can't always open anything on net and very slow

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

blue_angel_up

Thread Starter
Joined
Nov 26, 2001
Messages
13
When we get on the internet we can't always open up pages.And most of the time once we are we can't even get to our homepage it gets stuck on "detecting proxy settings" and just stays there. Other times we get right on and everything works just peachy for a half-hour to an hour. When your on the internet and the 2 little computers in the lower right corner are there, the one in the back is just blinking like crazy but the one in the front just sits there. The computer alone runs great as long as your not on the internet. We have ran a virus detector and it did find a virus but was able to fix it and it ran really good for about 3 days. Ran it again to be sure ther was no virus and it did'nt detect one. We also have a really hard time defragging.(We do it weekly) We replaced the modem back in May.
This is a windows98 by gateway.
Internet explorer 5.5?
Any help would be greatly appreciated
 
Joined
May 18, 2001
Messages
1,199
Hi blue_angel_up,lets have a look at what your running at startup.Go to Start>Run>type in Msinfo32>click on software Environment>click on edit>copy>and paste it back here.
 

eddie5659

Moderator
Malware Specialist
Joined
Mar 19, 2001
Messages
37,282
Hiya and welcome

First off, can you remember the name of the virus? There may some residues of it, so go here and download Startup Log. Install and run it, allow the DOS window to close, then copy/paste here:

http://home.earthlink.net/~rmbox/Reticulated/Toys.html

Also, have you tried a repair?

Control panel | AddRemove. doubleclick Microsoft Internet Explorer. Choose Repair, apply and restart.

Also, have you emptied your Tempory Internet Files lately? Tools | Internet Options. General Tab. Under Delete Files, DON'T delete offline content.

Go here and download AddAware www.lavasoftusa.com
install and run, ensuring that deep registry scan is enabled. Remove all except any references to Web3000 or new.net If you're unsure, copy/paste the list here.

Regards

eddie
 
Joined
May 18, 2001
Messages
1,199
Did you try and download that program Eddie wants you to ?That one might work for you.
 

blue_angel_up

Thread Starter
Joined
Nov 26, 2001
Messages
13
Yes we empty tempory internet files when defragging





---------- C:\WINDOWS\desktop\StartUp.Log

Start-Ups checked at 11-26-2001 6:46:00.11p
__________________________________________________________________________
__________________________________________________________________________

StartUp Log for Windows 95/98 - Freeware by rmbox
__________________________________________________________________________
__________________________________________________________________________

Comments:

This is a log of all the programs on your computer that
are starting automatically every time you start Windows.
Using this log can be a quick way to spot trojans.

StartUp Log (version 1.53) - Release Date 8/19/2001

__________________________________________________________________________
__________________________________________________________________________

StartUp Log Index

1. HKLM Run
2. HKCU Run
3. HKLM RunOnce
4. HKCU RunOnce
5. HKLM RunServices
6. HKLM RunServicesOnce
7. WIN.INI file
8. SYSTEM.INI file
9. AUTOEXEC.BAT file
10. StartUp folder
11. All Users StartUp
12. Misc. StartUp Configurations

__________________________________________________________________________
__________________________________________________________________________

The following is a list of your current Start-Ups
__________________________________________________________________________
__________________________________________________________________________

1. HKLM Run - Registry

[RegPath]
"StartUp"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EnsoniqMixer"="starter.exe"
"TimeSink Ad Client"="\"C:\\Program Files\\TimeSink\\AdGateway\\TSADBOT.EXE\""
"NAV Agent"="c:\\PROGRA~1\\NORTON~1\\NAVAPW32.EXE"
"RealTray"="c:\\Program Files\\Accessories\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"


==========================================================================
__________________________________________________________________________

2. HKCU Run - Registry

[RegPath]
"StartUp"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\\Program Files\\Messenger\\msmsgs.exe /background"


==========================================================================
__________________________________________________________________________

3. HKLM RunOnce - Registry

[RegPath]
"StartUp"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]


==========================================================================
__________________________________________________________________________

4. HKCU RunOnce - Registry

[RegPath]
"StartUp"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]


==========================================================================
__________________________________________________________________________

5. HKLM RunServices - Registry

[RegPath]
"StartUp"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"SchedulingAgent"="mstask.exe"
"ScriptBlocking"="\"C:\\Program Files\\Common Files\\Symantec Shared\\Script Blocking\\SBServ.exe\" -reg"


==========================================================================
__________________________________________________________________________

6. HKLM RunServicesOnce - Registry

[RegPath]
"StartUp"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]


==========================================================================
__________________________________________________________________________

7. WIN.INI File - (c:\windows\win.ini)

Your win.ini run/load lines should look like run= and load= exclusively.
There should be nothing to the right of the equal signs.


These are the run and load lines in your WIN.INI file

run=

load=

==========================================================================
__________________________________________________________________________

8. SYSTEM.INI File - (c:\windows\system.ini)

Your system.ini shell line should look like shell=Explorer.exe exclusively.
You should only see Explorer.exe following the equal sign.


This is the shell line in your SYSTEM.INI file

shell=Explorer.exe

==========================================================================
__________________________________________________________________________

9. AUTOEXEC.BAT File - (c:\autoexec.bat)

(Some trojans have been known to start from this file)


These are your program startups and set paths in your autoexec.bat file

PATH C:\BITWARE\

==========================================================================
__________________________________________________________________________

10. StartUp Folder - (c:\windows\start menu\programs\startup)

Shortcuts to any program will automatically start when placed here.


These are the shortcuts located in your StartUp folder

*(No start-ups found)*

==========================================================================
__________________________________________________________________________

11. All Users Folder - (c:\windows\all users\start menu\programs\startup)

Shortcuts to any program will automatically start when placed here.


These are the shortcuts located in your All Users StartUp folder


*(No start-ups found)*

==========================================================================
__________________________________________________________________________

12. Miscellaneous StartUp Configurations

-============================-
Registry StartUp Directories
-============================-

Should show the Start Menu StartUp and All Users StartUp directories

.....................................................................

[1] HKCU - Shell Folders

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders

"Startup"="C:\\WINDOWS\\Start Menu\\Programs\\StartUp"

.....................................................................

[2] HKCU - User Shell Folders

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders


.....................................................................

[3] HKLM - Shell Folders

HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\Shell Folders

"Common Startup"="C:\\WINDOWS\\All Users\\Start Menu\\Programs\\StartUp"

.....................................................................

[4] HKLM - User Shell Folders

HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\User Shell Folders


.....................................................................

-=======================-
Registry Shell Spawning
-=======================-

Open Commands for Executable File Types

@="\"%1\" %*"
(.exe file - RegPath = HKCR\exefile\shell\open\command)

@="\"%1\" %*"
(.com file - RegPath = HKCR\comfile\shell\open\command)

@="\"%1\" /S"
(.scr file - RegPath = HKCR\scrfile\shell\open\command)

@="\"%1\" %*"
(.bat file - RegPath = HKCR\batfile\shell\open\command)

@="\"%1\" %*"
(.pif file - RegPath = HKCR\piffile\shell\open\command)

@="C:\\WINDOWS\\SYSTEM\\MSHTA.EXE \"%1\" %*"
(.hta file - RegPath = HKCR\htafile\shell\open\command)

-=========================-
HKLM RunOnceEx - Registry
-=========================-


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx]


-====================-
StubPaths - Registry (Partial Listing)
-====================-

(Please see the StubPath.txt on your desktop for complete listing)

HKLM\Software\Microsoft\Active Setup\Installed Components


"StubPath"="C:\\WINDOWS\\SYSTEM\\IE4UINIT.EXE"
"StubPath"="c:\\windows\\msnmgsr1.exe"
"StubPath"=""
"StubPath"="c:\\windows\\COMMAND\\sulfnbk.exe /L"
"StubPath"="\"C:\\PROGRA~1\\OUTLOO~1\\setup50.exe\" /APP:OE /CALLER:IE50 /user /install"
"StubPath"="\"C:\\PROGRA~1\\OUTLOO~1\\setup50.exe\" /APP:WAB /CALLER:IE50 /user /install"

-=================-
DOSSTART.BAT File - (c:\windows\dosstart.bat)
-=================-

@echo off

REM Notes:
REM DOSSTART.BAT is run whenenver you choose "Restart the computer
REM in MS-DOS mode" from the Shutdown menu in Windows. It allows
REM you to load programs that you might not want loaded in Windows,
REM (because they have functional equivalents) but that you do
REM want loaded under MS-DOS. The two primary candidates for
REM this are MSCDEX and a real mode driver for the mouse you ship
REM with your system. Commands that you want present in both Windows
REM and MS-DOS should be placed in the Autoexec.bat in the
REM \Image directory of your reference server. Please note that for
REM MSCDEX you will need to load the corresponding real-mode CD
REM driver in Config.sys. This driver won't be used by Windows 98
REM but will be available prior to and after Windows 98 exits.
REM
REM This file is also helpful if you want to F8 boot into MS-DOS 7.0
REM before Windows loads and access the CD-ROM. All you have to do
REM is press F8 and then run DOSSTART to load MSCDEX and your real
REM mode mouse driver (no need to remember the command line parameters
REM for these two files.
REM
REM - You MUST explicitly specify the CD ROM Drive Letter for MSCDEX.
REM - The string following the /D: statement must explicitly match
REM the string in CONFIG.SYS following your CD-ROM device driver.

REM MSCDEX.EXE /D:OEMCD001 /l:d
REM MOUSE.EXE




-=========================-
ICQ Inet Registry StartUp
-=========================-

Shows applications that start when connected to Inet


[HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps]
"Launch Browser"="No"


-=====================-
Screen Saver Settings (Possible system.ini start-up)
-=====================-


==========================================================================
__________________________________________________________________________

- Supplemental Environment Information -

TMP=c:\windows\TEMP
TEMP=C:\windows\TEMP
winbootdir=C:\WINDOWS
COMSPEC=C:\WINDOWS\COMMAND.COM
PATH=C:\WINDOWS;c:\windows;c:\windows\COMMAND;C:\BITWARE\
windir=C:\WINDOWS

File - c:\windows\deletefi.ini

==========================================================================
__________________________________________________________________________

- End -
 

eddie5659

Moderator
Malware Specialist
Joined
Mar 19, 2001
Messages
37,282
Hiya

I see you have TimeSink Ad Client in your startup. Thats spyware. Download AddAware as I suugested earlier and run it. You don't have Web3000 or new.net in there.
Also, your startup looks okay, and you don't seem to have the virus bits left over.

Can you remember it, btw?

Regards

eddie
 

Brooks

Guest
Joined
Oct 30, 2001
Messages
2,323
One thing to try is to turn off the Automatically Detect Settings for proxy, unless you have been specifically instructed to check for the settings. Home systems should not need this setting turned on.

You can find this at Tools, Internet Options, Connections, Lan Settings. Uncheck the box that says Automatically Detect Network Settings. You should also check to see if there is any other setting there also. If so try unchecking all the boxes that have to do with proxy and see if that works.

That tsadbot is a combo of spyware and adware and will download stuff to your computer. You should get rid of it, because it will eat up your bandwidth.
 
Joined
May 18, 2001
Messages
1,199
Yep,your right about the link,Eddie.Thanks for pointing that out:D Brooks,brings up a good point also.You have to remove it completely or its just going to keep coming back.
 

eddie5659

Moderator
Malware Specialist
Joined
Mar 19, 2001
Messages
37,282
Hiya

One thing I will mention, just in case it wasn't from there and you got it just from surfing, is this.

Go to Tools | Internet Options. Advanced tab. Under Browsing scroll down to Enable Instal on Demand. Uncheck this, apply and OK.

Brooks, thanks for the link. I'm gonna post that at Lavasoft now, for help there.

Regards

eddie
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top