Most websites not loading properly & very slow

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by streetburner, Apr 22, 2005.

  1. streetburner

    streetburner Private E-2

    Most websites not loading properly & very slow showing no images most of time, checked the usual stuff in tools/options,etc/show pics. Checked registry in hkey_classes_root\gif & jpg etc was ok. I tried a program called `speed dsl` & unistalled it cos it made things slower, don`t know if this was the problem or not. I have done a HiJack this log, for anybody`s perusal to help. All help greatly accepted. :confused: I have McAFEE security centre on for past 6 months no probs also Pestpatrol Corporate, & Microsoft antispyware on for months also.
     
  2. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    [​IMG] Download HijackThis 1.99.1

    [​IMG] Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

    [​IMG] Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

    [​IMG]Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

    [​IMG]Run HijackThis and save your log file.

    [​IMG] Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

    [​IMG]Need help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting
     
  3. streetburner

    streetburner Private E-2

    My HiJackThis Log is attached.
     

    Attached Files:

  4. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Please download HOSTER and then follow the below steps.
    • Unzip Hoster to a convenient folder such as C:\Hoster
    • Run Hoster.exe, click Restore Original Hosts and then click OK.
    • Click the X to exit the program.

    Now scan with HijackThis and Check the Boxes for the following:

    Make sure All Browser Windows are Closed when you Click FIX.

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    O3 - Toolbar: (no name) - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB} - (no file)

    O4 - HKLM\..\Run: [lauchsrv] C:\WINDOWS\lauchsrv.exe i
    O4 - HKCU\..\Run: [Teci] C:\Documents and Settings\Chris\Application Data\arnb.exe

    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)

    O16 - DPF: {4B0999FD-6937-11D5-8FEC-00606779369C} (NetConf) - https://www.telefonicaonline.com/on/es/tnet/nodos/NetConf.cab
    O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
    O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://F:\Resources\IntraLaunch.CAB

    O23 - Service: ShutdownPlus - Unknown owner - C:\Program Files\ShutdownPlus\sdpsrvc.exe (file missing)
    O23 - Service: SNMP Service (SNMP) - Unknown owner - C:\WINDOWS\System32\snmp.exe (file missing)
    O23 - Service: SNMP Trap Service (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

    Again, make sure All Browser Windows are Closed when you Click FIX.

    NOW:
    Please boot into Safe Mode with the Viewing of Hidden Files & Folders Enabled and navigate to and DELETE the following if they should remain:

    C:\WINDOWS\lauchsrv.exe

    C:\Documents and Settings\Chris\Application Data\arnb.exe


    NEXT:
    Run CCleaner and Spybot S&D and have Spybot fix what it finds.
    Note: Dont forget to update Spybot S&D by selecting "Search For Updates"

    Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
    Temporary Files
    Temporary Internet Files
    Recycle Bin


    And Click OK.


    Reboot to Normal Windows , Scan with HijackThis and attach the new log.
    Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now.

    Good Luck!:)
     
  5. streetburner

    streetburner Private E-2

    Have done everything down to running CCleaner & Spybot, I have clicked on analyze in CCleaner & it is showing 3,898.7mb of files to delete, IS THIS Possible? so many. Before I click on `run clean` just want to make sure from you first!
     
  6. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Yes its possible if you have never ran a cleaner like this. Procede with the Cleaning, it will give you some space and should make your machine a little faster.
     
  7. streetburner

    streetburner Private E-2

    Same as before slow loading pages,some don`t even load, almost none showing pictures icons just red cross picked about 20 different ones out of favourites to try. Looks like the ones with flash load no problem. rest of computers still running ok fast ok. Just internet I have adsl broadband showing connection at 54mbps, I seem to remember trying a program called WeBooster 1.0 could this have any known problems etc. Attached is the HiJackthis log.
    By the way I am using my laptop to for these posts as these pages don`t display properly on my PC also.
     

    Attached Files:

  8. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Yes, if your on a DSL Connection you do not need something like that. Personally I dont recommend them because, my ISP will disconnect the service if you have anything trying to boost\tamper your speed/connection or if you have some type of activity like a virus/spyware infection. Not sure if DSL is like that or not, but personally I would uninstall that and reboot. Then see if that was your problem.

    Scan with HJT and have it fix these entries:

    O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)

    O23 - Service: SNMP Service (SNMP) - Unknown owner - C:\WINDOWS\System32\snmp.exe (file missing)
    O23 - Service: SNMP Trap Service (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

    Be sure you close ALL browsers before clicking FIX
     
  9. streetburner

    streetburner Private E-2

    internet is just about unusable on pc about 30% work, rest are rubbish & if I do a refresh it just comes up blank page or try to go to a linked page. Have attached latest HJT log for you to look at!
    Noticed the 2 (023 files you mentioned to fix or delete are still here!)
     

    Attached Files:

  10. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Have HJT fix this entry:

    O15 - Trusted Zone: http://*.windowsupdate.com

    Also, have you tried resetting the modem? If not, try this reboot and see if speed is better.
     
  11. streetburner

    streetburner Private E-2

    Still no Joy. Looks like I`ve got something thats unrepairable, must be somebody thats had the same problem out there & cured it. Its now sending me round the bend :eek: .
     
  12. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Since this probably isnt Malware related, I would go ahead and post this in the Software or Networking Forum for best results. This sounds more like a Software problem but could however be hardware related.

    Good Luck!
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds