ITKnightMare
asked on
MSINFO32 --> Software Environment --> Startup Programs HUGE GIGANTIC BIG LIST ?!
Hi All:
I was just wondering.... On some of my systems, those that are what we call "problematic", I have recently been noticing that their startup list in msinfo32 is HUGE!
For some reason it includes .DEFAULT, and NTAUTHORITY/SYSTEM 's entries in there which bloat up the list like a baloon!
I google'd a bit and couldn't find anything relating to this. The only "fix" I know of, is to format! On a freshly, out-of-the-box configured system the list is short and sweet.
Does anyone know WHY that gets corrupted like that? Is there indeed a fix without formatting?
--ITKnightMare
I was just wondering.... On some of my systems, those that are what we call "problematic", I have recently been noticing that their startup list in msinfo32 is HUGE!
For some reason it includes .DEFAULT, and NTAUTHORITY/SYSTEM 's entries in there which bloat up the list like a baloon!
I google'd a bit and couldn't find anything relating to this. The only "fix" I know of, is to format! On a freshly, out-of-the-box configured system the list is short and sweet.
Does anyone know WHY that gets corrupted like that? Is there indeed a fix without formatting?
--ITKnightMare
ITKM,
From the Start - Run box, type in msconfig (enter).
Take a look at everything in your startup menu and maybe you can figure out what it going on.
Are you running AV, anti-spyware, FW, using a HOSTS file, etc.?
Vic
From the Start - Run box, type in msconfig (enter).
Take a look at everything in your startup menu and maybe you can figure out what it going on.
Are you running AV, anti-spyware, FW, using a HOSTS file, etc.?
Vic
Definitely sounds like viruses/trojans/spyware or other malware. Some free online virus scanners:
http://housecall.antivirus.com
http://www.pcpitstop.com/antivirus/default.asp
http://www.pandasoftware.com/activescan/com/activescan_principal.htm
Also try these free programs to rid your system of spyware, trojans, and other malware:
http://download.com.com/3000-2144-10194058.html?tag=lst-0-1
Spybot - Search & Destroy
http://download.com.com/3000-2094-10045910.html?legacy=cnet
LavaSoft Ad-aware
I use BOTH of the above programs on my 3 Windows systems; what one program misses, the other catches. Also make sure to download the most up-to-date data before you run the programs.
http://housecall.antivirus.com
http://www.pcpitstop.com/antivirus/default.asp
http://www.pandasoftware.com/activescan/com/activescan_principal.htm
Also try these free programs to rid your system of spyware, trojans, and other malware:
http://download.com.com/3000-2144-10194058.html?tag=lst-0-1
Spybot - Search & Destroy
http://download.com.com/3000-2094-10045910.html?legacy=cnet
LavaSoft Ad-aware
I use BOTH of the above programs on my 3 Windows systems; what one program misses, the other catches. Also make sure to download the most up-to-date data before you run the programs.
You might also try this free program (HijackThis) -- install it in its own folder, don't download to your Desktop:
http://www.spychecker.com/download/download_hijackthis.html
HijackThis is a tool that is for advanced users, because it lists all the installed browser add-on and startup items, allowing you to inspect them and then optionally remove any ones you select. You must be careful in choosing what to remove, although the program can create a backup of your original settings. But put a check mark to fix any home page or search page setting that HijackThis detects which you have not entered yourself. The program has an option to download online updates of the hijack data.
You should first post the log at this site:
http://www.hijackthis.de/index.php?langselect=english
and it will be automatically analyzed for you (after you click on the button labeled "Analyze" near the bottom of the page), telling you which entries (called "Nasty") should be fixed. You will also be told if you have any items that are "Possibly Nasty", or "Unnecessary", or "Unknown". If you don't know what to do about these, you might find something on the module name by doing a Google search of the internet.
If you have any questions about what it is asking you to fix that you would like the E-E experts to comment on, then do this: scroll down where you will see a Save Analysis button, hit it and it will save your Log Analysis (for a period of three days), then copy the link of that page and paste it here, and experts can check it for you. (Please DON'T post the entire log itself in your question.)
In case you would like to learn more yourself how to use HijackThis, here are a couple of urls:
http://www.tomcoyote.org/hjt/
HijackThis Quick Start
http://www.spywareinfo.com/~merijn/htlogtutorial.html
HijackThis log tutorial
http://www.spychecker.com/download/download_hijackthis.html
HijackThis is a tool that is for advanced users, because it lists all the installed browser add-on and startup items, allowing you to inspect them and then optionally remove any ones you select. You must be careful in choosing what to remove, although the program can create a backup of your original settings. But put a check mark to fix any home page or search page setting that HijackThis detects which you have not entered yourself. The program has an option to download online updates of the hijack data.
You should first post the log at this site:
http://www.hijackthis.de/index.php?langselect=english
and it will be automatically analyzed for you (after you click on the button labeled "Analyze" near the bottom of the page), telling you which entries (called "Nasty") should be fixed. You will also be told if you have any items that are "Possibly Nasty", or "Unnecessary", or "Unknown". If you don't know what to do about these, you might find something on the module name by doing a Google search of the internet.
If you have any questions about what it is asking you to fix that you would like the E-E experts to comment on, then do this: scroll down where you will see a Save Analysis button, hit it and it will save your Log Analysis (for a period of three days), then copy the link of that page and paste it here, and experts can check it for you. (Please DON'T post the entire log itself in your question.)
In case you would like to learn more yourself how to use HijackThis, here are a couple of urls:
http://www.tomcoyote.org/hjt/
HijackThis Quick Start
http://www.spywareinfo.com/~merijn/htlogtutorial.html
HijackThis log tutorial
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Besides disabling startup items through each program's options or uninstalling through Start > Control Panel > Add/Remove Programs, you can use autoruns to disable/delete startup items:
http://www.sysinternals.com/Utilities/Autoruns.html Sysinternals Freeware - Autoruns
More tips at
https://www.experts-exchange.com/questions/21885511/My-programs-that-load-on-XP-startup-are-out-of-control.html Windows XP: My programs that load on XP startup are out of control!
http://www.sysinternals.com/Utilities/Autoruns.html Sysinternals Freeware - Autoruns
More tips at
https://www.experts-exchange.com/questions/21885511/My-programs-that-load-on-XP-startup-are-out-of-control.html Windows XP: My programs that load on XP startup are out of control!
Hey
Download a free program called Start up Inspector for windows,it tells you exactly which programs start up with your pc..It also Has a database of known viruses e.t.c
http://www.windowsstartup.com/
Good Luck!!
Download a free program called Start up Inspector for windows,it tells you exactly which programs start up with your pc..It also Has a database of known viruses e.t.c
http://www.windowsstartup.com/
Good Luck!!
It's certainly a virus. see threat
http://securityresponse.symantec.com/security_response/writeup.jsp?docid=2004-031508-5302-99&tabid=2
http://securityresponse.symantec.com/security_response/writeup.jsp?docid=2003-071717-0325-99&tabid=2
There you will find ways to get rid of.
My usual solution :
1. Boot to safe mode
2.run msconfig ->startup tab ->uncheck all
3.Find all msinfo32.exe, properties each. If it has Version tab indicates Microsoft, then this is probably ok. if doesn't, delete it.
4. in msconfig windows, tab General, select Diagnostic Startup.ok->reboot normally.
5.use antivirus to scan the computer.
http://securityresponse.symantec.com/security_response/writeup.jsp?docid=2004-031508-5302-99&tabid=2
http://securityresponse.symantec.com/security_response/writeup.jsp?docid=2003-071717-0325-99&tabid=2
There you will find ways to get rid of.
My usual solution :
1. Boot to safe mode
2.run msconfig ->startup tab ->uncheck all
3.Find all msinfo32.exe, properties each. If it has Version tab indicates Microsoft, then this is probably ok. if doesn't, delete it.
4. in msconfig windows, tab General, select Diagnostic Startup.ok->reboot normally.
5.use antivirus to scan the computer.
ASKER
Hey guys,
OK... I guess first of all I should thank all of you for the diligent help you are trying to offer. Unfortuantely it is the wrong info... Why?
When I tried checking the msinfo32 on a fresh windows xp sp2 install... Which on top of that had these installed:
ZoneAlarm
Symantec Antivirus Corporate Edition
Spyware Blaster Corporate
Windows Defender
Spysweeper Corporate
It still was the same way. I am also equally sure that all of you will agree that the protection above is more than adequate and there is no way in "heck" that spyware is the cause of it...
That said, I am still confused as to why this bloating is occuring. I mean, it doesn't make sense.
Any more help?
--ITKM
OK... I guess first of all I should thank all of you for the diligent help you are trying to offer. Unfortuantely it is the wrong info... Why?
When I tried checking the msinfo32 on a fresh windows xp sp2 install... Which on top of that had these installed:
ZoneAlarm
Symantec Antivirus Corporate Edition
Spyware Blaster Corporate
Windows Defender
Spysweeper Corporate
It still was the same way. I am also equally sure that all of you will agree that the protection above is more than adequate and there is no way in "heck" that spyware is the cause of it...
That said, I am still confused as to why this bloating is occuring. I mean, it doesn't make sense.
Any more help?
--ITKM
ITKM,
I have learned the hard way to 'never say never'.
If you do the Hijack This work that LeeTutor suggested, a whole bunch of folks will eyeball your logs and we may be able to come with a solution.
Good Luck,
Vic
I have learned the hard way to 'never say never'.
If you do the Hijack This work that LeeTutor suggested, a whole bunch of folks will eyeball your logs and we may be able to come with a solution.
Good Luck,
Vic
ASKER
*sigh*
Surrree....
Logfile of HijackThis v1.99.1
Scan saved at 12:20:40 PM, on 7/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.e xe
C:\WINDOWS\system32\winlog on.exe
C:\WINDOWS\system32\servic es.exe
C:\WINDOWS\system32\lsass. exe
C:\WINDOWS\system32\Ati2ev xx.exe
C:\WINDOWS\system32\svchos t.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchos t.exe
C:\Program Files\Ahead\InCD\InCDsrv.e xe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spools v.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\SYMANT~1\VPTra y.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon .exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapim gr.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EX E
C:\PROGRAM FILES\PROCESSEXPLORER\PROC EXP.EXE
C:\WINDOWS\system32\IFXSPM GT.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe
C:\Documents and Settings\amemisya\Desktop\ HijackThis .exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-7 84B7D6BE0B 3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.d ll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D 4DAF1D92D4 3} - C:\Program Files\Java\jre1.5.0_06\bin \ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-C F10577473F 7} - c:\program files\google\googletoolbar 1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0 445EE16191 0} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien t.dll
O2 - BHO: SpoofStick BHO - {CBA74CDA-DF78-4AD9-954E-3 B15D0A993D E} - C:\Program Files\CoreStreet\SpoofStic k\SpoofSti ckBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-0 09027A5CD4 F} - c:\program files\google\googletoolbar 1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0 819E2EAAC9 3} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien t.dll
O3 - Toolbar: SpoofStick - {4D46ED77-1429-4CF6-8F63-C 84B5D710BA F} - C:\Program Files\CoreStreet\SpoofStic k\SpoofSti ck.dll
O4 - HKLM\..\Run: [IfxSecurePlatformIndicati on] C:\Program Files\Broadcom\Security Platform Software\SpTNA.exe
O4 - HKLM\..\Run: [PSDruntime] C:\Program Files\Broadcom\Security Platform Software\PSDrt.EXE
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTra y.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCh eck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon .exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien t.dll/Acro IECapture. html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien t.dll/Acro IEAppend.h tml
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien t.dll/Acro IECaptureS elLinks.ht ml
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien t.dll/Acro IEAppendSe lLinks.htm l
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien t.dll/Acro IECapture. html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien t.dll/Acro IEAppend.h tml
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien t.dll/Acro IECapture. html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien t.dll/Acro IEAppend.h tml
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-0 0401C60850 1} - C:\Program Files\Java\jre1.5.0_06\bin \ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-0 0401C60850 1} - C:\Program Files\Java\jre1.5.0_06\bin \ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-0 0C04FAE2D4 F} - C:\PROGRA~1\MI3AA1~1\INetR epl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-0 0C04FAE2D4 F} - C:\PROGRA~1\MI3AA1~1\INetR epl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-0 0C04FAE2D4 F} - C:\PROGRA~1\MI3AA1~1\INetR epl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3 C9C571A826 3} - C:\PROGRA~1\MICROS~2\OFFIC E11\REFIEB AR.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8 E305202313 F} - "C:\PROGRA~1\MSNMES~1\msgr app.dll" (file missing)
O20 - Winlogon Notify: IfxWlxEN - C:\WINDOWS\SYSTEM32\IfxWlx EN.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLog on.dll
O20 - Winlogon Notify: PSDNtfy - C:\Program Files\Broadcom\Security Platform Software\PSDNtfy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLog on.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2ev xx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver \11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPM GT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS .exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.e xe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEU P~1\LUCOMS ~1.EXE
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD3 1s.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveServic e) - Broadcom - C:\Program Files\Broadcom\Security Platform Software\PSDsrvc.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpc apd.exe" -d -f "%ProgramFiles%\WinPcap\rp capd.ini (file missing)
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_serv er.exe" /service (file missing)
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarOpen - SigmaTel, Inc. - (no file)
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrys vc.exe
Surrree....
