help..pages wont load or hang

i have been having trouble for a few days... i thought it was kaspersky security suite causing pages to hang and not load and slow browser ..so i installed eset secuity suite and still the same thing...below is hjt log....i also ran the lsp fix for #10 but it did not do anything.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:52:12 PM, on 9/17/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lxddcoms.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Documents and Settings\Owner\Desktop\HiJackThis.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{7B8292E5-964F-4187-8A65-68045FF6DB07}: NameServer = 216.45.34.2 216.45.33.130
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxddCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxddserv.exe
O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

--
End of file - 2148 bytes

 

@mesa101,


This is only a Partial Log and of no use what-so-ever…

 

ahhh... 2og we meet again... i just scanned and saved log as usual.. how is this a partial and what do i need to do to get a whole log.? pardon the stupidty here :0

 

Come on mesa, you’re no noob…. You know the routine by now



Go to the thread below and start at:

http://forums.afterdawn.com/thread_view.cfm/702200#4271794


then post the required Logs back here….

 

Malwarebytes' Anti-Malware 1.28
Database version: 1163
Windows 5.1.2600 Service Pack 3

9/17/2008 1:00:39 AM
mbam-log-2008-09-17 (01-00-39).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 93625
Time elapsed: 34 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

ComboFix 08-09-16.05 - Owner 2008-09-17 20:01:31.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.985 [GMT -4:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-08-18 to 2008-09-18 )))))))))))))))))))))))))))))))
.

