this is an urgent problem thanks
i was gone for about 5 days and i dunno if my dad used the internet or not but when i got back my dad went to check his email and was complaining that yahoo mail wont work so i thought "the site must be down right now"
and for some reason, the windows genuine popup kept coming up... it wasnt there 5 days ago when i left!!
then i tried to check my mail on hotmail and the page wouldnt load for me either!! i tried both IE and FF
then i tried facebook then it wouldnt load!
i tried yahoo.co.kr
i tried soompi.com/forums
i tried solid.net/forums
i tried microsoft.com
i tried MSN messenger
i tried bunch of other stuff but they all wouldnt load up!!!
but google worked FINE!!! so i tried to google stuff to fix the problem and the sites on google wouldnt load up!!
so i had to look at the sites in "cached" mode on google and found little information
then 2 days later... all those sites worked again all of the sudden... but my computer had been on for at least 2 hours prior not working... so i thought to myself "maybe it's fixed now" and was all happy and went to sleep
the next day i turned my computer on and it wouldnt load up again!! i was so annoyed... i tried to delete things and restart and run ad-aware, virobot couple times but it still did nothing
so today, i tried everything again, but no luck like last time so i gave up and was gonna format the computer but then after 1 hour and 46 mins of being online, the sites worked again!! so im typing this now cuz i know i cant even get to soompi if i turn my comp off
i dunno what happened!!! can someone help me pleaseeeee thanks
sorry it's so long to explain but i felt like i needed to
Page 1 of 1
Internet Loading Problem! Help very weird problem and annoying
#1
- attack life. it's going to kill you anyway.
-
- Group: Members
- Posts: 1,724
- Joined: 05-October 05
Posted 18 August 2006 - 07:24 PM
#2
- Girl groups rule!
-
- Group: Friends of Soompi
- Posts: 1,755
- Joined: 07-March 06
Posted 18 August 2006 - 07:42 PM
Are you on a router? Cable/DSL? Can you scan your computer with HijackThis! and post the log file?
There's only three things I can think of that might fit this situation.
1) loose or bad cable/connection to your router or cable/dsl modem.
2) Intermittent service outtage with your cable/dsl ISP
3) Some undetected malware is interfering with your internet.
Posting the HijackThis! log file can help to detect problem #3. Problem #1 you're gonna have to figure out. Problem #2 you can't really do anything about. I can't think of any other likely causes other than these 3.
There's only three things I can think of that might fit this situation.
1) loose or bad cable/connection to your router or cable/dsl modem.
2) Intermittent service outtage with your cable/dsl ISP
3) Some undetected malware is interfering with your internet.
Posting the HijackThis! log file can help to detect problem #3. Problem #1 you're gonna have to figure out. Problem #2 you can't really do anything about. I can't think of any other likely causes other than these 3.
#3
- attack life. it's going to kill you anyway.
-
- Group: Members
- Posts: 1,724
- Joined: 05-October 05
Posted 18 August 2006 - 08:07 PM
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ViRobotXP\vrmonsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ViRobotXP\vrmonnt.exe
C:\Program Files\ViRobotXP\Vrres.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\DSB\dsb.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Tony Ko\Desktop\jay pic\utorrent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ESTsoft\ALZip\ALZip.exe
C:\Documents and Settings\Tony Ko\Local Settings\Temp\_AZTMP7_\HijackThis.exe
O1 - Hosts: 200.73.174.154 STORAGE.HOSTANCE.NET
O1 - Hosts: 200.73.174.154 STORAGE-TASP.COM
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: (no name) - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - (no file)
O4 - HKLM\..\Run: [Vrmon] C:\Program Files\ViRobotXP\vrmonnt.exe Main
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VrSchedule] C:\Program Files\ViRobotXP\Vrres.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [VrBootScan] C:\Program Files\ViRobotXP\VRBScan.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Djivgeo] C:\Program Files\Bvjqp\Trfwfu.exe
O4 - HKLM\..\Run: [miniport] C:\WINDOWS\System32\usbmon.exe /start
O4 - HKLM\..\Run: [wise] C:\Program Files\Common files\clockwise.exe -boot
O4 - HKLM\..\Run: [Dit] C:\WINDOWS\System32\dit.exe
O4 - HKLM\..\Run: [PowerChute] C:\Program Files\APC_Power\Pwrchute.exe -boot_time
O4 - HKLM\..\Run: [3capplnk] C:\Program Files\US Robotics\\3capplnk.exe
O4 - HKLM\..\Run: [eTrust Realtime Monitor] C:\WINDOWS\System32\realmon.exe /start
O4 - HKLM\..\Run: [Recguard] C:\Program Files\HP\recguard.exe
O4 - HKLM\..\Run: [WIZZ] C:\Program Files\WIZZ\dazzler.exe
O4 - HKLM\..\Run: [DSB] C:\Program Files\DSB\dsb.exe
O4 - HKLM\..\Run: [SHA256] C:\Program Files\SHA256\secure.exe
O4 - HKLM\..\Run: [REAL] C:\Program Files\REAL\realjbox.exe
O4 - HKLM\..\Run: [LocalProxy] C:\Program Files\LocalProxy\proxy4free.exe
O4 - HKLM\..\Run: [AdsBlocker] C:\Program Files\AdsBlocker\stopAds.exe
O4 - HKCU\..\Run: [Fileguri] "C:\Program Files\Freechal\Fileguri\Fileguri.exe" PathFileguri /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
O16 - DPF: {36F46B1E-11B7-4221-B4F7-F1FC9687E7F6} (MBox Control) - http://kr.music.yahoo.com/m_box/component/mbox.cab
O16 - DPF: {3EADA53C-9292-4FF5-AB34-8F0B2B6B3E8C} (EZEditorReg.EZEditorRegCtl) - http://kms.naracredit.com/eaeditor/EZEditorReg.CAB
O16 - DPF: {4E52C32F-C143-4963-A758-2DB07703CB49} (YahooCS Class) - http://kr.memo.yahoo.com/CAB/YahooWCS.cab
O16 - DPF: {5876CAD0-1636-42EA-AC50-4C06F3196089} (HanGamePlugin19 Class) - http://down.hangame.com/dist/activex/HanGamePlugin19.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1095353410593
O16 - DPF: {68253470-5D4F-4CDF-8D9C-353C14A2F013} (SVPorsche Control) - http://img.yahoo.co.kr/multi/2005/tool/pla...6/SVPorsche.cab
O16 - DPF: {9BDBC41E-C335-4263-83C0-ECE78EE28A33} (SysMonOCX Control) - http://ahnlabdownload.nefficient.co.kr/plu...yfirewall20.cab
O16 - DPF: {9BED3AC7-E6D4-43E7-B8A1-1FA502F639E1} (XTools Control) - http://player.bugs.co.kr/install/mv/XTools.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {B9DD5FFF-776D-4E53-93D3-A4463E63AD86} (CN°OAOA¢¼OCA·I±×·¥) - http://cdn.hangame.com/hangame/messenger/h...g/HanWebMsg.cab
O16 - DPF: {E404BDB2-C604-4200-A549-3FA714BBC431} (Soribada1.adware_Scan) - http://www.soribada.com/security/soribada1.CAB
O16 - DPF: {FFFF0001-0001-101A-A3C9-08002B2F49FC} - http://www.desktoplife.net/adulti.exe
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ViRobot Expert Monitoring (vrmonsvc) - HAURI - C:\Program Files\ViRobotXP\vrmonsvc.exe
----------------------------------------------
i dunno if i posted the right thing... but it seems awfully long...
but keep in mind that my internet is working properly at this state... i dont know how it would be when it's not working properly
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ViRobotXP\vrmonsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ViRobotXP\vrmonnt.exe
C:\Program Files\ViRobotXP\Vrres.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\DSB\dsb.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Tony Ko\Desktop\jay pic\utorrent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ESTsoft\ALZip\ALZip.exe
C:\Documents and Settings\Tony Ko\Local Settings\Temp\_AZTMP7_\HijackThis.exe
O1 - Hosts: 200.73.174.154 STORAGE.HOSTANCE.NET
O1 - Hosts: 200.73.174.154 STORAGE-TASP.COM
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: (no name) - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - (no file)
O4 - HKLM\..\Run: [Vrmon] C:\Program Files\ViRobotXP\vrmonnt.exe Main
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VrSchedule] C:\Program Files\ViRobotXP\Vrres.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [VrBootScan] C:\Program Files\ViRobotXP\VRBScan.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Djivgeo] C:\Program Files\Bvjqp\Trfwfu.exe
O4 - HKLM\..\Run: [miniport] C:\WINDOWS\System32\usbmon.exe /start
O4 - HKLM\..\Run: [wise] C:\Program Files\Common files\clockwise.exe -boot
O4 - HKLM\..\Run: [Dit] C:\WINDOWS\System32\dit.exe
O4 - HKLM\..\Run: [PowerChute] C:\Program Files\APC_Power\Pwrchute.exe -boot_time
O4 - HKLM\..\Run: [3capplnk] C:\Program Files\US Robotics\\3capplnk.exe
O4 - HKLM\..\Run: [eTrust Realtime Monitor] C:\WINDOWS\System32\realmon.exe /start
O4 - HKLM\..\Run: [Recguard] C:\Program Files\HP\recguard.exe
O4 - HKLM\..\Run: [WIZZ] C:\Program Files\WIZZ\dazzler.exe
O4 - HKLM\..\Run: [DSB] C:\Program Files\DSB\dsb.exe
O4 - HKLM\..\Run: [SHA256] C:\Program Files\SHA256\secure.exe
O4 - HKLM\..\Run: [REAL] C:\Program Files\REAL\realjbox.exe
O4 - HKLM\..\Run: [LocalProxy] C:\Program Files\LocalProxy\proxy4free.exe
O4 - HKLM\..\Run: [AdsBlocker] C:\Program Files\AdsBlocker\stopAds.exe
O4 - HKCU\..\Run: [Fileguri] "C:\Program Files\Freechal\Fileguri\Fileguri.exe" PathFileguri /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
O16 - DPF: {36F46B1E-11B7-4221-B4F7-F1FC9687E7F6} (MBox Control) - http://kr.music.yahoo.com/m_box/component/mbox.cab
O16 - DPF: {3EADA53C-9292-4FF5-AB34-8F0B2B6B3E8C} (EZEditorReg.EZEditorRegCtl) - http://kms.naracredit.com/eaeditor/EZEditorReg.CAB
O16 - DPF: {4E52C32F-C143-4963-A758-2DB07703CB49} (YahooCS Class) - http://kr.memo.yahoo.com/CAB/YahooWCS.cab
O16 - DPF: {5876CAD0-1636-42EA-AC50-4C06F3196089} (HanGamePlugin19 Class) - http://down.hangame.com/dist/activex/HanGamePlugin19.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1095353410593
O16 - DPF: {68253470-5D4F-4CDF-8D9C-353C14A2F013} (SVPorsche Control) - http://img.yahoo.co.kr/multi/2005/tool/pla...6/SVPorsche.cab
O16 - DPF: {9BDBC41E-C335-4263-83C0-ECE78EE28A33} (SysMonOCX Control) - http://ahnlabdownload.nefficient.co.kr/plu...yfirewall20.cab
O16 - DPF: {9BED3AC7-E6D4-43E7-B8A1-1FA502F639E1} (XTools Control) - http://player.bugs.co.kr/install/mv/XTools.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {B9DD5FFF-776D-4E53-93D3-A4463E63AD86} (CN°OAOA¢¼OCA·I±×·¥) - http://cdn.hangame.com/hangame/messenger/h...g/HanWebMsg.cab
O16 - DPF: {E404BDB2-C604-4200-A549-3FA714BBC431} (Soribada1.adware_Scan) - http://www.soribada.com/security/soribada1.CAB
O16 - DPF: {FFFF0001-0001-101A-A3C9-08002B2F49FC} - http://www.desktoplife.net/adulti.exe
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ViRobot Expert Monitoring (vrmonsvc) - HAURI - C:\Program Files\ViRobotXP\vrmonsvc.exe
----------------------------------------------
i dunno if i posted the right thing... but it seems awfully long...
but keep in mind that my internet is working properly at this state... i dont know how it would be when it's not working properly
#4
- Girl groups rule!
-
- Group: Friends of Soompi
- Posts: 1,755
- Joined: 07-March 06
Posted 19 August 2006 - 02:00 AM
O1 - Hosts: 200.73.174.154 STORAGE.HOSTANCE.NET * See Notes 1
O1 - Hosts: 200.73.174.154 STORAGE-TASP.COM * See Notes 1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll * See Notes 2
O3 - Toolbar: (no name) - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - (no file)
O4 - HKLM\..\Run: [Vrmon] C:\Program Files\ViRobotXP\vrmonnt.exe Main
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VrSchedule] C:\Program Files\ViRobotXP\Vrres.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [VrBootScan] C:\Program Files\ViRobotXP\VRBScan.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe * See Notes 2
O4 - HKLM\..\Run: [Djivgeo] C:\Program Files\Bvjqp\Trfwfu.exe * See Notes 3
O4 - HKLM\..\Run: [miniport] C:\WINDOWS\System32\usbmon.exe /start
O4 - HKLM\..\Run: [wise] C:\Program Files\Common files\clockwise.exe -boot
O4 - HKLM\..\Run: [Dit] C:\WINDOWS\System32\dit.exe
O4 - HKLM\..\Run: [PowerChute] C:\Program Files\APC_Power\Pwrchute.exe -boot_time
O4 - HKLM\..\Run: [3capplnk] C:\Program Files\US Robotics\\3capplnk.exe
O4 - HKLM\..\Run: [eTrust Realtime Monitor] C:\WINDOWS\System32\realmon.exe /start
O4 - HKLM\..\Run: [Recguard] C:\Program Files\HP\recguard.exe
O4 - HKLM\..\Run: [WIZZ] C:\Program Files\WIZZ\dazzler.exe Get rid of this spyware
O4 - HKLM\..\Run: [DSB] C:\Program Files\DSB\dsb.exe Spyware. Get rid of it
O4 - HKLM\..\Run: [SHA256] C:\Program Files\SHA256\secure.exe * See Notes 4
O4 - HKLM\..\Run: [REAL] C:\Program Files\REAL\realjbox.exe * See Notes 5
O4 - HKLM\..\Run: [LocalProxy] C:\Program Files\LocalProxy\proxy4free.exe
O4 - HKLM\..\Run: [AdsBlocker] C:\Program Files\AdsBlocker\stopAds.exe
O4 - HKCU\..\Run: [Fileguri] "C:\Program Files\Freechal\Fileguri\Fileguri.exe" PathFileguri /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
O16 - DPF: {36F46B1E-11B7-4221-B4F7-F1FC9687E7F6} (MBox Control) - http://kr.music.yahoo.com/m_box/component/mbox.cab
O16 - DPF: {3EADA53C-9292-4FF5-AB34-8F0B2B6B3E8C} (EZEditorReg.EZEditorRegCtl) - http://kms.naracredit.com/eaeditor/EZEditorReg.CAB
O16 - DPF: {4E52C32F-C143-4963-A758-2DB07703CB49} (YahooCS Class) - http://kr.memo.yahoo.com/CAB/YahooWCS.cab
O16 - DPF: {5876CAD0-1636-42EA-AC50-4C06F3196089} (HanGamePlugin19 Class) - http://down.hangame.com/dist/activex/HanGamePlugin19.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1095353410593
O16 - DPF: {68253470-5D4F-4CDF-8D9C-353C14A2F013} (SVPorsche Control) - http://img.yahoo.co.kr/multi/2005/tool/pla...6/SVPorsche.cab
O16 - DPF: {9BDBC41E-C335-4263-83C0-ECE78EE28A33} (SysMonOCX Control) - http://ahnlabdownload.nefficient.co.kr/plu...yfirewall20.cab
O16 - DPF: {9BED3AC7-E6D4-43E7-B8A1-1FA502F639E1} (XTools Control) - http://player.bugs.co.kr/install/mv/XTools.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {B9DD5FFF-776D-4E53-93D3-A4463E63AD86} (CN°OAOA¢¼OCA·I±×·¥) - http://cdn.hangame.com/hangame/messenger/h...g/HanWebMsg.cab
O16 - DPF: {E404BDB2-C604-4200-A549-3FA714BBC431} (Soribada1.adware_Scan) - http://www.soribada.com/security/soribada1.CAB
O16 - DPF: {FFFF0001-0001-101A-A3C9-08002B2F49FC} - http:/www.desktoplife.net/adulti.exe * See Notes 6
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll * See Notes 7
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ViRobot Expert Monitoring (vrmonsvc) - HAURI - C:\Program Files\ViRobotXP\vrmonsvc.exe
You've got alot of stuff autoloading on your system. I don't see anything that jumps out at me as being THE absolute cause of your problems. But at the very least you do have some trojans and spyware. I recommend you rescan with HijackThis! then checkmark each of the items you see in red then click the "Fix Checked" button to stop them from autoloading in windows. After you unload them, I'd wait a few seconds then RESCAN to see if any of those entries came back. If any of the entries came back, then that most likely means you've got some malicious program (trojan or whatever) running in the background and it's preventing you from getting rid of it. You'll need to CTRL-ALT-DELETE then End Task on whatever it is then try to unhook it again.
The stuff in blue you CAN leave alone if you want... but I'd recommend you stop them from loading as well. Mostly because I can't see a reason for you to have them loading up and wasting resources. Actually, if it was my computer then there'd be ALOT more stuff from your list I'd remove. It's better to keep your system running lean... less likely to be conflicts and stuff. For example, your adstopper and anti-spyware programs. All you really need is Firefox, Zonealarm and your favorite anti-virus program and that's it. Even my anti-virus program isn't set to autoload cuz the slowdown is unacceptable to me.
There are a few things you should note however before you begin unhooking the programs above from auto-loading in windows...
Note 1: These two entries look highly suspicious. Unless you KNOW for sure it's something needed and safe, I would delete these two entries immediately. Generally anything that touches your HOSTS file is a big NO NO. If anything here might be the cause of your problems, this could be it.
Note 2: ssv.dll is an Active X file for Sun's Java Virtual machine. Although it's not necessarily dangerous, unless you require the use of a Java Virtual Machine, I'd get rid of it. If anything, it's one less thing that can be exploited and it saves on resources. Jusched.exe automatically checks the internet for updates. Like many things it's a waste of resources and your time to have it autoload everytime windows is turned on.
Note 3: This is a trojan. Browse to the folder and delete it immediately. Watch carefully and see if it reappears under a different folder and/or filename! If it does, you have to either End Task it from memory first or go to more extreme measures which I won't explain unless it becomes neccessary.
Note 4: C:\Program Files\SHA256\secure.exe could either be an encryption program for your email or something else like that. Perhaps either you or your dad would know about this... perhaps you even use it. If both of you do NOT know what this is, then delete it. This program is also used by some trojans as well which is why it's YOUR call on what to do with this.
Note 5: Unless you actually use Real Jukebox (like for your mp3 player or something like that), then there's no reason for it to be autoloading.
Note 6: Unless you know what this is and know of a reason WHY this file HAS to be autoloading, then I'd delete it immediately. It looks highly suspicious.
Note 7: Windows Genuine Advantage nag file. I don't think Microsoft's WGA actually interferes with people's internet connection but I'd get rid of it anyways. Google is your friend.
PS: I'm not sure if any of these are the cause of your internet problems. But it doesn't hurt to get rid of them. And who knows? Hopefully your problems will go away.
O1 - Hosts: 200.73.174.154 STORAGE-TASP.COM * See Notes 1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll * See Notes 2
O3 - Toolbar: (no name) - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - (no file)
O4 - HKLM\..\Run: [Vrmon] C:\Program Files\ViRobotXP\vrmonnt.exe Main
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VrSchedule] C:\Program Files\ViRobotXP\Vrres.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [VrBootScan] C:\Program Files\ViRobotXP\VRBScan.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe * See Notes 2
O4 - HKLM\..\Run: [Djivgeo] C:\Program Files\Bvjqp\Trfwfu.exe * See Notes 3
O4 - HKLM\..\Run: [miniport] C:\WINDOWS\System32\usbmon.exe /start
O4 - HKLM\..\Run: [wise] C:\Program Files\Common files\clockwise.exe -boot
O4 - HKLM\..\Run: [Dit] C:\WINDOWS\System32\dit.exe
O4 - HKLM\..\Run: [PowerChute] C:\Program Files\APC_Power\Pwrchute.exe -boot_time
O4 - HKLM\..\Run: [3capplnk] C:\Program Files\US Robotics\\3capplnk.exe
O4 - HKLM\..\Run: [eTrust Realtime Monitor] C:\WINDOWS\System32\realmon.exe /start
O4 - HKLM\..\Run: [Recguard] C:\Program Files\HP\recguard.exe
O4 - HKLM\..\Run: [WIZZ] C:\Program Files\WIZZ\dazzler.exe Get rid of this spyware
O4 - HKLM\..\Run: [DSB] C:\Program Files\DSB\dsb.exe Spyware. Get rid of it
O4 - HKLM\..\Run: [SHA256] C:\Program Files\SHA256\secure.exe * See Notes 4
O4 - HKLM\..\Run: [REAL] C:\Program Files\REAL\realjbox.exe * See Notes 5
O4 - HKLM\..\Run: [LocalProxy] C:\Program Files\LocalProxy\proxy4free.exe
O4 - HKLM\..\Run: [AdsBlocker] C:\Program Files\AdsBlocker\stopAds.exe
O4 - HKCU\..\Run: [Fileguri] "C:\Program Files\Freechal\Fileguri\Fileguri.exe" PathFileguri /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} - http://supportsoft.adelphia.net/sdccommon/...ad/tgctlins.cab
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
O16 - DPF: {36F46B1E-11B7-4221-B4F7-F1FC9687E7F6} (MBox Control) - http://kr.music.yahoo.com/m_box/component/mbox.cab
O16 - DPF: {3EADA53C-9292-4FF5-AB34-8F0B2B6B3E8C} (EZEditorReg.EZEditorRegCtl) - http://kms.naracredit.com/eaeditor/EZEditorReg.CAB
O16 - DPF: {4E52C32F-C143-4963-A758-2DB07703CB49} (YahooCS Class) - http://kr.memo.yahoo.com/CAB/YahooWCS.cab
O16 - DPF: {5876CAD0-1636-42EA-AC50-4C06F3196089} (HanGamePlugin19 Class) - http://down.hangame.com/dist/activex/HanGamePlugin19.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1095353410593
O16 - DPF: {68253470-5D4F-4CDF-8D9C-353C14A2F013} (SVPorsche Control) - http://img.yahoo.co.kr/multi/2005/tool/pla...6/SVPorsche.cab
O16 - DPF: {9BDBC41E-C335-4263-83C0-ECE78EE28A33} (SysMonOCX Control) - http://ahnlabdownload.nefficient.co.kr/plu...yfirewall20.cab
O16 - DPF: {9BED3AC7-E6D4-43E7-B8A1-1FA502F639E1} (XTools Control) - http://player.bugs.co.kr/install/mv/XTools.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {B9DD5FFF-776D-4E53-93D3-A4463E63AD86} (CN°OAOA¢¼OCA·I±×·¥) - http://cdn.hangame.com/hangame/messenger/h...g/HanWebMsg.cab
O16 - DPF: {E404BDB2-C604-4200-A549-3FA714BBC431} (Soribada1.adware_Scan) - http://www.soribada.com/security/soribada1.CAB
O16 - DPF: {FFFF0001-0001-101A-A3C9-08002B2F49FC} - http:/www.desktoplife.net/adulti.exe * See Notes 6
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll * See Notes 7
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ViRobot Expert Monitoring (vrmonsvc) - HAURI - C:\Program Files\ViRobotXP\vrmonsvc.exe
You've got alot of stuff autoloading on your system. I don't see anything that jumps out at me as being THE absolute cause of your problems. But at the very least you do have some trojans and spyware. I recommend you rescan with HijackThis! then checkmark each of the items you see in red then click the "Fix Checked" button to stop them from autoloading in windows. After you unload them, I'd wait a few seconds then RESCAN to see if any of those entries came back. If any of the entries came back, then that most likely means you've got some malicious program (trojan or whatever) running in the background and it's preventing you from getting rid of it. You'll need to CTRL-ALT-DELETE then End Task on whatever it is then try to unhook it again.
The stuff in blue you CAN leave alone if you want... but I'd recommend you stop them from loading as well. Mostly because I can't see a reason for you to have them loading up and wasting resources. Actually, if it was my computer then there'd be ALOT more stuff from your list I'd remove. It's better to keep your system running lean... less likely to be conflicts and stuff. For example, your adstopper and anti-spyware programs. All you really need is Firefox, Zonealarm and your favorite anti-virus program and that's it. Even my anti-virus program isn't set to autoload cuz the slowdown is unacceptable to me.
There are a few things you should note however before you begin unhooking the programs above from auto-loading in windows...
Note 1: These two entries look highly suspicious. Unless you KNOW for sure it's something needed and safe, I would delete these two entries immediately. Generally anything that touches your HOSTS file is a big NO NO. If anything here might be the cause of your problems, this could be it.
Note 2: ssv.dll is an Active X file for Sun's Java Virtual machine. Although it's not necessarily dangerous, unless you require the use of a Java Virtual Machine, I'd get rid of it. If anything, it's one less thing that can be exploited and it saves on resources. Jusched.exe automatically checks the internet for updates. Like many things it's a waste of resources and your time to have it autoload everytime windows is turned on.
Note 3: This is a trojan. Browse to the folder and delete it immediately. Watch carefully and see if it reappears under a different folder and/or filename! If it does, you have to either End Task it from memory first or go to more extreme measures which I won't explain unless it becomes neccessary.
Note 4: C:\Program Files\SHA256\secure.exe could either be an encryption program for your email or something else like that. Perhaps either you or your dad would know about this... perhaps you even use it. If both of you do NOT know what this is, then delete it. This program is also used by some trojans as well which is why it's YOUR call on what to do with this.
Note 5: Unless you actually use Real Jukebox (like for your mp3 player or something like that), then there's no reason for it to be autoloading.
Note 6: Unless you know what this is and know of a reason WHY this file HAS to be autoloading, then I'd delete it immediately. It looks highly suspicious.
Note 7: Windows Genuine Advantage nag file. I don't think Microsoft's WGA actually interferes with people's internet connection but I'd get rid of it anyways. Google is your friend.
PS: I'm not sure if any of these are the cause of your internet problems. But it doesn't hurt to get rid of them. And who knows? Hopefully your problems will go away.
Share this topic:
Page 1 of 1
