background: have already scanned with ad-aware, spybot, AVG and HJT
As titled:
I was over at NBR forums asking about my laggy start up time (it sometimes takes more than a min to have things loaded AFTER logging into windows before I can do anything (eg. open my computer, open FF, whatever)). I first thought that it was advast that was causing the problem, simply cuz on my taskbar i see the advast icon being stuck with the 'stop sign' for a long time without anythign else loading, and after a while msn finally loads (typically the last thing that loads for some reason) and i can finally open stuff.
so i uninstalled avast, but same problem. it just got stuck at a certain point for a very long time before msn would load and therefore before i can do anything. so at one point i have simply brought out the task manager the second i get logged into windows, then i can see that 19 or so processes first get loaded (there should be around 47 processes loading after complete startup), freezes for 10-20 secs, jumps up to 25 or sth, freezes for another 10-20 secs, jumpts up to 35, freezes for yet another 10-20 secs, then the rest finally starts running and msn immediately pops up and i can then start doing whatever.
oh and off track a little, i've been having nightmares with AdobeR.exe for quite a while, which has infacted all my external hard drives (including mp3 player, external hard drive, memory cards for camera etc) and could never get rid of it totally. am also hoping that someone can help me with this.
anyways, so i asked for help at NBR forums, got pointed here, so followed everything in the FAQ. then when i got to the part where i need to scan with AVG, it failed to start in safe mode the first time i tried, had to do hard reset and start safe mode with internet connection instead and still took a VERY LONG time to start.
then another problem i had was when i first ran HJT, i got this error twice (sorry i forgot wot i said as i was in a real hurry) before it would scan. subsequent scans didn't provide me with the same error though... i wonder what was wrong...
therefore i am hoping that someone here can help me get rid of that stupid adober and get my laptop running up nice and smoothly again
as per the instructions in the FAQ, the following are my logs for the Ewido anti-spyware (AVG) scan and the HTG scan.
here's my AVG log:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 7:12:13 PM 10/29/2006
+ Scan result:
:mozilla.184:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.22:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.23:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.24:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.25:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.28:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.29:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.30:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.70:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.72:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\T\Cookies\t@cnetasiapacific.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\T\Cookies\t@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\T\Cookies\t@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\T\Cookies\t@snapfish.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.40:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.41:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.42:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\T\Cookies\t@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.60:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\T\Cookies\t@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\T\Cookies\t@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.73:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\T\Cookies\t@abcnews.com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\T\Cookies\t@com[1].txt -> TrackingCookie.Com : Cleaned.
:mozilla.84:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\T\Cookies\t@e-2dj6wgkiagdzmdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\T\Cookies\t@e-2dj6wjlowlcjshp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\T\Cookies\t@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.19:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.112:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.113:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.281:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.282:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.283:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.284:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.121:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.135:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.136:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.150:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.151:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.325:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Documents and Settings\T\Cookies\t@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Documents and Settings\T\Cookies\t@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.43:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.44:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.45:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.46:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.199:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.200:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.221:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.222:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.223:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.224:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.225:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.230:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.232:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.233:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.237:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.238:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\T\Cookies\t@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.243:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.246:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.273:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.274:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.275:C:\Documents and Settings\T\Application Data\Mozilla\Firefox\Profiles\2bjbtkt4.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\T\Local Settings\Temp\Cookies\t@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
::Report end
and here's my HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 7:31:10 PM, on 10/29/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\stacsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\DOCUME~1\T\LOCALS~1\Temp\clclean.0001
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\sol.exe
C:\Documents and Settings\T\Desktop\Maintenance\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gmail.google.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.ap.dell.com/content/default.as...;l=en&s=gen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6977A65-DA29-448B-8C4D-CDA95122670D}: NameServer = 205.252.144.126 218.102.62.71
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\stacsv.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
looking forward to your help! thanks VERY VERY much in advance!!!