2008-09-17 00:12 . 2008-09-17 00:12 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-17 00:12 . 2008-09-17 00:12 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2008-09-17 00:12 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-17 00:12 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-16 23:37 . 2008-09-17 10:54 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-15 10:33 . 2008-09-15 10:33 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\ESET
2008-09-15 10:30 . 2008-09-15 10:30 <DIR> d-------- C:\Program Files\ESET
2008-09-15 01:50 . 2008-09-15 01:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-09-14 22:35 . 2008-09-14 22:41 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\IObit
2008-09-14 22:27 . 2008-09-15 01:12 <DIR> d-------- C:\Program Files\IObit
2008-09-09 16:39 . 2008-09-09 16:39 <DIR> d-------- C:\Program Files\LG Electronics
2008-09-09 16:39 . 2007-04-09 09:55 22,912 --a------ C:\WINDOWS\system32\drivers\lgusbmodem.sys
2008-09-09 16:39 . 2007-04-09 09:56 21,248 --a------ C:\WINDOWS\system32\drivers\lgusbdiag.sys
2008-09-09 16:39 . 2007-04-09 09:53 12,672 --a------ C:\WINDOWS\system32\drivers\lgusbbus.sys
2008-09-07 14:25 . 2008-09-07 14:39 <DIR> d-------- C:\Program Files\DVDFab 5
2008-09-04 21:55 . 2008-09-04 21:56 <DIR> d-------- C:\Program Files\BitPim
2008-09-04 06:23 . 2008-09-04 06:23 99,648 --a------ C:\WINDOWS\system32\drivers\AnyDVD.sys
2008-09-02 11:44 . 2008-09-02 11:44 <DIR> d-------- C:\Program Files\Apple Software Update
2008-09-02 11:44 . 2008-09-02 11:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-08-23 19:36 . 2008-08-23 19:36 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\PlayFirst
2008-08-23 17:24 . 2008-08-23 17:24 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Gaijin Ent
2008-08-22 21:40 . 2008-08-24 02:21 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Gamelab
2008-08-22 18:24 . 2008-08-22 18:24 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Lexmark Productivity Studio
2008-08-22 14:39 . 2008-08-23 14:26 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\FaxCtr
2008-08-22 14:31 . 2008-08-22 14:31 <DIR> d-------- C:\Program Files\Common Files\Nova Development
2008-08-22 14:28 . 2008-08-22 14:39 <DIR> d-------- C:\Program Files\Web Publish
2008-08-22 14:28 . 2008-08-22 14:28 <DIR> d-------- C:\Program Files\Nova Development
2008-08-22 14:28 . 2008-08-22 14:28 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems
2008-08-22 14:21 . 2008-09-14 22:51 <DIR> d-------- C:\Program Files\Lx_cats
2008-08-22 14:21 . 2008-08-22 14:21 <DIR> d-------- C:\logs
2008-08-22 14:20 . 2007-01-09 12:13 692,224 --a------ C:\WINDOWS\system32\lxdddrs.dll
2008-08-22 14:20 . 2007-03-28 09:16 344,064 --a------ C:\WINDOWS\system32\lxddcoin.dll
2008-08-22 14:20 . 2001-08-17 22:36 87,040 --a------ C:\WINDOWS\system32\wiafbdrv.dll
2008-08-22 14:20 . 2001-08-17 22:36 87,040 --a--c--- C:\WINDOWS\system32\dllcache\wiafbdrv.dll
2008-08-22 14:20 . 2006-10-06 13:08 69,632 --a------ C:\WINDOWS\system32\lxddcnv4.dll
2008-08-22 14:20 . 2007-01-23 14:40 65,536 --a------ C:\WINDOWS\system32\lxddcaps.dll
2008-08-22 14:20 . 2006-05-17 22:47 40,960 --a------ C:\WINDOWS\system32\lxddvs.dll
2008-08-22 14:20 . 2008-04-13 14:45 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-08-22 14:20 . 2008-04-13 14:45 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-08-22 14:19 . 2008-08-22 14:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FaxCtr
2008-08-22 14:19 . 2006-05-31 11:51 339,968 --a------ C:\WINDOWS\system32\IMGMAN32.DLL
2008-08-22 14:19 . 2006-05-31 11:51 98,345 --a------ C:\WINDOWS\system32\IMHOST32.DLL
2008-08-22 14:19 . 2006-05-31 11:51 98,304 --a------ C:\WINDOWS\system32\IM31XPNG.DEL
2008-08-22 14:19 . 2006-05-31 11:51 69,632 --a------ C:\WINDOWS\system32\IM31XTIF.DEL
2008-08-22 14:19 . 2006-05-31 11:51 49,152 --a------ C:\WINDOWS\system32\IM31IMG.DIL
2008-08-22 14:19 . 2007-02-21 19:11 45,056 --a------ C:\WINDOWS\system32\LXF3PMON.DLL
2008-08-22 14:19 . 2006-11-07 06:02 36,864 --a------ C:\WINDOWS\system32\lxf3oem.dll
2008-08-22 14:19 . 2007-02-21 19:11 32,768 --a------ C:\WINDOWS\system32\LXF3FXPU.DLL
2008-08-22 14:19 . 2007-02-21 19:14 12,288 --a------ C:\WINDOWS\system32\LXF3PMRC.DLL
2008-08-22 14:18 . 2008-08-22 14:18 <DIR> d-------- C:\Program Files\Lexmark Toolbar
2008-08-22 14:18 . 2008-08-22 14:20 <DIR> d-------- C:\Program Files\Lexmark Fax Solutions
2008-08-22 14:18 . 2008-08-22 14:32 <DIR> d-------- C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-08-22 14:18 . 2008-04-13 14:47 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-08-22 14:18 . 2008-04-13 14:47 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-08-22 14:18 . 2008-04-13 14:45 10,368 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-08-22 14:18 . 2008-04-13 14:45 10,368 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-08-22 14:18 . 2006-12-06 00:19 44 --a------ C:\WINDOWS\system32\lxddrwrd.ini
2008-08-22 14:17 . 2008-08-22 14:20 <DIR> d-------- C:\Program Files\Lexmark 2500 Series
2008-08-22 14:16 . 2008-04-13 14:45 32,128 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-08-22 14:16 . 2008-04-13 14:45 32,128 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-08-20 11:25 . 2008-08-20 11:25 <DIR> d-------- C:\Program Files\Mozilla Thunderbird
2008-08-18 13:27 . 2008-08-18 13:27 71,688 --a------ C:\WINDOWS\system32\drivers\epfw.sys
2008-08-18 13:27 . 2008-08-18 13:27 54,280 --a------ C:\WINDOWS\system32\drivers\epfwtdi.sys
2008-08-18 13:27 . 2008-08-18 13:27 30,728 --a------ C:\WINDOWS\system32\drivers\epfwndis.sys
2008-08-18 13:19 . 2008-08-18 13:19 53,256 --a------ C:\WINDOWS\system32\drivers\easdrv.sys
2008-08-18 13:18 . 2008-08-18 13:18 39,944 --a------ C:\WINDOWS\system32\drivers\eamon.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-17 04:47 --------- d-----w C:\Documents and Settings\Owner\Application Data\Vso
2008-09-15 23:46 --------- d-----w C:\Program Files\PeerGuardian2
2008-09-15 16:29 --------- d-----w C:\Documents and Settings\Owner\Application Data\FrostWire
2008-09-15 14:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET
2008-09-15 13:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-09-15 06:33 1,502 ----a-w C:\WINDOWS\system32\tmp.reg
2008-09-09 20:39 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-08 00:25 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-08 00:25 --------- d-----w C:\Documents and Settings\Owner\Application Data\VideoReDo-TVSuite
2008-09-05 05:03 --------- d-----w C:\Program Files\Winamp
2008-09-02 16:17 --------- d-----w C:\Program Files\DivX
2008-08-29 05:36 --------- d-----w C:\Documents and Settings\Owner\Application Data\Winamp
2008-08-27 03:20 827 ----a-w C:\Program Files\Common Files\ConvertXtoDvd 3.lnk
2008-08-22 22:22 --------- d-----w C:\Documents and Settings\Owner\Application Data\Ulead Systems
2008-08-22 18:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-08-17 17:17 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys
2008-08-17 17:17 47,360 ----a-w C:\Documents and Settings\Owner\Application Data\pcouffin.sys
2008-08-17 01:20 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-08-17 01:20 --------- d-----w C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2008-08-14 02:17 --------- d-----w C:\Program Files\Common Files\Nero
2008-08-13 11:59 --------- d-----w C:\Documents and Settings\Owner\Application Data\DeskSoft
2008-08-06 18:28 296,462 ----a-w C:\WINDOWS\~DFFEF9.tmp
2008-08-05 03:01 36,240 ----a-w C:\WINDOWS\system32\tcpipbak.reg
2008-08-04 22:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-02 14:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-07-25 08:36 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-07-25 06:15 --------- d-----w C:\Program Files\FrostWire
2008-07-23 19:35 102,664 ----a-w C:\WINDOWS\system32\drivers\tmcomm.sys
2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-07-23 16:48 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-07-23 16:48 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-07-23 16:46 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-07-23 14:45 100,809,072 ----a-w C:\Image.bin
2008-07-23 14:45 --------- d-----w C:\Documents and Settings\Owner\Application Data\ImgBurn
2008-07-21 20:14 9,728 ----a-w C:\WINDOWS\system32\RtNicProp32.dll
2008-07-21 12:11 24,392 ----a-w C:\WINDOWS\system32\drivers\ElbyCDIO.sys
2008-07-20 18:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Fashion Solitaire 1.2
2008-07-20 18:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\1Click DVD Copy Pro
2008-07-20 18:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\1Click DVD Copy
2008-07-19 02:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-19 02:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-19 02:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-19 02:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-19 02:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-19 02:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-19 02:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-19 02:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-14 09:09 212,728 ----a-w C:\WINDOWS\CMDLIC.DLL
2008-07-14 09:09 205,560 ----a-w C:\WINDOWS\UNBOC.EXE
2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-03 22:50 0 ----a-w C:\Documents and Settings\Owner\Application Data\wklnhst.dat
2008-06-26 11:06 93,128 ----a-w C:\WINDOWS\system32\ElbyCDIO.dll
2008-06-24 16:43 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:57 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-04-05 03:15 1,566 ----a-w C:\Program Files\Common Files\VideoReDo TVSuite.lnk
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-03-23 185896]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-08-18 1447168]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"nolowdiskspaceckecks"= 1 (0x1)
"NoInstrumentation"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\FrostWire\\FrostWire.exe"=
"C:\\WINDOWS\\system32\\lxddcoms.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddpswx.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddjswx.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddtime.exe"=
"C:\\Program Files\\Lexmark 2500 Series\\lxddmon.exe"=

