1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Help with StartupList Report

Discussion in 'Virus & Other Malware Removal' started by bbjl, Jan 20, 2003.

Thread Status:
Not open for further replies.
  1. bbjl

    bbjl Thread Starter

    Joined:
    Jan 20, 2003
    Messages:
    1
    Trying to help a family member. They say computer freezing a lot
    and taking forever to switch sites on web. I'm not well versed on computers either and would appreciate any help I can get. Computer Pentium III (300), 56megs ram, msn is ISP and they had recently deleted the msn browser for the internet explorer browser.

    Here is the StartupList:

    .StartupList report, 1/19/03, 5:09:22 PM
    StartupList version: 1.51
    Started from : C:\PROGRAM FILES\STARTUPLIST\STARTUPLIST.EXE
    Detected: Windows 98 Gold (Win9x 4.10.1998)
    Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    * Using default options
    ==================================================

    Running processes:

    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\WINMODEM.101\wmexe.exe
    C:\WINDOWS\SYSTEM\MPRMMON.EXE
    C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
    C:\WINDOWS\SYSTEM\M2AUDMON.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\GWHOTKEY.EXE
    C:\WINDOWS\SYSTEM\HPSJVXD.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\WINDOWS\STARTER.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\HP INSTANT DELIVERY\HPIDSCHD.EXE
    C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\HP INSTANT DELIVERY\HPIDLOG.EXE
    C:\WINDOWS\RunDLL.exe
    C:\SCANJET\PRECISIONSCAN\HPPPT.EXE
    C:\QBOOKSW\COMPONENTS\QBAGENT\QBDAGENT.EXE
    C:\PICOPHONE\PICOPHONE140.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\HP INSTANT DELIVERY\HPIDDB.EXE
    C:\WINDOWS\SYSTEM\MRTMNGR.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\PROGRAM FILES\STARTUPLIST\STARTUPLIST.EXE
    C:\PROGRAM FILES\STARTUPLIST\STARTUPLIST.EXE

    --------------------------------------------------

    Listing of startup folders:

    Shell folders Startup:
    [C:\WINDOWS\Start Menu\Programs\StartUp]
    HP Parallel Port Test.lnk = C:\SCANJET\PrecisionScan\hpppt.exe
    Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    QuickBooks Delivery Agent.lnk = C:\QBOOKSW\Components\QBAgent\QBDAgent.exe
    Shortcut to PicoPhone140.lnk = C:\picophone\PicoPhone140.exe

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    ScanRegistry = c:\windows\scanregw.exe /autorun
    TaskMonitor = c:\windows\taskmon.exe
    SystemTray = SysTray.Exe
    LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    Multi-function Keyboard = GWHotKey.exe
    CriticalUpdate = c:\windows\SYSTEM\wucrtupd.exe -startup
    HPSCANMonitor = c:\windows\SYSTEM\hpsjvxd.exe
    StillImageMonitor = C:\WINDOWS\SYSTEM\STIMON.EXE
    EnsoniqMixer = starter.exe
    mmpti = c:\windows\SYSTEM\m1mmpti.exe
    HPID Scheduler = C:\Program Files\Hewlett-Packard\HP Instant Delivery\hpidschd.exe
    RealTray = C:\Program Files\Real\RealPlayer\realplay.exe SYSTEMBOOTHIDEPLAYER
    LoadQM = loadqm.exe
    AVG_CC = C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
    sp = regedit -s C:\WINDOWS\sp.reg

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

    LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    SchedulingAgent = mstask.exe
    winmodem = WINMODEM.101\wmexe.exe
    rmmon = c:\windows\SYSTEM\mprmmon.exe
    Avgserv9.exe = C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    Taskbar Display Controls = RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
    SurfSecret = C:\Program Files\SurfSecret\SS2-TRIAL.exe /min

    --------------------------------------------------

    C:\WINDOWS\WININIT.BAK listing:
    (Created 8/1/2003, 22:33:28)

