Register Members List Social Groups Search Today's Posts Mark Forums Read  
Computer Forums

Member Login

Remember Me? Sign Up! | Forgot Password
 
Slogan
 
Computer Forums > PC Technology Zone > Windows Operating Systems and Software » Internet connection
Closed Thread
LinkBack Thread Tools Display Modes
 
Old 12-13-2008, 11:05 PM   #1 (permalink)
 
Newb Techie

Join Date: Dec 2008

Posts: 3

camman321 is on a distinguished road
Default Internet connection
Hi,

I did a factory restore on my Gateway GT5242E. My ISP is Qwest. My router is 27000HG-D. DSL

So I reinstalled everything I needed for normal internet access, and whatever. But now, my internet seems to be running slower than it did before. I don't know what the problem is. There is much more room, and everything is a lot cleaner than before, but the internet is slower? Doesn't make sense.

An example would be signing out of hotmail. It wont let me. It sometimes wont even let me read my hotmail messages. Pictures load slower. Stuff is just slower. I don't believe any of my previous settings are different than they are now. Everything should be faster.

Any thoughts? Thanks
camman321 is offline  
Old 12-13-2008, 11:07 PM   #2 (permalink)
Mak213's Avatar
 

Join Date: Sep 2004

Location: C:\Windows\System32

Posts: 25,679

Mak213 is a name known to allMak213 is a name known to allMak213 is a name known to allMak213 is a name known to allMak213 is a name known to allMak213 is a name known to all
Default Re: Internet connection
http://www.tech-forums.net/pc/f51/sp...2008-a-165828/

Go thru this

HijackThis Logs (analyze) - Computer Forums

Post the HiJack This log here
__________________
R.I.P. Danny L. Trotter
14 Nov 1945 - 4 Sept 2009
Images created by CarnageX | Decaptured...Listen! | Visit Baezware!! | You've been Mak'd! | 儿做好
I do not accept support questions via EMail, PM, IM or my Spaces page! .:|:. This is what happens when an unstoppable force meets an immovable object.
Thanks to all the guys on the staff for your support in my time of need. Hefe you are my personal Hero for your contribution.



<<<< If I help you, or you just like what I said, rep me
Mak213 is online now  
Old 12-13-2008, 11:50 PM   #3 (permalink)
 
Newb Techie

Join Date: Dec 2008

Posts: 3

camman321 is on a distinguished road
Default





Thanks for your response. I was doing the guide you gave me, now I'm wondering how many of these processes are legit, or are they virus types?

Thanks

I also get many many popups, especially while searching google, that claim I've got spyware and viruses on my PC. This is through Firefox, with AdBlock 2 active.
Last edited by Mak213; 12-14-2008 at 12:25 AM.
camman321 is offline  
Old 12-14-2008, 12:25 AM   #4 (permalink)
Mak213's Avatar
 

Join Date: Sep 2004

Location: C:\Windows\System32

Posts: 25,679

Mak213 is a name known to allMak213 is a name known to allMak213 is a name known to allMak213 is a name known to allMak213 is a name known to allMak213 is a name known to all
Default Re: Internet connection
If you get pop ups you are infected for sure. Go thru the guide and post your log.
__________________
R.I.P. Danny L. Trotter
14 Nov 1945 - 4 Sept 2009
Images created by CarnageX | Decaptured...Listen! | Visit Baezware!! | You've been Mak'd! | 儿做好
I do not accept support questions via EMail, PM, IM or my Spaces page! .:|:. This is what happens when an unstoppable force meets an immovable object.
Thanks to all the guys on the staff for your support in my time of need. Hefe you are my personal Hero for your contribution.



<<<< If I help you, or you just like what I said, rep me
Mak213 is online now  
Old 12-14-2008, 05:18 AM   #5 (permalink)
 
Newb Techie

Join Date: Dec 2008

Posts: 3

camman321 is on a distinguished road
Default Re: Internet connection
Thanks Buddy. Followed the guide. Removed 60 infections in one of the programs.

Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:01:43, on 12/14/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qwest.live.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: The Weather Channel Toolbar - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\system32\TwcToolbarIe7.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file)
O9 - Extra 'Tools' menuitem: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Qwest Live - {7881D5D4-97DC-41F7-9FCA-01F5DE6CB6D9} - http://qwest.live.com (file missing) (HKCU)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 5076 bytes
Code:
Malwarebytes' Anti-Malware 1.31
Database version: 1499
Windows 5.1.2600 Service Pack 3

12/14/2008 1:29:53 AM
mbam-log-2008-12-14 (01-29-48).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 138234
Time elapsed: 57 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 4
Registry Keys Infected: 6
Registry Values Infected: 4
Registry Data Items Infected: 5
Folders Infected: 0
Files Infected: 43

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\nanawodi.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dimikike.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\pidawogi.dll (Trojan.Vundo.H) -> No action taken.
c:\WINDOWS\system32\yagepodo.dll (Trojan.Vundo.H) -> No action taken.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{316e34b1-724d-4d5c-849c-e70cfff198f6} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{316e34b1-724d-4d5c-849c-e70cfff198f6} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{316e34b1-724d-4d5c-849c-e70cfff198f6} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpmb78b7415 (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ruwiparefi (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\dimikike.dll -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\dimikike.dll  -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\dimikike.dll -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\yagepodo.dll -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\yagepodo.dll -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\beyubote.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\etobuyeb.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\joludune.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\enuduloj.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\mozewaya.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ayawezom.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nubinufu.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ufunibun.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\pukoziru.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\urizokup.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\pumepegi.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\igepemup.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\razokemi.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\imekozar.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\remudaze.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ezadumer.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\saropiye.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\eyiporas.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\volamele.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\elemalov.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\waziroto.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\otorizaw.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wenewoko.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\okowenew.ini (Trojan.Vundo.H) -> No action taken.
c:\WINDOWS\system32\yagepodo.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nanawodi.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\pidawogi.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dimikike.dll (Trojan.Vundo.H) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP30\A0006657.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP30\A0006685.dll (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP30\A0006686.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\jubateya.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\saregiju.dll.tmp (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\duhatage.dll.tmp (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\fakiwoba.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\fujigibo.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\mezifeje.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nakuviza.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\pajazeba.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\seratewa.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\tunofaba.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\zabipevi.dll.tmp (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\zuwigesa.dll (Trojan.Vundo) -> No action taken.

camman321 is offline  
 
Closed Thread

« xp freezing after hdd transfer | Karaoke software »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Internet connection sharing behind a router Mak213 Computer Networking & Internet Access 3 01-13-2009 01:26 AM
One specific PC kills internet connection alecjahn Computer Networking & Internet Access 2 06-07-2008 03:33 AM
new log 05/13 generalaxes HijackThis Logs (finished) 26 06-05-2008 09:43 PM
Help with internet connection sharing!! philbar71 Computer Networking & Internet Access 2 08-06-2007 05:05 PM

Contact Us - Computer Technology Forums - Archive - Top

 

All times are GMT -5. The time now is 10:35 AM.
Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.3.2 Copyright ©2002-2009, Tech-Forums.net
vBulletin skin created by Baez & Baez Computers Inc.   |   Contact Management Software and AAOutlook 		Log Out Unregistered