IE Doesn't Load Anymore

Discussion in 'adware, spyware & hijack cleaning' started by nevets, Jan 17, 2004.

Thread Status:
Not open for further replies.
  1. nevets

    nevets Guest

    IE was first lagging and today the gifs/jpgs don't load anymore. I also notice small latency when using other PC applications.

    I ran CW and all is fine. below is my HiJack File:

    Logfile of HijackThis v1.97.7
    Scan saved at 6:57:43 AM, on 1/17/04
    Platform: Windows 98 Gold (Win9x 4.10.199:cool:
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    c:\jet95\jshelper.exe
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\PROGRAM FILES\QUARTERDECK\CLEANSWEEP\CSINJECT.EXE
    C:\PROGRAM FILES\WEBSVR\SYSTEM\INETSW95.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\SYSTEM\SSDPSRV.EXE
    C:\PROGRAM FILES\CISCO SYSTEMS\VPN CLIENT\CVPND.EXE
    C:\PROGRAM FILES\KERIO\PERSONAL FIREWALL\PERSFW.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\ACS495\MIXGHOST.EXE
    C:\WINDOWS\TWAIN_32\PAPRPORT\6100B\FLATBED.EXE
    C:\WINDOWS\STARTUPMONITOR.EXE
    C:\PROGRAM FILES\RAM IDLE\RAMIDLE.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\WINDOWS\SYSTEM\HPZTSB06.EXE
    C:\PROGRAM FILES\MSN\MSNIA\DSLMON.EXE
    C:\PROGRAM FILES\WEBWASHER\WWASHER.EXE
    C:\WINDOWS\SYSTEM\MSWHEEL.EXE
    C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAM FILES\SIMPLE STAR\PHOTOSHOW DELUXE\DATA\XTRAS\MSSYSMGR.EXE
    C:\TOOLS_95\IOWATCH.EXE
    C:\TOOLS_95\IMGICON.EXE
    C:\PROGRAM FILES\SPYWAREGUARD\SGMAIN.EXE
    C:\PROGRAM FILES\ADOBE\ACROBAT 4.0\DISTILLR\ACROTRAY.EXE
    C:\PROGRAM FILES\EXIF LAUNCHER\QUICKDCF.EXE
    C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\UNZIPPED\HIJACKTHIS[1]\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.netscape.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:81
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://yahoo.com/
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\PROGRAM FILES\SPYWAREGUARD\DLPROTECT.DLL
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [Disknag] C:\DELL\DISKNAG.EXE
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [POINTER] C:\MOUSE\point32.exe
    O4 - HKLM\..\Run: [TIPS] C:\MOUSE\tips\mouse\tips.exe
    O4 - HKLM\..\Run: [Mixghost] C:\ACS495\MixGhost.exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [PP6100b] C:\WINDOWS\twain_32\paprport\6100b\flatbed.exe
    O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
    O4 - HKLM\..\Run: [RegShave] C:\Progra~1\REGSHAVE\REGSHAVE.EXE /autorun
    O4 - HKLM\..\Run: [RAM Idle] C:\Program Files\RAM Idle\RAMIdle.exe
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [MoneyStartUp10.0] "c:\Program Files\Microsoft Money\System\Activation.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb06.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [DSL Connection Tool] C:\Program Files\MSN\MSNIA\dslmon.exe
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\PROGRA~1\QUARTE~1\CLEANS~1\CSINJECT.EXE
    O4 - HKLM\..\RunServices: [Microsoft WebServer] C:\Program Files\WebSvr\System\inetsw95.exe -w3svc
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [GoBack Polling Service] C:\Program Files\Adaptec\GoBack\GBPoll.exe
    O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
    O4 - HKLM\..\RunServices: [CVPND] C:\PROGRA~1\CISCOS~1\VPNCLI~1\CVPND.EXE start
    O4 - HKLM\..\RunServices: [PersFw] "C:\Program Files\Kerio\Personal Firewall\persfw.exe" /hide
    O4 - HKCU\..\Run: [Washerie] C:\Program Files\Washer-IE\washerie.exe /0
    O4 - HKCU\..\Run: [Washer] C:\Program Files\Washer\washer.exe /1
    O4 - HKCU\..\Run: [WebWasher] C:\PROGRAM FILES\WEBWASHER\WWASHER.EXE
    O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE"
    O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRAM FILES\SIMPLE STAR\PHOTOSHOW DELUXE\DATA\XTRAS\MSSYSMGR.EXE
    O4 - HKCU\..\Run: [Registry Cleaner Scheduler] "C:\Program Files\CleanMyPC\Registry Cleaner\RCScheduler.exe" /startup
    O4 - HKCU\..\RunServices: [Washerie] C:\Program Files\Washer-IE\washerie.exe /0
    O4 - HKCU\..\RunServices: [Washer] C:\Program Files\Washer\washer.exe /1
    O4 - HKCU\..\RunServices: [WebWasher] C:\PROGRAM FILES\WEBWASHER\WWASHER.EXE
    O4 - HKCU\..\RunServices: [PopUpStopperFreeEdition] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE"
    O4 - HKCU\..\RunServices: [PhotoShow Deluxe Media Manager] C:\PROGRAM FILES\SIMPLE STAR\PHOTOSHOW DELUXE\DATA\XTRAS\MSSYSMGR.EXE
    O4 - HKCU\..\RunServices: [Registry Cleaner Scheduler] "C:\Program Files\CleanMyPC\Registry Cleaner\RCScheduler.exe" /startup
    O4 - Startup: Iomega Watch.lnk = C:\Tools_95\IOWATCH.EXE
    O4 - Startup: Zip Disk Icons.lnk = C:\Tools_95\IMGICON.EXE
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
    O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Exif Launcher.lnk = C:\Program Files\Exif Launcher\QuickDCF.exe
    O8 - Extra context menu item: Send Image to Photo Library - file://C:\WINDOWS\Application Data\MGI\PhotoSuite4\Temp\MGI00000.html
    O8 - Extra context menu item: Add to filterlist (WebWasher) - http://-Web.Washer-/ie_add
    O8 - Extra context menu item: Save Flash By FlashFavorite - res://C:\PROGRA~1\FLASHF~1\FFCom.dll/IeMenu.htm
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
    O9 - Extra button: MoneySide (HKLM)
    O9 - Extra button: Real.com (HKLM)
    O9 - Extra button: Girafa (HKLM)
    O9 - Extra button: FlashFavorite (HKLM)
    O9 - Extra 'Tools' menuitem: Flash Favorite (HKLM)
    O12 - Plugin for .avi: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\npavi32.dll
    O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
    O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
    O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://active.macromedia.com/flash4/cabs/swflash.cab
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/0fb5e03023def1/housecall.antivirus.com/housecall/xscan53.cab
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Hi nevets,

    Did you make any changes recently?
    I can't find anything abvious in your log.

    Regards,

    Pieter
     
  3. nevets

    nevets Guest

    no changes made
     
  4. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Hi nevets,

    Please check if those washers are doing their job properly and empty your Temporary Internet Files folder.

    In IE click Tools > Options > on the General tab click Delete Files.

    Regards,

    Pieter
     
Thread Status:
Not open for further replies.