connected to ISP but web pages not opening, malwarebytes won't start

[ARO]

Hi. I hope you can help. I've been struggling with this for days now!

A few days ago I was no longer able to connect to the internet on my laptop (writing this on a desktop) though I can connect to my ISP with the correct IP address. Occasionally programs will not start and attempts to do a windows recovery would not go to the end. I have tried several reg cleaners, spybot, ccleaner and a few anti virus programs. Lots did not find anything and what was found didn't fix the problem. It seems I occasionally also have some hidden processes running (ie my cpu usage can be a good bit greater than what is shown as the sum of the processeswindows says are running).

My last hope was to try Malwarebytes which I managed to install on my laptop - but it won't start, even in safe mode.

Luckily, Hijackthis does work. Here are the logs. Please let me know what the nest steps are.

Thanks,

Anthony

============

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:22:40 AM, on 5/2/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Safe mode

Running processes:

E:\WINDOWS\System32\smss.exe

E:\WINDOWS\system32\csrss.exe

E:\WINDOWS\system32\winlogon.exe

E:\WINDOWS\system32\services.exe

E:\WINDOWS\system32\lsass.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\Explorer.EXE

E:\WINDOWS\system32\ctfmon.exe

F:\Personal Data\My Folders\AVirus\HiJackThis.exe

E:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - E:\Program Files\AskBarDis\bar\bin\askBar1.dll

O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - E:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - E:\Program Files\AskBarDis\bar\bin\askBar1.dll

O3 - Toolbar: Anonymous Browsing - {72C9A221-FCFD-4E21-8C9F-E954A4F5C92F} - "E:\Program Files\Anonymous Browsing\ABToolbar.dll" (file missing)

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [VX3000] E:\WINDOWS\vVX3000.exe

O4 - HKLM\..\Run: [synTPLpr] E:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] E:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [MSConfig] E:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\Run: [ufSeAgnt.exe] "E:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"

O4 - HKLM\..\Run: [ThreatFire] E:\Program Files\ThreatFire\TFTray.exe

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Vidalia] "E:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"

O4 - HKCU\..\Run: [OE] E:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe

O4 - HKCU\..\Run: [RegistryMechanic] E:\Program Files\Registry Mechanic\RegMech.exe /H

O4 - HKUS\S-1-5-20\..\Run: [OE] E:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [OE] E:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [OE] E:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'Default user')

O4 - Global Startup: Privoxy.lnk = E:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe

O4 - Global Startup: Wireless Connection Manager.lnk = E:\Program Files\D-Link\D-Link RangeBooster N 650 DWA-645\wirelesscm.exe

O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - E:\Program Files\Common Files\Microsoft Shared\Reference 2001\EROProj.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: *.canalplay.com

O15 - Trusted Zone: *.canalplusactive.com

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5483.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1212239937801

O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{07E6E61C-E810-4EB9-B999-D99306E7FCCC}: NameServer = 85.255.0.0,85.255.0.0

O17 - HKLM\System\CCS\Services\Tcpip\..\{8DB723B9-C8B7-405A-9730-BF531F0DACDE}: NameServer = 85.255.0.0,85.255.0.0

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.0.0,85.255.0.0

O17 - HKLM\System\CS1\Services\Tcpip\..\{07E6E61C-E810-4EB9-B999-D99306E7FCCC}: NameServer = 85.255.0.0,85.255.0.0

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.0.0,85.255.0.0

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Atheros Configuration Service (ACS) - Atheros - E:\Program Files\D-Link\D-Link RangeBooster N 650 DWA-645\acs.exe

O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ASKService - Unknown owner - E:\Program Files\AskBarDis\bar\bin\AskService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour Service - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - E:\WINDOWS\system32\ibmpmsvc.exe

O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - E:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - E:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: Service CANALPLAY - Canal+ Distribution - E:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe

O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - E:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

O23 - Service: TabletService - Wacom Technology, Corp. - E:\WINDOWS\system32\Tablet.exe

O23 - Service: ThreatFire - PC Tools - E:\Program Files\ThreatFire\TFService.exe

O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - E:\Program Files\Trend Micro\BM\TMBMSRV.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - E:\Program Files\Trend Micro\Internet Security\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - E:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--

End of file - 7892 bytes

hijackthis2.txt

hijackthis2.txt

[AdvancedSetup]

Sorry for the delay - currently the site is just too busy for us to handle all of the requests for help. Some other sites are now posting a wait time of up to 10 days.

If you're still there and need assistance please let me know and I'll help you out.

Thanks.

[AdvancedSetup]

Please post an update

[AdvancedSetup]

Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.