• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
killswitch

Internet Disconnects...

3 posts in this topic

Recently I have been having the same problem over and over again. I am running Windows Xp, and have all the nessacery updates, sp1 etc.. A few days ago I installed the P2P programme 'Ares'. After the installation I noticed that my internet connection has been acting sluggish (Bt Openworld Broadband). I downloaded Hjt, and found I had a number of NewDotNet dll's installing themselves onto various other programs, like my Zone Alarm. I got rid of the NewDotNet files that I could see.

But my main problem is that when I am connected on the net, after 20 minutes or so my internet connection disconnects, And it is really starting to bother me now.

I was wondering if anyone can help.

 

Below is a log from hjt.

 

Sorry for the long post.

 

 

Logfile of HijackThis v1.98.0

Scan saved at 05:14:46, on 24/07/2004

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\ZoneLabs\vsmon.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\System32\notepad.exe

C:\PROGRA~1\WINZIP\winzip32.exe

C:\Documents and Settings\Michael\Desktop\Hijack This\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.btopenworld.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.btopenworld.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...B_PVER}&ar=home

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\SYSTEM\blank.htm

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.btopenworld.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by BTopenworld

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar_en_2.0.111-deleon.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar_en_2.0.111-deleon.dll

O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar_en_2.0.111-deleon.dll/cmsearch.html

O8 - Extra context menu item: Backward &Links - res://c:\windows\GoogleToolbar_en_2.0.111-deleon.dll/cmbacklinks.html

O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\windows\GoogleToolbar_en_2.0.111-deleon.dll/cmcache.html

O8 - Extra context menu item: Si&milar Pages - res://c:\windows\GoogleToolbar_en_2.0.111-deleon.dll/cmsimilar.html

O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar_en_2.0.111-deleon.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.btopenworld.com/

O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab

O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab

O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab

O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\system\intralaunch.CAB

O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab

Share this post


Link to post
Share on other sites

There is now a new item at the bottom of the list...

 

Logfile of HijackThis v1.98.0

Scan saved at 05:38:14, on 24/07/2004

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\ZoneLabs\vsmon.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe

C:\Program Files\Spybot - Search & Destroy 1.1\SpybotSD.exe

C:\Documents and Settings\Michael\Desktop\Hijack This\HijackThis.exe

C:\WINDOWS\regedit.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.btopenworld.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.btopenworld.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\SYSTEM\blank.htm

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.btopenworld.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by BTopenworld

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar_en_2.0.111-deleon.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar_en_2.0.111-deleon.dll

O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar_en_2.0.111-deleon.dll/cmsearch.html

O8 - Extra context menu item: Backward &Links - res://c:\windows\GoogleToolbar_en_2.0.111-deleon.dll/cmbacklinks.html

O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\windows\GoogleToolbar_en_2.0.111-deleon.dll/cmcache.html

O8 - Extra context menu item: Si&milar Pages - res://c:\windows\GoogleToolbar_en_2.0.111-deleon.dll/cmsimilar.html

O8 - Extra context menu item: Translate into English - res://c:\windows\GoogleToolbar_en_2.0.111-deleon.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.btopenworld.com/

O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab

O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab

O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab

O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\system\intralaunch.CAB

O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{D561B188-1168-4E7F-94F5-7447B85AC7DB}: NameServer = 194.74.65.68 194.72.9.38

Share this post


Link to post
Share on other sites

Did you original scan with Hijack this include some entries in the O10 section showing up as "Hijacked internet Access by new,net" or similar?

 

Please download Lspfix

Unzip and run it. Post back with the items is shows. DO NOT attempt to remove or delete any of the files it lists.

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0