mhaysom123
asked on
Web pages keep coming up as 'this page cannot be displayed'..?
Hi, not sure if this is the right catagory to post this...
What it is, every now and then my internet slows down to the point it thinks its disconnected..
pages keep coming up as unavaliable etc..
ive noticed that people post their hijackthis log to see if anything is running which shouldnt...?
this is mine...
Logfile of HijackThis v1.97.7
Scan saved at 19:37:07, on 31/08/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\Program Files\Ahead\InCD\InCDsrv.e
C:\WINDOWS\system32\spools
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.
C:\WINDOWS\System32\nvsvc3
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RunDll
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\WINDOWS\System32\gsicon
C:\WINDOWS\System32\dslage
C:\Program Files\iTunes\iTunesHelper.
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe
C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\iPod\bin\iPodService
C:\Program Files\Winad Client\Winad.exe
C:\WINDOWS\System32\RUNDLL
C:\WINDOWS\System32\rundll
C:\WINDOWS\System32\ctfmon
C:\Program Files\Winad Client\WinClt.exe
C:\WINDOWS\System32\wpabal
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Mat\Desktop\Hijac
R0 - HKCU\Software\Microsoft\In
N3 - Netscape 7: user_pref("browser.search.
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-D
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-2
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-0
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-C
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-0
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-0
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real Alternative\Update_OB\real
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCh
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTR
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe
O4 - Startup: Binatone ADSL 500 USB Modem Dial-Up PPP Connection.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Ad
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-9
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2
O16 - DPF: {644E432F-49D3-41A1-8DD5-E
O16 - DPF: {9F1C11AA-197B-4942-BA54-4
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4
O17 - HKLM\System\CCS\Services\T
Hopefully someone will notice something which shouldnt be there...?
I also keep getting pop ups with adaware running and having run several other spyware progs...?
please help! :(
cheers
mat
What it is, every now and then my internet slows down to the point it thinks its disconnected..
pages keep coming up as unavaliable etc..
ive noticed that people post their hijackthis log to see if anything is running which shouldnt...?
this is mine...
Logfile of HijackThis v1.97.7
Scan saved at 19:37:07, on 31/08/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\Program Files\Ahead\InCD\InCDsrv.e
C:\WINDOWS\system32\spools
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.
C:\WINDOWS\System32\nvsvc3
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RunDll
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\WINDOWS\System32\gsicon
C:\WINDOWS\System32\dslage
C:\Program Files\iTunes\iTunesHelper.
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe
C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\iPod\bin\iPodService
C:\Program Files\Winad Client\Winad.exe
C:\WINDOWS\System32\RUNDLL
C:\WINDOWS\System32\rundll
C:\WINDOWS\System32\ctfmon
C:\Program Files\Winad Client\WinClt.exe
C:\WINDOWS\System32\wpabal
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Mat\Desktop\Hijac
R0 - HKCU\Software\Microsoft\In
N3 - Netscape 7: user_pref("browser.search.
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-D
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-2
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-0
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-C
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-0
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-0
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real Alternative\Update_OB\real
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCh
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTR
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe
O4 - Startup: Binatone ADSL 500 USB Modem Dial-Up PPP Connection.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Ad
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-9
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2
O16 - DPF: {644E432F-49D3-41A1-8DD5-E
O16 - DPF: {9F1C11AA-197B-4942-BA54-4
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4
O17 - HKLM\System\CCS\Services\T
Hopefully someone will notice something which shouldnt be there...?
I also keep getting pop ups with adaware running and having run several other spyware progs...?
please help! :(
cheers
mat
ASKER
ok, will do
cheers
cheers
keep me informed,,,, good luck =)
ASKER
I ran the progrma, seems a little bit better but i still get these annoying pop ups...?
i keep running adaware etc but it cant find anything...?
cheers
mat
i keep running adaware etc but it cant find anything...?
cheers
mat
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
sorry forgot to say you should look at the above suspects
cheers
cheers
ASKER
hi,
i have checked out the above lines you have both told me, im gonna see how it goes for a while and see if its sorted...
cheers
mat
i have checked out the above lines you have both told me, im gonna see how it goes for a while and see if its sorted...
cheers
mat
nwiz and nview are related to nvidia cards
nwiz >> http://www.liutilities.com/products/wintaskspro/processlibrary/nwiz/
nview >> http://www.windowsstartup.com/wso/detail.php?id=3500
Gsicon.exe >> http://computercops.biz/startuplist-1357.html
and Yes that O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe is adware.... sorry for not catching it =\
winad.exe >> http://www.2-spyware.com/file-winad-exe.html
nwiz >> http://www.liutilities.com/products/wintaskspro/processlibrary/nwiz/
nview >> http://www.windowsstartup.com/wso/detail.php?id=3500
Gsicon.exe >> http://computercops.biz/startuplist-1357.html
and Yes that O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe is adware.... sorry for not catching it =\
winad.exe >> http://www.2-spyware.com/file-winad-exe.html
ASKER
cheers for your help,
not sure who to give the points to, or to split them??? SheharyaarSaahil, you did spot both of them and did notice that three of the ones ahmedbahgat left
were from my nvidia card... but ahmedbahgat also spotted a adaware file..
what do you two think i should do?
what is fair in this case?
if i dont hear from either soon, ill split the points...
cheers
mat
not sure who to give the points to, or to split them??? SheharyaarSaahil, you did spot both of them and did notice that three of the ones ahmedbahgat left
were from my nvidia card... but ahmedbahgat also spotted a adaware file..
what do you two think i should do?
what is fair in this case?
if i dont hear from either soon, ill split the points...
cheers
mat
well i have not at all any objection on a Split :)
me either, i always prefer to play it fair and square with other fellow experts
cheers
cheers
ASKER
glad we have came to a fair agreement,
cheers
:)
cheers
:)
yeps cheers ^_^
First Try running this Winsock Repair for XP:
http://www.spychecker.com/program/winsockxpfix.html
Post back if still no luck !!