1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

new hjt user & page faults

Discussion in 'Virus & Other Malware Removal' started by sinsation, Sep 15, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. sinsation

    sinsation Thread Starter

    Joined:
    Sep 15, 2003
    Messages:
    323
    Not sure if this is the right section for this. I'm having a problem with IE6 that's driving me mad.
    It's that bloody page fault in user.exe and some various dll's.
    I've done the deselect inline options/deltree history command in dos mode/reselect inline options.
    I've done a repair on ie and rebooted.
    I've done the spybot search and atm I'm down to Backweb: lite, CoolWWWSearch, eacceleration, and IGetNet, all of which I have no clue what to do with.
    I downloaded hijackthis to see if maybe it's something else causing these damn illegal op's, I just don't know how to read the logs. 0.o

    Here's the log:
    (and yes I'm terribly aware lockdown 2k is a giant p.o.s, and need an update of software)

    Logfile of HijackThis v1.97.2
    Scan saved at 10:35:39 AM, on 9/15/03
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\ANTIVIRUS\LOCKDOWN\LOCKDOWN2000.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\MOUSE\SYSTEM\EM_EXEC.EXE
    C:\KMAESTRO\KMAESTRO.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAM FILES\CLEARSEARCH\LOADER.EXE
    C:\EFDTOP\DTLOADER.EXE
    C:\MY DOCUMENTS\DESKTOP\DICONS\DICONS.EXE
    C:\EFDTOP\WINXSERVER.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\AMERICA ONLINE 8.0\WAOL.EXE
    C:\PROGRAM FILES\AMERICA ONLINE 8.0\SHELLMON.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\SYSTEM\RNAAPP.EXE
    C:\WINDOWS\SYSTEM\TAPISRV.EXE
    C:\MY DOCUMENTS\SECURITY\HIJACKTHIS\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.jethomepage.com/ie/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.jethomepage.com/ie/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.jethomepage.com/ie/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.jethomepage.com/ie/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=2c99&lc=0409&s=search&i=enu
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by GCR Online
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=2c99&s=search&query=%s&i=enu
    O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - (no file)
    O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - (no file)
    O2 - BHO: (no name) - {6F8ADBE2-8C92-4362-B0E6-7321AA49EE46} - (no file)
    O2 - BHO: Clear Search - {947E6D5A-4B9F-4CF4-91B3-562CA8D03313} - C:\PROGRAM FILES\CLEARSEARCH\IE_CLRSCH.DLL
    O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: (no name) - {6F8ADBE2-8C92-4362-B0E6-7321AA49EE46} - (no file)
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [ProDsl] C:\WINDOWS\ProDsl.exe /P
    O4 - HKLM\..\Run: [LockDown2000] C:\ANTIVIRUS\LOCKDOWN\lockdown2000.exe
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\MOUSE\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [KeyMaestro] C:\KMAESTRO\KMaestro.exe
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\Run: [ClrSchLoader] \Program Files\ClearSearch\Loader.exe
    O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\cpqdiag\CpqDfwAg.exe -I
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - Startup: EDLoader.lnk = C:\EfDtop\DTLoader.exe
    O4 - Startup: Shortcut to Dicons.exe.lnk = C:\My Documents\Desktop\Dicons\Dicons.exe
    O4 - Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe
    O8 - Extra context menu item: AltaVista Home - http://jump.altavista.com/avie5/home
    O8 - Extra context menu item: AV Search This Term - http://jump.altavista.com/avie5/search
    O8 - Extra context menu item: AV Translate this Web Page - http://jump.altavista.com/avie5/babelfish
    O8 - Extra context menu item: AV Translate Selection - http://jump.altavista.com/avie5/babelfish
    O9 - Extra 'Tools' menuitem: &AltaVista Home (HKLM)
    O9 - Extra button: Translate (HKLM)
    O9 - Extra 'Tools' menuitem: AV &Translate (HKLM)
    O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL (HKLM)
    O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host (HKLM)
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
    O9 - Extra button: AOL Instant Messenger (SM) (HKLM)
    O9 - Extra button: Yahoo! Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O9 - Extra button: Real.com (HKLM)
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a224.g.akamai.net/7/224/52/2...apple.com/qt502/us/win/QuickTimeInstaller.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/0fb5e03023def1/housecall.antivirus.com/housecall/xscan53.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37872.7609837963
    O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.netpaloffers.net/NetpalOffers/DMO1/GrlNt0i.cab
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net
     
  2. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
    you have a lop.com hijack that needs removing.

    run hijackthis again and put a checkmark against these entries....
    .....then,close all browser and outlook windows and "fix checked"


    - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.jethomepage.com/ie/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about :blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.jethomepage.com/ie/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.jethomepage.com/ie/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.jethomepage.com/ie/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/...earch&i=enu
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by GCR Online
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.presario.net/scripts/...ry=%s&i=enu
    O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - (no file)
    O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - (no file)
    O2 - BHO: (no name) - {6F8ADBE2-8C92-4362-B0E6-7321AA49EE46} - (no file)
    O2 - BHO: Clear Search - {947E6D5A-4B9F-4CF4-91B3-562CA8D03313} - C:\PROGRAM FILES\CLEARSEARCH\IE_CLRSCH.DLL
    O3 - Toolbar: (no name) - {6F8ADBE2-8C92-4362-B0E6-7321AA49EE46} - (no file)
    O4 - HKLM\..\Run: [ClrSchLoader] \Program Files\ClearSearch\Loader.exe
    http://www.netpaloffers.net/NetpalO...MO1/GrlNt0i.cab
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net

    re-boot and delete:
    C\Program Files\ClearSearch

    oh!............and you can do the spybot scan as e-liam sugests bellow;)
     
  3. e-liam

    e-liam

    Joined:
    Jun 19, 2003
    Messages:
    1,241
    Hi Sinsation, and welcome to TSG.. :)

    Please run a new HJT! log, and "check to fix" the following entries. Next close all browser windows, and click Fix.

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.jethomepage.com/ie/

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about :blank

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.jethomepage.com/ie/

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.jethomepage.com/ie/

    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.jethomepage.com/ie/

    O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - (no file)

    O2 - BHO: (no name) - {000006B1-19B5-414A-849F-2A3C64AE6939} - (no file)

    O2 - BHO: (no name) - {6F8ADBE2-8C92-4362-B0E6-7321AA49EE46} - (no file)

    O2 - BHO: Clear Search - {947E6D5A-4B9F-4CF4-91B3-562CA8D03313} - C:\PROGRAM FILES\CLEARSEARCH\IE_CLRSCH.DLL

    O3 - Toolbar: (no name) - {6F8ADBE2-8C92-4362-B0E6-7321AA49EE46} - (no file)

    O4 - HKLM\..\Run: [ClrSchLoader] \Program Files\ClearSearch\Loader.exe

    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a224.g.akamai.net/7/224/52/2...meInstaller.exe

    O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.netpaloffers.net/NetpalO...MO1/GrlNt0i.cab


    Then if you could reboot and delete the following bolded files/folders..

    C:\Program Files\ClearSearch

    Then reboot. (Tedious but vital) :(

    Then if you could download Spybot - Search & Destroy, from www.tomcoyote.org/spybot : if you haven't already got the program.

    Now press Settings, and Settings again.
    Go to the Webupdate section, and check "Display also available beta versions".

    Now press Online, and search for, put a check mark at, and install all updates.

    Next, close all Internet Explorer windows, hit 'Check for Problems', and have SpyBot remove all it finds marked RED.

    Next, reboot (yet again) :) and post a new HJT! log, just for the final once over..

    Cheers

    Liam
     
  4. e-liam

    e-liam

    Joined:
    Jun 19, 2003
    Messages:
    1,241
    Ooops, I missed a couple Steve. :(

    Just to explain my reasons... and then you can tell me why I was wrong. This is how I learn, and today Sinsation gets to be the Guinea Pig.. :D

    The entries I missed....

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/...earch&i=enu

    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.presario.net/scripts/...ry=%s&i=enu

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by GCR Online

    O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net



    The two presario entries, I thought were the defaults for Compaq, and I don't usually worry about the title bar (admittedly, I've got X-Setup, and can change it anytime I want) :)

    The 017 entry, i left, as it looked like the genuine DSL connection for AOL, judging by the ProDsl software, already installed.

    Don't get me wrong, :) I'm not questioning your analysis, Steve, you've been doing this far longer than I. I just want to get my reasoning straight for the next logs.. (y) :)

    Make it simple as well.. I was daft enough to spill tea over my keyboard and had to go and by a new one this evening. :eek: So I'm obviously beyond help anyway. :D:D
     
  5. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
    with all the clearsearch garbage i just thought a clean out would be better. and as for the 017:

    O17 - Lop.com domain hijacks

    What it looks like:
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = W21944.find-quick.com
    O17 - HKLM\Software\..\Telephony: DomainName = W21944.find-quick.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D196AB38-4D1F-45C1-9108-46D367F19F7E}: Domain = W21944.find-quick.com

    taken from here

    and i think we are all beyond help at times:D
     
  6. e-liam

    e-liam

    Joined:
    Jun 19, 2003
    Messages:
    1,241
    Cheers for explaining that Steve, (y) :)

    BTW, I got a Labtec Internet keyboard for £13 from Tesco's to replace the drowned one, and although I haven't tried all the multimedia widgets yet, it seems pretty good peice of kit. The selling point was the Spill Resistant Design, (y) although I'm not rushing to try that particular feature out just yet. :D

    Cheers again..

    Liam
     
  7. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
    i paid £17 for my samsung cordless K/B and mouse.
    it said "faulty" on the box and i dont use the mouse cos ive a logitec cordless optical.
    but the K/B works a treat.

    bargains bargains bargains:D
     
  8. sinsation

    sinsation Thread Starter

    Joined:
    Sep 15, 2003
    Messages:
    323
    Thank you. I'll try all of this (providing following 3 different "check these" posts doesn't baffle me).

    Although as suggested above to download/run spybot, I did this yesterday as I originally stated. The only one's I left un-fixed were:
    Backweb:lite - adware/spyware
    CoolWWWSearch - no info
    eacceleration - threat field was blank
    IGetNet - Malware/Hijacker

    Also as stated previously, I left these 'cause I have no clue which one's need fixing and which should be placed in exclude.
     
  9. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
    Backweb:lite - adware/spyware
    CoolWWWSearch - no info
    eacceleration - threat field was blank
    IGetNet - Malware/Hijacker
    all should be nuked....whatever spybot finds is ok to delete.
    ;)
     
  10. sinsation

    sinsation Thread Starter

    Joined:
    Sep 15, 2003
    Messages:
    323
    Ah, thank you. =]
     
  11. sinsation

    sinsation Thread Starter

    Joined:
    Sep 15, 2003
    Messages:
    323
    Ok, new log:

    Logfile of HijackThis v1.97.2
    Scan saved at 1:07:12 PM, on 9/15/03
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\ANTIVIRUS\LOCKDOWN\LOCKDOWN2000.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\MOUSE\SYSTEM\EM_EXEC.EXE
    C:\KMAESTRO\KMAESTRO.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\EFDTOP\DTLOADER.EXE
    C:\MY DOCUMENTS\DESKTOP\DICONS\DICONS.EXE
    C:\EFDTOP\WINXSERVER.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\MY DOCUMENTS\SECURITY\HIJACKTHIS\HIJACKTHIS.EXE

    O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [ProDsl] C:\WINDOWS\ProDsl.exe /P
    O4 - HKLM\..\Run: [LockDown2000] C:\ANTIVIRUS\LOCKDOWN\lockdown2000.exe
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\MOUSE\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [KeyMaestro] C:\KMAESTRO\KMaestro.exe
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\RunServices: [CPQDFWAG] C:\WINDOWS\cpqdiag\CpqDfwAg.exe -I
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - Startup: EDLoader.lnk = C:\EfDtop\DTLoader.exe
    O4 - Startup: Shortcut to Dicons.exe.lnk = C:\My Documents\Desktop\Dicons\Dicons.exe
    O4 - Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe
    O8 - Extra context menu item: AltaVista Home - http://jump.altavista.com/avie5/home
    O8 - Extra context menu item: AV Search This Term - http://jump.altavista.com/avie5/search
    O8 - Extra context menu item: AV Translate this Web Page - http://jump.altavista.com/avie5/babelfish
    O8 - Extra context menu item: AV Translate Selection - http://jump.altavista.com/avie5/babelfish
    O9 - Extra 'Tools' menuitem: &AltaVista Home (HKLM)
    O9 - Extra button: Translate (HKLM)
    O9 - Extra 'Tools' menuitem: AV &Translate (HKLM)
    O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL (HKLM)
    O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host (HKLM)
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
    O9 - Extra button: AOL Instant Messenger (SM) (HKLM)
    O9 - Extra button: Yahoo! Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O9 - Extra button: Real.com (HKLM)
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a224.g.akamai.net/7/224/52/2...apple.com/qt502/us/win/QuickTimeInstaller.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/0fb5e03023def1/housecall.antivirus.com/housecall/xscan53.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37872.7609837963
     
  12. e-liam

    e-liam

    Joined:
    Jun 19, 2003
    Messages:
    1,241
    That's looking fine Sinsation.. (y)

    All you need to do now is go to Start | Settings | Control Panel | Internet Options and reset your web settings. This will give you MSs default home page and search page, neither of which anyone uses, but you can set the home page to anything you want, anyway.

    Cheers

    Liam
     
  13. sinsation

    sinsation Thread Starter

    Joined:
    Sep 15, 2003
    Messages:
    323
    Thanks a lot guys. =]
     
  14. sinsation

    sinsation Thread Starter

    Joined:
    Sep 15, 2003
    Messages:
    323
    Hey, I noticed in a previous thread that if not all startup options are set to execute on bootup the hjt fixing could be missing something, well I set all to execute, reboot, uninstalled stuff I don't use anymore and reboot again.. here is the stuff I have enabled on startup (some stuff with comments are things that I don't know what they are or other probs with them).

    Startup:
    Here's my new HJT log after doing all of this:
    Combining the unwanted stuff in startup and the new log, is there anything else that needs to be taken care of?

    Thanks in advance.
     
  15. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/165000

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice