943,735 Members | Top Members by Rank

Hardware and Software > Microsoft Windows > Viruses, Spyware and other Nasties > Slow IE7 startup HJT log included
Ad:
You are currently viewing page 2 of this multi-page discussion thread; Jump to the first page
Permalink
Nov 20th, 2007
0

Re: Slow IE7 startup HJT log included

Gerbil,
I removed old java installations. I ran step 3 of AWF but seems like I still have bak folders. Here is the log.


Find AWF report by noahdfear ©2006
Version 1.40
Option 3 run successfully

The current date is: Tue 11/20/2007
The current time is: 12:03:50.12


bak folders found
~~~~~~~~~~~


Directory of C:\HP\KBD\BAK

02/11/2003 01:02 PM 61,440 KBD.EXE
1 File(s) 61,440 bytes

Directory of C:\PROGRA~1\BEARSH~1\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\BLUBSTER\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\ITUNES\BAK

10/30/2006 09:36 AM 256,576 iTunesHelper.exe
1 File(s) 256,576 bytes

Directory of C:\PROGRA~1\MI3AA1~1\BAK

11/15/2005 07:44 PM 1,200,128 wcescomm.exe
1 File(s) 1,200,128 bytes

Directory of C:\PROGRA~1\MSNMES~1\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\PICASA2\BAK

05/02/2007 12:08 AM 366,400 PicasaMediaDetector.exe
1 File(s) 366,400 bytes

Directory of C:\PROGRA~1\QUICKT~1\BAK

10/25/2006 06:58 PM 282,624 qttask.exe
1 File(s) 282,624 bytes

Directory of C:\WINDOWS\SMINST\BAK

04/14/2004 02:43 PM 233,472 RECGUARD.EXE
1 File(s) 233,472 bytes

Directory of C:\WINDOWS\SYSTEM\BAK

11/13/2007 08:45 PM 182 hpsysdrv.DAT
05/07/1998 10:04 AM 52,736 hpsysdrv.exe
2 File(s) 52,918 bytes

Directory of C:\WINDOWS\SYSTEM32\BAK

08/04/2004 05:00 AM 15,360 ctfmon.exe
11/02/2004 09:59 AM 126,976 hkcmd.exe
11/22/2002 10:48 AM 348,160 hphmon04.exe
06/07/2004 12:42 PM 659,456 hphmon06.exe
10/25/2004 03:17 PM 90,112 ps2.exe
5 File(s) 1,240,064 bytes

Directory of C:\HP\DRIVERS\HPLSBW~1\BAK

10/14/2004 03:54 PM 253,952 lsburnwatcher.exe
1 File(s) 253,952 bytes

Directory of C:\PROGRA~1\EBAY\EBAYTO~1\BAK

09/04/2007 09:30 PM 550,128 eBayTBDaemon.exe
1 File(s) 550,128 bytes

Directory of C:\PROGRA~1\GOOGLE\GOOGLE~2\BAK

06/16/2007 04:57 PM 68,856 GoogleToolbarNotifier.exe
1 File(s) 68,856 bytes

Directory of C:\PROGRA~1\GOOGLE\GOOGLE~3\BAK

08/11/2007 09:27 AM 1,838,592 GoogleDesktop.exe
1 File(s) 1,838,592 bytes

Directory of C:\PROGRA~1\GRISOFT\AVG7\BAK

09/16/2007 07:15 PM 421,888 avgcc.exe
1 File(s) 421,888 bytes

Directory of C:\PROGRA~1\HP\HPSHAR~1\BAK

04/17/2002 09:42 AM 69,632 hpgs2wnd.exe
1 File(s) 69,632 bytes

Directory of C:\PROGRA~1\HP\{AAC4F~1\BAK

06/07/2004 12:53 PM 49,152 hphupd06.exe
1 File(s) 49,152 bytes

Directory of C:\PROGRA~1\MUSICM~1\MUSICM~1\BAK

05/20/2002 06:36 PM 90,112 mm_tray.exe
1 File(s) 90,112 bytes

Directory of C:\PROGRA~1\SCANSOFT\OMNIPA~1\BAK

06/03/2002 10:38 AM 49,152 opware32.exe
1 File(s) 49,152 bytes

Directory of C:\PROGRA~1\TRENDM~1\INTERN~1\BAK

12/05/2005 04:49 PM 897,089 pccguide.exe
1 File(s) 897,089 bytes

Directory of C:\PROGRA~1\COMMON~1\REAL\UPDATE~1\BAK

01/11/2002 12:53 PM 180,269 realsched.exe
1 File(s) 180,269 bytes

Directory of C:\PROGRA~1\HPPHOT~1\HPHINS~1\UNIPATCH\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\JAVA\JRE16~1.0_0\BIN\BAK

03/14/2007 02:43 AM 83,608 jusched.exe
1 File(s) 83,608 bytes

Directory of C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\BAK

11/22/2002 10:49 AM 188,416 hpztsb07.exe
1 File(s) 188,416 bytes


Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

61440 Feb 11 2003 "C:\hp\KBD\KBD.EXE"
61440 Feb 11 2003 "C:\hp\KBD\bak\KBD.EXE"
