12 replies to this topic

[bubbleboi]

Whenever i turn on my PC it loads normally until after the welcome screen. As soon as the wallpaper appears, the computer pauses. No icons, no explorer nuttin, just the wallpaper. The processor light indicates that nuttin is happening. Then after about 1 minute it starts to load again, desktop and explorer appears and loads normally. So what causes that long pause all of a sudden? The only thing i remember downloading b4 this happen was some hp updates for my printer, and some Windows updates for my PC. So whats the problem, here's a log:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:21:51 AM, on 30/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Norton Ghost\Agent\VProTray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Admin\My Documents\kern\themes\RocketDock\RocketDock.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.tt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AB89335C-B6EA-468C-A977-EC76F3818274} - (no file)
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O3 - Toolbar: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBest.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Norton Ghost 14.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Documents and Settings\Admin\My Documents\kern\themes\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [Pando Media Booster] "C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) -
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase1140.cab
O16 - DPF: {97770E5B-2028-48AC-B4DA-1F991376D2B6} - http://download.copysafe.net/plugins5/inst...rs/Copysafe.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c987631e198a6) (gupdate1c987631e198a6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LiveUpdate\LuComServer_3_2.EXE
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 13752 bytes

[yardbird]

Try this link for StartupLite and it will probably help. Most likely the HP driver you loaded is loading a tray module that's delaying explorer.exe from running quickly (which is why it takes a while for your taskbar to show up ). StartupLite should disable it, along with some other unneeded startups go to Download near the bottom:
post back & let us know please!

Download
Version: 1.07
File Size: 199.70 KB
Operating Systems: Microsoft ® Windows 2000, XP, Vista.
Languages Available: English only

http://www.malwareby...startuplite.php

[AdvancedSetup]

Way too much stuff loading on startup. Was SP3 one of those updates? There was a known issue on HP but it typically caused a Blue Screen of Death and not exactly what you describe.

Try running the following to start:
You may have corrupted files on your disk. Please try running the following.
First close ALL Applications as this routine will automatically restart your computer.
Click on START - RUN and copy / paste the following entry into the box and click OK

CMD /C ECHO Y|CHKDSK C: /F | SHUTDOWN /R /T 30

Then run this

Download and install CCleaner

• CCleaner
  
• Double-click on the downloaded file "ccsetup220_slim.exe" and install the application.
  
• Keep the default installation folder "C:\Program Files\CCleaner"
  
• Click finish when done and close ALL PROGRAMS
  
• Start the CCleaner program.
  
• Click on Registry and Uncheck Registry Integrity so that it does not run (basically the very top, uncheck it)
  
• Click on Options - Advanced and Uncheck "Only delete files in Windows Temp folders older than 48 hours"
  
• Click back to Cleaner and under SYSTEM uncheck the Memory Dumps and Windows Log Files
  
• Click on Run Cleaner button on the bottom right side of the program.
  
• Click OK to any prompts

Then get AutoRuns from Microsoft and export the list of running items here and someone should be able to help you trim down the stuff running on your system.

[Jacktivity]

Hi bubbleboi

One of the machines I own is an HP laptop. It used to give me startup fits from time to time just like you are talking about. It would just hang there with the wallpaper showing and nothing apparently happening. Admittedly, I have way fewer startup programs than you do though. I would control-alt-del to bring up the task manager and act like I was going to either change users or restart the machine, and that would kind of kick start it again. I finally tracked it down to Zone Alarm. I uninstalled ZA and haven't had a problem since. Unfortunately, ZA is a heavy resource user, though I do like the simple interface. I don't know what's going on with that program lately. I used to use it everywhere, and even got the pro version, but I've had problems with ZA Free on 4 different machines lately. Recently, I did an install of ZA on one of them and found that the box wouldn't even shut down from the start menu. I have no idea why it would do that. The problem went away immediately when I uninstalled ZA. Now I no longer recommend it because of these problems. Not to start a firewall flamewar - this just worked for me.

Pay attention to AdvancedSetup's last bit of advice. I almost missed it myself and was going to recommend it. Get Autoruns and export the list to here. Someone can help trim down some of those startups. The nice thing about Autoruns is that you can turn those startups off and on without uninstalling programs. If you find you've turned off something you want, it's easy to turn it back on. That's why you should get some help here.

[exile360]

Here's some more details on how to use Autoruns:

Please download Sysinternals Autoruns from here.

• Save Autoruns.exe to your desktop and double-click it to run it.
  
• Once it starts, please press the Esc key on your keyboard.
  
• Now that scanning is stopped, click on the Options button at the top of the program and select Verify Code Signatures
  
• Once that's done press the F5 key on your keyboard, this will start the scan again, this time let it finish.
  
• When it's finished, please click on the File button at the top of the program and select Save and save the Autoruns.arn file to your desktop.
  
• Now right-click on the Autoruns.arn file located on your desktop and highlight Sent To and select Compressed (zipped) Folder
  
• Please attach the Autoruns.zip file you just created to your next post.

Regarding ZA, too true. I used to be a dedicated ZoneAlarm user, but ever since CheckPoint software bought them out, their quality has been lacking (at least in my opinion).

[bubbleboi]

I thank each and every1 of yall for all the GREAT responses. God bless!

Ok, mr. yardbird, the startup lite program didnt work, its clared up some items but i still had the problem, thx anywayz.
Mr AdvancedSetup I did everything, after the disk check, the problem was still there. I did the CC scan exactly how u told me, now im gonna post the Autorun file.
Mr. Jackitvity i really heard about this Zonealarm problem but if all else fails, i'll uninstall ZA and see wa happens.
Mr. exile360 the Autorun.zip is attached

Attached Files

•  AutoRuns.zip   235.92K   30 downloads

[exile360]

Hello again .

First off, you've got an old version of Adobe Reader installed. It is known to contain serious security vulnerabilities.

• Make sure you are connected to the internet
  
• Click on Start>All Programs>Adobe Reader 8
  
• Once Reader opens, click on the Help button at the top and select Check for Updates
  
• If your firewall prompts you that Adobe Update Manager is trying to access the internet tell it to allow it
  
• It should tell you that updates are available, install them
  
• If it says it needs to close Adobe Reader to install the updates, let it do so

Second, you have the Ask Toolbar installed, this is not a recommended toolbar because all it does is track your browsing habits and show links for its advertisers. It was installed by ZoneAlarm and it is the "Spy Blocker Toolbar" in your browser so keeping it or not is up to you. If you want to remove it do the following:

• Close all open internet browser windows like Internet Explorer or FireFox
  
• Click on Start>Control Panel
  
• Click on Add/Remove Programs
  
• Find the entry for Ask Toolbar or ZoneAlarm Spy Blocker Toolbar and select Uninstall

Third, you have Java installed. Older versions are known to have serious security vulnerabilities.

• Close all open internet browser windows like Internet Explorer or FireFox
  
• Click on Start>Control Panel
  
• Click on Add/Remove Programs
  
• Locate all entries related to Java and uninstall any you find besides 6 Update 14
  
• Then go here and download and install the latest version

Once that's done, proceed with the following:

You have quite a few startup items and one of them is most likely the problem:

Please open Autoruns and let it scan then uncheck the following after reading the itallicized text next to each entry:

Under HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run:

• Adobe Reader Speed Launcher (Quick start application for Adobe Reader, it doesn't need to run at bootup to be able to use Reader)
  
• OM2_Monitor (This program is a quick access module for your Olympus camera and it's software, if you don't use it that much, uncheck it to disable it as you can still use the program whenever you'd like by running it via Start>All Programs>Olympus)
  
• NvMediaCenter (This program is for quick access to Nvidia's graphics settings control panel, if you don't change your settings often for gaming then you should uncheck this)

Under C:\Documents and Settings\All Users\Start Menu\Programs\Startup:

• HP Digital Imaging Monitor.lnk (This program is for advanced diagnostics and control of your printer and if you don't use it, disable it as it's the most likely cause of your slowdown based on the info in your first post)

Under C:\Documents and Settings\Admin\Start Menu\Programs\Startup:

• OneNote 2007 Screen Clipper and Launcher.lnk (If you never or seldom use Microsoft OneNote (part of Office 2007) then disable this item)

Under HKCU\Software\Microsoft\Windows\CurrentVersion\Run:

• BitTorrent DNA (This Program is the startup for Bittorrent and can be disabled unless you need it running at boot for some reason, Bittorrent still runs fine whenever you open it without this startup entry)
  
• OM2_Monitor (Another startup entry for Olympus, see notes above regarding this)
  
• Pando Media Booster (A downloader program installed by a game that was installed at some point, it doesn't need to be running at boot for any reason and is a waste of resources)

Under HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects:

• AskBar BHO (If still present, right-click this entry and select DELETE if you'd chosen to uninstall it per my recommendation above)
  
• Java™ Plug-In 2 SSV Helper (Unneeded Java entry known to slow down your browser, Java still functions normally without it)
  
• JQSIEStartDetectorImpl Class (Same as above)

Under HKLM\Software\Microsoft\Internet Explorer\UrlSearchHooks:

• ZoneAlarm Spy Blocker Toolbar (As in last section, if you chose to remove the Ask Toolbar and this entry is still present, right-click this entry and select DELETE)

I've got a question for the other guru's around here regarding one of your entries:

Under HKLM\Software\Microsoft\Internet Explorer\Toolbar the following entry is present:

• Best_Security_Tips Toolbar located in C:\Program Files\best_security_tips

I was only able to locate limited info on this entry and request one of the others who might be more knowlegable to advise on it.

Here's the info I was able to dig up so far:

• ThreatExpert
  
• ProcessLibrary.com

Please let me know if you have any questions regarding my instructions and let us know how your PC is booting after you're done.

Thanks .

[bubbleboi]

Thanx, did everything u asked, and the problem still there. Maybe its ZA?

[yardbird]

Hi bubbleboi

Make sure that ZA has these files in the Trust area

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam-dor.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

However I'm sure you know this! I had some more notes on ZA. but I can't find my file on it.

[bubbleboi]

LOL the problem was Zone Alarm all along. I uninstalled it an PC started up in a jippy. I'm sad I had to let go of ZA but i did, it was a nice firewall. So thank u guys for all yuh fine work. So i think imma stick to Windows firewall for a while, or do u guys hav any suggestions of any other firewall.

[AdvancedSetup]

Looks like Jacktivity nailed it on the head

The internal Windows Firewall is fine. It is not there for stopping Malware that you typically get from Web sites or Peer2Peer file sharing.

[YoKenny1]

I believe in a Layered Defence strategy:

1. run an up to date anti virus application such as avast!
2. run an up to date anti malware application like Malwarebytes' Anti-Malware (MBAM)
3. run a System Monitor like WinPatrol that will alert users to malware attacks, hijackings and critical changes made to a computer without their permission.
4. prevent access to known malware sites by using a HOSTS file such as MVPS HOSTS
5. use browser indicator tools such as Finjan Secure Browsing
6. use Google to look up things
7. read this forum

[yardbird]

@ bubbleboi
glad you found the prob.. good luck cya on the forums...regards yardbird