BleepingComputer.com: Multiple instances of IE.. I use Chrome

Hi All,

For the last few days I have noticed that my pc would slow down.
When opening the taskmanager i saw that there were about 10 to 12 instances of IE running.
I rarely use it sinc I always use Chrome.
Superantispyware (free version) doesn't find anything when I scan my pc.

EDIT: this log was made after restarting my computer and it seems IE was not running at that time...
I'll wait untill it happens again and then post an update

This is the HJthis log:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:39:52 PM, on 12/9/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)
Boot mode: Normal

Running processes:
J:\WINDOWS\System32\smss.exe
J:\WINDOWS\system32\winlogon.exe
J:\WINDOWS\system32\services.exe
J:\WINDOWS\system32\lsass.exe
J:\WINDOWS\system32\svchost.exe
J:\Program Files\Microsoft Security Essentials\MsMpEng.exe
J:\WINDOWS\System32\svchost.exe
J:\WINDOWS\system32\spoolsv.exe
J:\Program Files\Soluto\soluto.exe
J:\WINDOWS\Explorer.EXE
J:\Program Files\Digidesign\Drivers\MMERefresh.exe
J:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
J:\Program Files\Soluto\SolutoService.exe
J:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
J:\WINDOWS\system32\svchost.exe
J:\Program Files\Analog Devices\Core\smax4pnp.exe
J:\Program Files\Microsoft Security Essentials\msseces.exe
J:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
J:\WINDOWS\system32\DeltaIITray.exe
J:\WINDOWS\system32\ctfmon.exe
J:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
J:\WINDOWS\system32\wscntfy.exe
J:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
J:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
J:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Psl.exe
J:\Program Files\Trend Micro\HijackThis\HijackThis.exe
J:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
J:\Program Files\Common Files\Java\Java Update\jusched.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://flvtubesearch.co/?tmp=toolbar_FlvTube_homepage&prt=flvtubetb04ie&clid=291aa93e518f463da2a689fd49a0ce4f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - J:\Program Files\IsoBuster\tbIso0.dll
F2 - REG:system.ini: UserInit=J:\WINDOWS\system32\userinit.exe,J:\Program Files\Soluto\soluto.exe /userinit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - J:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - J:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - J:\Program Files\IsoBuster\tbIso0.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - J:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - J:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - J:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - J:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - J:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - J:\Program Files\IsoBuster\tbIso0.dll
O4 - HKLM\..\Run: [StartCCC] "J:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SoundMAXPnP] J:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [MSSE] "J:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BCSSync] "J:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [DigidesignMMERefresh] J:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKLM\..\Run: [eBayToolbar] J:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] J:\WINDOWS\system32\DeltaIITray.exe
O4 - HKCU\..\Run: [ctfmon.exe] J:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] J:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "J:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [Google Update] "J:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [JP595IR86O] J:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Psl.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] J:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = J:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://J:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Zoeken op eBay - res://J:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - J:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - J:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - J:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - J:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - J:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - J:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - J:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - J:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - J:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - J:\Program Files\Soluto\SolutoService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - J:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 7119 bytes

Thanks in advance,

ReSi

This post has been edited by ReSiStAnCe: 09 December 2010 - 11:49 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:

• Download DDS by sUBs from one of the following links. Save it to your desktop.
  • DDS.scr
    
  • DDS.pif
  
  
• Double click on the DDS icon, allow it to run.
  
• A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  
• Notepad will open with the results.
  
• Follow the instructions that pop up for posting the results.
  
• Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:



Thanks.

DR

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.