# Computer so slow, won't connect to internet HJT log included...



## Luke101 (Oct 21, 2003)

Hey guys, my brothers computer is playing up, its so slow takes half an hour to move the mouse anywhere, also when he tries to connect to the internet it says 'can't detect dial tone' and there is a dial tone. I have made sure that everything is plugged in properly and that the modem line is working.
Apparantly he could detect to the internet fine, and the next day this problem just occured, without making any system changes (that he knew of) or installing new software etc.
Any ideas? Here is his HJT log:

------------------------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 16:46:59, on 29/01/07
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\AVSYNMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\RAPIDBLASTER\RB32.EXE
C:\SBPCI\CTMIX32.EXE
C:\PROGRAM FILES\DIAMOND\INCONTROL TOOLS 99\DMHKEY.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\VSSTAT.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\VSHWIN32.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\AVCONSOL.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\WEBSCANX.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ws1.appswebservice.com/index.php?tpid=10244&ttid=104
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.jethomepage.com/ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.freeserve.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Freeserve
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://www-cache.freeserve.com:8080;ftp=http://www-cache.freeserve.com:8080
R3 - Default URLSearchHook is missing
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.cis.strath.ac.uk"); (C:\Program Files\Netscape\Users\default\prefs.js)
O1 - Hosts: 216.40.230.4 desktop.kazaa.com
O1 - Hosts: 216.40.230.4 alpha.kazaa.com
O1 - Hosts: 216.40.230.4 shop.kazaa.com
O1 - Hosts: 217.116.231.7 aimtoday.aol.com
O1 - Hosts: 217.116.231.7 aimtoday.aol.com
O1 - Hosts: 217.116.231.7 aimtoday.aol.com
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [rb32 ml088e] "c:\program files\RapidBlaster\rb32.exe"
O4 - HKLM\..\Run: [CreativeMixer] C:\SBPCI\ctmix32.exe /T
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [McAfeeVirusScanService] C:\Program Files\Network Associates\VirusScan\AVSYNMGR.EXE
O4 - Startup: InControl Desktop Manager.lnk = C:\Program Files\Diamond\InControl Tools 99\DMHKEY.EXE
O4 - Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM\E_SRCV03.EXE
O9 - Extra button: AOL Instant Messenger (TM) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE (file missing)
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Freeserve - {1DDDDAA0-EAE7-11D3-AD17-84525882B440} - http://www.freeserve.net/ (file missing) (HKCU)
O12 - Plugin for .com/search?hl=en&q=odeon+cinemas+the+quay+help+number+talk+to+an+operator&btnI=I'm+Feeling+Lucky: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\nppdf32.dll
O12 - Plugin for .mid: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\npaudio.dll
O12 - Plugin for .wav: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\npaudio.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.com/
O16 - DPF: {D53B810F-6219-11D4-95B6-0040950375E7} - http://62.129.133.7/mt/dialers/on/UK/exe/010028.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.CAB
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c6.cab
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://66.117.37.13/dbn1767.exe
------------------------------------------------------------------------------------------

Thanks.


----------



## Luke101 (Oct 21, 2003)

any takers?


----------



## cybertech (Apr 16, 2002)

*Run HJT again and put a check in the following:*

R3 - Default URLSearchHook is missing
O1 - Hosts: 216.40.230.4 desktop.kazaa.com
O1 - Hosts: 216.40.230.4 alpha.kazaa.com
O1 - Hosts: 216.40.230.4 shop.kazaa.com
O1 - Hosts: 217.116.231.7 aimtoday.aol.com
O1 - Hosts: 217.116.231.7 aimtoday.aol.com
O1 - Hosts: 217.116.231.7 aimtoday.aol.com
O4 - HKLM\..\Run: [rb32 ml088e] "c:\program files\RapidBlaster\rb32.exe"
O16 - DPF: {D53B810F-6219-11D4-95B6-0040950375E7} - http://62.129.133.7/mt/dialers/on/UK/exe/010028.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemp...veSecurity.CAB
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/62.../bridge-c6.cab
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://66.117.37.13/dbn1767.exe

