MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: IE takes forever to load
June 01, 2020, 11:44:44 AM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
June 01, 2020, 11:44:44 AM

Login with username, password and session length
 Featured Sites:
News
12th Anniversary Celebrating 12 Years! (1997 - 2009) 12th Anniversary
Thanks to ALL that make this site what it is!
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: IE takes forever to load  (Read 1538 times)
IronArmz
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 14


Bookmark and Share

View Profile
« on: May 06, 2009, 02:17:27 PM »

New IE windows take forever to load. I have worked with comcast and linksys to ensure that their products and signals are working properly. Bestbuy scanned my system and found these:
Logged
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #1 on: May 06, 2009, 10:46:00 PM »

Hi.Welcome to the forum


Run both these programs.


Please download Malwarebytes' Anti-Malware from one of these places:

 http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html

 http://www.besttechie.net/tools/mbam-setup.exe



Double Click mbam-setup.exe to install the application.
If it will not run make a copy of the MBAM.exe and rename MBAM.exe to xxx.exe and run that.Keep the genuine MBAM.exe as we may need to run that later as is.
* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.

* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire report in your next reply along with a fresh HijackThis log.

PLEASE NOTE:
 If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes.


Once that Malwarebytes' Anti-Malware is done removing the malware and you have rebooted the computer, browse around and see if you are still having that problem.


=====================================================================================




Ok.We need to download ComboFix.exe. This will give me a better view to the files running and also hidden on your computer and also those in the registry..Please download from one of these webpages .

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe


* IMPORTANT !!! Save ComboFix.exe to your Desktop


Disable your AntiVirus and AntiSpyware applications, usually via a right-click on the System Tray icon. They may otherwise interfere with our tools.

Double-click on ComboFix.exe & follow the prompts.

If it will not run  rename Combofix to xxx.exe and run that.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.Recovery Console can be installed from your disc if you have Vista if you wish.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.





Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:





Click on Yes to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt  and a new HJT log in your next reply.


Logged

An Australian Member of

EDDY
IronArmz
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 14


Bookmark and Share

View Profile
« Reply #2 on: May 07, 2009, 04:19:05 AM »

ComboFix 09-05-06.02 - IRON 05/06/2009 21:53.4 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.767.481 [GMT -6:00]
Running from: c:\documents and settings\IRON\Desktop\ComboFix.exe
AV: COMODO Antivirus *On-access scanning enabled* (Updated)
FW: COMODO Firewall *enabled*
.

(((((((((((((((((((((((((   Files Created from 2009-04-07 to 2009-05-07  )))))))))))))))))))))))))))))))
.

2009-05-07 02:45 . 2009-05-07 02:45   --------   d-----w   c:\documents and settings\IRON\Application Data\Malwarebytes
2009-05-07 02:45 . 2009-04-06 21:32   15504   ----a-w   c:\windows\system32\drivers\mbam.sys
2009-05-07 02:45 . 2009-04-06 21:32   38496   ----a-w   c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-07 02:45 . 2009-05-07 02:45   --------   d-----w   c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-07 02:45 . 2009-05-07 02:45   --------   d-----w   c:\program files\Malwarebytes' Anti-Malware
2009-05-06 14:08 . 2009-03-06 14:22   284160   -c----w   c:\windows\system32\dllcache\pdh.dll
2009-05-06 14:08 . 2009-02-09 12:10   401408   -c----w   c:\windows\system32\dllcache\rpcss.dll
2009-05-06 14:08 . 2009-02-06 11:11   110592   -c----w   c:\windows\system32\dllcache\services.exe
2009-05-06 14:08 . 2009-02-09 12:10   473600   -c----w   c:\windows\system32\dllcache\fastprox.dll
2009-05-06 14:08 . 2009-02-06 10:10   227840   -c----w   c:\windows\system32\dllcache\wmiprvse.exe
2009-05-06 14:08 . 2009-02-09 12:10   453120   -c----w   c:\windows\system32\dllcache\wmiprvsd.dll
2009-05-06 14:08 . 2009-02-09 12:10   729088   -c----w   c:\windows\system32\dllcache\lsasrv.dll
2009-05-06 14:08 . 2009-02-09 12:10   617472   -c----w   c:\windows\system32\dllcache\advapi32.dll
2009-05-06 14:08 . 2009-02-09 12:10   714752   -c----w   c:\windows\system32\dllcache\ntdll.dll
2009-05-06 13:52 . 2008-05-03 11:55   2560   ------w   c:\windows\system32\xpsp4res.dll
2009-05-06 13:52 . 2008-04-21 12:08   215552   -c----w   c:\windows\system32\dllcache\wordpad.exe
2009-05-06 13:40 . 2009-05-06 13:40   --------   d-----w   c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-05-06 13:39 . 2009-05-06 13:39   --------   d-----w   c:\program files\iTunes
2009-05-06 13:37 . 2009-05-06 13:38   --------   d-----w   c:\program files\Bonjour
2009-05-06 13:37 . 2009-05-06 13:37   --------   d-----w   c:\program files\AskBarDis
2009-05-06 13:37 . 2009-05-07 03:59   --------   d-----w   c:\program files\Comodo
2009-05-06 13:37 . 2009-05-06 13:37   --------   d-----w   c:\program files\Spybot - Search & Destroy
2009-04-18 12:47 . 2009-04-18 12:48   --------   d-----w   c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-18 12:47 . 2009-05-06 13:39   --------   d-----w   c:\program files\iTunes(2)

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-06 14:07 . 2008-07-16 19:02   --------   d-----w   c:\program files\SpywareBlaster
2009-05-06 13:39 . 2008-09-04 03:37   --------   d-----w   c:\program files\Common Files\Apple
2009-05-01 15:01 . 2009-03-26 20:13   11952   ----a-w   c:\windows\system32\avgrsstx(2).dll
2009-04-18 12:48 . 2005-12-24 20:59   --------   d-----w   c:\program files\iPod
2009-04-15 19:36 . 2008-06-06 03:00   --------   d-----w   c:\program files\Yahoo!
2009-04-11 13:14 . 2006-12-16 19:05   --------   d-----w   c:\program files\Azureus
2009-04-07 04:13 . 2005-03-31 22:38   --------   d-----w   c:\program files\Java
2009-03-26 19:36 . 2008-12-26 21:22   253688   ----a-w   c:\windows\system32\cssdll32.dll
2009-03-26 19:33 . 2009-03-26 19:34   24336   ----a-w   c:\windows\system32\drivers\cmdhlp.sys
2009-03-26 19:33 . 2009-03-26 19:34   110992   ----a-w   c:\windows\system32\drivers\cmdguard.sys
2009-03-26 19:33 . 2008-12-26 21:21   155384   ----a-w   c:\windows\system32\guard32.dll
2009-03-24 13:19 . 2004-01-24 00:16   --------   d-----w   c:\program files\AIM
2009-03-21 14:06 . 2002-06-25 21:39   989696   ----a-w   c:\windows\system32\kernel32(2).dll
2009-03-17 23:39 . 2009-03-17 23:38   --------   d-----w   c:\program files\QuickTime
2009-03-08 10:34 . 2004-02-07 00:05   914944   ----a-w   c:\windows\system32\wininet.dll
2009-03-08 10:34 . 2004-01-24 00:42   43008   ----a-w   c:\windows\system32\licmgr10.dll
2009-03-08 10:33 . 2002-06-25 21:37   18944   ----a-w   c:\windows\system32\corpol.dll
2009-03-08 10:33 . 2004-01-24 00:52   420352   ----a-w   c:\windows\system32\vbscript.dll
2009-03-08 10:32 . 2002-06-25 21:36   72704   ----a-w   c:\windows\system32\admparse.dll
2009-03-08 10:32 . 2004-01-24 00:40   71680   ----a-w   c:\windows\system32\iesetup.dll
2009-03-08 10:31 . 2004-01-24 00:40   34816   ----a-w   c:\windows\system32\imgutil.dll
2009-03-08 10:31 . 2004-01-24 00:42   48128   ----a-w   c:\windows\system32\mshtmler.dll
2009-03-08 10:31 . 2002-06-25 21:41   45568   ----a-w   c:\windows\system32\mshta.exe
2009-03-08 10:22 . 2002-06-25 21:41   156160   ----a-w   c:\windows\system32\msls31.dll
2009-03-06 14:22 . 2004-01-24 00:47   284160   ----a-w   c:\windows\system32\pdh.dll
2009-02-17 03:04 . 2009-02-17 03:04   410984   ----a-w   c:\windows\system32\deploytk.dll
2009-02-09 12:10 . 2002-06-25 21:40   729088   ----a-w   c:\windows\system32\lsasrv.dll
2009-02-09 12:10 . 2002-06-25 21:40   729088   ----a-w   c:\windows\system32\lsasrv(2).dll
2009-02-09 12:10 . 2004-04-30 13:30   401408   ----a-w   c:\windows\system32\rpcss.dll
2009-02-09 12:10 . 2004-04-30 13:30   401408   ----a-w   c:\windows\system32\rpcss(2).dll
2009-02-09 12:10 . 2002-06-25 21:43   714752   ----a-w   c:\windows\system32\ntdll.dll
2009-02-09 12:10 . 2002-06-25 21:43   714752   ----a-w   c:\windows\system32\ntdll(2).dll
2009-02-09 12:10 . 2002-06-25 21:36   617472   ----a-w   c:\windows\system32\advapi32.dll
2009-02-09 12:10 . 2002-06-25 21:36   617472   ----a-w   c:\windows\system32\advapi32(2).dll
2009-02-09 11:13 . 2002-06-25 21:50   1846784   ----a-w   c:\windows\system32\win32k.sys
2009-02-08 01:02 . 2002-06-25 21:43   2066048   ----a-w   c:\windows\system32\ntkrnlpa.exe
2009-02-06 11:11 . 2002-06-25 21:45   110592   ----a-w   c:\windows\system32\services.exe
2009-02-06 11:11 . 2002-06-25 21:45   110592   ----a-w   c:\windows\system32\services(2).exe
2009-02-06 11:08 . 2002-06-25 21:43   2189056   ----a-w   c:\windows\system32\ntoskrnl.exe
2009-02-06 10:39 . 2002-06-25 21:45   35328   ----a-w   c:\windows\system32\sc.exe
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-10-06 5058560]
"REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-05 53248]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2003-10-06 49152]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-02-07 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 54832]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-13 342312]
"COMODO Internet Security"="c:\program files\Comodo\COMODO Internet Security\cfp.exe" [2009-03-26 1851128]
"BCMSMMSG"="BCMSMMSG.exe" - c:\windows\BCMSMMSG.exe [2003-08-29 122880]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"SpecifyDefaultButtons"= 0 (0x0)

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave1"= serwvdrv.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Exif Launcher.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Exif Launcher.lnk
backup=c:\windows\pss\Exif Launcher.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AOL ACS"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [3/26/2009 1:34 PM 110992]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [3/26/2009 1:34 PM 24336]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};c:\program files\CyberLink\PowerDVD\000.fcl [11/2/2006 4:51 PM 13560]
R2 IntuitUpdateService;Intuit Update Service;c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [10/10/2008 6:45 AM 13088]
.
Contents of the 'Scheduled Tasks' folder

2009-04-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 18:34]
.
- - - - ORPHANS REMOVED - - - -

BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
HKCU-Run-BlazeServoTool - c:\program files\BlazeVideo\BlazeDVD 5 Professional\MediaDetector.exe
HKLM-Run-POINTER - point32.exe
Notify-monln - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/?fr=fptb-cclean
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Settings,ProxyServer = actsvr.comcastonline.com:8100
uInternet Settings,ProxyOverride = actsvr.comcastonline.com
IE: &Yahoo! Search
IE: Yahoo! &Dictionary
IE: Yahoo! &Maps
Trusted Zone: turbotax.com
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-06 22:03
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(632)
c:\windows\system32\guard32.dll

- - - - - - - > 'lsass.exe'(692)
c:\windows\system32\guard32.dll

- - - - - - - > 'explorer.exe'(2612)
c:\windows\system32\guard32.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\ArcSoft\Software Suite\PhotoImpression 5\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Comodo\COMODO Internet Security\cmdagent.exe
c:\windows\system32\nvsvc32.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
c:\program files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
c:\program files\Microsoft Hardware\Mouse\point32.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-05-07 22:09 - machine was rebooted
ComboFix-quarantined-files.txt  2009-05-07 04:09
ComboFix2.txt  2008-05-23 23:29
ComboFix3.txt  2008-05-23 03:20
ComboFix4.txt  2008-05-23 00:02

Pre-Run: 16,772,947,968 bytes free
Post-Run: 16,904,241,152 bytes free

199   --- E O F ---   2009-05-06 16:36
Logged
IronArmz
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 14


Bookmark and Share

View Profile
« Reply #3 on: May 07, 2009, 04:19:24 AM »

Malwarebytes' Anti-Malware 1.36
Database version: 2085
Windows 5.1.2600 Service Pack 3

5/6/2009 8:57:59 PM
mbam-log-2009-05-06 (20-57-59).txt

Scan type: Quick Scan
Objects scanned: 77173
Time elapsed: 7 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Logged
IronArmz
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 14


Bookmark and Share

View Profile
« Reply #4 on: May 07, 2009, 04:19:43 AM »

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:17:54 PM, on 5/6/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Program Files\internet explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fptb-cclean
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = actsvr.comcastonline.com:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = actsvr.comcastonline.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\Comodo\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files\BlazeVideo\BlazeDVD 5 Professional\MediaDetector.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) -
O20 - AppInit_DLLs:  C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll
O20 - Winlogon Notify: monln - C:\WINDOWS\
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/IRON/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg

--
End of file - 8221 bytes
Logged
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #5 on: May 07, 2009, 05:30:07 AM »

Some rubbish has been removed from the registry.As for the rest it all looks fine.No malware.

This will clear away any of the files and folders that were created by ComboFix.

Go to :
Start > Run then copy and paste the following highlighted text below into the box  and click OK.



ComboFix /u
Logged

An Australian Member of

EDDY
IronArmz
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 14


Bookmark and Share

View Profile
« Reply #6 on: May 07, 2009, 09:32:47 AM »

Thank you. IE still takes forever to load. Perhaps I need to go to another forum?
Logged
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #7 on: May 07, 2009, 10:43:45 AM »

Try Firefox....
Logged

An Australian Member of

EDDY
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page May 01, 2018, 06:30:39 AM