Home Technical Stuff and Help

Problems with Add ons

fadafada Posts: 1,032
edited January 2007 in Technical Stuff and Help
My internet wont come up with them . How do I rectify the matter?
I also have "the instruction at "0x34949ad" referenced memory at "0x037ie9fc"The memory could not be read
Post edited by Unknown User on

Comments

  • JamalJamal Posts: 2,115
    What kind of add-ons are we talking about here?
    Surf little waves big... Charge big waves hard

    - Antwerp '06, Nijmegen '07, Werchter '07
  • AhnimusAhnimus Posts: 10,560
    Show us a hijackthis log
    I necessarily have the passion for writing this, and you have the passion for condemning me; both of us are equally fools, equally the toys of destiny. Your nature is to do harm, mine is to love truth, and to make it public in spite of you. - Voltaire
  • fadafada Posts: 1,032
    My computer freezes alot too. I'm not sure what the adds on are?
  • AhnimusAhnimus Posts: 10,560
    If you load IE and go to

    Tools->Manage Add-Ons

    You can type everything out here.

    Or you can download hijackthis and it will print a log for you, then you can copy and paste it here.

    Otherwise, we don't know what the add-ons are either. :cool:
    I necessarily have the passion for writing this, and you have the passion for condemning me; both of us are equally fools, equally the toys of destiny. Your nature is to do harm, mine is to love truth, and to make it public in spite of you. - Voltaire
  • fadafada Posts: 1,032
    Should I go to Administrative Tools?
  • AhnimusAhnimus Posts: 10,560
    Go here
    http://www.spywareinfo.com/~merijn/programs.php

    And download HijackThis, then run Hijackthis.exe and select "Do a System Scan and Save a Log File" then copy the text it spits out and paste it here.
    I necessarily have the passion for writing this, and you have the passion for condemning me; both of us are equally fools, equally the toys of destiny. Your nature is to do harm, mine is to love truth, and to make it public in spite of you. - Voltaire
  • fadafada Posts: 1,032
    Thanks for the help , here is what came up.

    ogfile of HijackThis v1.99.1
    Scan saved at 20:53:48, on 06/01/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Dell\Media Experience\PCMService.exe
    C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
    C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\Fada\LOCALS~1\Temp\Rar$EX05.125\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/ie/enu/gen/default.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by eircom net
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
    O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: (no name) - {871A54C1-1EB3-48bd-A879-5DBA4EF16BE6} - C:\WINDOWS\system32\jethhuoq.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
    O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O8 - Extra context menu item: E&xport to Microsoft Excel - [url=res://C]res://C[/url]:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.eircom.net
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://l00kl23.com/default.cab?uid=85&id=51367&1s&ex&ppd=4&tag=32
    O20 - Winlogon Notify: abr - C:\WINDOWS\Config\abr.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
  • AhnimusAhnimus Posts: 10,560
    Ok, well here are my recommendations.

    Back up the registry first.

    1. Click Start, and then click Run.
    2. In the Open box, type regedit, and then click OK.
    3. Locate and then click the subkey that contains the value that you want to edit.
    4. On the File menu, click Export.
    5. In the Save in box, select a location where you want to save the Registration Entries (.reg) file, type a file name in the File name box, and then click Save.
    http://support.microsoft.com/kb/322756

    Go back to Hijackthis, I'll explain some things first before we do anything there.

    BHOs are Browser Helper Objects, these are the IE add-ons
    I would suggest removing all of these things because I'm not sure what they do, you can try googling them to find out more about them, but they aren't required.
    O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1. DLL
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswsh x.dll
    O2 - BHO: (no name) - {871A54C1-1EB3-48bd-A879-5DBA4EF16BE6} - C:\WINDOWS\system32\jethhuoq.d ll
    O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1. DLL

    These entries are programs that start-up when you load windows, most of these aren't required, and are just there to preload your programs, but you can load them when you actually need them, I've put some links to their descriptions and my recommendation
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jus ched.exe"
    http://www.tasklist.org/task_jusched_exe_12795.html
    Leave

    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
    http://www.tasklist.org/task_PCMService_exe_2440.html
    Not sure what this does, leave it

    O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
    http://www.tasklist.org/task_IntelMEM_exe_4525.html
    Has something to do with your modem, leave it

    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLa uncher.exe"
    http://www.tasklist.org/task_DVDLauncher_exe_6337.html
    Remove

    O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
    Remove

    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    http://www.tasklist.org/task_igfxtray_exe_1406.html
    Remove

    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    http://www.tasklist.org/task_hkcmd_exe_11641.html
    Remove

