suspect spyware..running slow...kicked offline

You mentioned some of the items but did you run ALL of the steps from READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal in the order given.

If so, you should read the tutorial in this Sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

Now post a HijackThis log file as an attachment to your message. All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT

Make sure you have HJT version 1.98.2 and follow the guidelines on where to install it and how to post a log as an attachment.

Also, some questions:
1) does you phone line sound noisy to your ear.
2) what connect rate do you normally achieve

 

Okay! When you have completed all the steps, follow the directions and post your HJT log attachment.

 

Okay! Line noise can be a major problem causing slowness and for disconnects. You may need to have your phones lines checked. Does it always seem noisy? Is it only after rainy conditions?

How about posting that HJT log attachment so we can check for any other possibilities?

 

Re: requested Highjack log from last week

You have two different installations of HJT running (neither is in the proper location)
C:\MY DOCUMENTS\MY RECEIVED FILES\HIJACKTHIS.EXE
C:\WINDOWS\DESKTOP\MY BRIEFCASE\HIJACKTHIS.EXE

Put it in the proper location as we recommend and only run one session.

You also had a browser session open.
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
No browsers should be running when using HJT

You never completed ALL the steps of the READ ME FIRST as require. I see no signs of the online scans being run.

Make sure you have viewing of hidden files enabled (per the tutorial).
Make sure you have downloaded About:Buster from the READ ME FIRST thread.
You have files related to an HSA hijacker running.
Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O4 - HKLM\..\RunServices: [JAVAOX32.EXE] C:\WINDOWS\SYSTEM\JAVAOX32.EXE
O4 - HKLM\..\RunServices: [D3QC.EXE] C:\WINDOWS\D3QC.EXE
O4 - HKLM\..\RunServices: [SYSCZ32.EXE] C:\WINDOWS\SYSCZ32.EXE
O4 - HKLM\..\RunServices: [IPFO.EXE] C:\WINDOWS\IPFO.EXE
O4 - HKLM\..\RunServices: [JAVAHT.EXE] C:\WINDOWS\SYSTEM\JAVAHT.EXE
O4 - HKLM\..\RunServices: [NTPI.EXE] C:\WINDOWS\NTPI.EXE
Note: The next line is not exactly malware. It is from MS but it is a huge waste of system resources and causes constant disk activity. I would have HJT fix it.
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - (no file)

Boot into safe mode and use Windows Explorer to delete:
C:\WINDOWS\SYSTEM\JAVAOX32.EXE
C:\WINDOWS\D3QC.EXE
C:\WINDOWS\SYSCZ32.EXE
C:\WINDOWS\IPFO.EXE
C:\WINDOWS\NTPI.EXE

Now reboot in normal mode and post a new HJT log. And tell us how things are working.