MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: puter slow on internet also disconnects
May 26, 2020, 08:05:55 PM
  

Home Forum Rules Help Search Mobile Version Login Register
Welcome, Guest. Please login or register.
Did you miss your activation email?
May 26, 2020, 08:05:55 PM

Login with username, password and session length
 Featured Sites:
News
New  We now offer MyTechSupport.ca Merchandise! Every purchase goes towards maintaining our site.
Thank you for supporting MyTechSupport.ca!
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: puter slow on internet also disconnects  (Read 2884 times)
brian6352
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 3


Bookmark and Share

View Profile
« on: October 12, 2004, 08:42:20 PM »




hi i hope you can help me here, my computer is running really slow i have run hi-jack and copied and pasted this for you to look at could you please look at it and tell me if there is any problems in this list thank brian

Logfile of HijackThis v1.98.2
Scan saved at 20:29:17, on 12/10/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\Dit.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\System32\PRISMSTA.EXE
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\MYTOTA~1\bar\1.bin\mtsoemon.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\BT Broadband\Help\bin\mpbtn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\brian  morrison\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toysrus.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
O1 - Hosts: 127.139.138.144 www.symantec.com
O1 - Hosts: 127.255.16.172 securityresponse.symantec.com
O1 - Hosts: 127.239.181.143 symantec.com
O1 - Hosts: 127.15.217.174 www.mcafee.com
O1 - Hosts: 127.59.130.123 mcafee.com
O1 - Hosts: 127.187.55.146 us.mcafee.com
O1 - Hosts: 127.118.40.130 www.sophos.com
O1 - Hosts: 127.50.167.54 sophos.com
O1 - Hosts: 127.74.239.41 www.viruslist.com
O1 - Hosts: 127.196.246.39 viruslist.com
O1 - Hosts: 127.138.126.91 f-secure.com
O1 - Hosts: 127.207.27.124 www.f-secure.com
O1 - Hosts: 127.67.7.47 kaspersky.com
O1 - Hosts: 127.7.161.53 www.avp.com
O1 - Hosts: 127.29.246.130 www.kaspersky.com
O1 - Hosts: 127.102.45.144 avp.com
O1 - Hosts: 127.51.44.188 www.networkassociates.com
O1 - Hosts: 127.35.255.8 networkassociates.com
O1 - Hosts: 127.171.247.79 www.ca.com
O1 - Hosts: 127.132.129.249 ca.com
O1 - Hosts: 127.190.55.215 my-etrust.com
O1 - Hosts: 127.111.67.33 www.my-etrust.com
O1 - Hosts: 127.235.126.231 secure.nai.com
O1 - Hosts: 127.241.248.122 nai.com
O1 - Hosts: 127.130.4.220 www.nai.com
O1 - Hosts: 127.75.71.27 trendmicro.com
O1 - Hosts: 127.212.201.91 www.trendmicro.com
O1 - Hosts: 127.24.147.35 housecall.trendmicro.com
O1 - Hosts: 127.171.62.56 www.pandasoftware.com
O1 - Hosts: 127.170.10.221 www.bitdefender.com
O1 - Hosts: 127.210.67.2 www.ravantivirus.com
O1 - Hosts: 127.182.144.155 www.kaspersky.com
O1 - Hosts: 127.214.107.100 www3.ca.com
O1 - Hosts: 127.223.108.0 v4.windowsupdate.microsoft.com
O1 - Hosts: 127.73.178.21 windowsupdate.microsoft.com
O1 - Hosts: 127.198.191.172 www.windowsupdate.com
O1 - Hosts: 127.43.57.31 windowsupdate.com
O2 - BHO: MyTotalSearch Search Assistant BHO - {00BD2861-C654-4694-A44A-98642D73247D} - C:\Program Files\MyTotalSearch\SrchAstt\1.bin\MTSSRCAS.DLL (file missing)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: mtsBar BHO - {094176F1-BF35-4bcb-B68A-108DFB8C3825} - C:\Program Files\MyTotalSearch\bar\1.bin\MTSBAR.DLL (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO:   - {EA8C32FC-AEC1-4246-BA9D-B26BBBCD4110} - C:\WINDOWS\lbbho.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: My &Total Search - {094176F9-BF35-4bcb-B68A-108DFB8C3825} - C:\Program Files\MyTotalSearch\bar\1.bin\MTSBAR.DLL (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [pmsetup] 1
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MyTotalSearch Email Plugin] C:\PROGRA~1\MYTOTA~1\bar\1.bin\mtsoemon.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Winupdatex] C:\WINDOWS\System32\update.exe
O4 - HKLM\..\Run: [SysInit] wininit32.exe -services
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\spydoctor.exe" /Q
O4 - Startup: MyTotalSearch Email Plugin.lnk = C:\Program Files\MyTotalSearch\bar\1.bin\MTSOEMON.EXE
O4 - Global Startup: BT Broadband Help.lnk = C:\Program Files\BT Broadband\Help\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MyTotalSearch Email Plugin.lnk = C:\Program Files\MyTotalSearch\bar\1.bin\MTSOEMON.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxuk10044GB
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.toysrus.co.uk
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1096056592234
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{40CFC8DB-9030-4184-B79D-FD16FA4795FD}: NameServer = 194.72.9.38 194.74.65.87
« Last Edit: October 12, 2004, 11:17:16 PM by jvic » Logged
 
