We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Firefox takes ages to start.
Dreamnine
Posts: 8,370 Forumite
When I switch on my PC, connect to the internet and click on Firefox, sometimes it takes ages for the program to start. Often I've clicked on it a few times and it finally opens up in multiple tabs. I never used to have to wait this long.
Can anyone help..?
[threadbanner]box[/threadbanner]
Can anyone help..?
[threadbanner]box[/threadbanner]
I shot a vein in my neck and coughed up a Quaalude.
Lou Reed The Last Shot
Lou Reed The Last Shot
0
Comments
-
switch to chrome, so, so much faster, for me it was like the jump between ie to firefox all over again, so much faster, ok you lose the customising but i never was too keen on that junk.
maybe one of those apps are slowing it down?Back by no demand whatsoever.0 -
Defrag.
Disable all firefox plugins and extensions.
Try again.
If still slow, try starting Firefox in Safe Mode and see how that goes (I think start > Programs>Firefox has a safe mode option).Rocky.0 -
Another possible is your infected
Download MALWAREBYTES (Make sure you click 'DOWNLOAD NOW')
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html
UPDATE and FULL SCAN
Post the log here AFTER youve deleted everything it finds
reboot
Download HIJACK THIS (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_hijackthis/
Click DO A SCAN AND SAVE A LOGFILE (Takes seconds) then post the log so we can see whats running
(do NOT do anything else with Hijack but scan and post the FULL log):idea:0 -
Thanks Rik,
Malwarebytes' Anti-Malware 1.36
Database version: 2019
Windows 5.1.2600 Service Pack 2
21/04/2009 17:21:42
mbam-log-2009-04-21 (17-21-42).txt
Scan type: Full Scan (C:\|)
Objects scanned: 110160
Time elapsed: 17 minute(s), 15 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)I shot a vein in my neck and coughed up a Quaalude.
Lou Reed The Last Shot0 -
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:26:07, on 21/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Samsung\EmoDio\SMSTray.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Nokia\Nokia PC Suite 7\OneTouchAccess.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com/?fr=fp-yie8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/?fr=fp-yie8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\EmoDio\SMSTray.exe
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB7CAB5D-41D5-4415-BE42-96C2E643EDE1}: NameServer = 172.31.140.69 172.30.140.69
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 6005 bytesI shot a vein in my neck and coughed up a Quaalude.
Lou Reed The Last Shot0 -
There's virtually nothing running at the start - just Avira. I'm wondering if one of my usb drives, my phone or my mp3 player could be infected..I shot a vein in my neck and coughed up a Quaalude.
Lou Reed The Last Shot0 -
TICK these using hijack then FIX them ~
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB7CAB5D-41D5-4415-BE42-96C2E643EDE1}: NameServer = 172.31.140.69 172.30.140.69
Run LSPFIX
Download HostsXpert
http://www.softpedia.com/get/Security/Security-Related/Hoster.shtml
and then follow the below steps.
* Unzip HostsXpert.zip
* It will create a folder named HostsXpert in whatever folder you extract it to.
* Run HostsXpert.exe by double clicking on it.
* click the Make Writeable? button.
* click Restore Microsoft's Hosts File and then click OK.
* Click the X to exit the program
Plug the devices you mentioned into your computer and run a another FULL scan with malwarebytes (Ticking those entries to be scanned. eg ~ drives J and K or whatever as well as C drive again)
then ~
Please run COMBOFIX
Follow the simple instructions it gives
Post the COMPLETE log it creates here (Split into sections if need be)
If it comes up with a RENAMING error then RIGHT click the exe file and RENAME and call it QWERTY (Making the complete file name 'QWERTY.exe'):idea:0 -
ComboFix 09-04-21.A8 - Admin 21/04/2009 18:50.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.247 [GMT 1:00]
Running from: c:\documents and settings\Admin\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated)
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\dbfb.dll
.
((((((((((((((((((((((((( Files Created from 2009-03-21 to 2009-04-21 )))))))))))))))))))))))))))))))
.
2009-04-21 15:54 . 2009-04-21 15:55
d
w c:\documents and settings\Admin\Application Data\Mp3tag
2009-04-12 12:01 . 2009-04-13 12:14
d
w c:\documents and settings\Admin\Application Data\Spotify
2009-04-12 12:01 . 2009-04-12 12:02
d
w c:\documents and settings\Admin\Local Settings\Application Data\Spotify
2009-04-12 11:08 . 2009-04-12 11:09
d
w c:\documents and settings\Admin\Application Data\SumatraPDF
2009-04-01 07:36 . 2009-04-01 07:36
d-sh--w c:\documents and settings\Admin\IECompatCache
2009-04-01 06:14 . 2009-04-01 06:14
d-sh--w c:\documents and settings\Admin\PrivacIE
2009-04-01 06:12 . 2009-04-01 06:12
d-sh--w c:\documents and settings\Admin\IETldCache
2009-04-01 06:10 . 2009-04-01 06:10
d
w c:\windows\ie8updates
2009-04-01 06:10 . 2009-04-01 06:10
d--h--w c:\windows\$hf_mig$
2009-04-01 06:07 . 2009-04-01 06:09
dc-h--w c:\windows\ie8
2009-04-01 06:06 . 2009-04-01 06:10
d--h--w c:\windows\msdownld.tmp
2009-04-01 06:03 . 2009-02-28 04:55 105984
w c:\windows\system32\dllcache\iecompat.dll
2009-03-23 15:13 . 2009-03-23 15:14
d
w c:\documents and settings\Admin\Application Data\.freeciv
2009-03-23 15:13 . 2009-03-23 15:13
d
w c:\documents and settings\Admin\Application Data\.ggz
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-21 16:02 . 2009-02-25 16:01
d
w c:\program files\Malwarebytes' Anti-Malware
2009-04-21 15:53 . 2009-04-21 15:53
d
w c:\program files\Mp3tag
2009-04-20 13:16 . 2008-10-04 17:53
d
w c:\program files\Yahoo!
2009-04-12 12:01 . 2009-04-12 12:01
d
w c:\program files\Spotify
2009-04-12 11:08 . 2009-04-12 11:08
d
w c:\program files\SumatraPDF
2009-04-12 11:05 . 2008-04-22 00:02
d
w c:\program files\Common Files\Adobe
2009-04-11 20:06 . 2008-04-21 17:00 1744 ----a-w c:\windows\system32\d3d9caps.dat
2009-04-11 20:05 . 2009-03-11 23:00
d
w c:\program files\Any Video Converter
2009-04-06 14:32 . 2009-02-25 16:01 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 14:32 . 2009-02-25 16:01 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-03-31 18:27 . 2008-04-20 16:26
d
w c:\documents and settings\All Users\Application Data\Apple Computer
2009-03-31 18:25 . 2009-03-31 18:24
d
w c:\program files\Common Files\DVDVideoSoft
2009-03-31 18:24 . 2009-03-31 18:24
d
w c:\program files\DVDVideoSoft
2009-03-29 10:07 . 2009-03-29 10:05
d
w c:\program files\ProgDVB
2009-03-24 19:48 . 2008-04-20 16:27
d--h--w c:\program files\InstallShield Installation Information
2009-03-24 19:47 . 2008-10-10 10:22
d
w c:\program files\JetAudio
2009-03-23 15:48 . 2009-03-23 15:48
d
w c:\program files\ReflexiveArcade
2009-03-23 15:29 . 2009-03-23 15:28
d
w c:\program files\SunTimes
2009-03-23 15:16 . 2009-03-23 15:13
d
w c:\program files\Freeciv-2.1.8-gtk2
2009-03-23 15:08 . 2009-03-23 15:08
d
w c:\program files\Atomic Alarm Clock
2009-03-22 12:26 . 2008-08-27 19:54
