Solved

Web pages keep coming up as 'this page cannot be displayed'..?

Posted on 2004-08-31
14
393 Views
Last Modified: 2010-04-12
Hi, not sure if this is the right catagory to post this...

What it is, every now and then my internet slows down to the point it thinks its disconnected..

pages keep coming up as unavaliable etc..

ive noticed that people post their hijackthis log to see if anything is running which shouldnt...?

this is mine...

Logfile of HijackThis v1.97.7
Scan saved at 19:37:07, on 31/08/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\WINDOWS\System32\gsicon.exe
C:\WINDOWS\System32\dslagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe
C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Winad Client\Winad.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Winad Client\WinClt.exe
C:\WINDOWS\System32\wpabaln.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Mat\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_UK.src"); (C:\Documents and Settings\Mat\Application Data\Mozilla\Profiles\default\g0pmza53.slt\prefs.js)
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real Alternative\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Binatone ADSL 500 USB Modem Dial-Up PPP Connection.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=cc52c756fbce80616e76f1bd00dad74aa23f57be10ba09389874a5097819eee8bfbfa3ff85ae40cca0bc82d4d46085e9edc1b095:92ac1d8df1256210b9b3758abfcae556
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) - http://download.microsoft.com/download/0/5/c/05c905f4-dd30-427d-a3de-373c3e5552fc/msSecAdv.cab?1092747912913
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38216.2531018518
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2212092D-3FF9-4313-80B0-53B645FED05D}: NameServer = 212.159.13.49 212.159.13.50

Hopefully someone will notice something which shouldnt be there...?

I also keep getting pop ups with adaware running and having run several other spyware progs...?

please help! :(

cheers

mat
0
Comment
Question by:mhaysom123
  • 6
  • 5
  • 3
14 Comments
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11945283
Hello mhaysom123 =)

First Try running this Winsock Repair for XP:
http://www.spychecker.com/program/winsockxpfix.html

Post back if still no luck !!
0
 

Author Comment

by:mhaysom123
ID: 11946905
ok, will do

cheers
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11946922
keep me informed,,,, good luck =)
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:mhaysom123
ID: 11950464
I ran the progrma, seems a little bit better but i still get these annoying pop ups...?

i keep running adaware etc but it cant find anything...?

cheers

mat
0
 
LVL 65

Accepted Solution

by:
SheharyaarSaahil earned 100 total points
ID: 11950925
check this line and click on Fix Checked >> O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll
Then Disable ur Messenger Service if its running >> http://www.itc.virginia.edu/desktop/docs/messagepopup/

Restart and now check ??
0
 
LVL 16

Assisted Solution

by:ahmedbahgat
ahmedbahgat earned 100 total points
ID: 11960786
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook


cheers
0
 
LVL 16

Expert Comment

by:ahmedbahgat
ID: 11960796
sorry forgot to say you should look at the above suspects

cheers
0
 

Author Comment

by:mhaysom123
ID: 11961531
hi,

i have checked out the above lines you have both told me, im gonna see how it goes for a while and see if its sorted...

cheers

mat
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11961858
nwiz and nview are related to nvidia cards

nwiz >> http://www.liutilities.com/products/wintaskspro/processlibrary/nwiz/
nview >> http://www.windowsstartup.com/wso/detail.php?id=3500
Gsicon.exe >> http://computercops.biz/startuplist-1357.html

and Yes that O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe is adware.... sorry for not catching it =\
winad.exe >> http://www.2-spyware.com/file-winad-exe.html
0
 

Author Comment

by:mhaysom123
ID: 11979948
cheers for your help,

not sure who to give the points to, or to split them??? SheharyaarSaahil, you did spot both of them and did notice that three of the ones ahmedbahgat  left
were from my nvidia card... but ahmedbahgat also spotted a adaware file..

what do you two think i should do?

what is fair in this case?

if i dont hear from either soon, ill split the points...

cheers

mat
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11980090
well i have not at all any objection on a Split :)
0
 
LVL 16

Expert Comment

by:ahmedbahgat
ID: 11982455
me either, i always prefer to play it fair and square with other fellow experts

cheers
0
 

Author Comment

by:mhaysom123
ID: 11983943
glad we have came to a fair agreement,

cheers

:)
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11983947
yeps cheers ^_^
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
I've been an avid user and supporter of Malwarebytes Premium Version 2.x for years. It's an excellent product that runs alongside just about any Anti-Virus application without issues. It seems to have an uncanny ability to pick up many things that A…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question