1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Internet Running Extremly Slow

Discussion in 'Web & Email' started by dante56, Sep 5, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. dante56

    dante56 Thread Starter

    Joined:
    Aug 9, 2004
    Messages:
    114
    Hello
    I bought a new Sony Vaio-PCV V1 about a month ago and i have had various problems with it but when I came back from holiday my friends had been using the computer but they didnt do anything major I seemed to have a lot of adware and spyware so i did a ad -aware and spybot search and found loads i cleared them and it is still running slow Im on bt broadband and it seems like im on a 56k connection it is not the connection as when i use it with my laptop it works fine.

    heres the spec
    Intel Pentium 4 "=2.8 Ghz
    512mb Ram
    160 gig hdd
    dvd and cd reriter combo drive

    as u can see its quite a good computer so it shouldnt be running like this please help im not 100% sure if its just on the internet but when playing music its a bit delayed to

    Any Help would Be Greatly Appreciated
    Ryan
     
  2. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    First create a permanent folder somewhere like in My Documents and name it Hijack This.

    Now Click here to download Hijack This: http://www.majorgeeks.com/download3155.html

    Download and save the file you just created.

    Click on Hijackthis.exe to launch the program.

    Click the "Scan" button when the scan is finished the scan button will become "Save Log" click that and save the log.

    The log should open in notepad. Click on "Edit > Select All" then click on "Edit > Copy" then Paste the log back here in this thread.

    DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required. Someone here will be glad to advise you on what to fix.
     
  3. dante56

    dante56 Thread Starter

    Joined:
    Aug 9, 2004
    Messages:
    114
    Logfile of HijackThis v1.98.2
    Scan saved at 13:37:27, on 06/09/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\sony\giga pocket\shwserv.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Sony\giga pocket\RM_SV.exe
    C:\WINDOWS\System32\syscfg32.exe
    C:\WINDOWS\System32\scvhosting.exe
    C:\WINDOWS\System32\spoolsvc.exe
    C:\WINDOWS\System32\windbg.exe
    C:\Program Files\Sony\HotKey Utility\HKserv.exe
    C:\Program Files\Wireless Desktop\LgWDskTp.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\Program Files\drag'n drop cd+dvd\BinFiles\DragDrop.exe
    C:\Program Files\Sony\HotKey Utility\HKWnd.exe
    C:\WINDOWS\System32\gsicon.exe
    C:\WINDOWS\System32\dslagent.exe
    C:\WINDOWS\System32\host32.exe
    C:\WINDOWS\System32\zhhrjf.exe
    C:\WINDOWS\System32\smnp.exe
    C:\WINDOWS\System32\svspack2.exe
    C:\WINDOWS\System32\dveldr.exe
    C:\WINDOWS\System32\tbunet.exe
    C:\WINDOWS\System32\SPOOLSVD32.EXE
    C:\WINDOWS\System32\sysentry.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\System32\msnmsgr.exe
    C:\WINDOWS\System32\ruzwcrt.exe
    C:\WINDOWS\System32\svchost32.exe
    C:\WINDOWS\System32\winmon32.exe
    C:\WINDOWS\System32\spools.exe
    C:\WINDOWS\System32\msmac32.exe
    C:\WINDOWS\System32\firewall2.exe
    C:\WINDOWS\System32\updater.exe
    C:\windows\arsetup.exe
    C:\Program Files\Winad Client\Winad.exe
    C:\Program Files\Winad Client\WinClt.exe
    C:\Program Files\Web_Rebates\WebRebates0.exe
    C:\WINDOWS\System32\qdj.exe
    C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\sony\usbsircs\usbsircs.exe
    C:\Program Files\Sony\giga pocket\ReserveModule.exe
    C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
    C:\Program Files\sony\giga pocket\gps.exe
    C:\Program Files\BT Broadband\Help\bin\mpbtn.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Web_Rebates\WebRebates1.exe
    C:\WINDOWS\system32\cmd.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\mm.exe
    C:\WINDOWS\System32\imapi.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.exe
    C:\Documents and Settings\Morrin\My Documents\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.co.uk/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.btbroadbandstart.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
    O2 - BHO: MxTargetObj Class - {0000607D-D204-42C7-8E46-216055BF9918} - C:\WINDOWS\mxTarget.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Setup.Setup1 - {2E65A557-173C-4DE9-860B-28FC5CACA542} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Setup\Setup.dll
    O2 - BHO: (no name) - {61FC6958-B76D-2E92-D602-6D550FDD2544} - C:\WINDOWS\System32\quwjsxrh.dll
    O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NLS UrlCatcher Class - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\System32\nvms.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O2 - BHO: CB UrlCatcher Class - {CE188402-6EE7-4022-8868-AB25173A3E14} - C:\WINDOWS\System32\mscb.dll
    O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
    O4 - HKLM\..\Run: [LgWDskTp] C:\Program Files\Wireless Desktop\LgWDskTp.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
    O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Drag'n Drop CD+DVD] C:\Program Files\drag'n drop cd+dvd\BinFiles\DragDrop.exe /StartUp
    O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
    O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
    O4 - HKLM\..\Run: [BIOS XP Loader] zhhrjf.exe
    O4 - HKLM\..\Run: [blah service] smnp.exe
    O4 - HKLM\..\Run: [svspack2.exe] svspack2.exe
    O4 - HKLM\..\Run: [Microsoft Time Manager] dveldr.exe
    O4 - HKLM\..\Run: [pavvqblj] C:\WINDOWS\System32\tbunet.exe
    O4 - HKLM\..\Run: [Spool Server Daemon] SPOOLSVD32.EXE
    O4 - HKLM\..\Run: [System Uptime Server] sysentry.exe
    O4 - HKLM\..\Run: [Microsoft Update] msnmsgr.exe
    O4 - HKLM\..\Run: [nvviddrv32] ruzwcrt.exe
    O4 - HKLM\..\Run: [Internet Iexplorer] svchost32.exe
    O4 - HKLM\..\Run: [Window Monitor] winmon32.exe
    O4 - HKLM\..\Run: [Print Spooler] spools.exe
    O4 - HKLM\..\Run: [Microsoft Macro Protection Subsystem] msmac32.exe
    O4 - HKLM\..\Run: [Microsoft Update Machine] firewall2.exe
    O4 - HKLM\..\Run: [ISP] C:\Program Files\Sony\ISPselector\ISPselector.exe /SCHEDULER
    O4 - HKLM\..\Run: [WindowsRegKey update] updater.exe
    O4 - HKLM\..\Run: [Win32 USB2 Driver] syscfg32.exe
    O4 - HKLM\..\Run: [WIN32] C:\windows\arsetup.exe
    O4 - HKLM\..\Run: [starter] scvhosting.exe
    O4 - HKLM\..\Run: [Win32 System Spool] spoolsvc.exe
    O4 - HKLM\..\Run: [Windows Debugger] windbg.exe
    O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe
    O4 - HKLM\..\Run: [msbb] c:\temp\msbb.exe
    O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe"
    O4 - HKLM\..\Run: [Windows Update] host32.exe
    O4 - HKLM\..\RunServices: [Windows Update] host32.exe
    O4 - HKLM\..\RunServices: [BIOS XP Loader] zhhrjf.exe
    O4 - HKLM\..\RunServices: [blah service] smnp.exe
    O4 - HKLM\..\RunServices: [svspack2.exe] svspack2.exe
    O4 - HKLM\..\RunServices: [Microsoft Time Manager] dveldr.exe
    O4 - HKLM\..\RunServices: [Spool Server Daemon] SPOOLSVD32.EXE
    O4 - HKLM\..\RunServices: [System Uptime Server] sysentry.exe
    O4 - HKLM\..\RunServices: [Microsoft Update] msnmsgr.exe
    O4 - HKLM\..\RunServices: [nvviddrv32] ruzwcrt.exe
    O4 - HKLM\..\RunServices: [Internet Iexplorer] svchost32.exe
    O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe
    O4 - HKLM\..\RunServices: [Print Spooler] spools.exe
    O4 - HKLM\..\RunServices: [Microsoft Macro Protection Subsystem] msmac32.exe
    O4 - HKLM\..\RunServices: [Microsoft Update Machine] firewall2.exe
    O4 - HKLM\..\RunServices: [WindowsRegKey update] updater.exe
    O4 - HKLM\..\RunServices: [Win32 USB2 Driver] syscfg32.exe
    O4 - HKLM\..\RunServices: [starter] scvhosting.exe
    O4 - HKLM\..\RunServices: [Win32 System Spool] spoolsvc.exe
    O4 - HKLM\..\RunServices: [Windows Debugger] windbg.exe
    O4 - HKLM\..\RunOnce: [Win32 USB2 Driver] syscfg32.exe
    O4 - HKLM\..\RunOnce: [starter] scvhosting.exe
    O4 - HKLM\..\RunOnce: [Win32 System Spool] spoolsvc.exe
    O4 - HKLM\..\RunOnce: [Windows Debugger] windbg.exe
    O4 - HKLM\..\RunOnce: [AAW] "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" "+b1"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKCU\..\Run: [BIOS XP Loader] zhhrjf.exe
    O4 - HKCU\..\Run: [svspack2.exe] svspack2.exe
    O4 - HKCU\..\Run: [Microsoft Update] msnmsgr.exe
    O4 - HKCU\..\Run: [nvviddrv32] ruzwcrt.exe
    O4 - HKCU\..\Run: [Window Monitor] winmon32.exe
    O4 - HKCU\..\Run: [Print Spooler] spools.exe
    O4 - HKCU\..\Run: [Microsoft Update Machine] firewall2.exe
    O4 - HKCU\..\Run: [WindowsRegKey update] updater.exe
    O4 - HKCU\..\Run: [Win32 USB2 Driver] syscfg32.exe
    O4 - HKCU\..\Run: [starter] scvhosting.exe
    O4 - HKCU\..\Run: [Win32 System Spool] spoolsvc.exe
    O4 - HKCU\..\Run: [Windows Debugger] windbg.exe
    O4 - HKCU\..\Run: [Uijho] C:\WINDOWS\System32\qdj.exe
    O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe
    O4 - HKCU\..\RunOnce: [starter] scvhosting.exe
    O4 - HKCU\..\RunOnce: [Win32 System Spool] spoolsvc.exe
    O4 - HKCU\..\RunOnce: [Win32 USB2 Driver] syscfg32.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = ?
    O4 - Global Startup: BT Broadband Help.lnk = C:\Program Files\BT Broadband\Help\bin\matcli.exe
    O4 - Global Startup: Remocon Driver.lnk = ?
    O4 - Global Startup: Timer Recording Manager.lnk = C:\Program Files\Sony\giga pocket\ReserveModule.exe
    O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/
    O15 - Trusted Zone: *.sony-europe.com
    O15 - Trusted Zone: *.sonystyle-europe.com
    O15 - Trusted Zone: *.vaio-link.com
    O16 - DPF: {00000000-0000-0000-0000-000020000000} - http://www.68737075.com/connect/wla/x/ukgolwla3x.exe
    O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=1fcf7a5aad9e11fa6e81301772cc81a582986ccec023301891f6f9c30c3ce889b111ab2209f305e0ab84e0c08d7151cd476287cb1585d8c68fdfadc44ff56ae4:bd1acc194c6d95c438093ed0f53d7740
    O16 - DPF: {62BC5DB2-0044-4040-B366-D628F3CFD551} (PowerTeam HTML Printing Behavior) - http://paccess.pattinson.co.uk/documents/setup.cab
    O16 - DPF: {8E27C92B-1264-101C-8A2F-040224009C02} (Calendar Control 8.0) - http://paccess.pattinson.co.uk/components/mscal.ocx
    O16 - DPF: {FF65677A-8977-48CA-916A-DFF81B037DF3} (WMService Class) - http://download.overpro.com/WildAppNonUS.cab
    O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B23E0CC} - http://direct.data-line.us/gbn298.exe
    O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B23E0CD} - http://direct.data-line.us/gbn298.exe
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6240904E-5594-431A-B047-045FD9EC368B}: NameServer = 194.72.9.38 194.74.65.68
     
  4. dante56

    dante56 Thread Starter

    Joined:
    Aug 9, 2004
    Messages:
    114
    OK
    I completely Wiped my cpmputer as i was annoying me so much and I installed broadband and it worked for about an hour and is still slow now!
    please please help me!
     
  5. FinestRanger

    FinestRanger

    Joined:
    Oct 13, 2003
    Messages:
    2,367
    Post a fresh HiJackThis log.
     
  6. dante56

    dante56 Thread Starter

    Joined:
    Aug 9, 2004
    Messages:
    114
    I took The coputer back lol
     
  7. FinestRanger

    FinestRanger

    Joined:
    Oct 13, 2003
    Messages:
    2,367
    Well...that'll solve it. Until next time you're cruising the net. :p

    The best thing to do is, BEFORE plugging in your internet connection, enable Microsoft's Internet Connection Firewall.

    Then head directly to Microsoft's Update site.

    After that's done, come back here and read the "sticky" by Rollin' Rog.

    Get a free anti-virus and more advanced firewall (free also).

    I also highly recommend you install and update SpywareBlaster

    SpywareBlaster tutorial link[/COLOR]


    For more security information view these two threads:

    How did I get infected in the first place?

    Rollin' Rog's "Security Help Tools" thread
     
  8. dante56

    dante56 Thread Starter

    Joined:
    Aug 9, 2004
    Messages:
    114
    It was the computer as im using the same connection on my laptop and its fine
     
  9. quartz121984

    quartz121984

    Joined:
    Sep 6, 2004
    Messages:
    11
    i had the same probelm what kind of spyware remover do u have you should go get spyware nuker go to hard drive then go to windows then prefetch delete all the files in this folder then run scan disk (do the full scan) then defrag your computer then if you don't have a anti-virus program i highly recommend it if u use the net u have to have one :D
     
  10. FinestRanger

    FinestRanger

    Joined:
    Oct 13, 2003
    Messages:
    2,367

    Your computer was LOADED with virii and spyware.
     
  11. jwevans

    jwevans

    Joined:
    Jun 19, 2004
    Messages:
    6
    I'll gladly accept the help that you offer.
    I have been dealing with IE being very slow for almost a year now.
    I have been using Mozilla without a problem but there are still to many time that IE is neccessary. I was able to update to SP2, it didn't help. I have Spyblaster, Spybot Search and Destroy, and Ad-Aware SE. Nothing do or have done seems to help at all. I have submiitted my Hijack This log to many locations and have never gotten a reply.

    Can you please help. Log is below.

    Logfile of HijackThis v1.97.7
    Scan saved at 4:42:05 AM, on 9/14/2004
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    D:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
    C:\WINDOWS\SYSTEM32\GEARSEC.EXE
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    D:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
    D:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
    C:\WINDOWS\System32\nvsvc32.exe
    D:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
    C:\WINDOWS\System32\ScsiAccess.EXE
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    D:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
    C:\WINDOWS\BCMSMMSG.exe
    C:\WINDOWS\System32\taskswitch.exe
    D:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
    D:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
    C:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    D:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe
    D:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    D:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
    D:\Program Files\WinZip\WZQKPICK.EXE
    C:\WINDOWS\system32\ntvdm.exe
    D:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
    D:\Program Files\Microsoft Office\Office10\msoffice.exe
    D:\Program Files\Adobe\Acrobat 5.0\Acrobat\Acrobat.exe
    C:\Program Files\Common Files\Adobe\Web\AOM.exe
    C:\WINDOWS\explorer.exe
    C:\PROGRA~1\mozilla.org\Mozilla\Mozilla.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\AT&T Global Network Client\NetClient.exe
    D:\Save\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.attbusiness.net
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.attbusiness.net
    O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - D:\Program Files\DAP\DAPBHO.dll
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - D:\Program Files\WS_FTP Pro\wsbho2k0.dll
    O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - D:\Program Files\Microsoft Money\System\mnyviewer.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
    O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [MoneyStartUp10.0] "D:\Program Files\Microsoft Money\System\Activation.exe"
    O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
    O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\System32\taskswitch.exe
    O4 - HKLM\..\Run: [AcctMgr] D:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
    O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
    O4 - HKLM\..\Run: [RoxioAudioCentral] "D:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
    O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
    O4 - HKCU\..\RunOnce: [NetSP - restore database] "C:\Program Files\AT&T Global Network Client\NetSP.exe" -show
    O4 - Startup: Dragon NaturallySpeaking.lnk = D:\Program Files\ScanSoft\NaturallySpeaking\Program\natspeak.exe
    O4 - Global Startup: Acrobat Assistant.lnk = D:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.LNK = D:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
    O4 - Global Startup: Norton GoBack.lnk = D:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Download with &DAP - D:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - D:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Sothink SWF Decompiler - d:\Program Files\SourceTec\Sothink SWF Decompiler\InternetExplorer.htm
    O9 - Extra button: Run DAP (HKLM)
    O9 - Extra button: MoneySide (HKLM)
    O9 - Extra button: SWFDecompiler (HKLM)
    O9 - Extra 'Tools' menuitem: Sothink SWF Decompiler (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - http://office.microsoft.com/templates/ieawsdc.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {427273CC-764E-11D3-823D-006097F90453} (Pixami Image Editor Control) - http://www.imagestation.com/common/classes/BPImageEditor.cab?ver=1,1,0,30
    O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) - http://office.microsoft.com/productupdates/content/opuc.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37864.2061458333
    O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} - http://www.microsoft.com/security/controls/SassCln.CAB
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://officeupdate.microsoft.com/TemplateGallery/downloads/outc.cab
    O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{316F66FB-6CE3-4BFA-B4CF-DE07A65D7B05}: NameServer = 165.87.13.129,165.87.201.244
     
  12. FinestRanger

    FinestRanger

    Joined:
    Oct 13, 2003
    Messages:
    2,367
    jwevans,

    In the future, please start your own thread. We don't want you to get overlooked.

    You have an outdated version of HiJackThis. (It's currently at v1.98.2)

    To update HiJackThis:

    Open the program. click "Config..." --> "Misc. Tools" --> "Check for Update Online".

    Or:

    Please go to the link below and download HiJackThis:

    http://www.majorgeeks.com/download3155.html



    ***NOTE***Do not FIX anything without a log analyzer's guidance. MOST of what's listed is necessary for your computer to operate normally.

    Under "Official Downloads" HiJackThis. It's the 2nd one down.

    Download and unzip to a permanent folder of your own creation.

    Open HiJackThis. Click "Scan". Then, in the lower left corner, click "Save Log".

    Save it to your permanent HiJackThis folder (or floppy disk if necessary).

    The log will open in Notepad. Click "Edit" then "Select All".

    Copy and paste the log back to this thread.

    Alternate download links:

    http://www.spychecker.com/program/hijackthis.html

    http://www.spywareinfo.com/~merijn/downloads.html
     
  13. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/270344

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice