Slow bootup in XP

Discussion in 'adware, spyware & hijack cleaning' started by Adde, Jul 10, 2004.

Thread Status:
Not open for further replies.
  1. Adde

    Adde Registered Member

    Jul 6, 2004

    The bootup on my P4, 1600mhz, 256mb RAM, OS: XP Pro is slow. What happens is that everything runs pretty fast until I actually get past the "welcome" sign and onto the desktop. I will have to wait approxiamately 1,5-2 min before I am able to do anything. After waiting approx 2 min the computer checks the floppy drive and msn messenger and Norton AV loads up. But before that happens I am not able to do anything.

    I have run several online AV scans and used Ad-aware 6, Spybot and the free version of TDS-3. As far as these tools go, my system is clean.

    See hijack log below:

    Logfile of HijackThis v1.98.0
    Scan saved at 17:27:25, on 2004-07-10
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\Program Files\D-Tools\daemon.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Soft4Ever\looknstop\looknstop.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Andreas\Desktop\Blandat\HiJack This\hijack2\hijack 1.98\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    O1 - Hosts:
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
    O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O12 - Plugin for .sgn: C:\Program Files\Internet Explorer\PLUGINS\npSign.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) -
    O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) -
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
    O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) -
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
    O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) -
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
    O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) -
    O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) -
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) -
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9ECECD89-7965-4406-8D65-0C79A2BCFC3C}: NameServer =,

    As for the startup log I have found this:

    Windows NT 'Wininit.ini':
    PendingFileRenameOperations: C:\DOCUME~1\Andreas\LOCALS~1\Temp\_iu14D2N.tmp

    I have read somewhere that this might be some leftovers from ZoneAlarm or other programs using WISE installer?

    Any suggestions are appreciated!

  2. IMM

    IMM Spyware Fighter

    May 6, 2004
    Can you account for the boot delay as a scan from TDS-3 ?
    I haven't used it in a while - but that used to be one of the options in it
  3. Adde

    Adde Registered Member

    Jul 6, 2004

    I am not using the option to scan before bootup in TDS-3. Another thing I noticed was that if I unplug my network cable and reboot there arent any delays with msn nor Norton. The bootup is fairly fast when Im not connected to the Internet.

    Are there any programs I can run to check/modify bootup, except for HijackThis? I would ofcourse need guidance to modify anything at all ;)

Thread Status:
Not open for further replies.