• Content count

  • Joined

  • Last visited

About OLEO

  • Rank
    New Member
  • Birthday 11/04/1986

Contact Methods

  • ICQ

Profile Information

  • Location
  1. More discoveries... I have Ubuntu installed within windows as dual boot. When I am working in Ubuntu, then restart and go into windows, I dont even see the applying computer settings screen. Its super quick. Does anyone have any ideas?? Pleeeeease Thanks, OLEO
  2. Did a shut down and start up after my last post.... SLOOOOOW again. Still have the DCOM errors and other 2 and oracle...
  3. Update on my progress... Found more files and printers that were being shared on the network... I stopped sharing them. On the next restart it was still slow. Then I gave it another try just now and it didnt take nearly as long! I checked the Event Viewer and still have these two random services failing to start. And 3 DCOM errors... All saying the same thing: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool. What does this mean?
  4. I tried a start up with the wireless off and it seems to still be slow then as well. I still haven't been able to find anything relating to 'awtfm' or 'bgjcb'... (The errors in Event Manager during start up) Thanks for taking the time, OLEO
  5. Hey Everyone, I created a post in PC HELP and was forwarded this way... http://www.malwarebytes.org/forums/index.php?showtopic=24889 - MBAM didn't pick up anything... Here is my HiJackThis! Log... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:32:08 AM, on 9/17/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\DellTPad\Apoint.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\DellTPad\HidFind.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe C:\Documents and Settings\OLEO\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\OLEO\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\OLEO\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE C:\tools\Malwarebytes' Anti-Malware\iexplore.exe C:\Documents and Settings\OLEO\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\tools\Orbit Downloader\Orbitdownloader\orbitdm.exe C:\tools\Orbit Downloader\Orbitdownloader\orbitnet.exe C:\tools\HiJackThis!\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ig?hl=en&source=iglk R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\tools\Orbit Downloader\Orbitdownloader\orbitcth.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\tools\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: EmailBHO - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\tools\jZip\WebmailPlugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\program Files\Adobe\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: &Download by Orbit - res://C:\tools\Orbit Downloader\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\tools\Orbit Downloader\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Append to existing PDF - res://C:\program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\tools\Orbit Downloader\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\tools\Orbit Downloader\Orbitdownloader\orbitmxt.dll/202 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\tools\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\tools\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} (Scanner.SysScanner) - http://i.dell.com/images/global/js/scanner/SysProExe.cab O16 - DPF: {4788DE0A-3552-49EA-AC8C-233DA52523B9} (AxLoaderPassword Class) - http://www.blackberry.com/devicesoftware/AxLoader.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1235236251703 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1235236246203 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-03.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab O16 - DPF: {AE3E8210-B33F-49C1-B4E2-860F5F4D732F} (Avocent DSView Session Launcher Control) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E448F884-5E2E-4216-84DE-3DF9F387F11E} (NFileUpload Class) - https://issxp14/zenworks/ext/NFileUpload.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: C:\WINDOWS\katrack.dll KATRACK.DLL O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: OracleDBConsoleorcl - Oracle Corporation - C:\app\OLEO\OraHome_1\bin\nmesrvc.exe O23 - Service: OracleHome1TNSListener - Unknown owner - C:\app\OLEO\OraHome_1\BIN\TNSLSNR.exe O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\app\OLEO\product\11.1.0\client_1\bin\omtsreco.exe O23 - Service: OracleServiceORCL - Oracle Corporation - c:\app\oleo\orahome_1\bin\ORACLE.EXE O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe -- End of file - 11415 bytes THANKS!
  6. Thanks for the reply yardbird, - It is the same PC that I was having issues with a couple weeks ago - No, Neither of the mystery services are in services.msc. And I have not see them in the task manager before either. Thanks for pointing me to CCleaner. I ran the default scan and it picked up many things. I removed them all. I also ran the registry scan. It too picked up a lot of software that I have since removed, etc. Fixed all of them up. Again, neither of the services were there. After the clean, I did a full shutdown and restart. Same slow start up. The event log shows that 3 errors happen over a 2 minutes stand. The first two are AWTFM and BGJCB failing to start. The third is OracleDBConsoleorcl service terminated with service-specific error 2 (0x2). The slowness doesnt seem to be something hanging though. There is disk activity the whole time... Thanks for any and all help.
  7. Hey guys and gals, As the title says, at startup the applying computer settings page takes forever. There is a lot of disk activity and I'm just wondering what is going on, and if it really needs to be. It can take around 5 minutes sometimes. I'm pretty sure if I have the wireless turned off and no ethernet it doesnt happen. I figured it was something with the network. So I have tried a few things... - I had WinMediaPlayer sharing a ton of movies with my xbox. I turned off all the file sharing in MediaPlayer (as far as I know) - I used to be on a work domain and I had a lot of old mapped network drives. I have been Workgroup for a while now, but I still had some old mapped drives around. I removed all of those. - I checked my Event Viewer and found a few things. There are two services that fail to start and when I search them on google and the only results are my logs posted from an early problem. They are The awtfm service, and the bgjcb service. The event logs says: The bgjcb service failed to start due to the following error: The system cannot find the file specified. System: Dell Latitude D830 Intel Core 2 Duo CPU T7300 @ 2GHz 3.5 GB of RAM XP Pro Any help or ideas would be appreciated! Thanks!
  8. Hey Subs, I'm back with another question! I have two instances of iexplore.exe running all the time and I dont use IE... They appeared a couple days ago with the other stuff. I can run mbam and avast and they both came up clean. Any ideas?
  9. You need to take a break! You are 24/7 malware!
  10. Sweet. mbam is now working and scanning! Really appreciate it!
  11. The fr33.exe worked to free up Avast! Thank You! Should I still be concerned?
  12. Okay, I am also experiencing the same issues as before with mbam... I can't open it. It says I dont have permission.
  13. Hey Subs, I think I still have something. I cant open my avast antivirus still...
  14. I uninstalled combofix. And I use WinVNC for work. Is there more to be done?