• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
Scarecrow

Wonder if you can help me find anything strange

10 posts in this topic

Hi! Thx for taking time to read and help me! My problem is kind of "sort of"...I had Yahoo messenger some time ago but decided to delete it and also same with Kazaa. Im not quite sure that i had all the crap removed properly.

 

Ive done a scan with adaware and there is nothing to be found there. But if you woud help me take a look at it would make me feel better. And also if you find anything else thats fishy ofcourse.

 

I seem to have a problem with bandwith at times. Im not sure if this its my pc thats sucky or if its my internetprovider.

 

What do you suggest me to do?

 

Thanks again for taking time!

 

Scarecrow

Share this post


Link to post
Share on other sites

We need a closer look at what's happening.

Please download Hijack this

Copy it into its own folder, doubleclick HijackThis.exe, and hit "Scan".

 

When the scan is finished, the "Scan" button will change into a "Save Log" button.

Press that, save the log, do Ctrl-A to Select All, and copy its contents here. Most of what it lists will be harmless or even essential, don't fix anything yet.

Share this post


Link to post
Share on other sites

Ok...here it comes!

And thx for the fast reply!

 

 

Logfile of HijackThis v1.97.7

Scan saved at 20:16:50, on 2004-06-14

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

C:\Program\Norton Internet Security\NISUM.EXE

C:\Program\Delade filer\Symantec Shared\ccApp.exe

C:\Program\Logitech\MouseWare\system\em_exec.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program\MSN Messenger\msnmsgr.exe

C:\Program\Norton Internet Security\ccPxySvc.exe

C:\Program\Norton AntiVirus\navapsvc.exe

C:\Program\Internet Explorer\iexplore.exe

D:\Program\ICQ\Icq.exe

E:\Viruspryttlar\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://mypoiskovik.com/sp.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mypoiskovik.com/sp.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://mypoiskovik.com/sp.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onlyforfun.se/start.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://mypoiskovik.com/sp.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r

O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program\Delade filer\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [REGSHAVE] C:\Program\REGSHAVE\REGSHAVE.EXE /AUTORUN

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [symantec NetDriver Monitor] C:\Program\Symantec\LIVEUP~1\SNDMon.EXE

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://D:\Program\MICROS~1\Office10\EXCEL.EXE/3000

O9 - Extra button: ICQ Pro (HKLM)

O9 - Extra 'Tools' menuitem: ICQ (HKLM)

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab27571.cab

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...director/sw.cab

O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab

O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab27571.cab

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...8032.6437268518

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{9581A3A0-EE26-448D-9D41-90F016CD4275}: NameServer = 212.181.52.2,212.181.52.3

Share this post


Link to post
Share on other sites

Hope this might help but with WINXP

 

 

"C:\Program\MSN Messenger\msnmsgr.exe"

f*cked up my computer everytime I was doin anything. So I'm done with MSN cuz it sucks but thats just what Ive been getting otta it

 

You can do:

Start, Run, type: msconfig, click on STARTUP TAB and then uncheck the msnmsgr.exe tab if that is affecting your computer

 

 

also with my WinXp these few files were messing with my system so I just deleted them from starting up and so far everything I do is going fine:

 

C:\Program\Delade filer\Symantec Shared\ccApp.exe

C:\Program\Logitech\MouseWare\system\em_exec.exe

C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

 

You can always disable these @ start up and restart and seeif that helps IF not, just go back to msconfig, start up and CHECK off the boxes.

 

~From my experience the less the programs that are on start up the faster your PC loads, which should be true

 

 

 

QUOTE: "I seem to have a problem with bandwith at times. Im not sure if this its my pc thats sucky or if its my internetprovider."

 

 

^^ Bandwidth is ure ISP(internetprovider) so if you need more bandwidth or u are running slowly using the internet, thats ISP problems. Now if ure CPU is running up most of its "juice" which u can find out how much with "CTL ALT DEL" and then click on the PERFORMANCE button theres info there to help.

 

^^ so yes it can also be affected from CPU speed / Memory

 

 

Sorry this is long..just I type too much sometimes

 

~S

Share this post


Link to post
Share on other sites

Ok ill try to do as you say...but i dont think its the cpu thats the issue. I got a 2700+ with 1 G dual ddr and in the "performance" section it seems ok.

 

I guess i should talk to my internetprovider then? Since its really a bandwith problem i got. I thought it might be something that was disturbing in the background perhaps that i couldnt spot.

Share this post


Link to post
Share on other sites

The latest version of CWshredder should remove this pest.

Please download from please download here

 

Plea followup Hijack this log when done.

Share this post


Link to post
Share on other sites

OK i ran the cwshredder and after that a fresh hijack that:

 

Logfile of HijackThis v1.97.7

Scan saved at 16:44:42, on 2004-06-15

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

C:\Program\Norton Internet Security\NISUM.EXE

C:\Program\Delade filer\Symantec Shared\ccApp.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program\MSN Messenger\msnmsgr.exe

C:\Program\Logitech\MouseWare\system\em_exec.exe

C:\Program\Norton Internet Security\ccPxySvc.exe

C:\Program\Norton AntiVirus\navapsvc.exe

E:\Viruspryttlar\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onlyforfun.se/start.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r

O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program\Delade filer\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [REGSHAVE] C:\Program\REGSHAVE\REGSHAVE.EXE /AUTORUN

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [symantec NetDriver Monitor] C:\Program\Symantec\LIVEUP~1\SNDMon.EXE

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://D:\Program\MICROS~1\Office10\EXCEL.EXE/3000

O9 - Extra button: ICQ Pro (HKLM)

O9 - Extra 'Tools' menuitem: ICQ (HKLM)

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab27571.cab

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...director/sw.cab

O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab

O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab27571.cab

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...8032.6437268518

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{9581A3A0-EE26-448D-9D41-90F016CD4275}: NameServer = 212.181.52.2,212.181.52.3

Share this post


Link to post
Share on other sites

Looking clean........Scarecrow..some advice on staying that way..............

Stop IE hijacking before it happens

Share this post


Link to post
Share on other sites

Glad we could help!

 

If you need this topic reopened, please request this by sending the moderating team an email with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0