256576 Oct 30 2006 "C:\Program Files\iTunes\iTunesHelper.exe"
256576 Oct 30 2006 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Dec 25 2006 "C:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 Oct 30 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
1200128 Nov 15 2005 "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
1200128 Nov 15 2005 "C:\Program Files\Microsoft ActiveSync\bak\wcescomm.exe"
476984 May 2 2007 "C:\Program Files\Picasa2\PicasaUpdate.exe"
366400 May 2 2007 "C:\Program Files\Picasa2\bak\PicasaMediaDetector.exe"
493384 May 2 2007 "C:\Program Files\Picasa2\cdautorun\PicasaRestore.exe"
282624 Oct 25 2006 "C:\Program Files\QuickTime\qttask.exe"
282624 Oct 25 2006 "C:\Program Files\QuickTime\bak\qttask.exe"
233472 Apr 14 2004 "C:\WINDOWS\SMINST\RECGUARD.EXE"
233472 Apr 14 2004 "C:\WINDOWS\SMINST\bak\RECGUARD.EXE"
182 Nov 13 2007 "C:\WINDOWS\system\hpsysdrv.DAT"
182 Nov 13 2007 "C:\WINDOWS\system\bak\hpsysdrv.DAT"
52736 May 7 1998 "C:\WINDOWS\system\hpsysdrv.exe"
52736 May 7 1998 "C:\WINDOWS\system\bak\hpsysdrv.exe"
15360 Aug 4 2004 "C:\WINDOWS\system32\ctfmon.exe"
15360 Aug 4 2004 "C:\WINDOWS\system32\bak\ctfmon.exe"
126976 Nov 2 2004 "C:\WINDOWS\system32\hkcmd.exe"
126976 Nov 2 2004 "C:\hp\drivers\video_Intel\hkcmd.exe"
126976 Nov 2 2004 "C:\WINDOWS\system32\bak\hkcmd.exe"
126976 Nov 2 2004 "C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\hkcmd.exe"
348160 Nov 22 2002 "C:\WINDOWS\system32\hphmon04.exe"
348160 Nov 22 2002 "C:\WINDOWS\system32\bak\hphmon04.exe"
659456 Jun 7 2004 "C:\WINDOWS\system32\hphmon06.exe"
659456 Jun 7 2004 "C:\WINDOWS\system32\bak\hphmon06.exe"
90112 Oct 25 2004 "C:\WINDOWS\system32\ps2.exe"
90112 Oct 25 2004 "C:\hp\drivers\keyboard\PS2.EXE"
90112 Oct 25 2004 "C:\WINDOWS\system32\bak\ps2.exe"
253952 Oct 14 2004 "C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe"
253952 Oct 14 2004 "C:\hp\drivers\hplsbwatcher\bak\lsburnwatcher.exe"
148720 Sep 1 2007 "C:\Program Files\eBay\eBay Toolbar2\eBayTBCareApp.exe"
550128 Sep 4 2007 "C:\Program Files\eBay\eBay Toolbar2\bak\eBayTBDaemon.exe"
52272 Jan 27 2007 "C:\Program Files\Google\googletoolbar5user.exe"
458820 Nov 17 2005 "C:\Program Files\Google\Google Earth\GoogleEarth.exe"
68856 Jun 16 2007 "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
743016 Apr 15 2005 "C:\Program Files\Google\Google Desktop Search\GoogleDesktopSearchSetup.exe"
138168 Jan 27 2007 "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
68856 Jun 16 2007 "C:\Program Files\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe"
1838592 Aug 11 2007 "C:\Program Files\Google\Google Desktop Search\bak\GoogleDesktop.exe"
1838592 Aug 9 2007 "C:\Program Files\Google\Google Desktop Search\gcdtmp1\GoogleDesktopSetupHelper.exe"
1838592 Aug 10 2007 "C:\Program Files\Google\Google Desktop Search\gcdtmp2\GoogleDesktopSetupHelper.exe"
1838592 Aug 11 2007 "C:\Program Files\Google\Google Desktop Search\gcdtmp3\GoogleDesktopSetupHelper.exe"
52272 Jan 27 2007 "C:\Program Files\Google\googletoolbar5user.exe"
458820 Nov 17 2005 "C:\Program Files\Google\Google Earth\GoogleEarth.exe"
68856 Jun 16 2007 "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
743016 Apr 15 2005 "C:\Program Files\Google\Google Desktop Search\GoogleDesktopSearchSetup.exe"
138168 Jan 27 2007 "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
68856 Jun 16 2007 "C:\Program Files\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe"
1838592 Aug 11 2007 "C:\Program Files\Google\Google Desktop Search\bak\GoogleDesktop.exe"
1838592 Aug 9 2007 "C:\Program Files\Google\Google Desktop Search\gcdtmp1\GoogleDesktopSetupHelper.exe"
1838592 Aug 10 2007 "C:\Program Files\Google\Google Desktop Search\gcdtmp2\GoogleDesktopSetupHelper.exe"
1838592 Aug 11 2007 "C:\Program Files\Google\Google Desktop Search\gcdtmp3\GoogleDesktopSetupHelper.exe"
421888 Sep 16 2007 "C:\Program Files\GRISOFT\AVG7\avgcc.exe"
421888 Sep 16 2007 "C:\Program Files\GRISOFT\AVG7\bak\avgcc.exe"
69632 Apr 17 2002 "C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe"
69632 Apr 17 2002 "C:\Program Files\HP\HP Share-to-Web\bak\hpgs2wnd.exe"
49152 Jun 7 2004 "C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe"
49152 Jun 7 2004 "C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\bak\hphupd06.exe"
90112 May 20 2002 "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
90112 May 20 2002 "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\bak\mm_tray.exe"
49152 Jun 3 2002 "C:\Program Files\ScanSoft\OmniPageSE\opware32.exe"
49152 Jun 3 2002 "C:\Program Files\ScanSoft\OmniPageSE\bak\opware32.exe"
897089 Dec 5 2005 "C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe"
897089 Dec 5 2005 "C:\Program Files\Trend Micro\Internet Security 2006\bak\pccguide.exe"
897089 Dec 5 2005 "C:\Program Files\Trend Micro\PCC2006US_1410_1023\Setup\Module\pccguide.exe"
897089 Mar 8 2006 "C:\Program Files\Trend Micro\PCC2006US_1410_1041\Setup\Module\pccguide.exe"
180269 Jan 11 2002 "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"
180269 Jan 11 2002 "C:\Program Files\Common Files\Real\Update_OB\bak\realsched.exe"
83608 Mar 14 2007 "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
83608 Mar 14 2007 "C:\Program Files\Java\jre1.6.0_01\bin\bak\jusched.exe"
188416 Nov 22 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe"
188416 Nov 22 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\3\bak\hpztsb07.exe"


end of report
Reputation Points: 10
Solved Threads: 0
Newbie Poster
rabbott is offline Offline
20 posts
since Nov 2007
Permalink
Nov 20th, 2007
0

Re: Slow IE7 startup HJT log included

Rabbott, I am sorry, that was unbelievably slack of me. I think it's time I took a break from this stuff.... but let's finish this first. Okay, option 3 again, but with this corrected text:
= FindAWF, option 3: start the program again, select to remove bak folders, into the text file that opens paste all the text between the lines:
_____________________________________________________________
C:\hp\KBD\bak
C:\Program Files\iTunes\bak
C:\Program Files\Microsoft ActiveSync\bak
C:\Program Files\Picasa2\bak
C:\Program Files\QuickTime\bak
C:\WINDOWS\SMINST\bak
C:\WINDOWS\system\bak
C:\WINDOWS\system32\bak
C:\hp\drivers\hplsbwatcher\bak
C:\Program Files\eBay\eBay Toolbar2\bak
C:\Program Files\Google\GoogleToolbarNotifier\bak
C:\Program Files\Google\Google Desktop Search\bak
C:\Program Files\GRISOFT\AVG7\bak
C:\Program Files\HP\HP Share-to-Web\bak
C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\bak
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\bak
C:\Program Files\ScanSoft\OmniPageSE\bak
C:\Program Files\Trend Micro\Internet Security 2006\bak
C:\Program Files\Common Files\Real\Update_OB\bak
C:\Program Files\Java\jre1.6.0_01\bin\bak
C:\WINDOWS\system32\spool\drivers\w32x86\3\bak
_____________________________________________________________

-close the text file and click Yes. Please post the contents of the notepad that opens.
Then, if and only if these two sections of the report are empty...:

bak folders found
~~~~~~~~~~~
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