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #1 on: October 12, 2004, 11:16:36 PM »
I am going to move this to the security and viruses forum.If no one has looked at it I will check it after 11pm when I get home from work
Logged
John Vickers
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #2 on: October 13, 2004, 04:21:18 AM »
Ok first off I would uninstall spyware doctor see here
Then please download CWSHREDDER but do not run it just yet
Run Hijack This and fix the following:


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
O1 - Hosts: 127.139.138.144 www.symantec.com
O1 - Hosts: 127.255.16.172 securityresponse.symantec.com
O1 - Hosts: 127.239.181.143 symantec.com
O1 - Hosts: 127.15.217.174 www.mcafee.com
O1 - Hosts: 127.59.130.123 mcafee.com
O1 - Hosts: 127.187.55.146 us.mcafee.com
O1 - Hosts: 127.118.40.130 www.sophos.com
O1 - Hosts: 127.50.167.54 sophos.com
O1 - Hosts: 127.74.239.41 www.viruslist.com
O1 - Hosts: 127.196.246.39 viruslist.com
O1 - Hosts: 127.138.126.91 f-secure.com
O1 - Hosts: 127.207.27.124 www.f-secure.com
O1 - Hosts: 127.67.7.47 kaspersky.com
O1 - Hosts: 127.7.161.53 www.avp.com
O1 - Hosts: 127.29.246.130 www.kaspersky.com
O1 - Hosts: 127.102.45.144 avp.com
O1 - Hosts: 127.51.44.188 www.networkassociates.com
O1 - Hosts: 127.35.255.8 networkassociates.com
O1 - Hosts: 127.171.247.79 www.ca.com
O1 - Hosts: 127.132.129.249 ca.com
O1 - Hosts: 127.190.55.215 my-etrust.com
O1 - Hosts: 127.111.67.33 www.my-etrust.com
O1 - Hosts: 127.235.126.231 secure.nai.com
O1 - Hosts: 127.241.248.122 nai.com
O1 - Hosts: 127.130.4.220 www.nai.com
O1 - Hosts: 127.75.71.27 trendmicro.com
O1 - Hosts: 127.212.201.91 www.trendmicro.com
O1 - Hosts: 127.24.147.35 housecall.trendmicro.com
O1 - Hosts: 127.171.62.56 www.pandasoftware.com
O1 - Hosts: 127.170.10.221 www.bitdefender.com
O1 - Hosts: 127.210.67.2 www.ravantivirus.com
O1 - Hosts: 127.182.144.155 www.kaspersky.com
O1 - Hosts: 127.214.107.100 www3.ca.com
O1 - Hosts: 127.223.108.0 v4.windowsupdate.microsoft.com
O1 - Hosts: 127.73.178.21 windowsupdate.microsoft.com
O1 - Hosts: 127.198.191.172 www.windowsupdate.com
O1 - Hosts: 127.43.57.31 windowsupdate.com
O2 - BHO: MyTotalSearch Search Assistant BHO - {00BD2861-C654-4694-A44A-98642D73247D} - C:\Program Files\MyTotalSearch\SrchAstt\1.bin\MTSSRCAS.DLL (file missing)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (file missing)

O2 - BHO: mtsBar BHO - {094176F1-BF35-4bcb-B68A-108DFB8C3825} - C:\Program Files\MyTotalSearch\bar\1.bin\MTSBAR.DLL (file missing)
O2 - BHO: - {EA8C32FC-AEC1-4246-BA9D-B26BBBCD4110} - C:\WINDOWS\lbbho.dll
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O3 - Toolbar: My &Total Search - {094176F9-BF35-4bcb-B68A-108DFB8C3825} - C:\Program Files\MyTotalSearch\bar\1.bin\MTSBAR.DLL (file missing)

O4 - HKLM\..\Run: [MyTotalSearch Email Plugin] C:\PROGRA~1\MYTOTA~1\bar\1.bin\mtsoemon.exe
O4 - HKLM\..\Run: [Winupdatex] C:\WINDOWS\System32\update.exe
O4 - HKLM\..\Run: [SysInit] wininit32.exe -services
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\spydoctor.exe" /Q
O4 - Startup: MyTotalSearch Email Plugin.lnk = C:\Program Files\MyTotalSearch\bar\1.bin\MTSOEMON.EXE
O4 - Global Startup: MyTotalSearch Email Plugin.lnk = C:\Program Files\MyTotalSearch\bar\1.bin\MTSOEMON.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxuk10044GB
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (file missing)

Boot Into Safe Mode making sure you can see hidden files and folders


How To Boot Into SafeMode

How To Show Hidden Files And Folders

* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View Tab.
* Under the Hidden files and folders heading select Show hidden files and folders.
* Click Yes to confirm.
* Click OK.

Find and delete the following:

C:\Program Files\MyTotalSearch
C:\Program Files\MyWay
C:\WINDOWS\lbbho.dll
C:\PROGRA~1\MYTOTA~1
C:\WINDOWS\System32\update.exe
wininit32.exe

While in safe mode run cwshredder

Close all browser windows, open cwshredder.exe then click "Fix" and let it run.

Reboot but do not open any browser

Go to start>settings>control panel>internet options
Under the general tab
click>delete cookies>say ok
click>delete files>check delete offline content>say ok twice
Under the programs tab
click>reset web settings

Run Hijack This and post a new log
Logged
John Vickers
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #3 on: October 14, 2004, 02:16:18 AM »
Hi guys, I've made the mistake in the past myself

This is from the link that jvic supplied

 
quote:
false positives work as goad to purchase (1); poor scan reporting (1); same app as #1 Spyware Killer, Spyblocs/eBlocs, Spyinator, SpyKiller 2004, SpySpotter, & SpywareThis; Ad-aware knockoff; Note:  not to be confused w/ Spyware Doctor, a completely different app by another
Logged
 
benditup
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 2105


Bookmark and Share

View Profile
« Reply #4 on: October 14, 2004, 02:20:18 AM »
Brian, please stick with this thread, don't start a new topic, keep your replies in this topic, thanks

i have done all that you advised in last posting and this is copy of latest hiyjackthis

Logfile of HijackThis v1.98.2
Scan saved at 23:34:57, on 13/10/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\Dit.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\System32\PRISMSTA.EXE
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\BT Broadband\Help\bin\mad.exe
C:\Program Files\BT Broadband\Help\bin\mpbtn.exe
C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\brian morrison\Local Settings\Temp\Temporary Directory 4 for hijackthis.zip\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [pmsetup] 1
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - Global Startup: BT Broadband Help.lnk = C:\Program Files\BT Broadband\Help\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab27513.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{40CFC8DB-9030-4184-B79D-FD16FA4795FD}: NameServer = 194.72.9.38 194.74.65.87
Logged
 
brian6352
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 3


Bookmark and Share

View Profile
« Reply #5 on: October 14, 2004, 09:14:37 PM »
so what can i try now ,can you help me any more please
Logged
 
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #6 on: October 15, 2004, 11:45:39 AM »
There is nothing suspicious in your log.
Go to start>settings>control panel>internet options
Under the general tab
click>delete cookies>say ok
click>delete files>check delete offline content>say ok twice
Boot to safe mode and run disc defrag
Reboot and see if that helps
Logged
John Vickers
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers!
MyTechSupport.ca © 2008
[ Sitemap | Forums Sitemap | Lo-Fi Version ]
Page loaded in 0.252 seconds with 21 queries.
Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page June 28, 2018, 11:27:55 PM