R2 lxdd_device;lxdd_device;C:\WINDOWS\system32\lxddcoms.exe [2007-05-25 537520]
S2 lxddCATSCustConnectService;lxddCATSCustConnectService;C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxddserv.exe [2007-05-25 99248]

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9k3ywl8t.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
FF -: plugin - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
FF -: plugin - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-17 20:02:15
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-09-17 20:03:32
ComboFix-quarantined-files.txt 2008-09-18 00:03:29
ComboFix2.txt 2008-09-17 22:31:35

Pre-Run: 182,465,822,720 bytes free
Post-Run: 182,452,432,896 bytes free

199 --- E O F --- 2008-09-10 02:26:11

 

You’re clean..
I wouldn’t worry about the 010 line.
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
Just don’t delete it with HJT…

Since you ran LSPfix, I guess you saw this:
http://www.pchell.com/support/nwprovau_dll_file.shtml

I don’t see any problems……
How’s the Georgia peaches??

 

yea i saw that while i was looking for a fix...wonder why pages wont load? i click on something and it just hangs..


georgia peaches are still sweet..! i live about 15 min from good ole jimmy carter...dont get me started...hehehe

 

Could be a connection problem...
Try using Firefox..

 

thats what i have always used...its slow on ie and firefox..maybe server or something.

 

See, that's what I was talking about. You just post a partial log and then expect me to tell you what's wrong.