[Resolved - K] "msg long running scrip

  • 27 Replies
  • 4407 Views
*

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • 7696
Re: [Resolved - K] "msg long running scrip
« Reply #15 on: April 19, 2014, 11:39:02 AM »
Relevant security is marked as disabled in CF log, I wait for ESET log...

Thank you,

Kevin

*

Offline addictedtolabs

  • Bronze Member
  • 59
Re: [Resolved - K] "msg long running scrip
« Reply #16 on: April 19, 2014, 03:57:35 PM »
ok,
Internet Explorer will not upload as yahoo.com as home page, although Chrome and Firefox browsers still do. When i power up Windows will not start unless I hit F5 . Still slow to power off and reboot.

*

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • 7696
Re: [Resolved - K] "msg long running scrip
« Reply #17 on: April 19, 2014, 04:57:47 PM »
Go here: [rl]http://support.microsoft.com/kb/923737[/url] follow those instructions and reset Internet explorer to default settings..

Next,

Go here: http://support.microsoft.com/kb/929135 Expand version for Windows 7, follow those instructions and perform a "Clean Boot" let me know if the start time improves in that mode...

*

Offline addictedtolabs

  • Bronze Member
  • 59
Re: [Resolved - K] "msg long running scrip
« Reply #18 on: April 21, 2014, 09:53:19 AM »
I still need to hit F5 to get Windows to load. It took a lot of time to get my tool bars set up etc so I think I will leave it as is and just leave my computer on. I have a cheap laptop that I bought 2 1/2 years ago and the keyboard went out 2 weeks ago so I connected an external keyboard, then had the brilliant idea of connecting my old ViewSonic moniter which was gathering dust in a closet. I am retired now and don't use the computer for work so this mickey mouse set up should get me thorough until I have to buy a new computer.
So do you think I am stable now? 



*

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • 7696
Re: [Resolved - K] "msg long running scrip
« Reply #19 on: April 21, 2014, 03:17:33 PM »
Your system is clean, i`m just concerned regarding the boot time and did expect that a "Clean Boot" would have made some difference....

Run the following so I can have another look at your system:

Download OTL from any of the following links and save to your desktop.

http://itxassociates.com/OT-Tools/OTL.com
http://oldtimer.geekstogo.com/OTL.exe
http://www.itxassociates.com/OT-Tools/OTL.scr

Double click the OTL icon to start the tool. (Note: If you are running on Vista or Windows 7/8 accept UAC alert)

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Standard Output.
  • Select the following:
All Users
     LOP Check
     Purity Check
  • Under the Standard Registry box change it to All
  • Please copy the text in the code box below and paste it in the Custom Scans/Fixes box in OTL:
Code: [Select]
netsvcs
activex
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%windir%\Installer\*.*
%windir%\system32\tasks\*.*
%windir%\system32\tasks\*.* /64
%systemroot%\Fonts\*.exe
%systemroot%\*. /mp /s
/md5start
consrv.dll
explorer.exe
winlogon.exe
regedit.exe
Userinit.exe
svchost.exe
services.exe
user32.dll
ATAPI.SYS
/md5stop
CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • A black box will appear, this is part of the custom scan, so don't be alarmed

IF OTL SAYS 'NOT RESPONDING' DON'T USE YOUR PC. IT WILL CARRY ON SCANNING AFTER A FEW MINUTES

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic...

Kevin....

*

Offline addictedtolabs

  • Bronze Member
  • 59
Re: [Resolved - K] "msg long running scrip
« Reply #20 on: April 21, 2014, 07:07:18 PM »
Your site message said too long to cut and paste so I am trying as attachment

*

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • 7696
Re: [Resolved - K] "msg long running scrip
« Reply #21 on: April 22, 2014, 04:08:26 AM »
Re-Run   by double left click, Vista and Widows 7 users accept UAC alert. if applicable.
  • Under the box at the bottom, paste in the following, start with and include the colon plus OTL . :OTL

Code: [Select]
:OTL
MsConfig:64bit - StartUpReg: [b]MapsGalaxy Home Page Guard 64 bit[/b] - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: [b]MapsGalaxy Search Scope Monitor[/b] - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: [b]MapsGalaxy_39 Browser Plugin Loader[/b] - hkey= - key= -  File not found
:Files
ipconfig /flushdns /c
:Commands
[emptytemp]
  • Then click button at the top
  • Let the program run unhindered, when done it will say "Fix Complete press ok to open the log"
  • Please post that log in your next reply.

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.
If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start > All Programs > Accessories > Notepad), click File > Open, in the File Name box enter  *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Next,

download this tool Startuplite to your desktop and run it. It will explain any optional auto-start programs on your system, and offer the option to stop these programs from starting at Boot. This will result in fewer programs running when you boot your system, and should improve performance.

Let me know if any remaining issues or concerns...

Kevin....

*

Offline addictedtolabs

  • Bronze Member
  • 59
Re: [Resolved - K] "msg long running scrip
« Reply #22 on: April 22, 2014, 11:49:16 AM »
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\MapsGalaxy Home Page Guard 64 bit\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\MapsGalaxy Search Scope Monitor\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\MapsGalaxy_39 Browser Plugin Loader\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Jeqn\Desktop\cmd.bat deleted successfully.
C:\Users\Jeqn\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Jeqn
->Temp folder emptied: 301878 bytes
->Temporary Internet Files folder emptied: 6820308 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 492 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7650 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 7.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 04222014_104112

Files\Folders moved on Reboot...
C:\Users\Jeqn\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Jeqn\AppData\Local\Temp\~DF72CAD92B0E59096A.TMP not found!
File\Folder C:\Users\Jeqn\AppData\Local\Temp\~DF7B943996E2BB46AF.TMP not found!
File\Folder C:\Users\Jeqn\AppData\Local\Temp\~DF90CE07A7C1B99EF0.TMP not found!
File\Folder C:\Users\Jeqn\AppData\Local\Temp\~DF90FE656A4B212108.TMP not found!
File\Folder C:\Users\Jeqn\AppData\Local\Temp\~DFB868D77C1CEDC512.TMP not found!
File\Folder C:\Users\Jeqn\AppData\Local\Temp\~DFE70AFBC2503B7C5A.TMP not found!
C:\Users\Jeqn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YUXCOYOG\index[1].htm moved successfully.
C:\Users\Jeqn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\YUXCOYOG\pdefault[1].htm moved successfully.
C:\Users\Jeqn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TTV2WJ68\message[1].htm moved successfully.
C:\Users\Jeqn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1PVLQBD4\st[1] moved successfully.
C:\Users\Jeqn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\4A72F430-B40C-4D36-A068-CE33ADA5ADF9.dat moved successfully.
C:\Users\Jeqn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\Jeqn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LXLCHNM2\index[1].htm moved successfully.
C:\Users\Jeqn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LXLCHNM2\PreviewContent[1].htm moved successfully.
File move failed. C:\Users\Jeqn\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

*

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • 7696
Re: [Resolved - K] "msg long running scrip
« Reply #23 on: April 22, 2014, 02:24:40 PM »
Any remaining issues or concerns?

*

Offline addictedtolabs

  • Bronze Member
  • 59
Re: [Resolved - K] "msg long running scrip
« Reply #24 on: April 22, 2014, 04:40:27 PM »
Windows still will not load unless I hit F5 but I can live with that by just turning off once a day. I tried removing the external monitor but that didn't change anything. Startuplite didn't show any unnecessary programs. You have been a miracle worker and save me from tossing this out the window.  :b

*

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • 7696
Re: [Resolved - K] "msg long running scrip
« Reply #25 on: April 23, 2014, 02:09:56 AM »
  • Re-open to run it. (Vista and Win 7 users accept UAC alert)
  • Click on the button.
  • Click Yes to begin the cleanup process and remove tools, including this application
  • You may be asked to reboot the machine to finish the cleanup process - if so, choose Yes

Next,

Download "Delfix by Xplode" and save it to your desktop.

"Delfix link mirror"

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:

  • Activate UAC
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings

Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Part of the routine will be to create a registry back up with ERUNT,  the back up will be created here:
C:\Windows\ERUNT

When all is known to be well with your system you can delete that back up folder if you consider it as not needed...

Let me know if those steps complete ok, Read the following link to fully understand PC security and best practices, you may find it useful....

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629

Can we close out?

Regards,

Kevin

« Last Edit: April 24, 2014, 05:16:09 PM by kevinf80 »

*

Offline addictedtolabs

  • Bronze Member
  • 59
Re: [Resolved - K] "msg long running scrip
« Reply #26 on: April 24, 2014, 05:09:27 PM »
Kevin,
Thanks so much for all your help. :p
Now I can get back to playing with my Labradors :)1
Cheers,
Jean

*

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • 7696
Re: [Resolved - K] "msg long running scrip
« Reply #27 on: April 24, 2014, 05:18:07 PM »
You`re more than welcome Jean, comeback anytime..... :t

Since this issue appears to be resolved the topic has been closed. Glad we could help. 

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

The fixes and advice in this thread are for this System only. Do not apply the instructions from this thread to your own System. Please start a new thread describing your issue and someone will be along to assist you.