*Close all applications and browser windows before you click "fix checked".*

Run *Panda ActiveScan* *here*

Once you are on the Panda site click the "Scan your PC" button.
A new window will open... click the "Check Now" button.
Enter your Country.
Enter your State/Province.
Enter your e-mail address.
Select either Home User or Company.
Click the big "Scan Now" button.
If it wants to install an ActiveX component allow it.
It will start downloading the files it requires for the scan (Note: It may take a couple of minutes).
When download is complete, click on "Local Disks" to start the scan.
When the scan completes, if anything malicious is detected, click the "See Report" button; then "Save Report" and save it to a convenient location. Post the contents of the Panda scan report in your next reply.

*Post a new HiJack This log along with the results from ActiveScan.*


----------



## Luke101 (Oct 21, 2003)

ok i deleted the the things you said i should, but because it is saying it cannot dected a dial tone i cant go to panda viruscan. there is no hardware problem there is some software setting that is disallowing me to connect to the internet, any thoughts?


----------



## cybertech (Apr 16, 2002)

Post a new HiJackThis log.


----------



## Luke101 (Oct 21, 2003)

---------------------------------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 18:22:09, on 15/03/07
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\AVSYNMGR.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\SBPCI\CTMIX32.EXE
C:\PROGRAM FILES\DIAMOND\INCONTROL TOOLS 99\DMHKEY.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\VSSTAT.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\VSHWIN32.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\AVCONSOL.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\WEBSCANX.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ws1.appswebservice.com/index.php?tpid=10244&ttid=104
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.jethomepage.com/ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.freeserve.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Freeserve
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://www-cache.freeserve.com:8080;ftp=http://www-cache.freeserve.com:8080
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.cis.strath.ac.uk"); (C:\Program Files\Netscape\Users\default\prefs.js)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CreativeMixer] C:\SBPCI\ctmix32.exe /T
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [McAfeeVirusScanService] C:\Program Files\Network Associates\VirusScan\AVSYNMGR.EXE
O4 - Startup: InControl Desktop Manager.lnk = C:\Program Files\Diamond\InControl Tools 99\DMHKEY.EXE
O4 - Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM\E_SRCV03.EXE
O9 - Extra button: AOL Instant Messenger (TM) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE (file missing)
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Freeserve - {1DDDDAA0-EAE7-11D3-AD17-84525882B440} - http://www.freeserve.net/ (file missing) (HKCU)
O12 - Plugin for .com/search?hl=en&q=odeon+cinemas+the+quay+help+number+talk+to+an+operator&btnI=I'm+Feeling+Lucky: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\nppdf32.dll
O12 - Plugin for .mid: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\npaudio.dll
O12 - Plugin for .wav: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\npaudio.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.com/
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

---------------------------------------------------------------------------


----------



## flavallee (May 12, 2002)

Click Start - Run, type in *MSCONFIG*, then click OK - "Startup" tab. Remove the checkmark from:

*TaskMonitor*

*LoadPowerProfile*

*CreativeMixer*

*LoadPowerProfile*

*InControl Desktop Manager*

*EPSON Status Monitor 3 Environment Check*

Click Apply - OK afterwards, then restart your computer.

-------------------------------------------------------------------------------------

Open the following TEMP folders:

*C:\TEMP*
(Note: Not all computers have this folder)

*C:\WINDOWS\TEMP*

then delete all files and folders from inside these TEMP folders.

Restart your computer again.

--------------------------------------------------------------------------------------

You should update Internet Explorer to *6.0 SP1*. You appear to have the original 6.0 version.

--------------------------------------------------------------------------------------


----------



## cybertech (Apr 16, 2002)

Log looks good! :up: Any problems?


Thanks for your input flavallee!!


----------



## flavallee (May 12, 2002)

:up:


----------



## Luke101 (Oct 21, 2003)

well its running a little better thanks, but any ideas on how to get it to connect to the internet? It just keeps saying can't detect dial tone.


----------



## cybertech (Apr 16, 2002)

This problem can be caused by a number of issues.

The phone cord could be plugged into the wrong jack. 
Modem damage caused by lightning, have you had any storms while using the computer?
Have you tried reloading the modem drivers?


----------