d
w c:\program files\YouTube Downloader
2009-03-21 23:51 . 2009-03-21 23:51
d
w c:\documents and settings\Admin\Application Data\GlarySoft
2009-03-21 23:50 . 2009-03-21 23:50
d
w c:\program files\Glary Utilities
2009-03-21 23:18 . 2008-10-04 17:53
d
w c:\program files\CCleaner
2009-03-21 19:00 . 2009-03-21 19:00
d
w c:\program files\microsoft frontpage
2009-03-21 16:08 . 2008-05-12 11:27
d
w c:\documents and settings\All Users\Application Data\manager exit list active
2009-03-21 15:14 . 2009-03-21 15:14
d
w c:\program files\Avira
2009-03-21 15:14 . 2009-03-21 15:14
d
w c:\documents and settings\All Users\Application Data\Avira
2009-03-16 22:52 . 2008-10-10 11:16
d
w c:\program files\COWON
2009-03-12 00:40 . 2008-06-27 21:33 167 ----a-w C:\mp4log.txt
2009-03-11 23:06 . 2008-06-27 21:34
d
w c:\program files\MyFree Codec
2009-03-11 21:23 . 2009-03-11 21:21 4669 ----a-w C:\MP4debug.log
2009-03-11 21:20 . 2009-03-11 21:20 3082 ----a-w c:\windows\system32\affv300053706p4now.sys
2009-03-11 19:46 . 2008-10-14 19:00
d
w c:\program files\ffdshow
2009-03-11 19:46 . 2009-03-11 19:46
d
w c:\program files\Free Offers from Freeze.com
2009-03-11 13:04 . 2008-06-04 08:06 348160 ----a-w c:\windows\system32\msvcr71.dll
2009-03-08 13:09 . 2007-08-13 17:43 638816 ----a-w c:\windows\system32\dllcache\iexplore.exe
2009-03-08 13:09 . 2007-08-13 17:39 391536 ----a-w c:\windows\system32\dllcache\iedkcs32.dll
2009-03-08 03:41 . 2008-05-13 20:16 5937152 ----a-w c:\windows\system32\dllcache\mshtml.dll
2009-03-08 03:34 . 2008-05-13 20:16 914944 ----a-w c:\windows\system32\dllcache\wininet.dll
2009-03-08 03:34 . 2006-12-28 05:50 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 03:34 . 2008-05-13 20:16 1206784 ----a-w c:\windows\system32\dllcache\urlmon.dll
2009-03-08 03:34 . 2007-08-13 17:54 236544 ----a-w c:\windows\system32\dllcache\webcheck.dll
2009-03-08 03:34 . 2007-08-13 17:44 43008 ----a-w c:\windows\system32\dllcache\licmgr10.dll
2009-03-08 03:34 . 2004-08-04 04:00 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 03:34 . 2007-08-13 17:44 105984 ----a-w c:\windows\system32\dllcache\url.dll
2009-03-08 03:34 . 2008-05-13 20:16 193536 ----a-w c:\windows\system32\dllcache\msrating.dll
2009-03-08 03:34 . 2007-08-13 17:44 109568 ----a-w c:\windows\system32\dllcache\occache.dll
2009-03-08 03:33 . 2008-05-13 17:40 759296 ----a-w c:\windows\system32\dllcache\VGX.dll
2009-03-08 03:33 . 2007-08-13 17:42 18944 ----a-w c:\windows\system32\dllcache\corpol.dll
2009-03-08 03:33 . 2004-08-04 04:00 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 03:33 . 2008-05-13 20:16 25600 ----a-w c:\windows\system32\dllcache\jsproxy.dll
2009-03-08 03:33 . 2008-05-13 17:40 726528 ----a-w c:\windows\system32\dllcache\jscript.dll
2009-03-08 03:33 . 2007-08-13 17:39 229376 ----a-w c:\windows\system32\dllcache\ieaksie.dll
2009-03-08 03:33 . 2008-05-13 17:40 420352 ----a-w c:\windows\system32\dllcache\vbscript.dll
2009-03-08 03:33 . 2006-12-28 05:50 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 03:33 . 2007-08-13 17:39 125952 ----a-w c:\windows\system32\dllcache\ieakeng.dll
2009-03-08 03:32 . 2007-08-13 17:39 72704 ----a-w c:\windows\system32\dllcache\admparse.dll
2009-03-08 03:32 . 2004-08-04 04:00 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 03:32 . 2007-08-13 17:39 173056 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
2009-03-08 03:32 . 2007-08-13 16:56 163840 ----a-w c:\windows\system32\dllcache\ieakui.dll
2009-03-08 03:32 . 2007-08-13 17:39 71680 ----a-w c:\windows\system32\dllcache\iesetup.dll
2009-03-08 03:32 . 2007-08-13 17:39 55808 ----a-w c:\windows\system32\dllcache\iernonce.dll
2009-03-08 03:32 . 2004-08-04 04:00 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 03:32 . 2007-08-13 17:39 128512 ----a-w c:\windows\system32\dllcache\advpack.dll
2009-03-08 03:32 . 2008-05-13 20:16 94720 ----a-w c:\windows\system32\dllcache\inseng.dll
2009-03-08 03:32 . 2008-05-13 20:16 611840 ----a-w c:\windows\system32\dllcache\mstime.dll
2009-03-08 03:31 . 2008-05-13 20:16 183808 ----a-w c:\windows\system32\dllcache\iepeers.dll
2009-03-08 03:31 . 2008-05-13 20:16 348160 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
2009-03-08 03:31 . 2008-05-13 20:16 216064 ----a-w c:\windows\system32\dllcache\dxtrans.dll
2009-03-08 03:31 . 2007-08-13 17:36 34816 ----a-w c:\windows\system32\dllcache\imgutil.dll
2009-03-08 03:31 . 2004-08-04 04:00 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 03:31 . 2008-05-13 20:16 46592 ----a-w c:\windows\system32\dllcache\pngfilt.dll
2009-03-08 03:31 . 2008-05-13 20:16 66560 ----a-w c:\windows\system32\dllcache\mshtmled.dll
2009-03-08 03:31 . 2007-08-13 17:01 48128 ----a-w c:\windows\system32\dllcache\mshtmler.dll
2009-03-08 03:31 . 2004-08-04 04:00 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 03:31 . 2007-08-13 17:32 45568 ----a-w c:\windows\system32\dllcache\mshta.exe
2009-03-08 03:31 . 2004-08-04 04:00 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 03:24 . 2007-08-13 17:18 68608 ----a-w c:\windows\system32\dllcache\hmmapi.dll
2009-03-08 03:22 . 2007-08-13 17:54 156160 ----a-w c:\windows\system32\dllcache\msls31.dll
2009-03-08 03:22 . 2004-08-04 04:00 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-03 13:32 . 2008-07-18 17:35
d
w c:\program files\Common Files\ArcSoft
2009-03-03 13:32 . 2008-07-18 17:34
d
w c:\program files\ArcSoft
2009-02-25 17:57 . 2009-02-25 17:56
d--h--r c:\documents and settings\All Users\Application Data\yahoo!
2009-02-25 17:56 . 2009-02-25 17:56
d
w c:\documents and settings\Admin\Application Data\Yahoo!
2009-02-25 16:47 . 2009-02-25 16:47
d
w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-02-25 16:47 . 2009-02-25 16:47
d
w c:\program files\SUPERAntiSpyware
2009-02-25 16:47 . 2009-02-25 16:47
d
w c:\documents and settings\Admin\Application Data\SUPERAntiSpyware.com
2009-02-25 16:47 . 2009-02-25 16:47
d
w c:\program files\Common Files\Wise Installation Wizard
2009-02-25 16:01 . 2009-02-25 16:01
d
w c:\documents and settings\Admin\Application Data\Malwarebytes
2009-02-25 16:01 . 2009-02-25 16:01
d
w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-25 15:06 . 2009-02-25 15:06
d
w c:\program files\Trend Micro
2008-10-11 20:42 . 2008-04-20 11:37 72016 -c--a-w c:\documents and settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2008-05-09 07:05 . 2008-05-09 07:05 0 -c--a-w c:\program files\temp01
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"Google Update"="c:\documents and settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-02 133104]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-02-17 1830128]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-07-11 223984]
"SkinClock"="c:\program files\Atomic Alarm Clock\AtomicAlarmClock.exe" [2008-09-30 1740288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMSTray"="c:\program files\Samsung\EmoDio\SMSTray.exe" [2009-03-21 484888]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-07-11 223984]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-03-08 128512]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2005-9-20 1200128]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
"StartMenuLogoff"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 ----a-w c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0smrgdf .\Appdata\Data\
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Spotify\\spotify.exe"=
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-02-17 8944]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-02-17 55024]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-03-05 108289]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-02-17 7408]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
Contents of the 'Scheduled Tasks' folder
2009-04-21 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2009-03-21 17:10]
2009-04-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299502267-602609370-682003330-1003.job
- c:\documents and settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-02 19:08]
2009-04-21 c:\windows\Tasks\User_Feed_Synchronization-{A5EB78CE-C4C8-440D-9AFD-BEA3A94FA91F}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
.
Supplementary Scan
.
uStart Page = hxxp://uk.yahoo.com/?fr=fp-yie8
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\ydai5bwr.default\
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10168&gct=&gc=1&q=
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\documents and settings\Admin\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera 9\program\plugins\npdsplay.dll
FF - plugin: c:\program files\Opera 9\program\plugins\npwmsdrm.dll
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v2.00.13); user_pref(general.useragent.extra.zencast, Creative ZENcast v2.01.01);user_pref(general.useragent.extra.zencast, .
.
File Associations
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-21 18:56
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
DLLs Loaded Under Running Processes
- - - - - - - > 'winlogon.exe'(700)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
- - - - - - - > 'explorer.exe'(3528)
c:\progra~1\WINDOW~3\wmpband.dll
c:\windows\system32\ieframe.dll
c:\program files\Atomic Alarm Clock\Clock.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\progra~1\MarkAny\CONTEN~1\MACSMA~1.DLL
c:\program files\SUPERAntiSpyware\SASSEH.DLL
- - - - - - - > 'explorer.exe'(3036)
c:\windows\system32\ieframe.dll
c:\windows\system32\browselc.dll
c:\program files\Microsoft Office\Office12\1033\GrooveIntlResource.dll
c:\windows\system32\wpdshext.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\PortableDeviceTypes.dll
.
Other Running Processes
.
c:\windows\system32\WudfHost.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\wscntfy.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\windows\system32\WudfHost.exe
.
**************************************************************************
.
Completion time: 2009-04-21 19:00 - machine was rebooted
ComboFix-quarantined-files.txt 2009-04-21 18:00
ComboFix2.txt 2009-03-22 11:21
ComboFix3.txt 2009-03-21 19:06
Pre-Run: 8,772,567,040 bytes free
Post-Run: 8,704,200,704 bytes free
269 --- E O F --- 2009-02-25 18:53I shot a vein in my neck and coughed up a Quaalude.
Lou Reed The Last Shot0 -
also, it may be that firefox is loading 90 days of history (as default) as firefox starts.
try clearing the history and reducing the number of days kept in the history0 -
Have changed those. I know it's an old computer but I haven't had it this slow on startup before.I shot a vein in my neck and coughed up a Quaalude.
Lou Reed The Last Shot0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.5K Banking & Borrowing
- 253.7K Reduce Debt & Boost Income
- 454.5K Spending & Discounts
- 245.5K Work, Benefits & Business
- 601.5K Mortgages, Homes & Bills
- 177.6K Life & Family
- 259.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards