1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Slow browsing, forced reconnects, angry user

Discussion in 'Web & Email' started by mojo safari, Sep 19, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. mojo safari

    mojo safari Thread Starter

    Joined:
    Aug 8, 2003
    Messages:
    12
    hiya, everybody. my IE browsing experience is the pits. scrolling takes forever, highlighting a single word takes forever... BOO!! sometimes when i'm not on the 'net, my computer tries to connect, citing a random server that requests information. i HAD the msblaster problem, but i downloaded the patch, modified the registry, deleted some files and i figured i was okay. I was okay for maybe a week. Now everything just draaaaaaaaaaags along. i ran spybot... no dice. anybody know some stuff to try? thanks very much.

    i have:

    win xp pro
    IE 6.0
    kazaa lite installed (i dunno if that means anything)

    i have hijack this, but i didn't know if that was related. thank you for your consideration
     
  2. buckaroo

    buckaroo

    Joined:
    Mar 25, 2001
    Messages:
    3,334
    Post your Hijack This log here. Folks can check it out for you.

    :)
     
  3. mojo safari

    mojo safari Thread Starter

    Joined:
    Aug 8, 2003
    Messages:
    12
    okey dokey, here it is:

    Logfile of HijackThis v1.96.0
    Scan saved at 8:21:41 PM, on 9/19/2003
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\CTsvcCDA.EXE
    C:\WINDOWS\system32\crypserv.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\WINDOWS\System32\ltmsg.exe
    C:\WINDOWS\System32\tbctray.exe
    C:\Program Files\AIM95\aim.exe
    C:\Audio\CoolEdit Pro v2.0\coolpro2.exe
    C:\Program Files\DAP\DAP.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\Documents and Settings\default\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Extortioner
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.31.98.18:80
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System32\blank.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
    N1 - Netscape 4: user_pref("browser.startup.homepage", "www.google.com"); (C:\Program Files\Netscape\Users\a\prefs.js)
    O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - C:\PROGRAM FILES\DAP\DAPIEBAR.DLL
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar.dll
    O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9
    O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
    O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\System32\tbctray.exe
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
    O4 - Global Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\GoogleToolbar.dll/cmsearch.html
    O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
    O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\GoogleToolbar.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\GoogleToolbar.dll/cmcache.html
    O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
    O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\GoogleToolbar.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page - res://C:\WINDOWS\GoogleToolbar.dll/cmtrans.html
    O9 - Extra button: Encarta Encyclopedia (HKLM)
    O9 - Extra 'Tools' menuitem: Encarta Encyclopedia (HKLM)
    O9 - Extra button: Define (HKLM)
    O9 - Extra 'Tools' menuitem: Define (HKLM)
    O9 - Extra button: AIM (HKLM)
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O9 - Extra button: Yahoo! Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O9 - Extra button: Dell Home (HKCU)
    O9 - Extra button: NeoTrace It! (HKCU)
    O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct1_x.cab
    O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{725992C4-2EF6-4C4E-9EB8-E41CE9353F6F}: NameServer = 208.3.88.2 208.3.88.7
    O19 - User stylesheet: C:\WINDOWS\Web\oslogo.bmp
     
  4. buckaroo

    buckaroo

    Joined:
    Mar 25, 2001
    Messages:
    3,334
    Okay, you can have HJT fix this one:

    O19 - User stylesheet: C:\WINDOWS\Web\oslogo.bmp

    ...check it in HJT, close your browser, click FIX and reboot afterwards.

    Now, the next two may be legitimate. Are you using a proxy server?

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.31.98.18:80


    ...and leave this one if you recognize the IP address as either your ISP and/or network/router:

    O17 - HKLM\System\CCS\Services\Tcpip\..\{725992C4-2EF6-4C4E-9EB8-E41CE9353F6F}: NameServer = 208.3.88.2 208.3.88.7


    Afterwards, go here and download Spybot:

    http://www.safer-networking.org/index.php?lang=en&page=download

    ...after installing, have it go on line and download all updates. Then have it check your system for any problems. Everything it finds in RED is safe to Fix.

    Would also recommend a second opinion AV scan here:

    http://housecall.trendmicro.com/housecall/start_corp.asp

    :)
     
  5. e-liam

    e-liam

    Joined:
    Jun 19, 2003
    Messages:
    1,242
    Hi, mojo and Buckaroo,

    The DNS for the R1 entry doesn't resolve to anything, and the 017 entry resolves to Velocity.net.

    Hope that helps,

    Cheers

    Liam
     
  6. mojo safari

    mojo safari Thread Starter

    Joined:
    Aug 8, 2003
    Messages:
    12
    that did the trick, buckaroo. thanks for saving my *** again, guys.

    your biggest fan,
    mojo
     
  7. buckaroo

    buckaroo

    Joined:
    Mar 25, 2001
    Messages:
    3,334
    Liam, thanks, as usual, for your help here. (y)

    mojo, glad to hear things worked out. (y)
     
  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/166011

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice