1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

computer slowing down and hanging

Discussion in 'Windows XP' started by moose69, Sep 14, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. moose69

    moose69 Thread Starter

    Joined:
    Aug 20, 2003
    Messages:
    367
    Hi my computer is slowing down and hanging, I just cleared out some viruses and spyware things improved a little but its still buggy. I would really appreciate it if someone could check my hijackthis log.

    Logfile of HijackThis v1.97.2
    Scan saved at 18:19:09, on 15/09/2004
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    E:\WINNT\System32\smss.exe
    E:\WINNT\system32\winlogon.exe
    E:\WINNT\system32\services.exe
    E:\WINNT\system32\lsass.exe
    E:\Program Files\Sygate\SPF\Smc.exe
    E:\WINNT\system32\svchost.exe
    E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    E:\WINNT\system32\spoolsv.exe
    E:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
    E:\WINNT\System32\svchost.exe
    E:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
    E:\Program Files\Ahead\InCD\InCDsrv.exe
    E:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
    E:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
    E:\WINNT\system32\nvsvc32.exe
    E:\WINNT\system32\regsvc.exe
    E:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
    E:\WINNT\system32\MSTask.exe
    E:\WINNT\System32\snmp.exe
    E:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
    E:\WINNT\system32\stisvc.exe
    E:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    E:\WINNT\System32\WBEM\WinMgmt.exe
    E:\WINNT\Explorer.EXE
    E:\WINNT\system32\svchost.exe
    E:\Program Files\Common Files\Symantec Shared\SymTray.exe
    E:\Program Files\1stDialer\1stdialer.exe
    E:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    E:\Program Files\NetInternals\CostAware\niIPCApp.exe
    E:\Program Files\Crystal Internet Meter\cimeter.exe
    E:\WINNT\system32\spool\drivers\w32x86\3\hpztsb04.exe
    E:\Program Files\Winad Client\Winad.exe
    E:\WINNT\niaeboxf.exe
    E:\Program Files\Winad Client\WinClt.exe
    E:\PROGRA~1\INTERN~1\iexplore.exe
    E:\winnt\180ax.exe
    E:\Program Files\Common Files\Symantec Shared\ccApp.exe
    E:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
    E:\Program Files\iolo\System Mechanic 4 Professional\PopupStopper.exe
    E:\WINNT\Plaxo\1.5.2.32\InstallStub.exe
    E:\WINNT\system32\rundll32.exe
    E:\Program Files\Internet Explorer\iexplore.exe
    E:\Program Files\AceBIT\Password Depot\PasswordDepot.exe
    E:\Program Files\Internet Explorer\iexplore.exe
    D:\Software\Internet\Hijack This\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.eircom.net/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.iol.ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://minisearch.startnow.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.usefulware.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://u.tv/
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Messenger\ycomp.dll
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {601ED020-FB6C-11D3-87D8-0050DA59922B} - E:\Program Files\WS_FTP Pro\wsbho2k0.dll
    O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - E:\PROGRA~1\FLASHGET\jccatch.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\winnt\googletoolbar2.dll
    O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
    O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\PROGRA~1\FLASHGET\fgiebar.dll
    O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Messenger\ycomp.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINNT\system32\msdxm.ocx
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\winnt\googletoolbar2.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [1stDialer] E:\Program Files\1stDialer\1stdialer.exe
    O4 - HKLM\..\Run: [AnyDVD] E:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [CostAware] E:\Program Files\NetInternals\CostAware\niIPCApp.exe
    O4 - HKLM\..\Run: [Crystal Internet Meter] E:\Program Files\Crystal Internet Meter\cimeter.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] E:\WINNT\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [Winad Client] E:\Program Files\Winad Client\Winad.exe
    O4 - HKLM\..\Run: [bhprscb] E:\WINNT\niaeboxf.exe
    O4 - HKLM\..\Run: [180ax] e:\winnt\180ax.exe
    O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] E:\Program Files\Common Files\Symantec Shared\Symtray.exe SetReg
    O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [AcctMgr] E:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
    O4 - HKCU\..\Run: [System Mechanic Popup Stopper] "E:\Program Files\iolo\System Mechanic 4 Professional\PopupStopper.exe"
    O4 - HKCU\..\Run: [Sygate Personal Firewall] E:\Program Files\Sygate\SPF\Smc.exe
    O4 - HKCU\..\Run: [PlaxoUpdate] E:\WINNT\Plaxo\1.5.2.32\InstallStub.exe -a
    O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1023.dll,InstantAccess
    O4 - HKCU\..\Run: [System Mechanic Registry Compact Handler] E:\Program Files\iolo\System Mechanic 4 Professional\SysMech4.exe /PERSISTREGCOMPACT
    O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] E:\Program Files\Common Files\Symantec Shared\Symtrdr.exe
    O4 - Global Startup: InterVideo Scheduler server.lnk = E:\Program Files\InterVideo\WinDVD4PR\SchSvr.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = E:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &Google Search - res://e:\winnt\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://e:\winnt\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://e:\winnt\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Download All by FlashGet - E:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: Download using FlashGet - E:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Similar Pages - res://e:\winnt\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://e:\winnt\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O9 - Extra button: FlashGet (HKLM)
    O9 - Extra 'Tools' menuitem: &FlashGet (HKLM)
    O9 - Extra button: Yahoo! Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1023_EN.cab
    O16 - DPF: {1230CB21-C88D-11CF-B347-000000000000} - http://www.eingang69.de/EroticAccess/Cabs/1843010.cab
    O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_f...b511e5af9ef1:ef6809508de57060f0dd3f5553147fe9
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38151.30625
    O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} - file://K:\SuperCD\IntraLaunch.CAB
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/zuma/popcaploader_v5.cab
    O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.media-motor.net/cabs/ffvg.cab
    O16 - DPF: {F5820AD3-9B20-423E-B2AA-7AF2B4055746} (CRegistryDownload Class) - http://www.paltalk.com/prod/RegDload.CAB
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F2FBB27F-1CD9-4204-A81A-218BBB99496D}: NameServer = 195.218.116.2 194.46.8.57
     
  2. bobol

    bobol

    Joined:
    Jan 28, 2004
    Messages:
    2,187
  3. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    You need to do 2 things, get the current version of HJT (MajorGeek has it) and 2) run it with nothing else running
     
  4. moose69

    moose69 Thread Starter

    Joined:
    Aug 20, 2003
    Messages:
    367
    Hi bobol
    I ran adaware6 ,spybot, anity ghostbusters & norton antivirus before I made the hijack this logfile with an old ver of HJT. Thanks for the input
     
  5. moose69

    moose69 Thread Starter

    Joined:
    Aug 20, 2003
    Messages:
    367
    Hi MFDnSC

    Thanks for your reply.
    I got a new copy of HJT from majorgeeks like u suggested. I ran it with on its own.

    This is the logfile generated. Can u please tell me what to do next.

    Logfile of HijackThis v1.98.2
    Scan saved at 16:45:23, on 16/09/2004
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    E:\WINNT\System32\smss.exe
    E:\WINNT\system32\winlogon.exe
    E:\WINNT\system32\services.exe
    E:\WINNT\system32\lsass.exe
    E:\Program Files\Sygate\SPF\Smc.exe
    E:\WINNT\system32\svchost.exe
    E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    E:\WINNT\system32\spoolsv.exe
    E:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
    E:\WINNT\System32\svchost.exe
    E:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
    E:\Program Files\Ahead\InCD\InCDsrv.exe
    E:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
    E:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
    E:\WINNT\system32\nvsvc32.exe
    E:\WINNT\system32\regsvc.exe
    E:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
    E:\WINNT\system32\MSTask.exe
    E:\WINNT\System32\snmp.exe
    E:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
    E:\WINNT\system32\stisvc.exe
    E:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    E:\WINNT\System32\WBEM\WinMgmt.exe
    E:\WINNT\system32\svchost.exe
    E:\WINNT\Explorer.EXE
    E:\Program Files\Common Files\Symantec Shared\SymTray.exe
    E:\Program Files\Crystal Internet Meter\cimeter.exe
    E:\Program Files\Winad Client\Winad.exe
    E:\WINNT\niaeboxf.exe
    E:\Program Files\Winad Client\WinClt.exe
    E:\winnt\180ax.exe
    E:\Program Files\Common Files\Symantec Shared\ccApp.exe
    E:\WINNT\Plaxo\1.5.2.32\InstallStub.exe
    E:\WINNT\system32\rundll32.exe
    E:\Documents and Settings\Administrator\Desktop\New Folder\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.iol.ie
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.eircom.net/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://minisearch.startnow.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://minisearch.startnow.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.usefulware.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://u.tv/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.iolfree.ie:8080
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Messenger\ycomp.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: WsftpBrowserHelper Class - {601ED020-FB6C-11D3-87D8-0050DA59922B} - E:\Program Files\WS_FTP Pro\wsbho2k0.dll
    O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - E:\PROGRA~1\FLASHGET\jccatch.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\winnt\googletoolbar2.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
    O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\PROGRA~1\FLASHGET\fgiebar.dll
    O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Messenger\ycomp.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINNT\system32\msdxm.ocx
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\winnt\googletoolbar2.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [1stDialer] E:\Program Files\1stDialer\1stdialer.exe
    O4 - HKLM\..\Run: [AnyDVD] E:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [CostAware] E:\Program Files\NetInternals\CostAware\niIPCApp.exe
    O4 - HKLM\..\Run: [Crystal Internet Meter] E:\Program Files\Crystal Internet Meter\cimeter.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] E:\WINNT\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [Winad Client] E:\Program Files\Winad Client\Winad.exe
    O4 - HKLM\..\Run: [bhprscb] E:\WINNT\niaeboxf.exe
    O4 - HKLM\..\Run: [180ax] e:\winnt\180ax.exe
    O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] E:\Program Files\Common Files\Symantec Shared\Symtray.exe SetReg
    O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [AcctMgr] E:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
    O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] E:\Program Files\Common Files\Symantec Shared\Symtrdr.exe
    O4 - HKCU\..\Run: [System Mechanic Popup Stopper] "E:\Program Files\iolo\System Mechanic 4 Professional\PopupStopper.exe"
    O4 - HKCU\..\Run: [Sygate Personal Firewall] E:\Program Files\Sygate\SPF\Smc.exe
    O4 - HKCU\..\Run: [PlaxoUpdate] E:\WINNT\Plaxo\1.5.2.32\InstallStub.exe -a
    O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1023.dll,InstantAccess
    O4 - HKCU\..\Run: [System Mechanic Registry Compact Handler] E:\Program Files\iolo\System Mechanic 4 Professional\SysMech4.exe /PERSISTREGCOMPACT
    O4 - Global Startup: InterVideo Scheduler server.lnk = E:\Program Files\InterVideo\WinDVD4PR\SchSvr.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = E:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &Google Search - res://e:\winnt\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://e:\winnt\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://e:\winnt\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Download All by FlashGet - E:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: Download using FlashGet - E:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Similar Pages - res://e:\winnt\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://e:\winnt\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\WINNT\system32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\WINNT\system32\msjava.dll
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINNT\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINNT\web\related.htm
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - (no file)
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - (no file)
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - (no file)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - (no file)
    O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1023_EN.cab
    O16 - DPF: {1230CB21-C88D-11CF-B347-000000000000} - http://www.eingang69.de/EroticAccess/Cabs/1843010.cab
    O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_f...b511e5af9ef1:ef6809508de57060f0dd3f5553147fe9
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} - file://K:\SuperCD\IntraLaunch.CAB
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/zuma/popcaploader_v5.cab
    O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.media-motor.net/cabs/ffvg.cab
    O16 - DPF: {F5820AD3-9B20-423E-B2AA-7AF2B4055746} (CRegistryDownload Class) - http://www.paltalk.com/prod/RegDload.CAB
    O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B23E0CC} - http://direct.data-line.us/gbn298.exe
     
  6. moose69

    moose69 Thread Starter

    Joined:
    Aug 20, 2003
    Messages:
    367
    Hi Is there anyone out there with HJT skills that can advise me on the HJT log please
     
  7. natcom

    natcom

    Joined:
    Sep 21, 2003
    Messages:
    2,243
    sure moose69 fix this

    E:\Program Files\Winad Client\Winad.exe {note see if you can delate from add/remove programs as well }

    E:\Program Files\Winad Client\WinClt.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://minisearch.startnow.

    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.c

    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://minisearch.startno


    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.usefulware.com

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://u.tv/ {note if you dont know this site fix it }

    O4 - HKLM\..\Run: [Winad Client] E:\Program Files\Winad Client\Winad.exe

    O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1023.dll,InstantAccess

    O4 - HKCU\..\Run: [System Mechanic Registry Compact Handler] E:\Program Files\iolo\System Mechanic 4

    O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} - http://akamai.downloadv3.com/binari...UTH_1023_E

    O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_f...d3 f555314

    O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} - file://K:\SuperCD\IntraLaunch.CAB

    O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.media-motor.net/cabs/ffvg.cab

    O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B23E0CC} - http://direct.data-line.us/gbn298.exe

    lose All Explorer adn IE Windows, check the above lines in hijackthis and click on Fix Checked !!
    Then Disable ur Messenger Service if its running >> http://www.itc.virginia.edu/desktop/docs/messagepopup/
    After that Follow these Instructions:

    1. Restart ur machine in safemode and Login as Administrator
    2. Run the AntiVirus tool and delete all viruses it found if any
    3. Run the Spyware Removal tools and delete everything they detect if any
    4. Then goto My Computer>Tools>Folder Options>View and turn on the feature of Show Hidden Files
    5. Goto C:\Documents and Settings\ur usernmae\Local Settings\Temp and delete all files present here
    6. Goto C:\Documents and Settings\ur usernmae\Local Settings\Temporary Internet Files, and delete the folder of ContentIE
    7. Goto C:\Documents and Settings\ur usernmae\Cookies, and delete all cookies present here.
    8. Goto C:\Windows\Temp and delete all files present here
    9. Reboot back in Normal Mode and check if problems are gone or not
    10. Post Back and Good Luck :)
     
  8. moose69

    moose69 Thread Starter

    Joined:
    Aug 20, 2003
    Messages:
    367
    Hi natcom
    I followed your instructions and things improved for a while then it started to happen again. I was trying to post a reply hereand it kept cutting out on me. So I went for a wipe and reload and I am back up now and everything is working as it should so far. Thanks for all your help.

    moose69


    (y)
     
  9. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - computer slowing down
  1. Buffalo19
    Replies:
    1
    Views:
    499
  2. Marcella253
    Replies:
    2
    Views:
    563
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/273920

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice