# Internet Freezes



## ZER0X

Sometimes when I'm on the net I go to my homepage and it just sits there for ages like 30 seconds before it starts working again. and when it doesn't find the site it goes to Errorplace.com I hate that can't get rid of it.

Could someone help me out here, drives me mad coz when I Host a game and the Internet freezes like that, He gets kicked out  

thanks ZER0X


----------



## 4W4K3

do you have 56K? or wat?


----------



## Lorand

You got a spyware. Run Spybot. If it doesn't help, run HijackThis and post its log here.


----------



## ZER0X

4W4K3 said:
			
		

> do you have 56K? or wat?



Yer I have 56k  

and I'll try Spybot, and Hijackthis aswell


----------



## ZER0X

Spybot found a few things, and now im using Hijackthis

Logfile of HijackThis v1.97.7
Scan saved at 11:05:57 AM, on 19/09/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qau10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bigpond.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = BigPond Dial-Up Residential Internet Explorer
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://qau10.hpwis.com/
R3 - URLSearchHook: (no name) - _{5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {E1027C9B-CD21-42C8-B309-2ACC1BDAF39E} - C:\WINDOWS\sxkske.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: ninemsn Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\en-au\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\MSDXM.OCX
O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: ICQ 4.0 (HKLM)
O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O14 - IERESET.INF: START_PAGE_URL=http://www.bigpond.com/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{26F4E7AA-F662-4475-AEBA-C2391D938EE5}: NameServer = 203.49.70.92 139.134.2.190


----------



## Avant Technologies

Your HiJackThis log looks perfectly normal 
The only entries you should remove are the two _O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)_ ones, and the _O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)_; they're harmless, but they're unnecessary.

Here are two suggestions:
- Run a (free) online virusscan at http://housecall.trendmicro.com/ - it might take a looooong time with 56k, though.
- Download SwatIt - yups, another spyware scanner, but way more in-depth than Spybot or Adaware.


----------



## 4W4K3

ZER0X said:
			
		

> Yer I have 56k



if you dont find spyware i would suspect old modem drivers or possibly a bad line.


----------



## ZER0X

Yer possibly a bad line, but ive been having this problem since I started getting an errorplace thingy, it's been really annoying......probably got a hidden virus somewhere.


----------



## Lorand

The "O2 - BHO: (no name) - {E1027C9B-CD21-42C8-B309-2ACC1BDAF39E} - C:\WINDOWS\sxkske.dll" is very dubious.


----------



## ZER0X

Yer, well I took a look at this Errorplace thingy and I downloaded a Prog to delete it, but didn't work  i'll check out that DLL.


----------



## ZER0X

I just checked for that DLL, it's not there


----------



## Lorand

It was probably a partial remove of that thing. That's why the removal tool can't deal with it.


----------



## Lorand

Try this one: http://www.giantcompany.com/antispyware/research/spyware/spyware-BearShare.aspx


----------



## ZER0X

I have Bearshare on my computer, and when it put all the programs on my computer I just used adaware and it got rid of it all, so I guess I could still use this program to find anyother unwanted adaware, spyware, Malware  I hate that stuff


----------



## b3n

Maybe its just your scummy ISP


----------



## ZER0X

b3n said:
			
		

> Maybe its just your scummy ISP



I think not  , I just formatted my computer, but still keeping my files and now the internet works fine


----------



## Lorand

Yeah, format rules! It solves (almost) every problem.  
Glad your computer works fine.


----------



## ZER0X

Lorand said:
			
		

> Yeah, format rules! It solves (almost) every problem.
> Glad your computer works fine.



Yer thanks, and thanks for your help  

THANKYOU FORMAT!!


----------



## alienationware

*Basic Tools...*

NOOBS... DO NOT FORMAT YOUR COMP/REINSTALL WINDOWS...

Doing so, you will fulfill the malicious thingy's purpose (to waste valuable productive time)
Do a virus scan.  If that doesn't help, the below will eliminate your problem.

These are problably the basic tools that most users use to thwart off ANY threat:

1.  Lavasoft Adaware
2.  Spybot Search & Destroy

* Spybot often finds things Adaware can't and vice versa.

If the problem doesn't go away, here's the real secret weapon:

3.  BHO Demon 2

* You can't actually fix anything with BHO demon because I doesn't have a delete function.  However, you can use BHO demon to identify those DLL's that load whenever you open explorer/IE.
* A BHO is a browser helper object that can just about do anything to your computer, from redirecting your searches to a malicious site, installing softwares w/o your permission, to even erasing files on your computer.
* Once you've identified the malicious DLL, open explorer (Run>explorer.exe) and find that god dam n DLL and delete it.  Problem solved.


----------



## Lorand

Thanks for the BHODeamon tip!
The program is simple and easy to use, but who the hell designed its interface? It's very ugly and has a lot of annoying useless tip-screens...


----------



## alienationware

*...*

That's why I only install it when I need to use it...  Partly cuz it attempts to update itself everytime at first boot w/o my permission.  Nevertheless, it is a powerful tool.


----------



## ZER0X

> NOOBS... DO NOT FORMAT YOUR COMP/REINSTALL WINDOWS...



I didn't format it, I used compaqs recovery console not because I couldn't get rid of the problem.....but because I had a problem, and Using the recovery console did fix all my problems.


----------



## b3n

Thanks god for recov console


----------



## ZER0X

b3n said:
			
		

> Thanks god for recov console



Yer and I was thinking about formatting it aswell


----------