    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    http://www.tasklist.org/task_igfxpers_exe_10358.html
    Remove

    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    http://www.tasklist.org/task_iTunesHelper_exe_4534.html
    Remove

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    http://www.tasklist.org/task_qttask_exe_12417.html
    Remove

    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswct rl.exe
    http://www.tasklist.org/task_tfswctrl_exe_13040.html
    Remove

    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    Leave

    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
    Not sure what this does, leave it

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    Leave

    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    Remove

    The O9 entries are extra buttons for your browser and most are just for convenience, I typically remove all of them, but this one in particular is missing it's file
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

    Winlogon Notify entries are usually associated with Malware and are pretty much never required, remove all of these entries
    O20 - Winlogon Notify: abr - C:\WINDOWS\Config\abr.dll
    WinTotal - Spyware
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll


    To remove the above entries, check them in Hijackthis and select "Fix Checked", then you should try to delete all the files, some files will be in use and you won't be able to remove them until you reboot, some of these entries may pop back in there if they are malware, in which case you will have to download a "delete on boot" program to delete them before windows starts.

    There is a tutorial for using Hijackthis here
    http://www.bleepingcomputer.com/tutorials/tutorial42.html
    I necessarily have the passion for writing this, and you have the passion for condemning me; both of us are equally fools, equally the toys of destiny. Your nature is to do harm, mine is to love truth, and to make it public in spite of you. - Voltaire
  • AhnimusAhnimus Posts: 10,560
    If anything goes seriously wrong, you can run the reg file you created at the beginning to restore the original settings.
    I necessarily have the passion for writing this, and you have the passion for condemning me; both of us are equally fools, equally the toys of destiny. Your nature is to do harm, mine is to love truth, and to make it public in spite of you. - Voltaire
  • normnorm Posts: 31,146
    Nice job, Ryan.:)
  • AhnimusAhnimus Posts: 10,560
    cutback wrote:
    Nice job, Ryan.:)

    Thanks :)
    I necessarily have the passion for writing this, and you have the passion for condemning me; both of us are equally fools, equally the toys of destiny. Your nature is to do harm, mine is to love truth, and to make it public in spite of you. - Voltaire
  • fadafada Posts: 1,032
    thanks for all the great help
  • AhnimusAhnimus Posts: 10,560
    fada wrote:
    thanks for all the great help

    Just one problem sorry

    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswct rl.exe

    Is apparently required for you CD-Rom to read burnt discs, so you might want to leave that one or re-add it.
    I necessarily have the passion for writing this, and you have the passion for condemning me; both of us are equally fools, equally the toys of destiny. Your nature is to do harm, mine is to love truth, and to make it public in spite of you. - Voltaire
  • AhnimusAhnimus Posts: 10,560
    You might want to leave this entry as well
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dl l

    This is why I hate Dell, HP, Compaq, etc...

    I build computers and never have to have this shit running to make my equipment work. Yet, when you buy a pre-built machine they have all this required junk on them. :(
    I necessarily have the passion for writing this, and you have the passion for condemning me; both of us are equally fools, equally the toys of destiny. Your nature is to do harm, mine is to love truth, and to make it public in spite of you. - Voltaire
  • fadafada Posts: 1,032
    My Pf usage is way to high at times and my cpu usual is sometimes at only 5%. I didn't delate any programs yet. What is causing it to run so slow?
  • JamalJamal Posts: 2,115
    fada wrote:
    My Pf usage is way to high at times and my cpu usual is sometimes at only 5%. I didn't delate any programs yet. What is causing it to run so slow?
    in your program manager or whatever it's called, you can see whouch program consumes how much memory ;)

    *edit*
    just popped into my head
    task manager :)
    Surf little waves big... Charge big waves hard

    - Antwerp '06, Nijmegen '07, Werchter '07
  • AhnimusAhnimus Posts: 10,560
    fada wrote:
    My Pf usage is way to high at times and my cpu usual is sometimes at only 5%. I didn't delate any programs yet. What is causing it to run so slow?

    Did you recently update anything or install any new programs?

    Or is this a long-time issue?
    I necessarily have the passion for writing this, and you have the passion for condemning me; both of us are equally fools, equally the toys of destiny. Your nature is to do harm, mine is to love truth, and to make it public in spite of you. - Voltaire
  • fadafada Posts: 1,032
    I recently updated to internet explorer 7 but I have gone back to six. How this have anything to do with it
  • fadafada Posts: 1,032
    IT was the add ons that were affecting it. I delated some of the stuff you told. It seems to be going ok again. Thanks for all the help
Sign In or Register to comment.