    [Rename]
    NUL=C:\WINDOWS\SYSTEM\RSAENH.DLL
    C:\WINDOWS\SYSTEM\RSAENH.DLL=C:\WINDOWS\SYSTEM\SETD255.TMP
    C:\WINDOWS\SYSTEM\IEPEERS.DLL=C:\WINDOWS\SYSTEM\IEPEERS.RCX
    C:\WINDOWS\SYSTEM\RSASIG.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\RSASIG.DLL
    C:\WINDOWS\SYSTEM\XENROLL.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\XENROLL.DLL
    C:\WINDOWS\SYSTEM\MSCAT32.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\MSCAT32.DLL
    C:\WINDOWS\SYSTEM\MSSIP32.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\MSSIP32.DLL
    C:\WINDOWS\SYSTEM\MSSIGN32.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\MSSIGN32.DLL
    C:\WINDOWS\SYSTEM\CRYPTUI.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\CRYPTUI.DLL
    C:\WINDOWS\SYSTEM\CRYPTNET.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\CRYPTNET.DLL
    C:\WINDOWS\SYSTEM\CRYPTEXT.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\CRYPTEXT.DLL
    C:\WINDOWS\SYSTEM\WLDAP32.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\WLDAP32.DLL
    C:\WINDOWS\SYSTEM\DXTMSFT.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\DXTMSFT.DLL
    C:\WINDOWS\SYSTEM\MSTIME.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\MSTIME.DLL
    C:\WINDOWS\SYSTEM\MMUTILSE.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\MMUTILSE.DLL
    C:\WINDOWS\SYSTEM\PLUGIN.OCX=C:\WINDOWS\SYSTEM\IE4SETUP\PLUGIN.OCX
    C:\WINDOWS\SYSTEM\MSRATING.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\MSRATING.DLL
    C:\WINDOWS\SYSTEM\HLINK.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\HLINK.DLL
    C:\WINDOWS\SYSTEM\PROCTEXE.OCX=C:\WINDOWS\SYSTEM\IE4SETUP\PROCTEXE.OCX
    C:\WINDOWS\SYSTEM\URL.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\URL.DLL
    C:\WINDOWS\SYSTEM\IMAGEHLP.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\IMAGEHLP.DLL
    C:\WINDOWS\SYSTEM\COMCTL32.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACME384.TMP
    C:\WINDOWS\SYSTEM\ADVPACK.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACME396.TMP
    C:\PROGRA~1\INTERN~1\IEXPLORE.EXE=C:\WINDOWS\SYSTEM\IE4SETUP\ACME3B1.TMP
    C:\WINDOWS\SYSTEM\MSHTML.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACME3B5.TMP
    C:\WINDOWS\SYSTEM\MSHTML.TLB=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF003.TMP
    C:\WINDOWS\SYSTEM\MSHTMLED.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF005.TMP
    C:\WINDOWS\SYSTEM\SHDOCVW.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF010.TMP
    C:\WINDOWS\SYSTEM\SHDOCLC.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF011.TMP
    C:\WINDOWS\SYSTEM\URLMON.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF014.TMP
    C:\WINDOWS\SYSTEM\JSCRIPT.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF020.TMP
    C:\WINDOWS\SYSTEM\WININET.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF022.TMP
    C:\WINDOWS\SYSTEM\SHLWAPI.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF042.TMP
    C:\WINDOWS\SYSTEM\ACTXPRXY.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF052.TMP
    C:\WINDOWS\SYSTEM\DISPEX.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF053.TMP
    C:\WINDOWS\SYSTEM\MLANG.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF062.TMP
    C:\WINDOWS\SYSTEM\MSXML.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF070.TMP
    C:\WINDOWS\SYSTEM\BROWSEUI.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF0A6.TMP
    C:\WINDOWS\SYSTEM\BROWSELC.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF0B2.TMP
    C:\WINDOWS\SYSTEM\SHDOC401.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF0B4.TMP
    C:\WINDOWS\SYSTEM\SHD401LC.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF0C0.TMP
    C:\WINDOWS\SYSTEM\SHFOLDER.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF0C3.TMP
    C:\WINDOWS\SYSTEM\DXTRANS.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF0E3.TMP
    C:\WINDOWS\SYSTEM\MSLS31.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF115.TMP
    C:\WINDOWS\SYSTEM\DIGEST.DLL=C:\WINDOWS\SYSTEM\IE4SETUP\ACMF123.TMP
    NUL=C:\WINDOWS\SHELLI~1
    NUL=C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE=C:\WINDOWS\SYSTEM\SETF240.TMP
    NUL=C:\WINDOWS\SYSTEM\WEBCHECK.DLL
    C:\WINDOWS\SYSTEM\WEBCHECK.DLL=C:\WINDOWS\SYSTEM\SETF2C1.TMP
    NUL=C:\WINDOWS\SYSTEM\MSIDLE.DLL
    C:\WINDOWS\SYSTEM\MSIDLE.DLL=C:\WINDOWS\SYSTEM\SETF2C2.TMP
    NUL=C:\WINDOWS\SYSTEM\SENS.DLL
    C:\WINDOWS\SYSTEM\SENS.DLL=C:\WINDOWS\SYSTEM\SETF2C4.TMP
    NUL=C:\WINDOWS\SYSTEM\SENSAPI.DLL
    C:\WINDOWS\SYSTEM\SENSAPI.DLL=C:\WINDOWS\SYSTEM\SETF2C5.TMP
    NUL=C:\WINDOWS\SYSTEM\ES.DLL
    C:\WINDOWS\SYSTEM\ES.DLL=C:\WINDOWS\SYSTEM\SETF2D0.TMP
    NUL=C:\WINDOWS\SYSTEM\ESSHARED.DLL
    C:\WINDOWS\SYSTEM\ESSHARED.DLL=C:\WINDOWS\SYSTEM\SETF2D1.TMP
    NUL=C:\WINDOWS\SYSTEM\ESTIER2.DLL
    C:\WINDOWS\SYSTEM\ESTIER2.DLL=C:\WINDOWS\SYSTEM\SETF2D2.TMP
    c:\windows\SYSTEM\dispex.dll=c:\windows\SYSTEM\dispex.001
    c:\windows\SYSTEM\jscript.dll=c:\windows\SYSTEM\jscript.001
    c:\windows\SYSTEM\vbscript.dll=c:\windows\SYSTEM\vbscript.001
    c:\windows\SYSTEM\OLEAUT32.DLL=c:\windows\SYSTEM\OLEAUT32.001
    c:\windows\SYSTEM\STDOLE2.TLB=c:\windows\SYSTEM\STDOLE2.001

