• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
SpyFighter

Is spyware disabling my internet connection?

6 posts in this topic

Hey professionals, I am experiencing quite a weird problem with my laptop. After about 10 minutes of using the internet, my ADSL connection suddenly gets cut off and I can no longer use the net. I see no errors message, all that happens is my browser says at the bottom of the screen in the left hand corner: "Connecting to ...IP address". I have noticied that this seems to happen most of the time when I try to use Bittorrents.

 

I have run the latest versions of Spybot, Ad-aware, CWShredder, TrojanHunter, Spyblaster but none have found anything suspicious (both in normal/safe mode). Zonealarm, Norton antivirus, Spyware Blaster and Spyware Guard all run automatically on my PC.

 

Recently I have switched from using Internet Explorer to Firefox 0.8 but the problem occurs with both browsers.

 

I have a number of startup programs disabled by MSCONFIG but after reading the F.A.Q., I have re-enabled them all and restarted so that they all start thus helping HijackThis to find something.

 

It would be great if someone could point me in the right direction and check-out my HijackThis log below. I'd be most appreciated as I am desperate to find a resolution. I'm just a bit worried to delete anything in HijackThis without getting some advice beforehand.

 

Thanks again in advance for any help...here's my log:

 

Logfile of HijackThis v1.97.7

Scan saved at 23:35:38, on 30/05/2004

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\System32\Fast.exe

C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE

C:\WINDOWS\System32\tcpsvcs.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\System32\snmp.exe

C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\SYSTEM32\ZONELABS\VSMON.EXE

C:\WINDOWS\System32\MsPMSPSv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\WINDOWS\System32\fast.exe

C:\WINDOWS\System32\cfpsys.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINDOWS\System32\khooker.exe

C:\WINDOWS\System32\rmctrl.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE

C:\WINDOWS\System32\GSICON.EXE

C:\WINDOWS\System32\dslagent.exe

C:\WINDOWS\System32\taskswitch.exe

C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Documents and Settings\James Close\Desktop\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.libero.it:8080

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = libero.it;iol.it;;localhost;<local>

R3 - Default URLSearchHook is missing

O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\NetTransport 2\NTIEHelper.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\System32\fast.exe

O4 - HKLM\..\Run: [Warning: do not remove it! (system)] cfpsys.exe

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [systemTray] SysTray.Exe

O4 - HKLM\..\Run: [siS KHooker] C:\WINDOWS\System32\khooker.exe

O4 - HKLM\..\Run: [sA] C:\Program Files\Logitech\QuickCam\SA3.EXE

O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\System32\rmctrl.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE

O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe

O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe

O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE

O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A

O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB

O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\System32\taskswitch.exe

O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [soniqueQuickStart] C:\Program Files\Sonique\sqstart.exe -nostick

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm

O8 - Extra context menu item: Download all by Net Transport - C:\PROGRA~1\NETTRA~1\NTAddList.html

O8 - Extra context menu item: Download by Net Transport - C:\PROGRA~1\NETTRA~1\NTAddLink.html

O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm

O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)

O9 - Extra button: FlashCapture (HKLM)

O9 - Extra button: AOL Instant Messenger (HKLM)

O9 - Extra button: FlashGet (HKLM)

O9 - Extra 'Tools' menuitem: &FlashGet (HKLM)

O9 - Extra button: Yahoo! Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)

O9 - Extra button: Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)

O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exe

O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200404...meInstaller.exe

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...7583.2370601852

O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) - http://www.microsoft.com/security/controls/SassCln.CAB

O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab

Share this post


Link to post
Share on other sites

Sounds more like a problem with the ISP. Call their tech support and see if they can figure it out.

Share this post


Link to post
Share on other sites

Mike seems to be on the right track.

 

I too have been experiencing this same dilemma.

A re-boot is the only thing that sorts out the connection.

3 machines, linksys router, Dlink modem, sygate firewall, etc.

Only one PC does this consistently. :ugh::gah:

 

Here are some links that may or may not be of use to you.

http://www.sysopt.com/forum/showthread.php?threadid=162792

http://www.dslreports.com/forum/remark,10321233~mode=flat

http://www.dslreports.com/forum/remark,10189536~mode=flat

http://www.dslreports.com/forum/remark,10133286~mode=flat

 

The last link has a pretty good explination by TELUS Helper.

 

HTH

Take care

Share this post


Link to post
Share on other sites

Thanks for your replies Mike and RJ. I called my ISP but they said everything was fine at their end. However, after reading RJ's link suggestions and discovering that sometimes firewalls can be part of the problem, I do remember that recently I upgraded my Zonealarm software so maybe that needs to be re-configured in some way?

 

Could you just confirm that my log seems ok and there aren't any suspicious files there that need deleting? Thanks again for your input!

Share this post


Link to post
Share on other sites

Disable the firewall long enough to see if that's the problem. If the problem doesn't happen with the firewall disabled, then you have something set up wrong.

Share this post


Link to post
Share on other sites

Guys I have resolved the problem, just thought I would let you know.

 

I did a little research on the Zonelabs website forums and there were several listing reporting complaints about the new upgrade patch that ZLs has released (version 5.0). Almost everyone who has upgrading is experiencing a whole wide range of problems. The majority of which state that there PC often reaches near maximum CPU usage % when only a few processes are running.

 

So we have all no downgraded to the golden oldie gem of Zonealarm's version 4.5.594.000. All explanations and versions are available from Zonelab's forums. My PC is back up and running PERFECTLY!

 

Grreeeat thanks all for your help....hope this helps someone else too :)

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0