...go ahead and run option 4 next -this will reset your restricted and trusted sites in IE, tools, internet options, security. If you have added trusted sites you will have to re-enter them afterward [for an extra level of security I keep the https box checked here]. That is up to your judgement.
-this removes your domains, so if you have the following programs:
SpywareBlaster protection must be re-enabled.
Spybot Immunize must be set again.
IE-SpyAd must be re-installed.
[I work this from notepad, juggling entries and comparing, editing.... I inserted the wrong section of edits... and didn't check. No harm was done, it was just a waste of your time]
Last edited by gerbil; Nov 20th, 2007 at 9:00 pm.
Reputation Points: 239
Solved Threads: 296
Industrious Poster
gerbil is offline Offline
4,169 posts
since May 2005
Permalink
Nov 28th, 2007
0

Re: Slow IE7 startup HJT log included

Gerbil,
I am finally back to working on this and thank you for your continued help. I ran option 3 of AWF and here is log. Looks like some bak files are still there.


Find AWF report by noahdfear ©2006
Version 1.40
Option 3 run successfully

The current date is: Wed 11/28/2007
The current time is: 15:08:59.66


bak folders found
~~~~~~~~~~~


Directory of C:\PROGRA~1\BEARSH~1\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\BLUBSTER\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\MSNMES~1\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\HPPHOT~1\HPHINS~1\UNIPATCH\BAK

0 File(s) 0 bytes


Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~



end of report
Reputation Points: 10
Solved Threads: 0
Newbie Poster
rabbott is offline Offline
20 posts
since Nov 2007
Permalink
Nov 28th, 2007
0

Re: Slow IE7 startup HJT log included

That's okay, rabbott, they are empty directories, so you can delete them manually .
C:\PROGRA~1\BEARSH~1\BAK
C:\PROGRA~1\BLUBSTER\BAK
C:\PROGRA~1\MSNMES~1\BAK
C:\PROGRA~1\HPPHOT~1\HPHINS~1\UNIPATCH\BAK
Then ...go ahead and run option 4 next -this will reset your restricted and trusted sites in IE, tools, internet options, security. If you have added trusted sites you will have to re-enter them afterward [for an extra level of security I keep the https box checked here]. That is up to your judgement.
Your domains are removed, so if you have the following programs:
SpywareBlaster protection must be re-enabled.
Spybot Immunize must be set again.
IE-SpyAd must be re-installed.

Post another hijackthis log afterwards...
Reputation Points: 239
Solved Threads: 296
Industrious Poster
gerbil is offline Offline
4,169 posts
since May 2005
Permalink
Nov 28th, 2007
0

Re: Slow IE7 startup HJT log included

I removed empty bak folders and ran option 4

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:27:19 PM, on 11/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\CDProxyServ.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [Blubster] C:\Program Files\Blubster\Blubster.exe SILENT
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin/module.main/favorites\ie_add_to.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab46479.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Monopoly%20Here%20and%20Now/Images/stg_drm.ocx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10...y.cab32846.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab32846.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://aolsvc.aol.com/onlinegames/tr...2.1.0.0.48.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1134789747609
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - https://mail2.neotechsolutions.com/Remote/msrdp.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.mpix.com/Customer/Uploadi...eUploader3.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/sof...iveXPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab47946.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Monopoly%20Here%20and%20Now/Images/armhelper.ocx
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10...y.cab41227.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://aolsvc.aol.com/onlinegames/di...h.1.0.0.72.cab
O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} (CheckersZPA Object) - http://zone.msn.com/bingame/zpagames...A.cab40641.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Plug and Play Device Manager ($sys$DRMServer) - Unknown owner - C:\WINDOWS\system32\$sys$filesystem\$sys$DRMServer.exe (file missing)
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: XCP CD Proxy (CD_Proxy) - Unknown owner - C:\WINDOWS\CDProxyServ.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O24 - Desktop Component 0: (no name) - http://www.studiolighting.net/wp-con...mages/logo.gif
O24 - Desktop Component 1: (no name) - http://www.photographyreview.com/cha...phy_review.gif
O24 - Desktop Component 10: (no name) - http://www.bytephoto.com/forums/them...n/ByteLogo.jpg
O24 - Desktop Component 11: (no name) - http://learnflash.com/templateimages/logo1.gif
O24 - Desktop Component 12: (no name) - https://www.mpix.com/Images/MpixLOGOinterior2.gif
O24 - Desktop Component 13: (no name) - http://www.betterphoto.com/images/_n...tter-Photo.gif
O24 - Desktop Component 2: (no name) - http://images.equestriancupid.com/eqc/bannbereq1.jpg
O24 - Desktop Component 3: (no name) - http://www.komando.com/images/k_layout_01.gif
O24 - Desktop Component 4: (no name) - http://lost-forum.com/images/lost-forum-black.gif
O24 - Desktop Component 5: (no name) - http://www.mpix.com/images/home/MPIX-HOME_10.gif
O24 - Desktop Component 6: (no name) - https://yourkgsaccount.oneok.com/ima...ader_ONEOK.gif
O24 - Desktop Component 7: (no name) - http://www.myphotopipe.com/images/he...iteOnly_01.jpg
O24 - Desktop Component 8: (no name) - https://secure.mcr.us.icoke.com/ssld...n/mcr_logo.gif
O24 - Desktop Component 9: (no name) - http://shootsmarter.com/images/logo.gif

--
End of file - 13570 bytes
Reputation Points: 10
Solved Threads: 0
Newbie Poster
rabbott is offline Offline
20 posts
since Nov 2007
Permalink
Nov 28th, 2007
0

Re: Slow IE7 startup HJT log included

As an update:
IE7 is running much better already. If there is no more spyware or such, I'm happy with it as is. If there is more to clean up, I'm ok with that also.
thanks
Reputation Points: 10
Solved Threads: 0
Newbie Poster
rabbott is offline Offline
20 posts
since Nov 2007
Permalink
Nov 29th, 2007
1

Re: Slow IE7 startup HJT log included

Looks okay to me, rabbott.
Personally, I would not have file sharing pgms as startup entries, rather I would start them on demand. As they are it means your connection capability can be eaten up by ppl uploading silently from you, and you may or may not appreciate that... if not, fix these two:
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [Blubster] C:\Program Files\Blubster\Blubster.exe SILENT
Do all those elements of your active desktop still work? Fix the ones that do not [O24 entries].
And that is all. Good luck out there.
Last edited by gerbil; Nov 29th, 2007 at 7:28 pm.
Reputation Points: 239
Solved Threads: 296
Industrious Poster
gerbil is offline Offline
4,169 posts
since May 2005
Permalink
Nov 29th, 2007
0

Re: Slow IE7 startup HJT log included

Gerbil,
thank you for the excellent help.
rabbott
Reputation Points: 10
Solved Threads: 0
Newbie Poster
rabbott is offline Offline
20 posts
since Nov 2007

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.
Message:
Previous Thread in Viruses, Spyware and other Nasties Forum Timeline: "my computer" does not load
Next Thread in Viruses, Spyware and other Nasties Forum Timeline: malware alarm





About Us | Contact Us | Advertise | Acceptable Use Policy
Forum Index | Build Custom RSS Feed


Follow us on Twitter


© 2011 DaniWeb® LLC