System hangs on startup (but works in Safe Mode)

[surdbird]

Hello,
I am located in Bahrain. My internet provider is Batelco.
Thanks

[jholland1964]

Hello,
I am located in Bahrain. My internet provider is Batelco.
Thanks

Ok, only reason I asked is because of these entries in your HJT log;
O4 - HKLM\..\Run: [{07ED51EC-C868-498C-96A1-4FC3619194BB}] "C:\Program Files\MTC Kuwait\MTC Optimization Client\bmoc" -d

O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{23021EA8-1133-4811-8E97-3F6A3C5A6A00}: NameServer = 193.188.97.197
O17 - HKLM\System\CS1\Services\Tcpip\..\{23021EA8-1133-4811-8E97-3F6A3C5A6A00}: NameServer = 193.188.97.197

But tracing them back they all point to your provider, so for now anyway, we will not worry about them.
The MBA-M program removed several items.

Have your start up difficulties improved any? You DO have a large number of unnecessary items auto-starting when the system boots up and many can be run manually when needed.
I would like you to use HJT to generate a Start Up listing.
In order to do this go into the Config option when you start HijackThis and then click on the Misc Tools button at the top.
You should then click on the button labeled "Generate StartupList
Log. Once you click that button, the program will automatically open up a notepad filled with the Startup items from your computer. Copy and paste these entries into a reply here. Please don't attach, copy/paste. I will take a look and let you know what can be disabled that you don't need running at start up.
Judy

[surdbird]

Hello,

1. I had a wireless dongle from the ISP MTC-kuwait but no longer use it. I will uninstall it.

2. The starting up is no longer hanging but still so slow as to be impractical to work on. I continue to work in Safe Mode.

3. I have attached the StartupList below.

Thanks
Sumit


StartupList report, 11/24/2008, 10:02:47 AM
StartupList version: 1.52.2
Started from : C:\Program Files\hijackthis\Sumit.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\hijackthis\Sumit.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\Satyam\Start Menu\Programs\Startup]
Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Bluetooth Manager.lnk = ?
Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
Push Client.LNK = C:\Program Files\Interwise\Participant\pull.exe
VPN Client.lnk = ?
Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Apoint = C:\Program Files\DellTPad\Apoint.exe
IgfxTray = C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds = C:\WINDOWS\system32\hkcmd.exe
Persistence = C:\WINDOWS\system32\igfxpers.exe
SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
PMX Daemon = ICO.EXE
Dell QuickSet = C:\Program Files\Dell\QuickSet\quickset.exe
SigmatelSysTrayApp = stsystra.exe
IntelZeroConfig = "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
IntelWireless = "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
WavXMgr = C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
SecureUpgrade = C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
KADxMain = C:\WINDOWS\system32\KADxMain.exe
ISUSPM Startup = C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
ISUSScheduler = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
RoxioDragToDisc = "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
PDVDDXSrv = "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
GrooveMonitor = "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
googletalk = C:\Program Files\Google\Google Talk\googletalk.exe /autostart
HP Software Update = "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
HP Component Manager = "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
vptray = C:\PROGRA~1\SYMANT~1\VPTray.exe
Windows Defender = "C:\Program Files\Windows Defender\MSASCui.exe" -hide
iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe"
{07ED51EC-C868-498C-96A1-4FC3619194BB} = "C:\Program Files\MTC Kuwait\MTC Optimization Client\bmoc" -d
LogMeIn GUI = "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
Adobe Reader Speed Launcher = "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

DellSupport = "C:\Program Files\DellSupport\DSAgnt.exe" /startup
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
swg = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
ISUSPM = "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
Skype = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll - {02478D38-C3F9-4efb-9B51-7695ECA05670}
(no name) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll - {22BF413B-C6D2-4d91-82A9-A0F997BA588C}
(no name) - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
(no name) - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
(no name) - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\sw g.dll - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}

--------------------------------------------------

Enumerating Task Scheduler jobs:

AppleSoftwareUpdate.job
MP Scheduled Scan.job

--------------------------------------------------

Enumerating Download Program Files:

[Office Genuine Advantage Validation Tool]
InProcServer32 = C:\WINDOWS\system32\OGACheckControl.DLL
CODEBASE = http://go.microsoft.com/fwlink/?linkid=67633

[MSN Photo Upload Tool]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll
CODEBASE = http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab

[OnlineScanner Control]
InProcServer32 = C:\WINDOWS\system32\ONLINE~1.OCX
CODEBASE = http://www.eset.eu/buxus/docs/OnlineScanner.cab

[TSEasyInstallX Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\TSEASY~1.OCX
CODEBASE = http://www.trendsecure.com/easy_inst...syInstallX.CAB

[get_atlcom Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\gp.ocx
CODEBASE = http://www.adobe.com/products/acrobat/nos/gp.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #4: C:\Program Files\Bonjour\mdnsNSP.dll
Protocol #1: bmnet.dll (file MISSING)
Protocol #2: bmnet.dll (file MISSING)
Protocol #3: bmnet.dll (file MISSING)

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll

--------------------------------------------------
End of report, 8,182 bytes
Report generated in 0.110 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only