1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Internet Running Slow. HJT post please help!

Discussion in 'Windows XP' started by monst3r91, May 9, 2009.

Thread Status:
Not open for further replies.
Advertisement
  1. monst3r91

    monst3r91 Thread Starter

    Joined:
    Apr 9, 2006
    Messages:
    86
    my internet started to act very slow. i thought it was just firefox but after checking with google chrome its the same thing. videos also take forever to buffer and they lag. please help if you can

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 4:31:53 PM, on 5/9/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.21020)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\user\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\USER\FlashGet\jccatch.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\USER\FlashGet\getflash.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\USER\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\USER\FlashGet\jc_link.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {85e1f530-48f4-11d9-9629-08ff2ffc9f67} - (no file)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\USER\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\USER\FlashGet\FlashGet.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238358402968
    O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\user\Raxco\PerfectDisk10\PDAgent.exe
    O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\user\Raxco\PerfectDisk10\PDEngine.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 4763 bytes
     
  2. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,753
    You really don't have that many applications running or loading at Startup. I can't see any evidence of malware either.

    How much RAM do you have?

    You could try running a scan with Malwarebytes' Anti-Malware and see what comes up. If you find something difficult to remove, you will be redirected to the Malware Removal forum.
     
  3. monst3r91

    monst3r91 Thread Starter

    Joined:
    Apr 9, 2006
    Messages:
    86
    actually i just did a scan with MalwareBytes and found 4 infections. i have 1 gig of ram. i did a scan with eset, malwarebytes, and advance system protector.

    malwarebytes log

    Malwarebytes' Anti-Malware 1.36
    Database version: 1945
    Windows 5.1.2600 Service Pack 3

    5/9/2009 6:18:43 PM
    mbam-log-2009-05-09 (18-18-43).txt

    Scan type: Full Scan (C:\|)
    Objects scanned: 138589
    Time elapsed: 49 minute(s), 49 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 3
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\Documents and Settings\Administrator\Local Settings\Temp\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
     
  4. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,753
    Is your browsing still slow?

    Also, don't forget to empty your Internet cache.

    Refresh your DNS by following these steps:

    Start >> Run >> cmd >> ipconfig /release

    ipconfig /flushdns

    ipconfig /renew
     
  5. monst3r91

    monst3r91 Thread Starter

    Joined:
    Apr 9, 2006
    Messages:
    86
    its still laggy. i cant stream fullscreen videos or watch hd videos from youtube.
     
  6. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,753
    Your computer might still be infected. You should click on the Report button and ask to be moved to the Malware Removal forum.
     
  7. monst3r91

    monst3r91 Thread Starter

    Joined:
    Apr 9, 2006
    Messages:
    86
    hmmm. that uhh caught me by surprise

    Scan Log Total Time: 90 Mins 58 Secs
    Start Time: May 10, 2009 at 12:22:06 AM End Time: May 10, 2009 at 01:53:04 AM
    Worm-Email.Skowor.l (Email-Worm )
    Status : Quarantined

    Infected registry keys/values detected
    hkey_current_user\software\microsoft\windows\currentversion\run\steam
    Exploit.agent.fu (Security Exploit)
    Status : Quarantined

    Infected files detected

    FileName: c:\windows\system32\drivers\bzmzoe.sys
    MD5: 589312a3b46721c5a751e4d5222a89be (61440 Bytes)
    Signature:
    Infected registry keys/values detected
    hkey_local_machine\system\currentcontrolset\services\yurf\imagepath
    trojan-banker.win32.banker.qvp (Adware)
    Status : Quarantined

    Infected files detected

    FileName: c:\documents and settings\all users\documents\mamoon's ****\downloads\sp27608.exe
    MD5: 0efdd4f7c091583fe5a0b4bcb7aaf76e (2074384 Bytes)
    Signature:
    Trojan-Backdoor.agent.hjt (Backdoor)
    Status : Quarantined

    Infected files detected

    FileName: c:\documents and settings\all users\documents\mamoon's ****\maximus formula xp 64bit\aisuite_v10408_2kxpvista\aisuite\asussetup.exe
    MD5: 554685db743f669d9f4a9b8451da6da8 (506368 Bytes)
    Signature:

    FileName: c:\documents and settings\all users\documents\mamoon's ****\maximus formula xp 64bit\aisuite_v10408_2kxpvista.zip\aisuite/asussetup.exe - compressed (zip) folder
    MD5:
    Signature:
    Trojan.chifrax.a (Trojan)
    Status : Quarantined

    Infected files detected

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp10\a0000034.exe
    MD5: 4ff21f377f9c93007a37e47f4bde802f (19742717 Bytes)
    Signature:
    Trojan-Backdoor.vbbot.cq (Backdoor)
    Status : Quarantined

    Infected files detected

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp11\a0000066.exe
    MD5: 3611e63b92a7927a43f5123407925890 (89543 Bytes)
    Signature:
    adware.fireoptimizer.c (Adware)
    Status : Quarantined

    Infected files detected

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp13\a0000371.ini
    MD5: f7af756adb852f87165881eaf4975d47 (493 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp13\a0000372.ini
    MD5: 33df57f70d743ae5af9fc6ae90eb7d10 (544 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp13\a0000373.ini
    MD5: 4707aef7bb0f0757bb96510ab1a5f9a5 (583 Bytes)
    Signature:
    AdWare.BetterInternet.jn (Adware)
    Status : Quarantined

    Infected files detected

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp166\a0038151.vxd
    MD5: 958e4ce825f08fc36de585c369bc17b1 (5933 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp166\a0038152.vxd
    MD5: 958e4ce825f08fc36de585c369bc17b1 (5933 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp24\a0002943.dll
    MD5: 576793b18d1b2283abc59d09068eb710 (378 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp24\a0002944.ini
    MD5: 98908bf5ac0984eca752a2c24ac77b76 (785 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp24\a0002945.ini
    MD5: 456120afad4700376c6e53f8c16c4925 (42 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp24\a0002946.ini
    MD5: 2c68741c6592a4e44496906dd4ab8b5f (34 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp24\a0002948.ini
    MD5: cc9656e196ae3a83285d01c2d85fe88f (44 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp24\a0002949.exe
    MD5: 4d959623a53ad4a068fc334a68c4d810 (159744 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp24\a0002950.exe
    MD5: b30390eb32bc7f69acc0c7c1b01eae3b (5632 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp24\a0002951.exe
    MD5: 0630f5f61bbd95dd28c2558c7092bc07 (97280 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp26\a0003370.dll
    MD5: 0406d44f9ba915c4f3a1b2cc3ea6949d (28672 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp26\a0003371.dll
    MD5: 13fcc516e1d2609acf55619f26737065 (32768 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp26\a0003372.dll
    MD5: 45a7cb59549323ec8e7785e67aba41d8 (32768 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp26\a0003373.dll
    MD5: 69af43273a760b1835acfe69db8b7385 (28672 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp26\a0003374.dll
    MD5: 2059f9fce201035316f624c23ccf3784 (32768 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp26\a0003375.dll
    MD5: 3f8d667d15b8e973e1d4858ab10031ae (32768 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp26\a0003376.dll
    MD5: 49cc78aee8ef5aa6ae6771e3acd3a248 (36864 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp26\a0003377.dll
    MD5: b4b26e88045b312e47efb4ed9a7bbdd0 (20480 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp26\a0003378.dll
    MD5: 8d06fb2fcc176b1d7b9acd7e9d29de44 (24576 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp26\a0003385.dll
    MD5: 727164062a252f40f3198500c1309d38 (28672 Bytes)
    Signature:

    FileName: c:\system volume information\_restore{0c0f2d3c-067a-4901-9eb3-d06be198d1ed}\rp26\a0003386.dll
    MD5: 6b483f3846a99f338f2f2be392d96e46 (28672 Bytes)
    Signature:

    its late so ill check if i notice a difference tomorrow morning
     
  8. monst3r91

    monst3r91 Thread Starter

    Joined:
    Apr 9, 2006
    Messages:
    86
    well now surfing is fine but the videos lag too much and its unbearable
     
  9. Jason08

    Jason08

    Joined:
    Oct 13, 2008
    Messages:
    3,724
    Does your computer have space to add more RAM?
     
  10. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    78,095
    First Name:
    Frank
    monst3r91:

    Go here to download K-Lite Codec Pack 4.8.0 Full.

    When you install it, uncheck the option to install the classic windows media player, but allow it to install everything else.

    Restart your computer afterwards.

    -----------------------------------------------------------------

    Right-click MY COMPUTER, click Properties - System Restore, check "Turn off system restore", click Apply - OK, then restart your computer.

    Repeat the same steps, but uncheck "Turn off system restore" this time.

    -----------------------------------------------------------------
     
  11. monst3r91

    monst3r91 Thread Starter

    Joined:
    Apr 9, 2006
    Messages:
    86
    hmmm streaming videos still very laggy =(
     
  12. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,753
    I still recommend doing what I've suggested in post #6...
     
  13. Jason08

    Jason08

    Joined:
    Oct 13, 2008
    Messages:
    3,724
    Is everything else Internet-based behaving normally?
     
  14. monst3r91

    monst3r91 Thread Starter

    Joined:
    Apr 9, 2006
    Messages:
    86
    yes. but now and then i have internet lag in game
     
  15. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,753
    Have you tried updating you video card driver?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/825747

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice