• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
Kenton02

Incredibly slow startup

7 posts in this topic

Hi

 

I have run adaware, trend pccillin and speed up my PC but still can't work out why my pc takes about 7-10 mins to start up.

 

[edit] Found Client IP-IPX and fixed with HJT but still slow[/edit]

 

Any help would be greatly appreciated

 

Here is my hijackthis log ...

 

Logfile of HijackThis v1.99.1

Scan saved at 8:58:44 AM, on 22/04/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16414)

 

Running processes:

F:\WINNTNEW\System32\smss.exe

F:\WINNTNEW\system32\winlogon.exe

F:\WINNTNEW\system32\services.exe

F:\WINNTNEW\system32\lsass.exe

F:\WINNTNEW\system32\svchost.exe

F:\WINNTNEW\System32\svchost.exe

F:\WINNTNEW\system32\spoolsv.exe

F:\WINNTNEW\system32\inetsrv\inetinfo.exe

F:\PROGRA~1\TRENDM~1\INTERN~4\PcCtlCom.exe

F:\WINNTNEW\system32\tcpsvcs.exe

F:\WINNTNEW\System32\snmp.exe

F:\WINNTNEW\system32\svchost.exe

F:\PROGRA~1\TRENDM~1\INTERN~4\Tmntsrv.exe

F:\PROGRA~1\TRENDM~1\INTERN~4\TmPfw.exe

F:\Program Files\Wireless-G Portable USB Adapter\WLService.exe

F:\Program Files\Wireless-G Portable USB Adapter\WUSB54GP.exe

F:\WINNTNEW\system32\mqsvc.exe

F:\WINNTNEW\system32\mqtgsvc.exe

F:\WINNTNEW\Explorer.EXE

F:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe

F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

F:\Program Files\D-Link\AirPlus G\AirGCFG.exe

F:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

F:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe

F:\WINNTNEW\SOUNDMAN.EXE

F:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe

F:\WINNTNEW\system32\ctfmon.exe

F:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

F:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe

F:\WINNTNEW\system32\wuauclt.exe

F:\WINNTNEW\system32\wbem\wmiapsrv.exe

F:\WINNTNEW\system32\wuauclt.exe

F:\WINNTNEW\SoftwareDistribution\Download\Install\WindowsXP-KB905474-ENU-x86.exe

h:\896058f3853988d5bff4\update\update.exe

F:\PROGRA~1\TRENDM~1\INTERN~4\PcScnSrv.exe

F:\PROGRA~1\TRENDM~1\INTERN~4\tmproxy.exe

F:\HijackThis\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by APC

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar3.dll

O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar3.dll

O4 - HKLM\..\Run: [iKeyWorks] F:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe

O4 - HKLM\..\Run: [ATIPTA] F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll

O4 - HKLM\..\Run: [D-Link AirPlus G] F:\Program Files\D-Link\AirPlus G\AirGCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] F:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [pccguide.exe] "F:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKCU\..\Run: [OE] "F:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe"

O4 - HKCU\..\Run: [ctfmon.exe] F:\WINNTNEW\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] F:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [uniblue SpeedUpMyPC] F:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe -s

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\WINNTNEW\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\WINNTNEW\System32\msjava.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O15 - Trusted Zone: cgi.ebay.com.au

O15 - Trusted Zone: computers.ebay.com.au

O15 - Trusted Zone: computers.listings.ebay.com.au

O15 - Trusted Zone: domayne.com.au

O15 - Trusted Zone: ebay.com.au

O15 - Trusted Zone: groups.google.com.au

O15 - Trusted Zone: jobnet.com.au

O15 - Trusted Zone: seek.com.au

O15 - Trusted Zone: www.ebay.com.au

O15 - Trusted Zone: www.myer.com.au

O15 - Trusted Zone: http://www.lavasoftsupport.com

O15 - Trusted Zone: www.spamcop.net

O15 - Trusted Zone: http://www.webmasterworld.com

O15 - Trusted IP range: http://127.0.0.1

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-beta.trendmicro.com/housecall/xscan60.cab

O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://E:\content\include\XPPatchInstaller.CAB

O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...l_v1-0-3-18.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1100295846390

O20 - Winlogon Notify: WgaLogon - F:\WINNTNEW\SYSTEM32\WgaLogon.dll

O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - F:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe

O23 - Service: ATI Smart - Unknown owner - F:\WINNTNEW\system32\ati2sgag.exe

O23 - Service: Client IP-IPX - Unknown owner - F:\WINNTNEW\system32\svchosts.exe" -e te-110-12-0000257 (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - F:\WINNTNEW\System32\nvsvc32.exe

O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\PcCtlCom.exe

O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\PcScnSrv.exe

O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\Tmntsrv.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\tmproxy.exe

O23 - Service: WUSB54GPSVC - Unknown owner - F:\Program Files\Wireless-G Portable USB Adapter\WLService.exe" "WUSB54GP.exe (file missing)

Edited by Kenton02

Share this post


Link to post
Share on other sites

Welcome to SWI. We apologize for the delay; our helpers have been very busy.

If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

 

Thank you for your patience.

 

[this is an automated reply]

Share this post


Link to post
Share on other sites

Hello,

 

Print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.

 

Do you know what this update.exe if for?

h:\896058f3853988d5bff4\update\update.exe

 

If not, Submit the file in bold to the following link for a scan, then post the results in your next message for me to see.

http://virusscan.jotti.org/

 

Download SDFix and save it to your desktop.

 

Please then reboot your computer in Safe Mode by doing the following :

  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, a menu with options should appear;
  • Select the first option, to run Windows in Safe Mode, then press "Enter".
  • Choose your usual account.

  • In Safe Mode, right click the SDFix.zip folder and choose Extract All,
  • Open the extracted folder and double click RunThis.bat to start the script.
  • Type Y to begin the script.
  • It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • Your system will take longer that normal to restart as the fixtool will be running and removing files.
  • When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons.
  • Finally open the SDFix folder on your desktop and copy and paste the contents of the results file Report.txt back onto the forum with a new HijackThis log

Share this post


Link to post
Share on other sites

Hi, thanks

 

(the update file seems to be a windows update)

 

Here are the results for the virusscan

Scan taken on 09 May 2007 23:52:09 (GMT)

A-Squared Found nothing

AntiVir Found nothing

ArcaVir Found nothing

Avast Found nothing

AVG Antivirus Found nothing

BitDefender Found nothing

ClamAV Found nothing

Dr.Web Found nothing

F-Prot Antivirus Found nothing

F-Secure Anti-Virus Found nothing

Fortinet Found nothing

Kaspersky Anti-Virus Found nothing

NOD32 Found nothing

Norman Virus Control Found nothing

Panda Antivirus Found nothing

Rising Antivirus Found nothing

VirusBuster Found nothing

VBA32 Found nothing

 

I downloaded the SDFix.exe (no .zip file found) and will continue with your instructions now.

 

Kenton

Edited by Kenton02

Share this post


Link to post
Share on other sites

Hi nasdaq

 

Here are the logs as requested:

 

 

SDFix: Version 1.83

 

Run by Administrator - Thu 10/05/2007 - 9:04:13.78

 

Microsoft Windows XP [Version 5.1.2600]

 

Running From: F:\SDFix\SDFix

 

Safe Mode:

Checking Services:

 

Name:

Client IP-IPX

 

ImagePath:

"F:\WINNTNEW\system32\svchosts.exe" -e te-110-12-0000257

 

Client IP-IPX - Deleted

 

 

 

Restoring Windows Registry Values

Restoring Windows Default Hosts File

 

Rebooting...

 

Normal Mode:

Checking Files:

 

Below files will be copied to Backups folder then removed:

 

F:\WINNTNEW\system32\TFTP1164 - Deleted

F:\WINNTNEW\system32\TFTP1480 - Deleted

F:\WINNTNEW\system32\unsvchosts.exe - Deleted

 

 

 

Removing Temp Files

 

ADS Check:

 

Checking if ADS is attached to system32 Folder

F:\WINNTNEW\system32

No streams found.

 

Checking if ADS is attached to svchost.exe

F:\WINNTNEW\system32\svchost.exe

No streams found.

 

 

 

Final Check:

 

Remaining Services:

------------------

 

 

 

Authorized Application Key Export:

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"F:\\WINNTNEW\\system32\\mqsvc.exe"="F:\\WINNTNEW\\system32\\mqsvc.exe:*:Enabled:Message Queuing"

"F:\\Documents and Settings\\Administrator.PENTIUM-IV\\Local Settings\\Temp\\usmt\\migwiz.exe"="F:\\Documents and Settings\\Administrator.PENTIUM-IV\\Local Settings\\Temp\\usmt\\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard"

"F:\\Program Files\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe"="F:\\Program Files\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe:*:Enabled:Dreamweaver MX"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

 

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"F:\\WINNTNEW\\system32\\mqsvc.exe"="F:\\WINNTNEW\\system32\\mqsvc.exe:*:Enabled:Message Queuing"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

 

 

Remaining Files:

---------------

 

Backups Folder: - F:\SDFix\SDFix\backups\backups.zip

 

Checking For Files with Hidden Attributes:

 

F:\Documents and Settings\Administrator.PENTIUM-IV\NetHood\bridalnet.com.au\Desktop.ini

F:\Documents and Settings\Administrator.PENTIUM-IV\NetHood\winnet on www.winnet.com.au\Desktop.ini

F:\Documents and Settings\Administrator.PENTIUM-IV\NetHood\www.guardianmediaonline.com\Desktop.ini

F:\WINNTNEW\rreg32.dll

F:\WINNTNEW\utapi32.dll

F:\Program Files\Outlook Express\msimn.exe

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0003.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0005.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0006.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0089.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0524.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0623.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0671.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0713.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0763.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0842.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL1130.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL1199.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL1202.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL1403.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL1516.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL1715.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL2160.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL2206.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL2357.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL2867.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL3015.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL3082.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL3269.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL3368.tmp

F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL3394.tmp

F:\RECYCLER\S-1-5-21-1177238915-1229272821-839522115-500\Df10626.tmp

F:\RECYCLER\S-1-5-21-1177238915-1229272821-839522115-500\Df10627.tmp

F:\RECYCLER\S-1-5-21-1177238915-1229272821-839522115-500\Df1996.tmp

F:\WINNTNEW\SoftwareDistribution\Download\S-1-5-18\3506ffed37b2861bc2600dfeb100584a\BITDE.tmp

F:\WINNTNEW\system32\config\default.tmp.LOG

F:\WINNTNEW\system32\config\software.tmp.LOG

F:\WINNTNEW\system32\config\system.tmp.LOG

 

Finished

 

 

Logfile of HijackThis v1.99.1

Scan saved at 9:45:09 AM, on 10/05/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16414)

 

Running processes:

F:\WINNTNEW\System32\smss.exe

F:\WINNTNEW\system32\winlogon.exe

F:\WINNTNEW\system32\services.exe

F:\WINNTNEW\system32\lsass.exe

F:\WINNTNEW\system32\svchost.exe

F:\WINNTNEW\System32\svchost.exe

F:\WINNTNEW\system32\spoolsv.exe

F:\WINNTNEW\system32\inetsrv\inetinfo.exe

F:\PROGRA~1\TRENDM~1\INTERN~4\PcCtlCom.exe

F:\WINNTNEW\system32\tcpsvcs.exe

F:\WINNTNEW\System32\snmp.exe

F:\WINNTNEW\system32\svchost.exe

F:\PROGRA~1\TRENDM~1\INTERN~4\Tmntsrv.exe

F:\PROGRA~1\TRENDM~1\INTERN~4\TmPfw.exe

F:\PROGRA~1\TRENDM~1\INTERN~4\tmproxy.exe

F:\WINNTNEW\system32\mqsvc.exe

F:\WINNTNEW\system32\mqtgsvc.exe

F:\WINNTNEW\Explorer.EXE

F:\PROGRA~1\TRENDM~1\INTERN~4\PcScnSrv.exe

F:\PROGRA~1\TRENDM~1\INTERN~4\PccGuide.exe

F:\WINNTNEW\system32\wbem\wmiapsrv.exe

F:\WINNTNEW\system32\notepad.exe

F:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe

F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

F:\Program Files\D-Link\AirPlus G\AirGCFG.exe

F:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

F:\WINNTNEW\SOUNDMAN.EXE

F:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe

F:\WINNTNEW\system32\ctfmon.exe

F:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe

F:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

F:\WINNTNEW\System32\svchost.exe

F:\WINNTNEW\system32\wuauclt.exe

F:\HijackThis\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by APC

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar3.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar3.dll

O4 - HKLM\..\Run: [iKeyWorks] F:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe

O4 - HKLM\..\Run: [ATIPTA] F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [D-Link AirPlus G] F:\Program Files\D-Link\AirPlus G\AirGCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] F:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [pccguide.exe] "F:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKCU\..\Run: [OE] "F:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe"

O4 - HKCU\..\Run: [ctfmon.exe] F:\WINNTNEW\system32\ctfmon.exe

O4 - HKCU\..\Run: [uniblue SpeedUpMyPC] F:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe -s

O4 - HKCU\..\Run: [swg] F:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: cgi.ebay.com.au

O15 - Trusted Zone: computers.ebay.com.au

O15 - Trusted Zone: computers.listings.ebay.com.au

O15 - Trusted Zone: domayne.com.au

O15 - Trusted Zone: ebay.com.au

O15 - Trusted Zone: groups.google.com.au

O15 - Trusted Zone: jobnet.com.au

O15 - Trusted Zone: seek.com.au

O15 - Trusted Zone: www.ebay.com.au

O15 - Trusted Zone: www.myer.com.au

O15 - Trusted Zone: http://www.lavasoftsupport.com

O15 - Trusted Zone: www.spamcop.net

O15 - Trusted Zone: http://www.webmasterworld.com

O15 - Trusted IP range: http://127.0.0.1

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-beta.trendmicro.com/housecall/xscan60.cab

O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://E:\content\include\XPPatchInstaller.CAB

O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...l_v1-0-3-18.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1100295846390

O20 - Winlogon Notify: WgaLogon - F:\WINNTNEW\SYSTEM32\WgaLogon.dll

O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - F:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe

O23 - Service: ATI Smart - Unknown owner - F:\WINNTNEW\system32\ati2sgag.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - F:\WINNTNEW\System32\nvsvc32.exe

O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\PcCtlCom.exe

O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\PcScnSrv.exe

O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\Tmntsrv.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\tmproxy.exe

Share this post


Link to post
Share on other sites

Nice work I see a clean log.

 

Any problems pending?

Share this post


Link to post
Share on other sites

Glad we could help. :)

 

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0