Jump to content


Photo

Incredibly slow startup


  • This topic is locked This topic is locked
6 replies to this topic

#1 Kenton02

Kenton02

    Member

  • Full Member
  • Pip
  • 3 posts

Posted 21 April 2007 - 07:30 PM

Hi

I have run adaware, trend pccillin and speed up my PC but still can't work out why my pc takes about 7-10 mins to start up.

[edit] Found Client IP-IPX and fixed with HJT but still slow[/edit]

Any help would be greatly appreciated

Here is my hijackthis log ...

Logfile of HijackThis v1.99.1
Scan saved at 8:58:44 AM, on 22/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
F:\WINNTNEW\System32\smss.exe
F:\WINNTNEW\system32\winlogon.exe
F:\WINNTNEW\system32\services.exe
F:\WINNTNEW\system32\lsass.exe
F:\WINNTNEW\system32\svchost.exe
F:\WINNTNEW\System32\svchost.exe
F:\WINNTNEW\system32\spoolsv.exe
F:\WINNTNEW\system32\inetsrv\inetinfo.exe
F:\PROGRA~1\TRENDM~1\INTERN~4\PcCtlCom.exe
F:\WINNTNEW\system32\tcpsvcs.exe
F:\WINNTNEW\System32\snmp.exe
F:\WINNTNEW\system32\svchost.exe
F:\PROGRA~1\TRENDM~1\INTERN~4\Tmntsrv.exe
F:\PROGRA~1\TRENDM~1\INTERN~4\TmPfw.exe
F:\Program Files\Wireless-G Portable USB Adapter\WLService.exe
F:\Program Files\Wireless-G Portable USB Adapter\WUSB54GP.exe
F:\WINNTNEW\system32\mqsvc.exe
F:\WINNTNEW\system32\mqtgsvc.exe
F:\WINNTNEW\Explorer.EXE
F:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
F:\Program Files\D-Link\AirPlus G\AirGCFG.exe
F:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
F:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe
F:\WINNTNEW\SOUNDMAN.EXE
F:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe
F:\WINNTNEW\system32\ctfmon.exe
F:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
F:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe
F:\WINNTNEW\system32\wuauclt.exe
F:\WINNTNEW\system32\wbem\wmiapsrv.exe
F:\WINNTNEW\system32\wuauclt.exe
F:\WINNTNEW\SoftwareDistribution\Download\Install\WindowsXP-KB905474-ENU-x86.exe
h:\896058f3853988d5bff4\update\update.exe
F:\PROGRA~1\TRENDM~1\INTERN~4\PcScnSrv.exe
F:\PROGRA~1\TRENDM~1\INTERN~4\tmproxy.exe
F:\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by APC
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar3.dll
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [iKeyWorks] F:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [ATIPTA] F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [D-Link AirPlus G] F:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] F:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [pccguide.exe] "F:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [OE] "F:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINNTNEW\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] F:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] F:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe -s
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\WINNTNEW\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\WINNTNEW\System32\msjava.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: cgi.ebay.com.au
O15 - Trusted Zone: computers.ebay.com.au
O15 - Trusted Zone: computers.listings.ebay.com.au
O15 - Trusted Zone: domayne.com.au
O15 - Trusted Zone: ebay.com.au
O15 - Trusted Zone: groups.google.com.au
O15 - Trusted Zone: jobnet.com.au
O15 - Trusted Zone: seek.com.au
O15 - Trusted Zone: www.ebay.com.au
O15 - Trusted Zone: www.myer.com.au
O15 - Trusted Zone: http://www.lavasoftsupport.com
O15 - Trusted Zone: www.spamcop.net
O15 - Trusted Zone: http://www.webmasterworld.com
O15 - Trusted IP range: http://127.0.0.1
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-bet...all/xscan60.cab
O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://E:\content\include\XPPatchInstaller.CAB
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg...l_v1-0-3-18.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1100295846390
O20 - Winlogon Notify: WgaLogon - F:\WINNTNEW\SYSTEM32\WgaLogon.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - F:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: ATI Smart - Unknown owner - F:\WINNTNEW\system32\ati2sgag.exe
O23 - Service: Client IP-IPX - Unknown owner - F:\WINNTNEW\system32\svchosts.exe" -e te-110-12-0000257 (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - F:\WINNTNEW\System32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\PcScnSrv.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\tmproxy.exe
O23 - Service: WUSB54GPSVC - Unknown owner - F:\Program Files\Wireless-G Portable USB Adapter\WLService.exe" "WUSB54GP.exe (file missing)

Edited by Kenton02, 21 April 2007 - 08:36 PM.


#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,520 posts

Posted 24 April 2007 - 06:30 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.

#3 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,080 posts

Posted 09 May 2007 - 10:53 AM

Hello,

Print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.

Do you know what this update.exe if for?
h:\896058f3853988d5bff4\update\update.exe

If not, Submit the file in bold to the following link for a scan, then post the results in your next message for me to see.
http://virusscan.jotti.org/

Download SDFix and save it to your desktop.

Please then reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, a menu with options should appear;
  • Select the first option, to run Windows in Safe Mode, then press "Enter".
  • Choose your usual account.
  • In Safe Mode, right click the SDFix.zip folder and choose Extract All,
  • Open the extracted folder and double click RunThis.bat to start the script.
  • Type Y to begin the script.
  • It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • Your system will take longer that normal to restart as the fixtool will be running and removing files.
  • When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons.
  • Finally open the SDFix folder on your desktop and copy and paste the contents of the results file Report.txt back onto the forum with a new HijackThis log

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#4 Kenton02

Kenton02

    Member

  • Full Member
  • Pip
  • 3 posts

Posted 09 May 2007 - 07:00 PM

Hi, thanks

(the update file seems to be a windows update)

Here are the results for the virusscan
Scan taken on 09 May 2007 23:52:09 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Rising Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing

I downloaded the SDFix.exe (no .zip file found) and will continue with your instructions now.

Kenton

Edited by Kenton02, 09 May 2007 - 07:00 PM.


#5 Kenton02

Kenton02

    Member

  • Full Member
  • Pip
  • 3 posts

Posted 09 May 2007 - 07:55 PM

Hi nasdaq

Here are the logs as requested:


SDFix: Version 1.83

Run by Administrator - Thu 10/05/2007 - 9:04:13.78

Microsoft Windows XP [Version 5.1.2600]

Running From: F:\SDFix\SDFix

Safe Mode:
Checking Services:

Name:
Client IP-IPX

ImagePath:
"F:\WINNTNEW\system32\svchosts.exe" -e te-110-12-0000257

Client IP-IPX - Deleted



Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...

Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

F:\WINNTNEW\system32\TFTP1164 - Deleted
F:\WINNTNEW\system32\TFTP1480 - Deleted
F:\WINNTNEW\system32\unsvchosts.exe - Deleted



Removing Temp Files

ADS Check:

Checking if ADS is attached to system32 Folder
F:\WINNTNEW\system32
No streams found.

Checking if ADS is attached to svchost.exe
F:\WINNTNEW\system32\svchost.exe
No streams found.



Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"F:\\WINNTNEW\\system32\\mqsvc.exe"="F:\\WINNTNEW\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"F:\\Documents and Settings\\Administrator.PENTIUM-IV\\Local Settings\\Temp\\usmt\\migwiz.exe"="F:\\Documents and Settings\\Administrator.PENTIUM-IV\\Local Settings\\Temp\\usmt\\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard"
"F:\\Program Files\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe"="F:\\Program Files\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe:*:Enabled:Dreamweaver MX"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"F:\\WINNTNEW\\system32\\mqsvc.exe"="F:\\WINNTNEW\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


Remaining Files:
---------------

Backups Folder: - F:\SDFix\SDFix\backups\backups.zip

Checking For Files with Hidden Attributes:

F:\Documents and Settings\Administrator.PENTIUM-IV\NetHood\bridalnet.com.au\Desktop.ini
F:\Documents and Settings\Administrator.PENTIUM-IV\NetHood\winnet on www.winnet.com.au\Desktop.ini
F:\Documents and Settings\Administrator.PENTIUM-IV\NetHood\www.guardianmediaonline.com\Desktop.ini
F:\WINNTNEW\rreg32.dll
F:\WINNTNEW\utapi32.dll
F:\Program Files\Outlook Express\msimn.exe
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0003.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0005.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0006.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0089.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0524.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0623.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0671.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0713.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0763.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL0842.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL1130.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL1199.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL1202.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL1403.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL1516.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL1715.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL2160.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL2206.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL2357.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL2867.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL3015.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL3082.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL3269.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL3368.tmp
F:\Documents and Settings\Administrator.PENTIUM-IV\Application Data\Microsoft\Word\~WRL3394.tmp
F:\RECYCLER\S-1-5-21-1177238915-1229272821-839522115-500\Df10626.tmp
F:\RECYCLER\S-1-5-21-1177238915-1229272821-839522115-500\Df10627.tmp
F:\RECYCLER\S-1-5-21-1177238915-1229272821-839522115-500\Df1996.tmp
F:\WINNTNEW\SoftwareDistribution\Download\S-1-5-18\3506ffed37b2861bc2600dfeb100584a\BITDE.tmp
F:\WINNTNEW\system32\config\default.tmp.LOG
F:\WINNTNEW\system32\config\software.tmp.LOG
F:\WINNTNEW\system32\config\system.tmp.LOG

Finished


Logfile of HijackThis v1.99.1
Scan saved at 9:45:09 AM, on 10/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
F:\WINNTNEW\System32\smss.exe
F:\WINNTNEW\system32\winlogon.exe
F:\WINNTNEW\system32\services.exe
F:\WINNTNEW\system32\lsass.exe
F:\WINNTNEW\system32\svchost.exe
F:\WINNTNEW\System32\svchost.exe
F:\WINNTNEW\system32\spoolsv.exe
F:\WINNTNEW\system32\inetsrv\inetinfo.exe
F:\PROGRA~1\TRENDM~1\INTERN~4\PcCtlCom.exe
F:\WINNTNEW\system32\tcpsvcs.exe
F:\WINNTNEW\System32\snmp.exe
F:\WINNTNEW\system32\svchost.exe
F:\PROGRA~1\TRENDM~1\INTERN~4\Tmntsrv.exe
F:\PROGRA~1\TRENDM~1\INTERN~4\TmPfw.exe
F:\PROGRA~1\TRENDM~1\INTERN~4\tmproxy.exe
F:\WINNTNEW\system32\mqsvc.exe
F:\WINNTNEW\system32\mqtgsvc.exe
F:\WINNTNEW\Explorer.EXE
F:\PROGRA~1\TRENDM~1\INTERN~4\PcScnSrv.exe
F:\PROGRA~1\TRENDM~1\INTERN~4\PccGuide.exe
F:\WINNTNEW\system32\wbem\wmiapsrv.exe
F:\WINNTNEW\system32\notepad.exe
F:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
F:\Program Files\D-Link\AirPlus G\AirGCFG.exe
F:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
F:\WINNTNEW\SOUNDMAN.EXE
F:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe
F:\WINNTNEW\system32\ctfmon.exe
F:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe
F:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
F:\WINNTNEW\System32\svchost.exe
F:\WINNTNEW\system32\wuauclt.exe
F:\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by APC
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [iKeyWorks] F:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [ATIPTA] F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] F:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] F:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [pccguide.exe] "F:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [OE] "F:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINNTNEW\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] F:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [swg] F:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: cgi.ebay.com.au
O15 - Trusted Zone: computers.ebay.com.au
O15 - Trusted Zone: computers.listings.ebay.com.au
O15 - Trusted Zone: domayne.com.au
O15 - Trusted Zone: ebay.com.au
O15 - Trusted Zone: groups.google.com.au
O15 - Trusted Zone: jobnet.com.au
O15 - Trusted Zone: seek.com.au
O15 - Trusted Zone: www.ebay.com.au
O15 - Trusted Zone: www.myer.com.au
O15 - Trusted Zone: http://www.lavasoftsupport.com
O15 - Trusted Zone: www.spamcop.net
O15 - Trusted Zone: http://www.webmasterworld.com
O15 - Trusted IP range: http://127.0.0.1
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-bet...all/xscan60.cab
O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://E:\content\include\XPPatchInstaller.CAB
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg...l_v1-0-3-18.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1100295846390
O20 - Winlogon Notify: WgaLogon - F:\WINNTNEW\SYSTEM32\WgaLogon.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - F:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: ATI Smart - Unknown owner - F:\WINNTNEW\system32\ati2sgag.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - F:\WINNTNEW\System32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\PcScnSrv.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~4\tmproxy.exe

#6 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,080 posts

Posted 10 May 2007 - 07:22 AM

Nice work I see a clean log.

Any problems pending?
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#7 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,080 posts

Posted 21 May 2007 - 09:37 AM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button