Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

OE & IE [RESOLVED]


  • This topic is locked This topic is locked

#1
Columbus

Columbus

    Member

  • Member
  • PipPip
  • 22 posts
I have just gone onto B/Band and find that OE and IE take 30/40 secs to launch,have I got an infection?I have run your checks,Cleanup/AdawareCWshredder,S&D,Ewido,Trend Housecall,Trojan Hunter was unavailable they said I had exceeded the 30day trial.Everything came up Clean.Now I am a novice with computers (A"wrinkley" 78yrs young) so I will need to be led by the hand.I have taken a hijackthis log,how do I post it?
  • 0

Advertisements


#2
don77

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Hi Columbus and welcome

Please open HJT and run a scan with it please,
Click on Save Log, ( note where it was saved to ) then click "add reply" in this topic
You should have a notepad file open with the HJT log inside it,

Left click inside the notepad with the HJT log inside it, now press Ctrl +A
That will high light everything inside the notepad with HJT, Now press Ctrl + C

Now click "Add reply" to this topic Now Left click inside it,
Now press Ctrl +V

that should paste the log to the reply, click "Add Reply"
  • 0

#3
dsenette

dsenette

    Je suis Napoléon!

  • Administrator
  • 26,019 posts
  • MVP
don, move this one over to malware please
  • 0

#4
don77

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts

don, move this one over to malware please

I did :tazz:
  • 0

#5
dsenette

dsenette

    Je suis Napoléon!

  • Administrator
  • 26,019 posts
  • MVP
forgot you were a mod.....sorry
  • 0

#6
Columbus

Columbus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Hi Don 77,thanks for your reply.I did all you asked but after highlighting notepad and following your instructions,nothing happened,I probably did something wrong.Should I start over?
  • 0

#7
don77

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Yes read through them again please

See if this is a easier way for you,

Scan with HJT, again save log, this time when notepad opens,
Right click inside it, Choose Select All, Then right click again choose Copy,
Now open this topic again,
click Add Reply,
once the reply window opens, place your cusor inside the reply window,
Right click again and choose Paste,
Make sure the HJT log is now in the replt then click Add Reply


No worry dsenette :tazz:
  • 0

#8
Columbus

Columbus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Logfile of HijackThis v1.99.1
Scan saved at 11:27:56, on 02/08/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Roxio\GoBack\GBPoll.exe
C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\StartupMonitor.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Roxio\GoBack\GBTray.exe
C:\WINDOWS\system32\control.exe
C:\WINDOWS\system32\control.exe
C:\WINDOWS\system32\control.exe
C:\WINDOWS\system32\control.exe
C:\WINDOWS\system32\control.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Gilbert Higham\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\PROGRA~1\DELLSU~1\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - Global Startup: GoBack.lnk = C:\Program Files\Roxio\GoBack\GBTray.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: ppctlcab - http://www.pestscan....er/ppctlcab.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) -
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} -
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) -
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} -
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} - http://rtc3.webrespo...p/TLIEFlash.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} -
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: GBPoll - Roxio, Inc. - C:\Program Files\Roxio\GoBack\GBPoll.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
  • 0

#9
don77

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Hi again Columbus
Nothing bad showing in your log
Make sure that the XP firwall is not running, I see you have some good protection programs running,
Disable the XP firwall and see if that help to speed things up

Click Start, Control Panel, double–click Network Connections, right-click the desired connection, Properties, Advanced tab, Under Internet Connection Firewall, uncheck the Protect my computer and network by limiting or preventing access to this computer from the Internet check box.

Let us know if this helps to improve things
  • 0

#10
Columbus

Columbus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Hi Don77,Thanks for your reply,to say I'm relieved would be an understatement,I have a dread of getting an infection,paranoeia really.I'll have to get over it.I have done as you suggested and closed the Windows Firewall,still have Zone Alarm .O.K.will keep you posted of any improvement,or not.Thanks again.I have kept all the info you have sent and filed it away in case I need it again. :tazz:
  • 0

Advertisements


#11
Columbus

Columbus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Back again Don,computer still slow responding,do I need more memory.I use th Firefox browser and have had a gambling advert crop up behind the Firefox window.I have asked Mozilla what is going on?whilst on this site just had an adware advert appear.
  • 0

#12
don77

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Hi Columbus,
Could you give us the specs off your machine please,
  • 0

#13
Columbus

Columbus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Hi Don Here are the details requested.Dell Dimension2400.Microsaoft Works 7.48xDVD.CDRW Combo.Drive.40gb IDE(7200rpm)Drive. XP Home.,DVD S.I Power Software. Dimension2400 Celeron 2.6ghz Integrated Sound,Video,NIC. Sonic Software for CD/RW & Combo. V92 Data Fax Modem. 256Mb NonECC 333Mhz DDR memory(1x256). Norton System works 2003 Pro. Spyware Blaster,S&D,Adaware,CCCleaner, Nikon Photoshare, Picture Project,Broadband Medic,Spayware Doctor, Go Back,Hi Jack This,Learn XP,CW Shredder.I think that is the lot.Hope this is sufficient info. :tazz:
  • 0

#14
dsenette

dsenette

    Je suis Napoléon!

  • Administrator
  • 26,019 posts
  • MVP
almost looks like you're not all the way clean...if you've still got popups..do you have the popup blockers turned on?
  • 0

#15
Columbus

Columbus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Hi dsenette, It appears that the only popup I get persistently is the one that comes after i close Firefox.,and which is a gambling site,could it be an arranged popup with Mozilla?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP