tashawar

Slow browsing with Internet Explorer and also problem to access other network systems

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:58:33 AM, on 2/9/2009
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830)
Boot mode: Normal

Running processes:
D:\Program Files (x86)\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files (x86)\Common Files\Symantec Shared\ccEvtMgr.exe
D:\Program Files (x86)\ESRI\License\arcgis9x\lmgrd.exe
D:\Program Files (x86)\Symantec AntiVirus\DefWatch.exe
D:\Program Files (x86)\ESRI\License\arcgis9x\ARCGIS.exe
D:\Program Files (x86)\Symantec AntiVirus\Rtvscan.exe
E:\lotus\notes\NLNOTES.EXE
E:\lotus\notes\ntaskldr.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files (x86)\Mozilla Firefox\firefox.exe
D:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://islamabad.lmkr.net/mail/mkkha...d;1,s_UseBHO;1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 134.132.104.28:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = rpm.lmkr.net;lmkr.net;202.125.112.81;<local>
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - D:\Program Files (x86)\AskSearch\bin\DefaultSearch.dll
F2 - REG:system.ini: UserInit=userinit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - D:\Program Files (x86)\alot\bin\alot.dll (file missing)
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: &Download with &DAP - D:\Program Files (x86)\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - D:\Program Files (x86)\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: D:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://tky09.celartem.com/en/downloa...trol_en_US.cab
O16 - DPF: {98C53984-8BF8-4D11-9B1C-C324FCA9CADE} (Loader Class v3) - http://houtdw981.rd.lgc.com/qcbin/Spider90.ocx
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - http://islamabad.lmkr.net/dwa7W.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = rdx.lgc.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{14546378-446E-44B8-B9E3-60D6F05A54BF}: NameServer = 134.132.104.22,134.132.104.23
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = rdx.lgc.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{14546378-446E-44B8-B9E3-60D6F05A54BF}: NameServer = 134.132.104.22,134.132.104.23
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = rdx.lgc.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{14546378-446E-44B8-B9E3-60D6F05A54BF}: NameServer = 134.132.104.22,134.132.104.23
O18 - Protocol: jpip - {B92DD248-E3D5-4A92-B311-C9B841681455} - D:\Program Files (x86)\LizardTech\Express View\expressview.dll
O18 - Protocol: sidlet - {B92DD248-E3D5-4A92-B311-C9B841681455} - D:\Program Files (x86)\LizardTech\Express View\expressview.dll
O23 - Service: ArcGIS License Manager - Unknown owner - D:\Program Files (x86)\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files (x86)\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files (x86)\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - D:\Program Files (x86)\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - D:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - D:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - D:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - D:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - D:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - D:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - D:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - d:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - D:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - D:\WINDOWS\system32\nvsvc64.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - D:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - D:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - D:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - D:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - D:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Symantec AntiVirus - Symantec Corporation - D:\Program Files (x86)\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Virtual Disk Service (vds) - Unknown owner - D:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - D:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - D:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)

--
End of file - 7220 bytes

Glaswegian

Hi and welcome

Please see the 'First Steps' link at the top of this page - logs should not be posted here as we cannot provide assistance in this Forum.