C:\Documents and Settings\PK\Application Data\mjusbsp\cdloader2.exe" MAGICJACK

[Google Update] "C:\Documents and Settings\PK\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
[SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

Apply > Ok > Reboot your Pc.

The System Configuration Utility box appear on retstart - saying changes have been made.
Tick the box on the lower left and then OK.

Any entry can be re-enabled using msconfig - if it needs to be

------

Post the uninstall log from Hjt log
Start HiJackThis.
At the bottom right - Other Stuff
Click on Config > Misc Tools.
Click > Open Uninstall Manager.
Click > Save List.
Save the uninstall list file on your desktop.
It will then open in Notepad.
Click Edit > Select All > Copy-and-Paste the uninstall list in the reply box.
__________________
Superantispyware
Malwarebytes
bombaykid's Avatar
Member with 203 posts.
THREAD STARTER
  
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 06:23 PM #9
It is still taking 8 min to restar computer and open IE .

Un tick every thing in startup and now I am restaring, lets see how long does it take
bombaykid's Avatar
Member with 203 posts.
THREAD STARTER
  
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 06:32 PM #10
it took 5 min to restart computer and open IE, Magic jack did not load
blues_harp28's Avatar
Trusted Advisor with 13,786 posts.
  
Join Date: Jan 2005
Location: London England
10-Sep-2012, 06:38 PM #11
If you need Magic Jack to load at startup - retick it in msconfig.

Clean out Temp Files.
Open the Start Menu.
In the Start Search area.
Type.
Cleanmgr

Press Enter.
Check [tick] Temporary files Only.
Click on OK.
Then Click on Delete Files.

-----

Post the uninstall log from Hjt log
Start HiJackThis.
At the bottom right - Other Stuff
Click on Config > Misc Tools.
Click > Open Uninstall Manager.
Click > Save List.
Save the uninstall list file on your desktop.
It will then open in Notepad.
Click Edit > Select All > Copy-and-Paste the uninstall list in the reply box.
__________________
Superantispyware
Malwarebytes
bombaykid's Avatar
Member with 203 posts.
THREAD STARTER
  
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 06:52 PM #12
It is taking long time to clean temp. files. Disk cleaning is still going on , It is clearing temp file.
bombaykid's Avatar
Member with 203 posts.
THREAD STARTER
  
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 06:53 PM #13
ok it stop now, I will restart my computer now and see how long does it take.
bombaykid's Avatar
Member with 203 posts.
THREAD STARTER
  
Join Date: Jan 2005
Experience: Beginner
10-Sep-2012, 07:02 PM #14
Still taking 7 min to restart computer and open IE
blues_harp28's Avatar
Trusted Advisor with 13,786 posts.
  
Join Date: Jan 2005
Location: London England
10-Sep-2012, 07:04 PM #15
When did you last Defrag the hard drive?
Right click My Computer>Open
Right click - Local disk - should be C:
Click Properties.
Tools > Defragmentation

Post the uninstall log from Hjt log
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply
Page 1 of 4 1 234
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join Today!

(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Windows XP | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


TECH SUPPORT GUY
WELCOME
FOLLOW US
 
You Are Using: Server ID
All times are GMT -4. The time now is 12:00 AM.
Advertisements do not imply our endorsement of that product or service.
Copyright © 1996 - 2013 TechGuy, Inc. All rights reserved. Privacy & Terms.

Trusted Website Back to the Top ↑