PC Review
Home Forums Reviews Articles Register
Member Login:

PC Review > Forums > Newsgroups > Windows XP > Windows XP General > slow opening folders

Reply
Thread Tools Rate Thread

slow opening folders

 
 
=?Utf-8?B?bnVrZXI=?=
Guest
Posts: n/a
 
      24th Mar 2005
takes a good 30 secs to open a folder, once it's open don't have a problem
opening the files once i've opened the folder, full virus, spyware check
done, did detect a virus called dialer.du. but fixed and deleted. run hijack
this and these are the results.

anyone got any ideas.

Logfile of HijackThis v1.99.1
Scan saved at 4:26:07 PM, on 3/24/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Media Pass\MediaPass.exe
C:\WINDOWS\system32\offsevt.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\system32\gah95on6.exe
C:\Program Files\Hiytdgy\Verk.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Media Pass\MediaPassK.exe
C:\WINDOWS\system32\odfv80a.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\taskmgr.exe
C:\DOCUME~1\elaine\LOCALS~1\Temp\Temporary Directory 1 for
hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/cus.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bbc.co.uk/cbeebies
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.tiscali.co.uk/broadband
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} -
(no file)
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program
Files\CxtPls\cxtpls.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program
Files\ShopperReports\Bin\1.0.0.1\SmrtShpr.dll
O2 - BHO: Miniclip - {4E7BD74F-2B8D-469E-89B3-BE29F5D3E32D} -
C:\PROGRA~1\MINICL~1\MINICL~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program
Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Saristar - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE50} -
C:\WINDOWS\system32\saristar.dll (file missing)
O3 - Toolbar: Miniclip - {4E7BD74F-2B8D-469E-89B3-BE29F5D3E32D} -
C:\PROGRA~1\MINICL~1\MINICL~1.DLL
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100
Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
-atboottime
O4 - HKLM\..\Run: [Media Pass] C:\Program Files\Media Pass\MediaPass.exe
O4 - HKLM\..\Run: [wsmT3FX] offsevt.exe
O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\system32\gah95on6.exe
O4 - HKLM\..\Run: [Mleffdc] C:\Program Files\Hiytdgy\Verk.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [hB53RPbtO] odfv80a.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition]
"C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy
Sweeper\SpySweeper.exe" /0
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st
800-840\dslmon.exe
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program
Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Search -
http://bar.mywebsearch.com/menusear...?p=ZNxmk36152GB
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet
Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.co.uk/broadband
O16 - DPF: RaptisoftGameLoader -
http://www.miniclip.com/hamsterball...tgameloader.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.imgfarm.com/images/nocach...up1.0.0.8-2.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) -
http://www.miniclip.com/platypus/miniclipGameLoader.dll
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} -
http://us.dl1.yimg.com/download.yah...utocomplete.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class)
- http://a532.g.akamai.net/7/532/6712...5/Installer.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. -
C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ZESOFT - Unknown owner - C:\WINDOWS\zeta.exe
 
Reply With Quote
 
 
 
 
Rick \Nutcase\ Rogers
Guest
Posts: n/a
 
      25th Mar 2005
Hi,

This one is a trojan file (virus):
O4 - HKCU\..\Run: [hB53RPbtO] odfv80a.exe

See: http://rickrogers.org/fixes.htm#Trojan

You also have several spy/ad programs, these can help:

Adaware www.lavasoft.de
Spybot www.safer-networking.org

Once cleaned of these things, see if the system responds any better.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP
http://mvp.support.microsoft.com/
Associate Expert - WindowsXP Expert Zone
www.microsoft.com/windowsxp/expertzone
Windows help - www.rickrogers.org

"nuker" <(E-Mail Removed)> wrote in message
news:FAFB27F8-1A8E-4F38-99E2-(E-Mail Removed)...
> takes a good 30 secs to open a folder, once it's open don't have a problem
> opening the files once i've opened the folder, full virus, spyware check
> done, did detect a virus called dialer.du. but fixed and deleted. run
> hijack
> this and these are the results.
>
> anyone got any ideas.
>
> Logfile of HijackThis v1.99.1
> Scan saved at 4:26:07 PM, on 3/24/2005
> Platform: Windows XP SP2 (WinNT 5.01.2600)
> MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
>
> Running processes:
> C:\WINDOWS\System32\smss.exe
> C:\WINDOWS\system32\csrss.exe
> C:\WINDOWS\system32\winlogon.exe
> C:\WINDOWS\system32\services.exe
> C:\WINDOWS\system32\lsass.exe
> C:\WINDOWS\system32\svchost.exe
> C:\WINDOWS\system32\svchost.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\system32\LEXBCES.EXE
> C:\WINDOWS\system32\spoolsv.exe
> C:\WINDOWS\system32\LEXPPS.EXE
> C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
> C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
> C:\WINDOWS\System32\nvsvc32.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\system32\wdfmgr.exe
> C:\WINDOWS\system32\MsPMSPSv.exe
> C:\WINDOWS\System32\alg.exe
> C:\WINDOWS\system32\wscntfy.exe
> C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
> C:\Program Files\QuickTime\qttask.exe
> C:\Program Files\Media Pass\MediaPass.exe
> C:\WINDOWS\system32\offsevt.exe
> C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
> C:\WINDOWS\system32\gah95on6.exe
> C:\Program Files\Hiytdgy\Verk.exe
> C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
> C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
> C:\Program Files\Messenger\msmsgs.exe
> C:\Program Files\Media Pass\MediaPassK.exe
> C:\WINDOWS\system32\odfv80a.exe
> C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
> C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
> C:\WINDOWS\explorer.exe
> C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
> C:\WINDOWS\system32\taskmgr.exe
> C:\DOCUME~1\elaine\LOCALS~1\Temp\Temporary Directory 1 for
> hijackthis.zip\HijackThis.exe
>
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
> http://red.clientapps.yahoo.com/cus.../search/ie.html
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
> http://red.clientapps.yahoo.com/cus...//www.yahoo.com
> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
> http://www.bbc.co.uk/cbeebies
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
> http://www.tiscali.co.uk/broadband
> R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
> http://red.clientapps.yahoo.com/cus...//www.yahoo.com
> R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} -
> (no file)
> O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program
> Files\CxtPls\cxtpls.dll
> O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
> C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
> O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program
> Files\ShopperReports\Bin\1.0.0.1\SmrtShpr.dll
> O2 - BHO: Miniclip - {4E7BD74F-2B8D-469E-89B3-BE29F5D3E32D} -
> C:\PROGRA~1\MINICL~1\MINICL~1.DLL
> O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program
> Files\Spybot - Search & Destroy\SDHelper.dll
> O2 - BHO: Saristar - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE50} -
> C:\WINDOWS\system32\saristar.dll (file missing)
> O3 - Toolbar: Miniclip - {4E7BD74F-2B8D-469E-89B3-BE29F5D3E32D} -
> C:\PROGRA~1\MINICL~1\MINICL~1.DLL
> O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100
> Series\lxbkbmgr.exe"
> O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
> O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
> O4 - HKLM\..\Run: [adiras] adiras.exe
> O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
> -atboottime
> O4 - HKLM\..\Run: [Media Pass] C:\Program Files\Media Pass\MediaPass.exe
> O4 - HKLM\..\Run: [wsmT3FX] offsevt.exe
> O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\system32\gah95on6.exe
> O4 - HKLM\..\Run: [Mleffdc] C:\Program Files\Hiytdgy\Verk.exe
> O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
> /STARTUP
> O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
> O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
> /background
> O4 - HKCU\..\Run: [hB53RPbtO] odfv80a.exe
> O4 - HKCU\..\Run: [PopUpStopperFreeEdition]
> "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
> O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy
> Sweeper\SpySweeper.exe" /0
> O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st
> 800-840\dslmon.exe
> O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program
> Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
> O8 - Extra context menu item: &Search -
> http://bar.mywebsearch.com/menusear...?p=ZNxmk36152GB
> O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
> C:\Program Files\Messenger\msmsgs.exe
> O9 - Extra 'Tools' menuitem: Windows Messenger -
> {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
> Files\Messenger\msmsgs.exe
> O12 - Plugin for .pdf: C:\Program Files\Internet
> Explorer\PLUGINS\nppdf32.dll
> O12 - Plugin for .spop: C:\Program Files\Internet
> Explorer\Plugins\NPDocBox.dll
> O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.co.uk/broadband
> O16 - DPF: RaptisoftGameLoader -
> http://www.miniclip.com/hamsterball...tgameloader.cab
> O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
> http://ak.imgfarm.com/images/nocach...up1.0.0.8-2.cab
> O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) -
> http://www.miniclip.com/platypus/miniclipGameLoader.dll
> O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} -
> http://us.dl1.yimg.com/download.yah...utocomplete.cab
> O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer
> Class)
> - http://a532.g.akamai.net/7/532/6712...5/Installer.exe
> O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
> C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
> O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
> C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
> O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. -
> C:\WINDOWS\system32\LEXBCES.EXE
> O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
> C:\WINDOWS\System32\nvsvc32.exe
> O23 - Service: ZESOFT - Unknown owner - C:\WINDOWS\zeta.exe
>
 
Reply With Quote
 
 
 
Reply

« Re: Help with installing Media Player and other Win components | Installation Wizard Doesn't Work »
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Slow Slow Slow =?Utf-8?B?QWxhbg==?= Windows XP Performance 3 15th Jan 2005 01:39 AM
Slow Opening Files, Explorer Slow, Context click slow FIXED!!! =?Utf-8?B?RG9taW5pcXVl?= Windows XP Help 5 6th Jan 2005 03:33 AM
Slow Slow Slow XP!!! benjak Windows XP Performance 1 26th Apr 2004 05:48 PM
Slow, slow, slow, slow to load pages steve Windows XP Internet Explorer 3 8th Mar 2004 07:36 PM
slow slow slow........winxp frog Windows XP General 2 17th Jul 2003 08:18 PM


Features
Forums Startup Database Reviews Articles FAQ / Guidelines About Us
 

Advertising
 

Newsgroups
Windows Vista Windows XP Microsoft Word Microsoft DotNet Windows 2000 AntiSpyware Microsoft Access Microsoft Excel Microsoft Outlook Hardware
 


All times are GMT +1. The time now is 12:22 PM.
Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top