Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow Response. Tracking Suspected


  • Please log in to reply
1 reply to this topic

#1 JohnIsStuck

JohnIsStuck

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:49 AM

Posted 18 March 2007 - 08:18 PM

Am getting www.microsoft.com/isadi/red as default for search. Very slow response on Opera and Internet Explorer. Reasonable search time on Firefox. Suspect I am being tracked. IP address used to be 24.something. Is now 216.80.118.73.

Thanks.
Below is
HiJackTHis log is:
Logfile of HijackThis v1.99.1
Scan saved at 7:44:08 PM, on 3/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdateMgr.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\PCSecurityShield\The Shield Firewall\FireWall.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\DISC\DiscGui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Common Files\Sonic Shared\CineTray.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared

BC AdBot (Login to Remove)

 


#2 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,618 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:49 AM

Posted 29 March 2007 - 10:58 AM

Hi JohnIsStuck,

Our apologies for the delay. If you still require help, please post a new fresh log so I can see if anything has changed.

If you have not done so already, please do the initial cleanup steps in the following instructions before posting your new log: Preparation Guide For Use Before Posting A Hijackthis Log

When you post your logs be sure to include the whole thing, you've just posted the running processes and not all of those. When the log is open, click anywhere in the Notepad Window and then press Ctrl=A then Ctrl=C and paste that into your next Reply.

The thing about people

is they change

when they walk away.--Mipso





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users