    --------------------------------------------------

    C:\AUTOEXEC.BAT listing:

    C:\PROGRA~1\GRISOFT\AVG6\bootup.exe



    --------------------------------------------------


    Enumerating Browser Helper Objects:

    (no name) - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_7.DLL - {02478D38-C3F9-4efb-9B51-7695ECA05670}
    (no name) - C:\WINDOWS\DOWNLOADED PROGRAM FILES\KERNELL32.DLL - {C7ADE150-743D-11D4-8141-00E029626F6A}

    --------------------------------------------------

    Enumerating Task Scheduler jobs:

    Tune-up Application Start.job
    Windows Critical Update Notification.job

    --------------------------------------------------

    Enumerating Download Program Files:

    [MSNBC News Menu Control 3.0]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\NEWSM30.OCX
    CODEBASE = http://www.msnbc.com/download/nm0713.cab

    [Windows Media Player]
    InProcServer32 = C:\WINDOWS\SYSTEM\MSDXM.OCX
    CODEBASE = http://www.microsoft.com/netshow/download/en/nsmp2inf.cab

    [InstallEngineCtl Object]
    InProcServer32 = C:\WINDOWS\SYSTEM\ASCTRLS.OCX
    CODEBASE = http://windowsupdate.microsoft.com/x86/w98/en/Ie5/actsetup.cab

    [WURedirInfoB Class]
    InProcServer32 = C:\WINDOWS\SYSTEM\WUREDIRB.DLL
    CODEBASE = http://windowsupdate.microsoft.com/x86/w98/en/Ie4/actsetup.cab

    [ChrtCtl Class]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\INV6.OCX
    CODEBASE = http://fdl.msn.com/public/investor/v6//investor.cab

    [WUSysInfo Class]
    InProcServer32 = C:\WINDOWS\SYSTEM\WUPDATTO.DLL
    CODEBASE = http://windowsupdate.microsoft.com/x86/w98/en/Ie5/actsetup.cab

    [Conveyer Control]
    InProcServer32 = C:\WINDOWS\DOWNLO~1\CONFLICT.2\CONVEYER.OCX
    CODEBASE = http://cdm.microsoft.com/update/Feb4/OSB/9/conveyer1.cab

    [CarPointProximityCtrl]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\CPGRID.OCX
    CODEBASE = http://carpoint.msn.com/components/grid/CPGrid.cab

    [ActiveCtl Class]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\SETUPCTL.DLL
    CODEBASE = http://www.microsoft.com/ie/ie40/download/cdf/setupctl.cab
    OSD = C:\WINDOWS\Downloaded Program Files\setupctl.osd

    [CarPoint Auto-Pricer Control]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\AUTOPRICER.OCX
    CODEBASE = http://carpoint.msn.com/components/AutoPricer/AutoPricer.cab

    [Microsoft Search Settings Control]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\SEARCHSETTINGS.OCX
    CODEBASE = http://home.microsoft.com/search/lobby/searchsettings.cab

    [OFX Parser (16b TLB) Class]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\OFXP16.DLL
    CODEBASE = http://fdl.msn.com/public/investor/v6/ofx/ofxpb.cab

    [GWPO Upload Control]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\GWPOC1.DLL
    CODEBASE = http://greetingsworkshop.msn.com/PostOffice/Controls/ActiveX/Gwpoc1.cab

    [MS Investor Ticker]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\TICKER6.OCX
    CODEBASE = http://fdl.msn.com/public/investor/v6//ticker.cab

    [MSNChatHistoryCtl]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\CHATHIST.OCX
    CODEBASE = http://fdl.msn.com/public/chat/ChatCtls.Cab

    [CV3 Class]
    InProcServer32 = C:\WINDOWS\SYSTEM\WUV3IS.DLL
    CODEBASE = http://windowsupdate.microsoft.com/R742/V31Controls/x86/w98/en/actsetup.cab

    [ChrtCtl Class]
    InProcServer32 = C:\WINDOWS\DOWNLO~1\INV7.OCX
    CODEBASE = http://fdl.msn.com/public/investor/v7/investor.cab

    [HeartbeatCtl Class]
    InProcServer32 = C:\WINDOWS\DOWNLO~1\HEARTB~1.OCX
    CODEBASE = http://fdl.msn.com/zone/z4/heartbeat.cab

    [Shockwave ActiveX Control]
    InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\DIRECTOR\SWDIR.DLL
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/swdir8d196.cab

    [MS Home Publishing Checker]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MHPWSIE.DLL
    CODEBASE = http://home-publishing.com/Webstore/Controls/MHPWSIE.CAB

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    [Macromedia Authorware Web Player Control]
    InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\AUTHORWA\AWSWAX.OCX
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/authorware/awswaxm.cab

    [MS Investor Ticker]
    InProcServer32 = C:\WINDOWS\DOWNLO~1\TICKER7.OCX
    CODEBASE = http://fdl.msn.com/public/investor/v7/ticker.cab

    [Microsoft ProgressBar Control, version 5.0 (SP2)]
    InProcServer32 = C:\WINDOWS\SYSTEM\COMCTL32.OCX
    CODEBASE = http://clinicdownload.mcafee.com/molbin/Shared/ComCtl32.cab

    [McAfee PC Clinic System Information Class]
    InProcServer32 = C:\WINDOWS\MCBIN\SI\SICOMP.DLL
    CODEBASE = http://clinicdownload.mcafee.com/molbin/Clinic/sysinfo/sicomp.cab

    [McAfee Clinic TreeView Class]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MGTREE.DLL
    CODEBASE = http://clinicdownload.mcafee.com/molbin/Shared/MGTree.cab

    [McAfee Clinic AV Installer Control]
    InProcServer32 = C:\WINDOWS\MCBIN\AV\MGAVINST.DLL
    CODEBASE = http://clinicdownload.mcafee.com/molbin/clinic/virusscan/mgavinst.cab

    [MSNBC News Menu Control 3.01]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\NEWSM301.OCX
    CODEBASE = http://www.msnbc.com/download/nm1228.cab

    [IPIX ActiveX Control]
    InProcServer32 = C:\WINDOWS\DOWNLO~1\IPIXX.OCX
    CODEBASE = http://www.ipix.com/viewers/ipixx.cab

    [ChrtCtl Class]
    InProcServer32 = C:\WINDOWS\DOWNLO~1\INV8.OCX
    CODEBASE = http://fdl.msn.com/public/investor/v8/0326/investor.cab

    [Ctp Class]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\AXCTP.DLL
    CODEBASE = http://www.americangreetings.com/create/Install/AxCtp.cab

    [{41F17733-B041-4099-A042-B518BB6A408C}]
    CODEBASE = http://a224.g.akamai.net/7/224/52/2...apple.com/qt501/us/win/QuickTimeInstaller.exe

    [Tracker Class]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\KERNELL32.DLL
    CODEBASE = http://64.240.175.18/al/kernell32.cab

    [Downloader Class]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\IDA.DL_
    CODEBASE = http://www.shopintuit.com/Executables/IE/IDA.cab

    [&Yahoo! Companion]
    InProcServer32 = C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_7.DLL
    CODEBASE = http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/my/yiebio4025.cab

    [Update Class]
    InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
    CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37606.7372453704

    --------------------------------------------------
    End of report, 14,789 bytes
    Report generated in 1.116 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only
     
  2. TonyKlein

    TonyKlein Malware Specialist

    Joined:
    Aug 26, 2001
    Messages:
    10,392
    There is some spyware: Netpal and Tinybar (sp.reg)

    I'd start by doing the following:

    Download Spybot - Search & Destroy

    After installing, press Online, and search for, put a check mark at, and install all updates.

    Next, go to the Settings tab > File Sets, and uncheck 'System Internals' and 'Tracks' .
    These aren't needed for our present purpose, and you can always experiment with them later on.

    Finally, after closing down Internet Explorer, hit 'Check for Problems', and have SpyBot remove all it finds.

    NOTE: SSD will sometimes not be able to remove all active components in the first 'run'.
    In that case you will get a dialog asking you to run SSD at next start.
    Click yes and reboot.
    Subsequently SSD will come up before the system puts these components 'in use', and it will then be able to 'fix' the rest.


    You would also benefit from trimming down your startup programs.

    I would go to Start > Run > Msconfig, and uncheck everything but the absolutely necessary on the 'Startup' tab.

    Then click OK, close Msconfig, and reboot.

    You can use Pacman's List of Startup Applications to help you determine what should stay and what should go.


    Good luck,
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/114316

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice