Options

Internet Explorer runs VERY slow.

Unknown
edited December 2005 in Spyware & Virus Removal
I run AdAware and Spybot frequently and they help a bit, but improvement is not much or does not last long. IE used to run very fast, now unbearably slow. My HJT log is:

Logfile of HijackThis v1.99.1
Scan saved at 4:10:29 PM, on 12/29/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.ixxnmjyesgqtcczgwpvzeuc.com/iMjcCi8LYZm2UpIGDwkIOkXqt1WXazxkNPBgyJO8nifLYBO6J_vc2BkRs6ud1eZO.jpg
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O1 - Hosts: 216.19.0.250 idenupdate.motorola.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .sco: C:\PROGRA~1\INTERN~1\PLUGINS\NPSibelius.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/supergerball/miniclipGameLoader.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1130812212475
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{44A9400F-8391-483F-A313-F4CA2AE5B3EF}: NameServer = 209.143.0.10
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

Comments

  • CrunchieCrunchie Mandurah. Western Australia. Member
    edited December 2005
    First of all could you click Start>Settings>Control Panel>Add or Remove Programs and uninstall 'Window Search', 'Window Searching', 'Lop.com', 'LOP SEARCH', 'Browser Enhancer', or 'Ultimate Browser Enhancer' if listed. You may be given a code to insert, do so and reboot when done. If not listed there, run the Lop Remover from:
    http://66.220.17.157/help.html

    ==

    Please download the trial version of Ewido anti-malware here:
    http://www.ewido.net/en/download/
    Install it, and update the definitions to the newest files. Do NOT run a scan yet.
    Next, please reboot your computer in Safe Mode by doing the following:
    1) Restart your computer
    2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
    3) Instead of Windows loading as normal, a menu should appear
    4) Select the first option, to run Windows in Safe Mode.

    For additional help in booting into Safe Mode, see the following site:
    http://www.pchell.com/support/safemode.shtml

    Once in Safe Mode, please run Ewido, and do a full scan. During the scan it will prompt you to clean files, click OK.

    Save the logfile from the scan. Restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.
  • cman34
    edited December 2005
    Ok. None of the programs were listed in "Add or Remove Programs". Lop Remover was run. Ewido anti-malware was run in safe mode. The logfile from the scan and a new HJT log are below. My IE is now running slower than ever (almost a minute to load IE and MSN homepage).
    ewido anti-malware - Scan report

    + Created on: 8:49:13 AM, 12/30/2005
    + Report-Checksum: A4C2FF5B

    + Scan result:

    HKLM\SOFTWARE\Classes\CLSID\{954814C0-40F3-4249-8528-B4922CD2964E} -> Spyware.HotBar : Cleaned with backup
    HKLM\SOFTWARE\Classes\CLSID\{A54814C0-40F3-4249-8528-B4922CD2964E} -> Spyware.HotBar : Cleaned with backup
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup
    C:\WINDOWS\SYSTEM32\Holly Celebs-uninstall.exe -> Dialer.Generic : Cleaned with backup
    C:\Program Files\FileSubmit\Labrador Retrievers\nnez_388.exe -> Spyware.NewDotNet : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Local Settings\Temp\Cookies\robert [email]seaman@ehg-dig.hitbox[1].txt[/email] -> Spyware.Cookie.Hitbox : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Local Settings\Temp\Cookies\robert [email]seaman@www.myaffiliateprogram[1].txt[/email] -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Local Settings\Temp\Cookies\robert [email]seaman@ivwbox[1].txt[/email] -> Spyware.Cookie.Ivwbox : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Local Settings\Temp\Cookies\robert [email]seaman@112.2o7[2].txt[/email] -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Local Settings\Temp\Cookies\robert [email]seaman@ad.yieldmanager[2].txt[/email] -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Local Settings\Temp\Cookies\robert [email]seaman@www.burstbeacon[1].txt[/email] -> Spyware.Cookie.Burstbeacon : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Local Settings\Temporary Internet Files\Content.IE5\8BRV6WX1\new_uninstall[1].exe -> Adware.Lop : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@112.2o7[1].txt[/email] -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@adopt.specificclick[2].txt[/email] -> Spyware.Cookie.Specificclick : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@www.burstbeacon[1].txt[/email] -> Spyware.Cookie.Burstbeacon : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@burstnet[2].txt[/email] -> Spyware.Cookie.Burstnet : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@ivwbox[1].txt[/email] -> Spyware.Cookie.Ivwbox : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wfmiahdpgfo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wflispc5mdp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@www.myaffiliateprogram[1].txt[/email] -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@burstnet[3].txt[/email] -> Spyware.Cookie.Burstnet : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@lop[1].txt[/email] -> Spyware.Cookie.Lop : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@www.myaffiliateprogram[2].txt[/email] -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjloggcpghq.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjkykgdzwdp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wgkywhcjagp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjnyeiczscp.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjlykkd5ogo.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wfkyqnazkcp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@sec1.liveperson[1].txt[/email] -> Spyware.Cookie.Liveperson : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@www.burstnet[1].txt[/email] -> Spyware.Cookie.Burstnet : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@rotator.adjuggler[2].txt[/email] -> Spyware.Cookie.Adjuggler : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wflikkc5ekp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjnywkdjgaq.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wfmiaocpibo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@sportingnews.122.2o7[2].txt[/email] -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@www.burstbeacon[2].txt[/email] -> Spyware.Cookie.Burstbeacon : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@cj[1].txt[/email] -> Spyware.Cookie.Cj : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjkoqndzkdp.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@adopt.specificclick[3].txt[/email] -> Spyware.Cookie.Specificclick : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjlyaodzgkp.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@microsofteup.112.2o7[2].txt[/email] -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjkygpczsbp.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjny-1jdzsc.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjnyuodzckp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjkyoodjegp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjnyuodzckp.stats.esomniture[3].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@ad.yieldmanager[2].txt[/email] -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@msnportal.112.2o7[2].txt[/email] -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wgkiwidzgeo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjl4agcpobp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjkocjd5ifq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wflosgcjebq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wflicld5scq.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjl4qmdzwcp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjliejajiep.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wflogncjmbo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wfkownazmeq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjlyajdjicp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjkyshc5adq.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjkycmajsgq.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjk4ghcpebo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjkyekdzofq.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjnyahcpedq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\Documents and Settings\Robert Seaman\Cookies\robert [email]seaman@e-2dj6wjkoqodpeeo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
    C:\System Volume Information\_restore{23A453CB-9A8C-41F0-BD72-7E3B6334FE07}\RP1284\A0193950.exe -> Spyware.NewDotNet : Cleaned with backup


    ::Report End

    Logfile of HijackThis v1.99.1
    Scan saved at 8:56:16 AM, on 12/30/2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\System32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\WINDOWS\system32\ezSP_Px.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    C:\WINDOWS\system32\pctspk.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    C:\WINDOWS\System32\svchost.exe
    C:\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wuauclt.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    O1 - Hosts: 216.19.0.250 idenupdate.motorola.com
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb06.exe
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .sco: C:\PROGRA~1\INTERN~1\PLUGINS\NPSibelius.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/supergerball/miniclipGameLoader.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1130812212475
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
    O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
    O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{44A9400F-8391-483F-A313-F4CA2AE5B3EF}: NameServer = 209.143.0.10
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
  • CrunchieCrunchie Mandurah. Western Australia. Member
    edited December 2005
    I am not seeing anything in your log to indicate what may be wrong. Can you try running IE without the proxy to see if there is an improvement.
  • cman34
    edited December 2005
    Can you tell me how to do that? "without the proxy"???
  • CrunchieCrunchie Mandurah. Western Australia. Member
    edited December 2005
    Open IE and on the toolbar, hit the Tools button. Go to Internet Options and then the connections Tab. Go into settings and uncheck the box under proxy server and ok out.
  • cman34
    edited December 2005
    That box is already not checked. Could there be something in my TrendMicro virus program that sets up a proxy server?
  • CrunchieCrunchie Mandurah. Western Australia. Member
    edited December 2005
    Looking at your log, that could be the case. How you disable it though, I do not know. Proxies can and do slow down your surfing etc., so I would try disabling it and see how things are.
Sign In or Register to comment.