Logfile of HijackThis v1.99.1
Scan saved at 12:20:40 PM, on 7/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\Ati2ev
C:\WINDOWS\system32\svchos
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchos
C:\Program Files\Ahead\InCD\InCDsrv.e
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spools
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\SYMANT~1\VPTra
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapim
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EX
C:\PROGRAM FILES\PROCESSEXPLORER\PROC
C:\WINDOWS\system32\IFXSPM
C:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe
C:\Documents and Settings\amemisya\Desktop\
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-C
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0
O2 - BHO: SpoofStick BHO - {CBA74CDA-DF78-4AD9-954E-3
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-0
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0
O3 - Toolbar: SpoofStick - {4D46ED77-1429-4CF6-8F63-C
O4 - HKLM\..\Run: [IfxSecurePlatformIndicati
O4 - HKLM\..\Run: [PSDruntime] C:\Program Files\Broadcom\Security Platform Software\PSDrt.EXE
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTra
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCh
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClien
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-0
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-0
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-0
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8
O20 - Winlogon Notify: IfxWlxEN - C:\WINDOWS\SYSTEM32\IfxWlx
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLog
O20 - Winlogon Notify: PSDNtfy - C:\Program Files\Broadcom\Security Platform Software\PSDNtfy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLog
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2ev
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPM
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.e
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEU
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD3
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveServic
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpc
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_serv
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarOpen - SigmaTel, Inc. - (no file)
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrys
ASKER
And... hijackthis.de analysis showed ALL entries to be safe except my TPM stuff (broadcom security chip) which is normal, since this laptop was just made and TPM isn't that popular yet with people...
So... Unless you guys have a better idea I'm gonna chuck this as a "meh... screw it" and leave it be.
--ITKM
So... Unless you guys have a better idea I'm gonna chuck this as a "meh... screw it" and leave it be.
--ITKM
Use msconfig to see which program + services is running at boottime. (tab Services and Startup )
Looks like your computer is running a lot startup services/programs. Try to uncheck the unneed ones to free system resources and avoid software conflicts. My computer has 5 startup programs.
Looks like your computer is running a lot startup services/programs. Try to uncheck the unneed ones to free system resources and avoid software conflicts. My computer has 5 startup programs.
Did you take a look at my previous tips?
You don't need to re-install. Just disable/uninstall programs & services....
And is it wise to have so many antivirus/antispy apps active? Slows things down. Better to have only one antivirus and only one antispy active. (I actually don't keep ANY active lol for efficiency sake, but I'm the sole user of the computer & play it safe. I instead do a custom scan whenever needed.)
You don't need to re-install. Just disable/uninstall programs & services....
And is it wise to have so many antivirus/antispy apps active? Slows things down. Better to have only one antivirus and only one antispy active. (I actually don't keep ANY active lol for efficiency sake, but I'm the sole user of the computer & play it safe. I instead do a custom scan whenever needed.)
ASKER
Guys...
*sigh*
OK... For the last time! ACTUALLY, there are only 5~10 programs or so running at startup time!
It's MSINFO32 that shows a huuuuuuge bloated up list... Hence my reason for saying, "MSINFO32 is corrupted" hence my reason for saying, "I observe this usually on 'about to die' machines"
All I wanted to know was, does anyone have an explanation for it? that's it!
@callrs: Friend, I appreciate your tips, but they are not really related to what I am asking for. Please see above comments. thank you.
*sigh*
OK... For the last time! ACTUALLY, there are only 5~10 programs or so running at startup time!
It's MSINFO32 that shows a huuuuuuge bloated up list... Hence my reason for saying, "MSINFO32 is corrupted" hence my reason for saying, "I observe this usually on 'about to die' machines"
All I wanted to know was, does anyone have an explanation for it? that's it!
@callrs: Friend, I appreciate your tips, but they are not really related to what I am asking for. Please see above comments. thank you.
http://windowsxp.mvps.org/msinfofix.htm System Information tool (MSINFO32) displays the list of all the system files when you click the "Startup Programs" section ?
https://www.experts-exchange.com/questions/21897683/Absurd-amount-of-Startup-Programs-listed-in-MSInfo32.html Windows XP: Absurd amount of Startup Programs listed in MSInfo32
https://www.experts-exchange.com/questions/21897683/Absurd-amount-of-Startup-Programs-listed-in-MSInfo32.html Windows XP: Absurd amount of Startup Programs listed in MSInfo32
callrs, sramesh2k already posted your first link, and that website is his...
Sorry. Ended up going in circles without re-reading the whole post. :-p
Please delete or ignore my last comment. Thanks.
Please delete or ignore my last comment. Thanks.
ASKER
I'm an idiot... If it wasn't for callrs, I would have totally missed the post sramesh2k made!
@sramesh: THAT WAS IT DUDE :)
thx guys!
--Russ
@sramesh: THAT WAS IT DUDE :)
thx guys!
--Russ
>> If it wasn't for callrs
https://www.experts-exchange.com/help.jsp#hi19 Can I split the points?
Proper way to show gratitude is to award some credit
: )
https://www.experts-exchange.com/help.jsp#hi19 Can I split the points?
Proper way to show gratitude is to award some credit
: )
Is there something more specific (signs and symptoms) about your problematic PC's that we can drill down on?