Server Help

[Assassin2684]

Ok somthing is wroung with my comp or its fire fox because it wont let me view some pages. Ok so say this one page for example that i cant go on www.ebay.com . My computer loads it VERY slow and still wont work i even tried internet explorer and still nothing. But then on the other hand my friend can go on perfectly fine.

Mabey its my computer? Im using windows xp home edition with firefox. This thing only happens to a few pages. Another one is www.aim.com .

I have no clue what is going on or how to fix this and it really getting annoying. I might as well go back to windows 98 where everythign worked.

Can somone help me wiht this? Thanks in advance.

[Mine GO BOOM]

Check for spyware, and look at your HOSTS file (%WINDIR%\system32\drivers\etc\HOSTS) to make sure nothing other than localhost is in there. If none of that fixes your problem, use Hijack This with some online log analyzer. Still have problems? Post the log here.

[Purge]

Switching to Win98 will just waste your time. It's most likely an internet problem since only your web pages load slower than normal. Try doing what MGB said.

[Solo Ace]

To extend the information MGB gave, I'll give a short explaintation of what the host file does.

Your computer uses a system to resolve hostnames (like some.domain.com) into an IP address (like 10.112.80.203). This is done by sending a query (a question) to a DNS server, which gives information like the IP addresses linked to the hostname, then your computer knows which IP address to connect to.

The host file allows you (or programs) ot put hostnames and IP addresses in.
This is useful for entries that are not on DNS servers, or on your local network.
Hostnames found in the host file prevent the system from requesting the information of a DNS server for the information, because it already has it.

This can be dangerous, some programs (heh, or weirdos like me who start fooling games into requesting localhost for authorization) put entries in this file to redirect you to other pages.

In theory, what could happen is a program could put an entry like
10.112.80.203 hotmail.com
in the hosts file, which would bring your computer to the webserver running on IP address 10.112.80.203 (which is most likely not the real server of hotmail).
The front pages (including login pages) could be perfectly faked, or the fake page could act like some sort of proxy server, so the page would actually work, but your e-mail address and password would be logged on the fake hotmail server!
Of course, this could happen with pages which concern more confidential information too.

I'm not sure (and I'm not going to look it up) but I think this would be called a variation of "phising".

You shouldn't only use HijackThis I think, use other anti-adware / anti-spyware tools too (just not only to fix this problem), if you're experiencing problems like this you can assume more to be wrong.

[Assassin2684]

Ok well i went to the drivers section on my computer and local host is not even in there. I iwll name the ones that are: hosts, lmhosts, networks, protocol, services. I hope this isent bad. But i was running on a network but we recently took out the other computer. These problems were there before that. I have linksys wireless router also. Here is the log file from hijackthis:

Code: Show/Hide Logfile of HijackThis v1.99.1 Scan saved at 6:43:12 PM, on 5/6/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\backdoor.exe C:\WINDOWS\system32\RioMSC.exe C:\Program Files\Analog Devices\SoundMAX\smagent.exe C:\WINDOWS\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Analog Devices\SoundMAX\smax4.exe C:\Program Files\Analog Devices\SoundMAX\Smax4pnp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe C:\WINDOWS\SYSTEM32\qttask.exe C:\Program Files\Aim\aim.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\unzipped\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Nick\LOCALS~1\Temp\sp.dll/sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50196 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Nick\LOCALS~1\Temp\sp.dll/sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\COMMON~1\WINTOOLS\WTOOLSB.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {3E8F605E-E416-2AC5-8753-60550DF27817} - C:\WINDOWS\SYSTEM\MOTKP.DLL (file missing) O2 - BHO: (no name) - {52B3B236-B165-4793-9FB8-DA6C5D950FAD} - C:\WINDOWS\system32\dfgkcf.dll O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: (no name) - {67DA3505-B214-79CC-8753-60550DF37819} - C:\WINDOWS\SYSTEM32\lifiq.dll O2 - BHO: (no name) - {8DA5457F-A8AA-4CCF-A842-70E6FD274094} - C:\PROGRA~1\COMMON~1\WinTools\WToolsT.dll O2 - BHO: C:\WINDOWS\LBBHO.DLL - {BE8EF9B9-4DCF-4ECE-858A-E5AD0460CF37} - C:\WINDOWS\LBBHO.DLL O2 - BHO: C:\WINDOWS\LBBHO.DLL - {DD319342-F260-495B-8E38-7796D3DCB430} - C:\WINDOWS\LBBHO.DLL O2 - BHO: C:\WINDOWS\LBBHO.DLL - {E8D79982-90C9-4733-8EC0-21C668648721} - C:\WINDOWS\LBBHO.DLL O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\Smax4pnp.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM32\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [AIM] C:\Program Files\Aim\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\Aim\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=10f08450ab596047f6c94d90b79b47d1528d9dc4c40924e2499f8b9bd779519ddd40d759133a448fde7f410342650f82cf1f1ae7:7ba4efda898ff66841613117fb4ea0f9 O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {41F31718-2B9D-4F76-85E2-DD11BBA99F8D} - http://install.spywarelabs.com/DistID/2501031120/BundleOuter2501031120.EXE O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/bgn/partners/aolim/install.cab O16 - DPF: {D03A1C33-1913-4533-A8C1-F2C8D13045DE} - http://www.cjb.net/search.cab O18 - Filter: text/html - {FFED5D85-3BE7-4B85-9428-5A56FCDF1E52} - C:\WINDOWS\system32\dfgkcf.dll O18 - Filter: text/plain - {FFED5D85-3BE7-4B85-9428-5A56FCDF1E52} - C:\WINDOWS\system32\dfgkcf.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: backdoor - Unknown owner - C:\WINDOWS\system32\backdoor.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\system32\RioMSC.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\smagent.exe O23 - Service: WinTools for IE service (WinToolsSvc) - Unknown owner - C:\Program Files\Common Files\WinTools\WToolsS.exe

[Purge]

What's this?

Code: Show/Hide O23 - Service: backdoor - Unknown owner - C:\WINDOWS\system32\backdoor.exe

[i88gerbils]

MTU settings?
_________________
Oldbie Server Help

[Mine GO BOOM]

[Solo Ace]

Assassin, you looked in the (right) directory, but not in the hosts file.
Open the "hosts" file with a text editor (like notepad), then see what's in there.
Ignore all lines starting with a '#' as they are comments.

This is what mine looks like:

Code: Show/Hide # Copyright (c) 1993-1999 Microsoft Corp. # # Dit is een voorbeeld HOSTS-bestand dat wordt gebruikt door Microsoft TCP/IP for Windows. # # Dit bestand bevat de toewijzingen van IP-adressen naar hostnamen. Elke vermelding # moet op een afzonderlijke regel staan. Het IP-adres dient in de eerste kolom te worden # geplaatst, gevolgd door de bijbehorende hostnaam. Het IP-adres en de hostnaam dienen # gescheiden te zijn door ten minste één spatie. # # Daarnaast kunnen opmerkingen (zoals deze) worden toegevoegd op extra # regels of gevolgd door de computernaam, voorafgegaan door een #. # # Bijvoorbeeld: # #      102.54.94.97     rhino.acme.com          # bronserver #       38.25.63.10     x.acme.com              # x clienthost 127.0.0.1       localhost

Yours probably has an English explaination.
Look if there's any other stuff under the (last) "127.0.0.1 localhost" line, that probably shouldn't be there.

[Assassin2684]

Ooooo Ok mine looks like yours solo. Also here is the log from the log anyaliser.

Code: Show/Hide Logfile of HijackThis v1.99.1 Scan saved at 8:19:19 AM, on 5/7/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\Smss.exe C:\WINDOWS\system32\Winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Svchost.exe C:\WINDOWS\System32\Svchost.exe C:\WINDOWS\system32\Spoolsv.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\backdoor.exe C:\WINDOWS\system32\RioMSC.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\Svchost.exe C:\Program Files\Common Files\WinTools\[b]wtoolss.exe[/b] C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Analog Devices\SoundMAX\smax4.exe C:\Program Files\Analog Devices\SoundMAX\Smax4pnp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe C:\WINDOWS\SYSTEM32\qttask.exe C:\PROGRA~1\COMMON~1\WinTools\[b]wtoolsa.exe[/b] C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Aim\aim.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Common Files\WinTools\[b]wsup.exe[/b] C:\WINDOWS\System32\Svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\unzipped\hijackthis\HijackThis.exe Do you know this site? --> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Nick\LOCALS~1\Temp\sp.dll/sp.html Do you know this site? --> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank Do you know this site? --> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50196 Do you know this site? --> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Nick\LOCALS~1\Temp\sp.dll/sp.html Do you know this site? --> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank Do you know this site? --> R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank Do you know this site? --> R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank Do you know this site? --> R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Do you know this site? --> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank Do you know this site? --> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm Do you know this site? --> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank Do you know this site? --> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - [b]{87766247-311C-43B4-8499-3D5FEC94A183}[/b] - C:\PROGRA~1\COMMON~1\WINTOOLS\wtoolsb.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\acroiehelper.dll O2 - BHO: (no name) - {3E8F605E-E416-2AC5-8753-60550DF27817} - C:\WINDOWS\SYSTEM\MOTKP.DLL (file missing) <-- Always Remove O2 - BHO: (no name) - {52B3B236-B165-4793-9FB8-DA6C5D950FAD} - C:\WINDOWS\system32\dfgkcf.dll O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) <-- Always Remove O2 - BHO: (no name) - {67DA3505-B214-79CC-8753-60550DF37819} - C:\WINDOWS\SYSTEM32\lifiq.dll O2 - BHO: (no name) - [b]{87766247-311C-43B4-8499-3D5FEC94A183}[/b] - C:\PROGRA~1\COMMON~1\WINTOOLS\wtoolsb.dll      O2 - BHO: (no name) - [b]{8DA5457F-A8AA-4CCF-A842-70E6FD27409}[/b] - C:\PROGRA~1\COMMON~1\WinTools\WToolsT.dll      O2 - BHO: C:\WINDOWS\LBBHO.DLL - {BE8EF9B9-4DCF-4ECE-858A-E5AD0460CF37} - C:\WINDOWS\LBBHO.DLL O2 - BHO: C:\WINDOWS\LBBHO.DLL - {DD319342-F260-495B-8E38-7796D3DCB430} - C:\WINDOWS\LBBHO.DLL O2 - BHO: C:\WINDOWS\LBBHO.DLL - {E8D79982-90C9-4733-8EC0-21C668648721} - C:\WINDOWS\LBBHO.DLL O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\Smax4pnp.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM32\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\nerocheck.exe O4 - HKLM\..\Run: [kernelfaultcheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [b][WinTools][/b] C:\PROGRA~1\COMMON~1\WinTools\[b]wtoolsa.exe[/b] O4 - HKCU\..\Run: [AIM] C:\Program Files\Aim\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\Aim\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=10f08450ab596047f6c94d90b79b47d1528d9dc4c40924e2499f8b9bd779519ddd40d759133a448fde7f410342650f82cf1f1ae7:7ba4efda898ff66841613117fb4ea0f9 O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {41F31718-2B9D-4F76-85E2-DD11BBA99F8D} - http://install.spywarelabs.com/DistID/2501031120/BundleOuter2501031120.EXE O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/bgn/partners/aolim/install.cab O16 - DPF: {D03A1C33-1913-4533-A8C1-F2C8D13045DE} - http://www.cjb.net/search.cab O18 - Filter: text/html - {FFED5D85-3BE7-4B85-9428-5A56FCDF1E52} - C:\WINDOWS\system32\dfgkcf.dll O18 - Filter: text/plain - {FFED5D85-3BE7-4B85-9428-5A56FCDF1E52} - C:\WINDOWS\system32\dfgkcf.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: backdoor - Unknown owner - C:\WINDOWS\system32\backdoor.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\system32\RioMSC.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: [b]WinTools for IE service[/b] (WinToolsSvc) - Unknown owner - C:\Program Files\Common Files\WinTools\wtoolss.exe

Things that are bolded were red flaged! Thanks in advance.

[Solo Ace]

Remove all entries which were colored red.

[Assassin2684]

Im....not...sure That is wierd. Im going to delete that stuff real quick though.

*EDIT*

Ok i deleted all thew red stuff at least the files i could delete. Some fiels were being used and i couldemt delete them but that was only like 2.

[D1st0rt]

Did you try ending the processes if they were running?
_________________

[Purge]

[Solo Ace]

You should RED the guide at this announcement, eh MGB?

[Mine GO BOOM]

[Assassin2684]

Ya i did the end prosses thing. Anyway the sites still dont work. I dont think this has to do wit ha virus. It might be firefox... Im not sure.

[Purge]

Does it do the same on another browser?

[Assassin2684]

Ya it does it on firefox and Internet explorer.