Browsers slow after reboot

By learninmypc
Jul 30, 2012
Post New Reply
  1. I got this pc about 4 years ago from a good friend whom I trust. I believe it had avast on it then, but I don't remember.
    Long story short, even with 512 mb of ram,I was still able to click on one my browser icons & it would launch within seconds.
    Then I started having problems with Avast
    & got rid of it & went to MSE. Eventually I got rid of it & am currently using Comodo AV & Firewall. Now after I reboot, it takes at least a minute or more to be able to browse & browsing is very sluggish at first but speeds back up as I surf.
    Yet, if I reboot & come back 10 to 15 minutes later, no problem browsing is great.
    I'm on DSL. Any help appreciated.:)
  2. jobeard

    jobeard TS Ambassador Posts: 13,013   +220

    we always need the system/edition you are using ( xp{home/pro}, vista/x, win/7/x} 32 vs 64bit and the browser/version you are reporting - - - -
  3. learninmypc

    learninmypc TechSpot Guru Topic Starter Posts: 4,554   +184

    Yes, sorry. Its XP Pro MCE 32 bit. Firefox,SeaMonkey & Opera all latest versions
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    512MB of RAM is minimum to run Windows XP decently.

    Since you notice you are slow to load, but not surf, it sounds like you have too many processes on the Startup Menu:
    • Click on Start> Run> type in msconfig> enter>
      [​IMG]
    • Click on Selective Startup
    • Choose the Startup tab:
      [​IMG]
      All images courtesy NetSquirrel
    • To expand the Command Column, (this shows what the process 'belongs' to) hold left mouse button down on the dividing line on frame above Location and move to the right to expand.
    ----------------------------------------------------
    How many boxes are checked? The only processes that need to start on boot are:
    1. Antivirus
    2. Firewall- since you have a 3rd party FW
    3. Touchpad process if using a laptop
    4. Network Process(s) is using Cisco/Pure Network
    Nothing else

    If you find excess processes checked>>
    • Uncheck any processes you do not need to start on boot.
    • Click on Apply> OK when finished.
    NOTE:
    When you reboot the system the first time after making changes using the msconfig utility, a nag message comes up that can be ignored and closed after checking 'don't show this message again.' Remain in Selective Startup to retain those changes.
    ====================================
    jobeard will likely have some other suggestions for you.
  5. learninmypc

    learninmypc TechSpot Guru Topic Starter Posts: 4,554   +184

    Ok, here is what it shows
    [​IMG]
    [​IMG]
  6. circusboy01

    circusboy01 TechSpot Enthusiast Posts: 795   +8

    I was thinking that you maybe had too many things in your start up menu.Then I noticed Bobeye's reply. which is, basically, the same thing.Difference is. I would suggest you go to Winpatrol to see what you have in start up,
    You can also use Winpatrol to remove things from start up.
  7. learninmypc

    learninmypc TechSpot Guru Topic Starter Posts: 4,554   +184

    I have had mikelins start up in Control panel for quite some time.
    I had to run some errands but will check out what other processess I can shut off.
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Good grief! It's a wonder the system ever finishing loading!

    Based on what I see checked on the Startup Menu, only the following needs to be checked:
    1. cfp.exe: > System Tray access to and notifications for the range of internet security products from Comodo - including Internet Security, Antivirus and Firewall

    The following Comodo processes are optional and do NOT need to start on boot:
    CLPSLA.exe Part of Comodo Group's Cloud Scanner online malware service and their GeekBuddy remote support tool - which is available as a separate product and is installed (but not licensed) with their free and retail security products such as Internet Security, Antivirus and Firewall

    VALA.exe Part of Comodo Group's Cloud Scanner online malware service and their GeekBuddy remote support tool - which is available as a separate product and is installed (but not licensed) with their free and retail security products such as Internet Security, Antivirus and Firewall

    2. IF you are using the features of a multimedia keyboard, the following need to start. IF you do not know what I'm referring to or if you do not use the features, these can be unchecked:
    ps2 > Multimedia Keyboard companion on HP computers. If this is prevented from starting, then some keyboard functionality will be lost
    KBD> Multimedia keyboard manager. Required if you use the multimedia keys

    3. NvCpl.dll,NvStartup: IF you use a utility (such as RivaTuner) to overclock any of the default display settings (system clock, memory clock, etc) for NVIDIA based graphics chipsets and want to apply these new settings at startup then this entry will maintain these. Leaving this entry enabled doesn't appear to have an impact on startup time. Not required if you use default settings and if you disable this entry you may also have to disable the associated "NVIDIA Display Driver Service" or "NVIDIA Driver Helper Service". Included with drivers since late 2002.

    4. AGRSMMSG> Installed with the drivers for internal software modems based upon Lucent/Agere Systems chipsets - required if you use the SoftModem Assistant to configure the modem
    File Location: C:\Windows\AGRSMMSG.exe<< verify location
    ----------------------------------------
    #2, 3 & 4 above can be unchecked if they do not meet the exceptions.
    --------------------------------------
    The following can ALL be unchecked.
    5. processgovernor > "Automatically optimize your processes, cores, and power consumption. " Isn't working for you.
    Program disable option: Options → General Process Lasso settings → Reconfigure the way Process Lasso starts ... → Core Engine Startup → select "Do not automatically start the core engine"

    6. ehtray> tray bar process for the Microsoft Media Center. It gives you easy access to the digital media manager. This is a non-essential process. Disabling or enabling it is down to user preference.

    7. ctfmon - Alternative User Input Text Input Processor, this is part of the language bar . You may not need this at all. See THIS.

    8. jusched> process to auto-update Java. Allow if you want- updates are now overwriting the previous version. But if older versions are on system, they need to be manually removed. See Java Updates
    Be sure to check all download screens for any pre-check toolbars or BHO> if found, remove the check before the download..
    ===============================
    Exception: HP Bloat:
    hpsysdrv.exe:> This item keeps track of how many times the system has been recovered and the times of the first and last recoveries done on the system.
    (Leaving unchecked will sometimes prevent the Keyboard Manager program from detecting that the computer is an HP. Since this program/driver was only made to run on HP, if it can't tell that it is an HP it will not run. If unchecked, it can prevent the running of the Application Recovery CDs, the use of the multimedia keys, and the HP Instant Support. Also seen that without it running, the Riptide Sound card that was installed on some older HP computers stops working)
    I would uncheck it. If any of the eventualities come up in the exceptions, you can restart it.
    recguard.exe On HP computers, Recguard prevents the deletion or corruption of the WinXP Recovery Partition. Without it enabled, it is possible to knock that completely out and force the customer to send the PC back to HP for a re-image, possibly at the customer's expense
    This is either started from the registry or a Service.
    =============================================
    Any other entries you're unsure of can be identified using pacs-portal.
    =============================================
    If you will run HijackThis for me, I can help you find some of the entries to stop. Be sure to set up the Directory first as it will keep a backup of the processes:

    First, set up a Directory for HijackThis as follows:
    Right click Start> Explore> My Computer> Local Drive (C)> File> New> Folder> Name folder HijackThis
    Exit Explorer
    You now have a folder C:\HijackThis
    ----------------------------------
    Download HijackThis and save to your desktop.
    • Click on the HJT icon> 'Extract all files'> Extraction Wizard> Click on Browse to right of dialogue box that says 'Select a folder'
    • Extract it to the directory on your hard drive you created C:\HijackThis.
    • Then navigate to that directory and double-click on the hijackthis.exe file.
    • When started click on the Scan button and then the Save Log button to create a log of your information.
    • The log file and then the log will open in notepad. Be sure to click on Format> Uncheck Word Wrap when you open Notepad
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Come back here to this thread and paste (Ctrl+V) the log in your next reply.
    NOTE: Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.
  9. learninmypc

    learninmypc TechSpot Guru Topic Starter Posts: 4,554   +184

    Hopefully this is correct.
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:35:35 AM, on 7/31/2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\windows\system\hpsysdrv.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Secunia\PSI\sua.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\SeaMonkey\seamonkey.exe
    C:\Program Files\SeaMonkey\plugin-container.exe
    C:\Documents and Settings\HP_Administrator.SEATTLE\Desktop\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.kirotv.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: (no name) - {E1FF080D-12A3-439A-A2EF-4BA95A3148E8} - (no file)
    O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll
    O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
    O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
    O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
    O4 - HKLM\..\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 - Extra context menu item: Show RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O9 - Extra 'Tools' menuitem: Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1251314773281
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
    O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab
    O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll
    O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
    O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe

    --
    End of file - 10341 bytes
  10. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Before I finish the removal checks for HijackThis, please tell me:

    1. Is SeaMonkey your primary browser? Is there a Google Toolbar available for it and the version you have?
    2. Do you realize that you have all of these online virus scan addons?
    Is there some reason why you keep so many? Can we remove some of them- they are all free, all available to use when you want to run a scan-if you need one.
    3. Please review the processes I left in my Reply #8 with their descriptions. Then list each, according to if you use the following with either a Yes (meaning you use it or need it) or No (meaning you don't use the feature- for example if you don't use the multimedia features on the keyboard, then ps2 and KBD would both be No
    Once you answer, I'll put it all together for the processes to uncheck and any followup needed.
  11. learninmypc

    learninmypc TechSpot Guru Topic Starter Posts: 4,554   +184

    Yes, SeaMonkey is my default browser & it has a built in search bar that you see here
    [​IMG]

    I only use eset online scanner about once a month. The others can be removed.
    I still have have the following processes checked;
    KBD
    RecGuard
    AGRSMMSG
    ps2
    NvCpl
    APSDaemon
    clpsla
    VALA
    jusched
    cfp
    ctmon

    Not sure which ones can be UN checked, I hope you can help with that, thank you.
  12. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Okay, but you didn't read my questions and instructions:

    There are 3 entries to update the Google Toolbar. The image you left is of the Sea Monkey Toolbar. While you may use Google to search, you don't have the "Google Toolbar."- so you don't need those processes.

    I know you still have those processes checked- I haven't told you which ones to uncheck. You are suppose to read my description of the processes and tell me if you use them.
    =============================================
    Since you did not set up the Directory for HijackThis, which was where the unzipped process would have been sent to, I'd like you to set a Restore Point before the removals below:

    Click on All Programs> Accessories> System Tools> System Restore
    Check Create a restore point for my computer> Next
    Type in the name for the restore point> "b4 HJT> Next
    Close when it's finished.
    ===============================
    Print out the directions below and follow them:

    Please reopen HijackThis to 'do system scan only.' Check each of the following if present: (Do Not click on Fix Checked until you have checked all of the processes listed.)

    C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
    O4 - HKLM\..\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

    Close all Windows except HijackThis and click on "Fix Checked."
    =======================================
    Open Internet Explorer> Tools> Manage Addons> Remove each of the following addons:
    PCPitStop.CAB
    AvSniff.cab
    cabsa.cab
    asquared.cab
    Click on Apply> OK when finished
    ======================================
    Click on Start> Run> type in services.msc> Enter
    Find each of the following Services and double click each to open
    Set the startup type as given
    1.AdobeFlashPlayerUpdateSvc> Set to Manual Startup
    2.COMODO livePCsupport Service (CLPSLS)> Set to Disabled, stop the Service
    3.gupdate (GoogleUpdateService)> Set to Disabled, stop the Service
    4.gupdatem (GoogleUpdateService)> Set to Disabled, stop the Service
    5.Java Quick Starter (jqs)> Set to Disabled, stop the Service
    6.MozillaMaintenance> Set to Manual Startup
    Exit Services and close when finished.
    =======================================
    Reboot the computer. Let me know how it's running.
    Let me know if you are missing is any feature you regularly use.
  13. learninmypc

    learninmypc TechSpot Guru Topic Starter Posts: 4,554   +184

    Ok, I've Created the Restore point but I DON'T have a printer to print out anything.
    Can I minimize this & run the HJT?
     
  14. learninmypc

    learninmypc TechSpot Guru Topic Starter Posts: 4,554   +184

    Ok, the above is done, I couldn't find the following
    Open Internet Explorer> Tools> Manage Addons> Remove each of the following addons:
    PCPitStop.CAB
    AvSniff.cab
    cabsa.cab
    asquared.cab
    Click on Apply> OK when finished

    In IE. Could it be because I'm using IE 8?
    I've rebooted & everything seems to be noticeably faster, thank you.
  15. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    You're welcome. Hopefully some of what we did will help you to keep the system more streamlined in the future.
    (BTW, you don't need to quote the instructions)

    See if this works for
    PCPitStop.CAB
    AvSniff.cab
    cabsa.cab
    asquared.cab

    Boot into Safe Mode with Networking
    • Restart your computer and start pressing the F8 key on your keyboard.
    • Select the Safe Mode with Networking option when the Windows Advanced Options menu appears, and then press ENTER.
    Show Hidden Folders/Files
    • Click on Windows key + E> this will open Windows Explorer.
    • Open My Computer.
    • Go to Tools > Folder Options.
    • Select the View tab.
    • Scroll down to Hidden files and folders.
    • Select Show hidden files and folders.
    • Uncheck Hide extensions of known file types.
    • Uncheck Hide protected operating system files (Recommended).
    • Click Yes when prompted.
    • Click OK.
    • Close My Computer.
    Open Internet Explorer now and click on Tools> Manage addons> If you now see any of the processes listed, click to remove.
    When the Add on screen opens, but sure to check all 4 categories in IE8:
    [​IMG]
    Reset Hidden/System Files & Folders
    Reboot into Normal Mode.

    A Note: If you have added the above processes as plugins to another browser, you can remove them in a similar way using Tools> Addons
    =======================================
    Run this now, then once in a while so the files don't pile up:TFC (Temp File Cleaner)

    Download TFC to your desktop
    • Open the file and close any other windows.
    • It will close all programs itself when run, make sure to let it run uninterrupted.
    • Click the Start button to begin the process. The program should not take long to finish its job
    • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
    ====================================
    You can uninstall HijackThis and delete the log.
  16. learninmypc

    learninmypc TechSpot Guru Topic Starter Posts: 4,554   +184

    Ok, these
    PCPitStop.CAB
    AvSniff.cab
    cabsa.cab
    asquared.cab

    weren't found in IE & I've run TFC & rebooted & its noticeably faster & I thank you.(y)
  17. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    You're welcome. Don't worry about the processes you didn't find- they are all legitimate.
  18. learninmypc

    learninmypc TechSpot Guru Topic Starter Posts: 4,554   +184

    Ok, have a great day & thanks a bunch(y)
  19. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Glad to help.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.