« previous next »
Pages: [1]   Go Down

Author Topic: internet explorer problems  (Read 5244 times)

0 Members and 1 Guest are viewing this topic.

lfordiv

  • Guest
internet explorer problems
« on: March 26, 2004, 04:18:24 AM »
When I am using IE my computer sometimes does some strange things like it has a mind of its own.  Randomly just cap locks, opens new windows when I just click logout or some other click, makes clicking noises when I am not even doing anything, changes the text size of the page while I am on it, won't allow me to type but locks up so all it does is hilite text.  I have run Adaware, Spybot and CW SHredder.  I have posted a Hijack this log below. I am hoping someone may find some issues below and can tell me how to correct them.  Thanks in advance for the help.

Logfile of HijackThis v1.97.2
Scan saved at 9:27:44 PM, on 3/25/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Sony\Giga Pocket\shwserv.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony\Giga Pocket\RM_SV.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Common files\KeenValue\KeenValue.exe
C:\WINDOWS\System32\IEDriver\IEDriver.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Sony\USBSircs\usbsircs.exe
C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
C:\WINDOWS\System32\Doa2.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\System32\Elw273d8.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Sony\Giga Pocket\gps.exe
C:\Program Files\Common files\KeenValue\KWM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Lee Ford\Desktop\bug fixes\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\System32\sb.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.passport.net/uilogin.srf?id=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://prosearching.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sas.r5.attbi.com:8000
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.r5.attbi.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://www.sony.com/vaiopeople
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {945B7B00-A292-4E8C-A496-8C3AAA4AC431} - C:\WINDOWS\System32\jsprgoxy.dll
O2 - BHO: (no name) - {A2EA7BD5-C2DB-214B-B955-484A23AACF61} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [ELRYCIPV] C:\WINDOWS\ELRYCIPV.exe
O4 - HKLM\..\Run: [4X@95ME57C5BM8] C:\WINDOWS\System32\Idk277g.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [KeenValue] C:\Program Files\Common files\KeenValue\KeenValue.exe
O4 - HKLM\..\Run: [IEDriver] C:\WINDOWS\System32\IEDriver\IEDriver.exe
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Global Startup: Billminder.lnk = C:\Program Files\Quicken\billmind.exe
O4 - Global Startup: KeenValue.lnk = C:\Program Files\Common Files\KeenValue\keenvalue.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\Quicken\QWDLLS.EXE
O4 - Global Startup: Remocon Driver.lnk = ?
O4 - Global Startup: Timer Recording Manager.lnk = C:\Program Files\Sony\Giga Pocket\ReserveModule.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra 'Tools' menuitem: Turbo Download (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {41F31718-2B9D-4F76-85E2-DD11BBA99F8D} - http://install.spywarelabs.com/DistID/2501031120/BundleOuter2501031120.EXE
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,76/mcinsctl.cab
O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - http://dload.ipbill.com/del/loader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,16/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

« Last Edit: March 26, 2004, 04:28:12 AM by lfordiv »
Logged

whocares

  • Guest
Re:internet explorer problems
« Reply #1 on: March 26, 2004, 08:40:34 AM »
Quote from: lfordiv on March 26, 2004, 04:18:24 AM
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\System32\sb.htm

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://prosearching.com/searchbar.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R3 - Default URLSearchHook is missing

O2 - BHO: (no name) - {A2EA7BD5-C2DB-214B-B955-484A23AACF61} - (no file)
O4 - HKLM\..\Run: [ELRYCIPV] C:\WINDOWS\ELRYCIPV.exe
O4 - HKLM\..\Run: [4X@95ME57C5BM8] http://dload.ipbill.com/del/loader.cab


Hi,

have you UPDATED ad-aware,spybot and cwshredder before scanning/fixing with them ?
have you tried runnind them in Safe Mode (F8-Boot) ?

have you done a thorough scan with updated Mcafee ?


- run the uninstaller from lop.com/prosearch to remove prosearching
also see Board search on this

- the above startup items are unknown to me or suspicious
fix them, or scan them with KAV below (best check ALL items)
and decide with  google or http://www.sysinfo.org/startuplist.php
if they are really necessary ;)
« Last Edit: March 26, 2004, 08:42:11 AM by whocares »
Logged

whocares

  • Guest
Re:internet explorer problems
« Reply #2 on: March 26, 2004, 08:47:30 AM »
P.S.:
loader.cab infected by "TrojanDownloader.Win32.Small.aa" Virus.

-> fix     O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - h**p://dload.ipbill.com/del/loader.cab

best use other scanners, too like onlinescanners from Trend and RAV, or install trial from www.Kaspersky.com
(without Monitor or startcenter; Update after install and do a thorough scan)

Further Details in the board search ;)
Logged
Pages: [1]   Go Up
« previous next »