Please reopen HijackThis to
'do system scan only.' Check each of the following entries if present:
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchFilterHost.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
Close all Windows except HijackThis and click on
"Fix Checked."
Boot into Safe Mode
- Restart your computer and start pressing the F8 key on your keyboard.
- Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.
Click on Start> Run> type in
services.msc>double click on each of the following Services and set as instructed:
Apple Mobile Device> Set startup type to Manual
Bonjour Service> Manual
Google Update Service (gupdate)> Set to Disabled> Stop the Service
iPod Service> Manual
========================================
Follow through with any of these on the system:
1. Unchecking on Startup using the
msconfig utility. These are on most systems- none need to start on boot and run in the background.
2. To change the Startup type for a related Service:
Start> Run> type in services.msc> double click the Service>> if you are going to use this, set it to Manual> if you aren't going to use this> set it to Disabled.
JAVA:
[1] UNCHECK all Java entries on the Startup menu: Start> Run> msconfig> enter> Selective Startup Startup tab.
[2] Open IE> Tools> Manage add-ons> right click on Java (tm) Plug-In 2 SSV Helper' (jp2ssv.dll> Click on and Disable Java Plugin2 and Java Quick Start.
[3]. Start> Run> services.msc> double click on
JavaQuickStarterService> Change Startup Type to Disabled> Stop the Service
[4] Stop auto update:. Control Panel> Java> Update tab> UNCHECK 'check automatically for updates'> Apply> Click YES when asked to confirm> OK
[5]. Make sure only the current version of Java is in Add/Remove Programs in the Control Panel. Uninstall any other versions.
ADOBE READER
1. Use msconfig to UNCHECK all; Adobe Reader entries> Apply> OK
2. Open the Adobe Reader and Disable all Toolbars-unless you use the PDF feature frequently.
3. Change the Adobe LM Service to Manual Startup.
4. Only the most current version should be listed in Add/Remove Programs.
REAL PLAYER
1. UNCHECK all 'Real', Real Player' and 'Real One' entries on the Startup menu
2. If you use Real Player
disable the auto-update feature in your Tools- Preferences- Automatic Services- AutoUpdate (In RealPlayer).
Right click on Start> Explore> Programs> Common> Real Update> right click> delete the file
"realshed.exe"
QUICK TIME
1. Use msconfig to UNCHECK any QuickTime entries on Startup> Apply> OK
2. Disable tray icon: Right-click on the icon and select QuickTime Preferences > Browser Plugin. Clear the check box next to "QuickTime system tray icon," and then close the settings box. The icon won't appear anymore.
3.
Rename the qttask.exe file:
Right click on Start> Explore> Programs> QuickTime directory> right click on qttask.exe> rename to
qttask.exeold.
[B
]ITUNES Big resource user![/B]
iTunesHelper.exe
Background task installed by Apple's iTunes music player and also by version 7 of QuickTime which now comes inseparably bundled with iTunes. It is thought that this task used to be a 3rd party add-on program in the early days of Apple's iPod when its iTunes software was incompatible with many CD-Writers. This task does not need to be installed as a startup since iTunes starts it up anyway when it needs it.
1. UNCHECK on Startup menu using msconfig. It uses nearly 6MB of memory.
BONJOUR/MDSRESPONDER
Usually installed by Apple for iTunes. But also 'pre-checked' to load with the new Adobe CS3 applications, "mDNSResponder.exe" is installed somewhere in the install process. Used in iTunes files sharing
IF you do not use this process, it is best to stop and unintall it: Here’s how to safely uninstall Bonjour and remove mDNSResponder.exe
1. Go to Start > Run > type the command below and hit OK.
“%PROGRAMFILES%\Bonjour\mDNSResponder.exe” -remove
2. Right click on Start> Explore> Programs> Bonjour> right click on mdnsNSP.dll> rename to> mdnsNSP.old
3. Restart your computer**** see note regarding reboot
5. Delete the Program Files\Bonjour folder
------------------------------------------------------------------------
Are you ready to remove the cleaning tools and the logs they created? See next reply.
