1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: slow startup

Discussion in 'Windows XP' started by bombaykid, Sep 10, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. bombaykid

    bombaykid Thread Starter

    Joined:
    Jan 5, 2005
    Messages:
    203
    slow startup
    I have dell computer with following:
    Microsoft Wndows xp
    home edition
    Verson 2002
    Intel
    Pentium 4 cpu 3.00Ghz
    2.99 Ghz, 2.00GB of Ram
    Hard drive 149 GB
    Use 35.00GB
    Free 149 GB

    My computer takes 5 to 7 min. to start and I do not know what to do. Can you sent me step by step instruction what should I do?


    Here is HJT Report

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 12:50:40 PM, on 9/10/2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\ASTSRV.EXE
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
    C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
    C:\Program Files\Nitro PDF\Express\NitroPDFExpressDriverService.exe
    C:\WINDOWS\system32\NLSSRV32.EXE
    C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
    C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
    C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
    C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\SelectRebates\SelectRebates.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
    C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
    C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe
    C:\Program Files\Google\Google Talk\googletalk.exe
    C:\program files\real\realplayer\update\realsched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\PK\Application Data\mjusbsp\magicJack.exe
    C:\WINDOWS\system32\WISPTIS.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://snt143.mail.live.com/mail/I...a326-00237de33944&fv=1#n=28766420&fid=1&fav=1
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: blekko search bar - {1be04434-6b9f-48c8-8675-94c640d5b293} - C:\Program Files\blekkotb_sa5\blekkotb_019X.dll
    O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\IPS\IPSBHO.DLL
    O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: BHO_PROJECT - {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - C:\Program Files\OpenApp\bho_project.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: ShopAtHomeIEHelper - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
    O2 - BHO: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll
    O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
    O3 - Toolbar: Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll
    O3 - Toolbar: ShopAtHome.com Toolbar - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
    O3 - Toolbar: blekko search bar - {1be04434-6b9f-48c8-8675-94c640d5b293} - C:\Program Files\blekkotb_sa5\blekkotb_019X.dll
    O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll
    O4 - HKLM\..\Run: [SelectRebates] C:\Program Files\SelectRebates\SelectRebates.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h
    O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe
    O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
    O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\PK\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PK\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O8 - Extra context menu item: &Search - http://tbedits.mapsgalaxy.com/one-t...6ABB-4CB7-B48D-535EFBFB97D6&n=2012072722&cv=1
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\ASTSRV.EXE
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
    O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - COMPANYVERS_NAME - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe
    O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
    O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
    O23 - Service: NitroPDFExpressDriverCreatorReadSpool (NitroExpressDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Express\NitroPDFExpressDriverService.exe
    O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE
    O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
    O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
    O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

    --
    End of file - 11250 bytes
    :)
     
  2. TheShooter93

    TheShooter93 Cody Malware Specialist

    Joined:
    Jul 9, 2008
    Messages:
    11,012
    Only Trusted Advisors [​IMG] or Malware Removal Experts [​IMG] are allowed to analyze HijackThis logs or help with malware removal of any kind.

    If anyone without these designations offers advice on malware removal, do not follow them, and report their post.

    ---------------------------------------

    Click Start.

    In the search bar, type MSCONFIG and hit Enter. Click the "Startup" tab.

    Write down only the names in the "Startup Item" column that have a checkmark next to them.

    If the "Startup Item" column isn't wide enough to see the entire name of any of them, widen the column.

    Submit those names here in a vertical list.

    Make sure to spell them EXACTLY as you see them there.
     
  3. bombaykid

    bombaykid Thread Starter

    Joined:
    Jan 5, 2005
    Messages:
    203
    Here is Start up items:

    selectrebates
    reader_sl
    Adobearm
    Brmfcwind
    brctrcen
    39srchmn
    googletalk
    realsched
    ctfmon
    cdloader2
    googleupdate
     
  4. blues_harp28

    blues_harp28 Trusted Advisor

    Joined:
    Jan 9, 2005
    Messages:
    17,059
    In addition to the above.

    Download MalwareBytes and SuperAntiSpyware to your desktop.
    Download the Free versions of both programs.

    MalwareBytes

    SuperAntiSpyware

    Once they are downloaded to your desktop.
    Close all open browser windows.

    MalwareBytes
    Click on the Install icon - allow it to update during the install process.
    Start Malwarebytes Anti-Malware.
    Click on Scanner > then quick scan > then Scan.
    Any infections or problems will be highlighted in red.
    After the scan is finished - Click - Show Results.
    Check that all entries are selected.
    Click - Remove Selected.
    You may be prompted to restart to finish the removal process.
    If Yes - restart your Pc.

    Start Malwarebytes again.
    Click on the Logs Tab.
    Highlight the scan log entry.
    Click - Open.
    The scan log will appear in Notepad.
    Copy and paste it in your next post.

    SuperAntiSpyware
    Click on the install icon - allow it to update during the install process.
    Select the Quick Scan option.
    Click Scan your Computer.
    Any infections or problems will be highlighted in red.
    After the scan is finished.
    Click Continue.
    Check that everything is listed.
    Click Remove Threats.
    Click OK - then click Finish
    You may be prompted to restart to finish the removal process.
    If Yes - restart your Pc.

    Start SuperAntiSpyware again.
    Click View Scan Logs.
    Highlight the scan log entry.
    Click - View Selected Log.
    The scan log will appear in Notepad.
    Copy and paste in your next post.
     
  5. blues_harp28

    blues_harp28 Trusted Advisor

    Joined:
    Jan 9, 2005
    Messages:
    17,059
    Once you have posted the logs from Malwarebytes and Superantispyware.
    Start Hjt log - click Scan.
    Once the page has opened - put a Tick mark against these entries if they still show in the Hjt log and click Fix

    Double check that only these entries are Ticked.

    R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

    O2 - BHO: blekko search bar - {1be04434-6b9f-48c8-8675-94c640d5b293} - C:\Program Files\blekkotb_sa5\blekkotb_019X.dll

    O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll

    O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

    O2 - BHO: BHO_PROJECT - {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - C:\Program Files\OpenApp\bho_project.dll

    O2 - BHO: ShopAtHomeIEHelper - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll

    O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll

    O8 - Extra context menu item: &Search - http://tbedits.mapsgalaxy.com/one-to...012072722&cv=1


    Close Hjt log.
    Restart your Pc.
     
  6. bombaykid

    bombaykid Thread Starter

    Joined:
    Jan 5, 2005
    Messages:
    203
    Malwarebytes Anti-Malware 1.60.1.1000
    www.malwarebytes.org

    Database version: v2012.01.13.04

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    PK :: BOMBAYKID [administrator]

    8/10/2012 5:36:14 PM
    mbam-log-2012-08-10 (17-36-14).txt

    Scan type: Custom scan
    Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
    Objects scanned: 1
    Time elapsed: 12 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)


    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 09/10/2012 at 02:24 PM

    Application Version : 5.5.1016

    Core Rules Database Version : 9202
    Trace Rules Database Version: 7014

    Scan type : Quick Scan
    Total Scan Time : 00:21:04

    Operating System Information
    Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
    Administrator

    Memory items scanned : 562
    Memory threats detected : 2
    Registry items scanned : 29614
    Registry threats detected : 38
    File items scanned : 10493
    File threats detected : 108

    Adware.ShopAtHomeSelect
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\InprocServer32
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\InprocServer32#ThreadingModel
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\ProgID
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\Programmable
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\TypeLib
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\VersionIndependentProgID
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4b58-9603-8E54238219E2}
    HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
    HKCR\ToolBand.ShopAtHomeIEHelper.1
    HKCR\ToolBand.ShopAtHomeIEHelper.1\CLSID
    HKCR\ToolBand.ShopAtHomeIEHelper
    HKCR\ToolBand.ShopAtHomeIEHelper\CLSID
    HKCR\ToolBand.ShopAtHomeIEHelper\CurVer
    HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}
    HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0
    HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\0
    HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\0\win32
    HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\FLAGS
    HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\HELPDIR
    C:\PROGRAM FILES\SELECTREBATES\TOOLBAR\SHOPATHOMETOOLBAR.DLL
    HKU\S-1-5-21-602162358-448539723-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

    Adware.ShopAtHome/SelectRebates
    [SelectRebates] C:\PROGRAM FILES\SELECTREBATES\SELECTREBATES.EXE
    C:\PROGRAM FILES\SELECTREBATES\SELECTREBATES.EXE
    C:\PROGRAM FILES\SELECTREBATES\SELECTREBATES.EXE

    Browser Hijacker.Tubby
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#NoModify
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#NoRepair
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayName
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#UninstallString
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayIcon
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayVersion
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#URLInfoAbout
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#Publisher
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#EstimatedSize

    Adware.SelectRebates
    C:\Program Files\SELECTREBATES\FFToolbar\chrome\sahtoolbar.jar
    C:\Program Files\SELECTREBATES\FFToolbar\chrome
    C:\Program Files\SELECTREBATES\FFToolbar\chrome.manifest
    C:\Program Files\SELECTREBATES\FFToolbar\defaults\preferences\sahtoolbar.js
    C:\Program Files\SELECTREBATES\FFToolbar\defaults\preferences
    C:\Program Files\SELECTREBATES\FFToolbar\defaults
    C:\Program Files\SELECTREBATES\FFToolbar\install.rdf
    C:\Program Files\SELECTREBATES\FFToolbar
    C:\Program Files\SELECTREBATES\SahImages\alert.png
    C:\Program Files\SELECTREBATES\SahImages\check.png
    C:\Program Files\SELECTREBATES\SahImages\close.png
    C:\Program Files\SELECTREBATES\SahImages\popupDefault.gif
    C:\Program Files\SELECTREBATES\SahImages
    C:\Program Files\SELECTREBATES\SelectAlerts.dat
    C:\Program Files\SELECTREBATES\SelectRebates.ini
    C:\Program Files\SELECTREBATES\SelectRebatesA.dat
    C:\Program Files\SELECTREBATES\SelectRebatesApi.exe
    C:\Program Files\SELECTREBATES\SelectRebatesB.dat
    C:\Program Files\SELECTREBATES\SelectRebatesBT.dat
    C:\Program Files\SELECTREBATES\SelectRebatesDownload.exe
    C:\Program Files\SELECTREBATES\SelectRebatesH.dat
    C:\Program Files\SELECTREBATES\SelectRebatesUninstall.exe
    C:\Program Files\SELECTREBATES\SRebates.dll
    C:\Program Files\SELECTREBATES\SRFF3.dll
    C:\Program Files\SELECTREBATES\Toolbar\AddtoList.bmp
    C:\Program Files\SELECTREBATES\Toolbar\basis.xml
    C:\Program Files\SELECTREBATES\Toolbar\Basis.xml.dym
    C:\Program Files\SELECTREBATES\Toolbar\Blank.bmp
    C:\Program Files\SELECTREBATES\Toolbar\Cache
    C:\Program Files\SELECTREBATES\Toolbar\CashBack.bmp
    C:\Program Files\SELECTREBATES\Toolbar\Coupons.bmp
    C:\Program Files\SELECTREBATES\Toolbar\GroceryCoupon.bmp
    C:\Program Files\SELECTREBATES\Toolbar\icons.bmp
    C:\Program Files\SELECTREBATES\Toolbar\ImageCache
    C:\Program Files\SELECTREBATES\Toolbar\i_magnifying.bmp
    C:\Program Files\SELECTREBATES\Toolbar\logo.bmp
    C:\Program Files\SELECTREBATES\Toolbar\logo_24.bmp
    C:\Program Files\SELECTREBATES\Toolbar\logo_HotSpots.bmp
    C:\Program Files\SELECTREBATES\Toolbar\ReviewSite.bmp
    C:\Program Files\SELECTREBATES\Toolbar\RightControls.dym
    C:\Program Files\SELECTREBATES\Toolbar\sahtb-alert.bmp
    C:\Program Files\SELECTREBATES\Toolbar\sahtb-go.bmp
    C:\Program Files\SELECTREBATES\Toolbar\sahtb-grocerycoupons.bmp
    C:\Program Files\SELECTREBATES\Toolbar\sahtb-icons.bmp
    C:\Program Files\SELECTREBATES\Toolbar\sahtb-restaurant.bmp
    C:\Program Files\SELECTREBATES\Toolbar\sahtb-wishlist.bmp
    C:\Program Files\SELECTREBATES\Toolbar\Scissors.bmp
    C:\Program Files\SELECTREBATES\Toolbar
    C:\Program Files\SELECTREBATES

    Adware.Zugo
    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
    HKU\S-1-5-21-602162358-448539723-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
    HKU\S-1-5-21-602162358-448539723-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{9D425283-D487-4337-BAB6-AB8354A81457}
    HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}

    Disabled.FolderOption
    HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\FOLDER\HIDDEN\SHOWALL#CHECKEDVALUE

    Heur.Agent/Gen-WhiteBox
    C:\TORRENT.EXE

    Adware.Tracking Cookie
    C:\Documents and Settings\PK\Cookies\OY2VS8ZZ.txt [ /ads.cleveland.com ]
    C:\Documents and Settings\PK\Cookies\CKJYANDP.txt [ /adserver.adtechus.com ]
    C:\Documents and Settings\PK\Cookies\BH5MZAGO.txt [ /lucidmedia.com ]
    C:\Documents and Settings\PK\Cookies\KYTN9Q27.txt [ /edge.jeetyetmedia.com ]
    C:\Documents and Settings\PK\Cookies\0T121HKH.txt [ /rotator.hadj1.adjuggler.net ]
    C:\Documents and Settings\PK\Cookies\Z9Q9GGU7.txt [ /realmedia.com ]
    C:\Documents and Settings\PK\Cookies\YWMEHM0N.txt [ /statcounter.com ]
    C:\Documents and Settings\PK\Cookies\VVE6DA4P.txt [ /liveperson.net ]
    C:\Documents and Settings\PK\Cookies\M9FZUWJA.txt [ /www.googleadservices.com ]
    C:\Documents and Settings\PK\Cookies\USE6HNLQ.txt [ /ads.syracuse.com ]
    C:\Documents and Settings\PK\Cookies\M8J95UC7.txt [ /jump.tvitrack.com ]
    C:\Documents and Settings\PK\Cookies\IB63XYOB.txt [ /legolas-media.com ]
    C:\Documents and Settings\PK\Cookies\M1C84MO3.txt [ /jeetyetmedia.com ]
    C:\Documents and Settings\PK\Cookies\4BAL3GO4.txt [ /ar.atwola.com ]
    C:\Documents and Settings\PK\Cookies\R7F1O1FL.txt [ /a1.interclick.com ]
    C:\Documents and Settings\PK\Cookies\AUDU8X60.txt [ /ads.nj.com ]
    C:\Documents and Settings\PK\Cookies\JVWOG2W3.txt [ /ads.masslive.com ]
    C:\Documents and Settings\PK\Cookies\N4HU4QPM.txt [ /collective-media.net ]
    C:\Documents and Settings\PK\Cookies\5K83VQST.txt [ /amazon-adsystem.com ]
    C:\Documents and Settings\PK\Cookies\UNEV6GNL.txt [ /friendfinder.com ]
    C:\Documents and Settings\PK\Cookies\J6INY0YB.txt [ /ads.al.com ]
    C:\Documents and Settings\PK\Cookies\RSK0F2K2.txt [ /mediaservices-d.openxenterprise.com ]
    C:\Documents and Settings\PK\Cookies\5ZINO372.txt [ /ads.pubmatic.com ]
    C:\Documents and Settings\PK\Cookies\WMHISD7H.txt [ /ads.oregonlive.com ]
    C:\Documents and Settings\PK\Cookies\T1ICXO11.txt [ /lfstmedia.com ]
    C:\Documents and Settings\PK\Cookies\0UWQ1K19.txt [ /accounts.google.com ]
    C:\Documents and Settings\PK\Cookies\AMH1V6Y3.txt [ /burstnet.com ]
    C:\Documents and Settings\PK\Cookies\UM2XZY11.txt [ /media6degrees.com ]
    C:\Documents and Settings\PK\Cookies\A12SF3SR.txt [ /interclick.com ]
    C:\Documents and Settings\PK\Cookies\KWME61K7.txt [ /adxpose.com ]
    C:\Documents and Settings\PK\Cookies\9WCXUOWX.txt [ /ads.nola.com ]
    C:\Documents and Settings\PK\Cookies\OGE89BJ1.txt [ /ad.360yield.com ]
    C:\Documents and Settings\PK\Cookies\BYLNQGJE.txt [ /openx.jeetyetmedia.com ]
    C:\Documents and Settings\PK\Cookies\VZHJYIOY.txt [ /media.adfrontiers.com ]
    C:\Documents and Settings\PK\Cookies\89BFY1C3.txt [ /yieldmanager.net ]
    C:\Documents and Settings\PK\Cookies\XVUZ3B7A.txt [ /www.bftrack.com ]
    C:\Documents and Settings\PK\Cookies\KS2P0CYL.txt [ /invitemedia.com ]
    C:\Documents and Settings\PK\Cookies\JNF2QMP8.txt [ /traveladvertising.com ]
    C:\Documents and Settings\PK\Cookies\CDBJDGU5.txt [ /ads.pennlive.com ]
    C:\Documents and Settings\PK\Cookies\67VF0AEJ.txt [ /at.atwola.com ]
    C:\Documents and Settings\PK\Cookies\S4PTOMKL.txt [ /ads.mlive.com ]
    C:\Documents and Settings\PK\Cookies\CN67HCYA.txt [ /server.iad.liveperson.net ]
    C:\Documents and Settings\PK\Cookies\FNK8TIJ8.txt [ /2o7.net ]
    C:\Documents and Settings\PK\Cookies\MGBOQ130.txt [ /clickfuse.com ]
    C:\Documents and Settings\PK\Cookies\YHMACCNM.txt [ /adinterax.com ]
    C:\Documents and Settings\PK\Cookies\IQOOH07G.txt [ /media2.legacy.com ]
    C:\Documents and Settings\PK\Cookies\IDR82O64.txt [ /ad.yieldmanager.com ]
    C:\Documents and Settings\PK\Cookies\O7NM4AVQ.txt [ /tacoda.at.atwola.com ]
    C:\Documents and Settings\PK\Cookies\9V3YAMPX.txt [ /atwola.com ]
    C:\Documents and Settings\PK\Cookies\59U5UUKR.txt [ /weil.rotator.hadj1.adjuggler.net ]
    C:\Documents and Settings\PK\Cookies\3C3TBC6Q.txt [ /indianfriendfinder.com ]
    C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\Cookies\4RXCF18Y.txt [ Cookie:[email protected]/ ]
    C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\Cookies\administrator@revsci[1].txt [ Cookie:[email protected]/ ]
    C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
    C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\Cookies\administrator@serving-sys[1].txt [ Cookie:[email protected]/ ]

    Adware.SelectRebates[SAH]
    C:\PROGRAM FILES\SELECTREBATES\SREBATES.DLL

    PUP.CNETInstaller
    C:\DOCUMENTS AND SETTINGS\PK\DESKTOP\UNUSEPROGRAMS\CNET2_IESPELLSETUP264573_EXE.EXE
     
  7. bombaykid

    bombaykid Thread Starter

    Joined:
    Jan 5, 2005
    Messages:
    203
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 2:55:06 PM, on 9/10/2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\WINDOWS\system32\ASTSRV.EXE
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
    C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
    C:\Program Files\Nitro PDF\Express\NitroPDFExpressDriverService.exe
    C:\WINDOWS\system32\NLSSRV32.EXE
    C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
    C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
    C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
    C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
    C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
    C:\Program Files\Google\Google Talk\googletalk.exe
    C:\program files\real\realplayer\update\realsched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\PK\Application Data\mjusbsp\magicJack.exe
    C:\WINDOWS\system32\WISPTIS.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://snt143.mail.live.com/mail/I...a326-00237de33944&fv=1#n=28766420&fid=1&fav=1
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\IPS\IPSBHO.DLL
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll
    O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
    O3 - Toolbar: Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll
    O3 - Toolbar: ShopAtHome.com Toolbar - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (file missing)
    O3 - Toolbar: (no name) - {1be04434-6b9f-48c8-8675-94c640d5b293} - (no file)
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
    O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\PK\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PK\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\ASTSRV.EXE
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
    O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe
    O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
    O23 - Service: NitroPDFExpressDriverCreatorReadSpool (NitroExpressDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Express\NitroPDFExpressDriverService.exe
    O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE
    O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\SymcPCCULaunchSvc.exe
    O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
    O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

    --
    End of file - 9969 bytes
     
  8. blues_harp28

    blues_harp28 Trusted Advisor

    Joined:
    Jan 9, 2005
    Messages:
    17,059
    Start > Run > Type
    msconfig
    In msconfig - Start up tab.
    Untick all entries - [You only need Norton to run at startup - it is not in the list but it will still load at startup]

    [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun

    [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
    [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot

    [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    [cdloader] "C:\Documents and Settings\PK\Application Data\mjusbsp\cdloader2.exe" MAGICJACK

    [Google Update] "C:\Documents and Settings\PK\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe


    Apply > Ok > Reboot your Pc.

    The System Configuration Utility box appear on retstart - saying changes have been made.
    Tick the box on the lower left and then OK.

    Any entry can be re-enabled using msconfig - if it needs to be

    ------

    Post the uninstall log from Hjt log
    Start HiJackThis.
    At the bottom right - Other Stuff
    Click on Config > Misc Tools.
    Click > Open Uninstall Manager.
    Click > Save List.
    Save the uninstall list file on your desktop.
    It will then open in Notepad.
    Click Edit > Select All > Copy-and-Paste the uninstall list in the reply box.
     
  9. bombaykid

    bombaykid Thread Starter

    Joined:
    Jan 5, 2005
    Messages:
    203
    It is still taking 8 min to restar computer and open IE .

    Un tick every thing in startup and now I am restaring, lets see how long does it take
     
  10. bombaykid

    bombaykid Thread Starter

    Joined:
    Jan 5, 2005
    Messages:
    203
    it took 5 min to restart computer and open IE, Magic jack did not load
     
  11. blues_harp28

    blues_harp28 Trusted Advisor

    Joined:
    Jan 9, 2005
    Messages:
    17,059
    If you need Magic Jack to load at startup - retick it in msconfig.

    Clean out Temp Files.
    Open the Start Menu.
    In the Start Search area.
    Type.
    Cleanmgr

    Press Enter.
    Check [tick] Temporary files Only.
    Click on OK.
    Then Click on Delete Files.

    -----

    Post the uninstall log from Hjt log
    Start HiJackThis.
    At the bottom right - Other Stuff
    Click on Config > Misc Tools.
    Click > Open Uninstall Manager.
    Click > Save List.
    Save the uninstall list file on your desktop.
    It will then open in Notepad.
    Click Edit > Select All > Copy-and-Paste the uninstall list in the reply box.
     
  12. bombaykid

    bombaykid Thread Starter

    Joined:
    Jan 5, 2005
    Messages:
    203
    It is taking long time to clean temp. files. Disk cleaning is still going on , It is clearing temp file.
     
  13. bombaykid

    bombaykid Thread Starter

    Joined:
    Jan 5, 2005
    Messages:
    203
    ok it stop now, I will restart my computer now and see how long does it take.
     
  14. bombaykid

    bombaykid Thread Starter

    Joined:
    Jan 5, 2005
    Messages:
    203
    Still taking 7 min to restart computer and open IE
     
  15. blues_harp28

    blues_harp28 Trusted Advisor

    Joined:
    Jan 9, 2005
    Messages:
    17,059
    When did you last Defrag the hard drive?
    Right click My Computer>Open
    Right click - Local disk - should be C:
    Click Properties.
    Tools > Defragmentation

    Post the uninstall log from Hjt log
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1068461