Slow browsing, forced reconnects, angry user

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

mojo safari

Thread Starter
Joined
Aug 8, 2003
Messages
12
hiya, everybody. my IE browsing experience is the pits. scrolling takes forever, highlighting a single word takes forever... BOO!! sometimes when i'm not on the 'net, my computer tries to connect, citing a random server that requests information. i HAD the msblaster problem, but i downloaded the patch, modified the registry, deleted some files and i figured i was okay. I was okay for maybe a week. Now everything just draaaaaaaaaaags along. i ran spybot... no dice. anybody know some stuff to try? thanks very much.

i have:

win xp pro
IE 6.0
kazaa lite installed (i dunno if that means anything)

i have hijack this, but i didn't know if that was related. thank you for your consideration
 

mojo safari

Thread Starter
Joined
Aug 8, 2003
Messages
12
okey dokey, here it is:

Logfile of HijackThis v1.96.0
Scan saved at 8:21:41 PM, on 9/19/2003
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\ltmsg.exe
C:\WINDOWS\System32\tbctray.exe
C:\Program Files\AIM95\aim.exe
C:\Audio\CoolEdit Pro v2.0\coolpro2.exe
C:\Program Files\DAP\DAP.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Documents and Settings\default\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Extortioner
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.31.98.18:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System32\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
N1 - Netscape 4: user_pref("browser.startup.homepage", "www.google.com"); (C:\Program Files\Netscape\Users\a\prefs.js)
O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - C:\PROGRAM FILES\DAP\DAPIEBAR.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar.dll
O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\System32\tbctray.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - Global Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\GoogleToolbar.dll/cmsearch.html
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\GoogleToolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\GoogleToolbar.dll/cmcache.html
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\GoogleToolbar.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page - res://C:\WINDOWS\GoogleToolbar.dll/cmtrans.html
O9 - Extra button: Encarta Encyclopedia (HKLM)
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia (HKLM)
O9 - Extra button: Define (HKLM)
O9 - Extra 'Tools' menuitem: Define (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Yahoo! Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Dell Home (HKCU)
O9 - Extra button: NeoTrace It! (HKCU)
O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct1_x.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{725992C4-2EF6-4C4E-9EB8-E41CE9353F6F}: NameServer = 208.3.88.2 208.3.88.7
O19 - User stylesheet: C:\WINDOWS\Web\oslogo.bmp
 
Joined
Mar 25, 2001
Messages
3,334
Okay, you can have HJT fix this one:

O19 - User stylesheet: C:\WINDOWS\Web\oslogo.bmp

...check it in HJT, close your browser, click FIX and reboot afterwards.

Now, the next two may be legitimate. Are you using a proxy server?

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.31.98.18:80


...and leave this one if you recognize the IP address as either your ISP and/or network/router:

O17 - HKLM\System\CCS\Services\Tcpip\..\{725992C4-2EF6-4C4E-9EB8-E41CE9353F6F}: NameServer = 208.3.88.2 208.3.88.7


Afterwards, go here and download Spybot:

http://www.safer-networking.org/index.php?lang=en&page=download

...after installing, have it go on line and download all updates. Then have it check your system for any problems. Everything it finds in RED is safe to Fix.

Would also recommend a second opinion AV scan here:

http://housecall.trendmicro.com/housecall/start_corp.asp

:)
 
Joined
Jun 19, 2003
Messages
1,241
Hi, mojo and Buckaroo,

The DNS for the R1 entry doesn't resolve to anything, and the 017 entry resolves to Velocity.net.

Hope that helps,

Cheers

Liam
 

mojo safari

Thread Starter
Joined
Aug 8, 2003
Messages
12
that did the trick, buckaroo. thanks for saving my *** again, guys.

your biggest fan,
mojo
 
Joined
Mar 25, 2001
Messages
3,334
Liam, thanks, as usual, for your help here. (y)

mojo, glad to hear things worked out. (y)
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top