Slow internet connection

PaulfcbPaulfcb
edited April 2007 in Hardware
Please feel free to move this. I'm having major connection problems! Sometimes I have limited or no connectivity at all. Firefox is taking ages to load up before often times timing out. I have absolutely no idea why this happening. Is there any test I can do to makes sure everything is OK? Thank you.

Comments

  • MrBillMrBill Missouri Member
    edited April 2007
    It sounds like you might have a virus/malware problem. You might check out http://www.short-media.com/forum/forumdisplay.php?f=57 ....
  • PaulfcbPaulfcb
    edited April 2007
    Now all my Firefox bookmarks have disappeared! I'm worried it could be a Malware issue. Anyone know of a decent tool to check?
  • profdlpprofdlp The Holy City Of Westlake, Ohio
    edited April 2007
    Check the "Sticky" threads here and post a HijackThis log. Someone will be along to analyze it for you soon. :)
  • PaulfcbPaulfcb
    edited April 2007
    Here's a log. This might be a slow process because my connection is so poor!

    Logfile of HijackThis v1.99.1
    Scan saved at 18:19:24, on 08/04/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
    C:\WINDOWS\system32\NVATray.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
    O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  • PaulfcbPaulfcb
    edited April 2007
    I've since done a scan using Kapersky which found no Malware. Occasionally Firefox tabs are taking ages to load up before timing out. It doesn't happen all the time though. Here's another log though not sure if anything has changed. Also my bookmarks keep disappearing!

    Logfile of HijackThis v1.99.1
    Scan saved at 20:37:15, on 11/04/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
    C:\WINDOWS\system32\NVATray.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
    O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  • Rahina-RescueRahina-Rescue Finland
    edited April 2007
    Hello There Paulfcb ! Sorry for the delay Getting to you, forums have been busy.

    I Can not see any signs of malware in your logfile.

    Please run Panda's ActiveScan You will need to use Internet Explorer to run it.

    • Once you are on the Panda site click the Scan your PC button
    • A new window will open...click the Check Now button
    • Enter your Country
    • Enter your State/Province
    • Enter your e-mail address and click send
    • Select either Home User or Company
    • Click the big Scan Now button
    o If it wants to install an ActiveX component allow it
    o It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
    o When download is complete, click on My Computer to start the scan
    o When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.


    Post the contents of the ActiveScan report
  • PaulfcbPaulfcb
    edited April 2007
    Incident Status Location

    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.adrevolver.com/]
    Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.doubleclick.net/]
    Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.zedo.com/]
    Spyware:Cookie/Adviva Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.adviva.net/]
    Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.adtech.de/]
    Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.2o7.net/]
    Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.mediaplex.com/]
    Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.serving-sys.com/]
    Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.bs.serving-sys.com/]
    Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.serving-sys.com/]
    Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.fastclick.net/]
    Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[ad.yieldmanager.com/]
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.atdmt.com/]
    Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.tribalfusion.com/]
    Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.as-eu.falkag.net/]
    Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[statse.webtrendslive.com/]
    Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.advertising.com/]
    Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.statcounter.com/]
    Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.casalemedia.com/]
    Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.realmedia.com/]
    Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.questionmarket.com/]
    Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.com.com/]
    Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.spylog.com/]
    Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies-1.txt[.yadro.ru/]
    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.adrevolver.com/]
    Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.adtech.de/]
    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.adrevolver.com/]
    Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.zedo.com/]
    Spyware:Cookie/Adviva Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.adviva.net/]
    Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.doubleclick.net/]
    Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[statse.webtrendslive.com/]
    Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.overture.com/]
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.atdmt.com/]
    Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.mediaplex.com/]
    Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[ad.yieldmanager.com/]
    Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.adultfriendfinder.com/]
    Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.sextracker.com/]
    Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[counter8.sextracker.com/]
    Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.fastclick.net/]
    Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.serving-sys.com/]
    Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.bs.serving-sys.com/]
    Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.serving-sys.com/]
    Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.xiti.com/]
    Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.questionmarket.com/]
    Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.2o7.net/]
    Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.112.2o7.net/]
    Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.club.cdfreaks.com/]
    Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.cdfreaks.com/]
    Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.club.cdfreaks.com/]
    Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.com.com/]
    Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.tradedoubler.com/]
    Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[c5.zedo.com/]
    Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.as-eu.falkag.net/]
    Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.casalemedia.com/]
    Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.tribalfusion.com/]
    Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.targetnet.com/]
    Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\08rl2l2o.default\cookies.txt[.valueclick.com/]
    Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@247realmedia[1].txt
    Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt
    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[1].txt
    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[3].txt
    Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@adtech[2].txt
    Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@advertising[2].txt
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt
    Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@bluestreak[1].txt
    Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@cdfreaks[2].txt
    Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@club.cdfreaks[1].txt
    Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt
    Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@hitbox[2].txt
    Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt
    Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[1].txt
    Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@tradedoubler[2].txt
  • Rahina-RescueRahina-Rescue Finland
    edited April 2007
    I can not see any signs of malware in your logs.

    Are you receiving any issues ?
  • PaulfcbPaulfcb
    edited April 2007
    Like I've said occasionally the tabs in Firefox are taking an eternity to load up before sometimes timing out.
  • Rahina-RescueRahina-Rescue Finland
    edited April 2007
    Hello There Paulfcb :)

    Have you tried R-e Installing Firefox Mozilla?

    Are you currenlty Using the newest version?

    Thanks.
  • PaulfcbPaulfcb
    edited April 2007
    I've found the problem isn't only with Firefox but with IE and when I try to connect to MSN. This is the first time I've established a connection in over 24 hours. I noticed earlier that D/S on my modem was flashing earlier.
  • PaulfcbPaulfcb
    edited April 2007
    The problem seems to be more prevalent in the afternoon. I'm beginning to think it may be a problem with my modem though not sure.:confused:
  • Rahina-RescueRahina-Rescue Finland
    edited April 2007
    Well i'm sure it's not related To Spyware & Spyware, So i'm moving this Topic Now :)

    I Hope you will get your problem solved.

    Thanks.
  • ShortyShorty Manchester, UK Icrontian
    edited April 2007
    Some questions to help nail down an analysis:

    1. Have you checked your CPU usage in task manager when the machine is idle? Is it constantly peaking at 80%-100% with a process that don't recognise? (eg.. not folding@home or a distributed client).

    2. What type of connection do you have? DSL/Cable?

    3. As all internet based programs seem to be slow, have you contacted your provider to enquire if there is high contention locally?

    4. Have you rebooted your DSL modem/router or cable router/modem at all recently? This can help a great deal. My Virgin media cable connection & linksys router need this on a regular basis. I also find that Virgin change my IP address sometimes and my net will crawl until the new IP address is received by the equipment.

    5. Download and run TCPView. It will display a list of all connections going out of your machine. File-> Export the list and post it here. We can analyse processes making connections. You may have a process hammering the connection.

    6. Another common fault is bad DNS servers somewhere in your providers network. DNS servers are the servers that translate urls like http://www.short-media.com into the unique IP address. If they don't work well, internet activity can slow to a crawl.

    Try browsing:

    http://66.94.234.13/

    This is actually the entry point IP for yahoo.com. If it loads instantly, it almost certainly DNS related.

    7. If you can get to it, try http://www.speedtest.net and report the results. Downloads may be fine but you could have a constrained upload. This will also seriously degrade the performance of your connection.

    That little lot should get you started to help analyse things :)
  • PaulfcbPaulfcb
    edited April 2007
    Thanks for the help! Here's the answers:

    1. Yes it is constantly peaking at 80-100%

    2. Cable

    3. I'm with Virgin Media and the unhelpful staff there say the connection is fine and the problem is my end. Thanks!

    4. I've rebooted my modem loads of times and also released and renewed my IP address.

    5. I hope I've done this correctly:

    alg.exe:2024 TCP paul-2072994e84:1029 paul-2072994e84:0 LISTENING
    avgemc.exe:1572 TCP paul-2072994e84:10110 paul-2072994e84:0 LISTENING
    firefox.exe:2392 TCP paul-2072994e84:1045 wa-in-f104.google.com:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1046 wa-in-f104.google.com:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1050 84.53.134.144:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1052 84.53.138.64:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1055 84.53.138.64:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1059 84.53.138.64:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1060 host22.akamai-hex.cust.telecomplete.net:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1061 gv-in-f103.google.com:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1062 gv-in-f103.google.com:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1065 host5.akamai-hex.cust.telecomplete.net:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1079 nf-in-f147.google.com:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1080 nf-in-f99.google.com:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1083 207.46.19.254:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1084 207.46.19.254:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1085 84.53.138.89:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1086 84.53.138.65:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1087 207.68.178.134:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1088 84.53.138.89:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1089 84.53.138.89:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1096 66-193-254-53.static.twtelecom.net:http ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1033 localhost:1034 ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1034 localhost:1033 ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1035 localhost:1036 ESTABLISHED
    firefox.exe:2392 TCP paul-2072994e84:1036 localhost:1035 ESTABLISHED
    lsass.exe:692 UDP paul-2072994e84:4500 *:*
    lsass.exe:692 UDP paul-2072994e84:isakmp *:*
    svchost.exe:1008 UDP paul-2072994e84:ntp *:*
    svchost.exe:1008 UDP paul-2072994e84:ntp *:*
    svchost.exe:1052 UDP paul-2072994e84:1025 *:*
    svchost.exe:1052 UDP paul-2072994e84:1038 *:*
    svchost.exe:1104 UDP paul-2072994e84:1900 *:*
    svchost.exe:1104 UDP paul-2072994e84:1900 *:*
    svchost.exe:912 TCP paul-2072994e84:epmap paul-2072994e84:0 LISTENING
    System:4 TCP paul-2072994e84:microsoft-ds paul-2072994e84:0 LISTENING
    System:4 UDP paul-2072994e84:microsoft-ds *:*

    6. I got this - Sorry, the page you requested was not found.

    7. 114049533.png
  • ShortyShorty Manchester, UK Icrontian
    edited April 2007
    Ok.. thats really useful stuff there :)

    What process is hogging? Name of please :)

    From the diagnostics you have provided:

    a. I can't see any harmful connections that would hog your connection
    b. You regularly reboot your equipment

    It looks to me like contended upload. Call Virgin Media cable support back and tell them that you have done a speed test and have 188kb/s upload. Your upload should be closer to 400kb/s and that you are "over subscribed". They will tell you are not but insist a little to get it investigated :)

    Two other ways to gather the exact conclusion (and help prove it) are:

    1. Disconnect the router and place the cable modem directly onto your PC (I am assuming you have a router here, if not disregard this set of instructions). Make sure you have a personal firewall on before you do this (as you will be connected the public internet with no protection otherwise!). Reboot cable modem. This will cause the cable modem to learn your PC MAC address (unique hardware address).

    Surf. Is it still slow?

    2. If still the same, I can suggest trying some name lookups (DNSlookup). Do you know any of the commands for it, I can post some if need be :)
  • PaulfcbPaulfcb
    edited April 2007
    What process is hogging? Do you mean memory? If so I've got these:

    Firefox.exe 41,604k
    Svchost.exe 34,684k
    explorer.exe 29.872k
    livecall.exe 16.324
  • ShortyShorty Manchester, UK Icrontian
    edited April 2007
    Actually mate, I meant CPU load but I don't think this is a PC problem. This points to the age old NTL/Virgin media over subscribed network. That mega slow upload on the speed test is a solid indicator of it.
  • PaulfcbPaulfcb
    edited April 2007
    Shorty wrote:
    Actually mate, I meant CPU load but I don't think this is a PC problem. This points to the age old NTL/Virgin media over subscribed network. That mega slow upload on the speed test is a solid indicator of it.
    Right, but what I don't understand is why does the problem seem worse in the afternoon while right now it seems OK?
  • ShortyShorty Manchester, UK Icrontian
    edited April 2007
    It all depends on your neighbours.

    Cable is a shared, contended technology. x amount of bandwidth is assigned to a fixed number of subscribers at a ratio of average (rough guess here) 50:1 (certainly UK DSL is the same ratio).

    So 50 people in a neighbourhood are sharing the bandwidth of 1. Now obviously that ratio factors in heavier usage subscribers, so the ratio works out less than that as plenty of bandwidth will be provided.

    If they have recently signed up a couple of new customers locally, they could be using it quite heavily at those times. This will have a knock-on effect on your connection.

    The alleged common practice with Virgin is to have plenty of download bandwidth available (in some cases, more than is needed) but keep the upload bandwidth to enough to get away with. Hence why it is now appearing to be oversubscribed :)

    Now, I will say that I cannot prove or validate that statement or guarantee that that is the cause of your problem. I only going on previous experience of twice having had my local network oversubscribed with too many users. This impacted my upload speed, hence the slow network responses. Identical to what you are experienced. The fix was to get them to investigate and up the bandwidth in the local segment. This worked both times and cured my issues.

    In conclusion, without upload, you will have slow DNS lookups, slow responses to requests, requests to pages timing out and problems connecting to sites & services. A solid upstream is as important to a connection as downstream :)
  • PaulfcbPaulfcb
    edited April 2007
    Superb stuff mate! I'll get onto Virgin Media and report back what they say. Thanks again for your invaluable advice!:)
  • ShortyShorty Manchester, UK Icrontian
    edited April 2007
    Not a problem. I hope this is the eventual fix to your problem as I cannot find anything wrong with your PC. Especially after our spyware, network and application diagnosis! :ninja:
Sign In or Register to comment.