Picking14u Posted August 21, 2008 Report Share Posted August 21, 2008 I am a newbie... and have read thru way too may of these post.. its making my head spin.... i have been running for about 6 months.. and have been getting up to 600 kb/s download.. and keeping my uploads at about 30 kb/s as that seems to be the speed that allows me to get that upload.. anything more or less effects the download speed alot.. and since the upgrade ( done automatically ) my download speeds have dropped to about 150-200 kb/s i did the download test with ( OOo_2.4.1_Win32Intel_install_en-US.exe.torrent ) and got my almost 700 kb/s but all the rest have been low i am usually downloading around 30 downloads... it also lags in the actual program, when i click something , alot of times its taking about 5-10 seconds to respond, and i rarely ever had that problem before, i have the dreaded wrt54g modem... and have paid for the port forwarding program I have also been having the problem with the red, yellow and green for the connections.. i am getting a negative on the port being opened, but will sometimes get the green check.. i checked to make sure my ISP isn't getting throttled, and it isn't.. I am not very computer swave.. so reading thru a lot of the post is difficult, trying to figure out what i need to do , and what i don't. I appreciate any help, and i also uninstalled the utorrent and re downloaded the program.. which cost me some long running files i would appreciate help with that also... i tried the making a new folder on my desktop and having it autoload, but it didn't work.. so i must have done something wrong.. they already have the UT! at the end. Link to comment Share on other sites More sharing options...
thelittlefire Posted August 21, 2008 Report Share Posted August 21, 2008 The actual GUI lag is probably due to some http://utorrent.com/faq.php#Incompatible_software installed Can you run the Process Explorer and HiJackThis programs mentioned at the bottom of the sticky "if you have speed problems" at the index of this forum and paste the logfiles here?You can recover the torrents you already downloaded data for with http://utorrent.com/migration_guide.php as long as you still have the torrents. On your old folder see if you still have them? Link to comment Share on other sites More sharing options...
Picking14u Posted August 21, 2008 Author Report Share Posted August 21, 2008 Computer Amd turion GHz 1.75 GBmicrosoft windows xp 2002 service pack 2Time Warner cable modemspeed test 5967 KB/S download , upload 481 kb/s)# Try testing a torrent from OpenOffice.org, Slackware Linux, or Ubuntu Linux? (If any of them run quickly, then the problems you're experiencing likely lie only with the swarm) DID THIS, SPEED WAS AT 700 KB/S the 2nd time i ran it.. my max speed is around 70kb/s with bandwith 47 max upload rate, 94000 number of connections, 40 max connected per peers, 4 upload slotsy gls* ISP not being throttled, tested by glasnot* I did the Amd anthon x64 upgrade also ( seemed to help some )* Error! Port 51272 does not appear to be open.* upload limit 30 , upload slots 4 , connections per torrent 440, connections ( global ) 33464, max active torrents 75, Max Active downloads 75* max halfopen 4* avg anti - virusLogfile of Trend Micro HijackThis v2.0.2Scan saved at 9:12:58 PM, on 8/20/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16705)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\PROGRA~1\AVG\AVG8\avgfws8.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\system32\HPZipm12.exeC:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeC:\PROGRA~1\AVG\AVG8\avgam.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\PROGRA~1\AVG\AVG8\avgnsx.exeC:\PROGRA~1\AVG\AVG8\avgemc.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\Explorer.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\eHome\ehmsas.exeC:\WINDOWS\RTHDCPL.EXEC:\PROGRA~1\AVG\AVG8\avgtray.exeC:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Yahoo!\Messenger\YahooMessenger.exeC:\Program Files\Common Files\Teleca Shared\CapabilityManager.exeC:\Program Files\MSN Messenger\msnmsgr.exeC:\DOCUME~1\Admin\LOCALS~1\Temp\RtkBtMnt.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Common Files\Teleca Shared\Generic.exeC:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exeC:\Program Files\MSN Messenger\usnsvc.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\uTorrent\uTorrent.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\drwtsn32.exeC:\WINDOWS\system32\drwtsn32.exeC:\Documents and Settings\Admin\Desktop\HiJackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.htmlR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dllO1 - Hosts: 127.255.255.255 serial.alcohol-soft.comO1 - Hosts: 127.255.255.255 www.alcohol-soft.comO1 - Hosts: 127.255.255.255 images.alcohol-soft.comO1 - Hosts: 66.98.148.65 auto.search.msn.comO1 - Hosts: 66.98.148.65 auto.search.msn.esO2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: (no name) - {06E12C36-760F-4D92-8509-5E5DBF12C423} - (no file)O2 - BHO: {e228b9a4-4e13-81b8-f184-adabea020dc1} - {1cd020ae-bada-481f-8b18-31e44a9b822e} - (no file)O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dllO2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLLO2 - BHO: (no name) - {D20BF29C-5417-451F-BABF-A372ED0AEF07} - (no file)O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLLO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exeO4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO17 - HKLM\System\CCS\Services\Tcpip\..\{F05E33C0-1FA2-4291-BC78-1ADB25FF8673}: NameServer = 66.75.160.63,66.75.160.64O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dllO20 - AppInit_DLLs: avgrsstx.dllO20 - Winlogon Notify: wvUoonMD - wvUoonMD.dll (file missing)O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exeO23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exeO23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exeO23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe--End of file - 7589 bytes Link to comment Share on other sites More sharing options...
thelittlefire Posted August 21, 2008 Report Share Posted August 21, 2008 You were infected with something... wvUoonMD.dll doesn't belong in winlogon.What happens when you remove Yahoo Toolbar? You didn't run Process Explorer did you? Could you add/edit that logfile to the rest of the thread? Link to comment Share on other sites More sharing options...
ghot Posted August 21, 2008 Report Share Posted August 21, 2008 Bro you are infected with about 15 things !!! namely allthose browser hijacker/addons things you have runnin...here what a good HJT log looks like R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exeO4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\\vptray.exeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.09\RivaTuner.exe" /SO4 - HKLM\..\Run: [snoopFreeUI] SnoopFreeUI.exeO4 - HKCU\..\Run: [EVEREST AutoStart] C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exeO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1204223668625O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exeO23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXEO23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXEO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exeO23 - Service: Snoop Free Service (SnoopFreeSvc) - Unknown owner - C:\WINDOWS\System32\SnoopFreeSvc.exeO23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Link to comment Share on other sites More sharing options...
Picking14u Posted August 21, 2008 Author Report Share Posted August 21, 2008 Process PID CPU Description Company NameSystem Idle Process 0 97.69 Interrupts n/a Hardware Interrupts DPCs n/a 0.77 Deferred Procedure Calls System 4 smss.exe 1156 Windows NT Session Manager Microsoft Corporation csrss.exe 1260 Client Server Runtime Process Microsoft Corporation winlogon.exe 1292 Windows NT Logon Application Microsoft Corporation services.exe 1380 0.77 Services and Controller app Microsoft Corporation ati2evxx.exe 1608 ATI External Event Utility EXE Module ATI Technologies Inc. svchost.exe 1624 Generic Host Process for Win32 Services Microsoft Corporation ehmsas.exe 3236 Media Center Media Status Aggregator Service Microsoft Corporation svchost.exe 1716 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1768 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1864 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1952 Generic Host Process for Win32 Services Microsoft Corporation spoolsv.exe 512 Spooler SubSystem App Microsoft Corporation AppleMobileDeviceService.exe 752 Apple Mobile Device Service Apple Inc. avgwdsvc.exe 788 AVG Watchdog Service AVG Technologies CZ, s.r.o. avgam.exe 3384 AVG Alert Manager AVG Technologies CZ, s.r.o. avgrsx.exe 3456 AVG Resident Shield Service AVG Technologies CZ, s.r.o. avgnsx.exe 3560 AVG Network scanner Service AVG Technologies CZ, s.r.o. avgfws8.exe 828 AVG Firewall Service AVG Technologies CZ, s.r.o. mDNSResponder.exe 876 Bonjour Service Apple Inc. ehRecvr.exe 1036 Media Center Receiver Service Microsoft Corporation ehSched.exe 1668 Media Center Scheduler Service Microsoft Corporation jqs.exe 312 Java Quick Starter Service Sun Microsystems, Inc. HPZipm12.exe 1248 PML Driver HP StarWindService.exe 1840 StarWind iSCSI Target (Alcohol Edition) Rocket Division Software avgemc.exe 3988 AVG E-Mail Scanner AVG Technologies CZ, s.r.o. dllhost.exe 1020 COM Surrogate Microsoft Corporation alg.exe 2304 Application Layer Gateway Service Microsoft Corporation svchost.exe 4088 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 3688 Generic Host Process for Win32 Services Microsoft Corporation lsass.exe 1404 LSA Shell (Export Version) Microsoft Corporation ati2evxx.exe 472 ATI External Event Utility EXE Module ATI Technologies Inc.explorer.exe 2268 Windows Explorer Microsoft Corporation ehtray.exe 2584 Media Center Tray Applet Microsoft Corporation RTHDCPL.exe 784 Realtek HD Audio Control Panel Realtek Semiconductor Corp. RtkBtMnt.exe 1580 Realtek HD Audio Data Rerouter Realtek Semiconductor Corp. avgtray.exe 2056 AVG Tray Monitor AVG Technologies CZ, s.r.o. jusched.exe 2064 Java Platform SE binary Sun Microsystems, Inc. ctfmon.exe 2100 CTF Loader Microsoft Corporation firefox.exe 2588 Firefox Mozilla Corporation procexp.exe 4804 Sysinternals Process Explorer Sysinternals - www.sysinternals.com ConvertXtoDvd.exe 3672 ConvertXtoDVD transcoder VSO Software SARL uTorrent.exe 5368 0.77 µTorrent BitTorrent, Inc.MOM.exe 3896 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. CCC.exe 1788 Catalyst Control Centre: Host application ATI Technologies Inc.notepad.exe 3488 Notepad Microsoft CorporationProcess: uTorrent.exe Pid: 5368Name Description Company Name VersionACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.01.2600.2180adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.2180ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.2180apphelp.dll Application Compatibility Client Library Microsoft Corporation 5.01.2600.2180ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000avgrsstx.dll AVG Resident Shield Starter AVG Technologies CZ, s.r.o. 8.00.0000.0134c_936.nls CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0308COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.2982comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.2180COMRes.dll Microsoft Corporation 2001.12.4414.0258credui.dll Credential Manager User Interface Microsoft Corporation 5.01.2600.2180ctype.nls DNSAPI.dll DNS Client API DLL Microsoft Corporation 5.01.2600.3394GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.3316hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.2180ieframe.dll Internet Explorer Microsoft Corporation 7.00.6000.16705iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.00.6000.16705IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.2180Iphlpapi.dll IP Helper API Microsoft Corporation 5.01.2600.2912kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.3119locale.nls mdnsNSP.dll Bonjour Namespace Provider Apple Inc. 1.00.0004.0012MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.2180MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.01.2600.3319msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.2180msi.dll Windows Installer Microsoft Corporation 3.01.4000.4039msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.2180mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.3394NETAPI32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.2976NETSHELL.dll Network Connections Shell Microsoft Corporation 5.01.2600.2180ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.2180ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.2726oleaut32.dll Microsoft Corporation 5.01.2600.3266PSAPI.DLL Process Status Helper Microsoft Corporation 5.01.2600.2180rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.2938RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.3173rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.2180SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.2180Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.2180SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.2180SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.3241shfolder.dll Shell Folder Service Microsoft Corporation 6.00.2900.2180SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.3354sortkey.nls sorttbls.nls SXS.DLL Fusion 2.5 Microsoft Corporation 5.01.2600.3019unicode.nls urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 7.00.6000.16705USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.3099uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0000.11813UxTheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.2180VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.2180WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.2180WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.2180WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.2180wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.2180xpsp2res.dll Service Pack 2 Messages Microsoft Corporation 5.01.2600.2180 Link to comment Share on other sites More sharing options...
ghot Posted August 21, 2008 Report Share Posted August 21, 2008 Bro do this.....run Hijack this again and then click save log and save it to your desktop....notepad will immediately open select all and the copy.....then go here http://hjt.networktechs.com/ and post your HJT log in the big white box.......anything that shows up FIRE_ENGINE RED after you hit the "parse" button...get rid of it in HJT the program....then u'll have at least a fighting chance You have more tool bars than a hardware store bro...lose em....lose anything that is fire engine red also.ESPECIALLY those 02 BHO's that say "no name" they just plain infections !!Toorent programs are designed to use 90% of your bandwidth all those 02 BHO's are just hurtin you ^^Personally Id lose windows messenger too...at BEST its MS spyware lite lolHeres another GREAT site for protecting your HOSTS filehttp://www.mvps.org/winhelp2002/hosts.htmand go here and run thier online scan http://www.pandasecurity.com/homeusers/solutions/activescan/?sitepanda=particulares Link to comment Share on other sites More sharing options...
Picking14u Posted August 22, 2008 Author Report Share Posted August 22, 2008 ok, did some cleaning up and here are my latest specsalso not sure if this could be a problem... Checking port 51272 on 75.84.137.88.my dns is 66.75.160.63 can this be causing my problem? and if so how do i change itLogfile of Trend Micro HijackThis v2.0.2Scan saved at 1:00:28 PM, on 8/22/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16705)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\cisvc.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exeC:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exeC:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exeC:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exeC:\WINDOWS\system32\HPZipm12.exeC:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXEC:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exec:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXEC:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exeC:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\RTHDCPL.EXEC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXEC:\WINDOWS\eHome\ehmsas.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exeC:\WINDOWS\system32\dllhost.exeC:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXEC:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exeC:\DOCUME~1\Admin\LOCALS~1\Temp\RtkBtMnt.exeC:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exeC:\WINDOWS\system32\cidaemon.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Yahoo!\Messenger\YahooMessenger.exeC:\Program Files\Juno\bin\juno.exeC:\Documents and Settings\Admin\Desktop\HiJackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exeO4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /sO4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe"O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quietO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO17 - HKLM\System\CCS\Services\Tcpip\..\{F05E33C0-1FA2-4291-BC78-1ADB25FF8673}: NameServer = 66.75.160.63,66.75.160.64O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exeO23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exeO23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exeO23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exeO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exeO23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exeO23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2008\firewall\PSHOST.EXEO23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exeO23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeO23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe--End of file - 5837 bytesProcess PID CPU Description Company NameSystem Idle Process 0 97.73 Interrupts n/a Hardware Interrupts DPCs n/a Deferred Procedure Calls System 4 smss.exe 980 Windows NT Session Manager Microsoft Corporation csrss.exe 1052 Client Server Runtime Process Microsoft Corporation winlogon.exe 1096 Windows NT Logon Application Microsoft Corporation services.exe 1144 0.76 Services and Controller app Microsoft Corporation ati2evxx.exe 1348 ATI External Event Utility EXE Module ATI Technologies Inc. svchost.exe 1368 Generic Host Process for Win32 Services Microsoft Corporation ehmsas.exe 3420 Media Center Media Status Aggregator Service Microsoft Corporation wmiprvse.exe 4884 WMI Microsoft Corporation svchost.exe 1432 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1500 Generic Host Process for Win32 Services Microsoft Corporation TPSrv.exe 1560 TPSrv Application Panda Software International svchost.exe 1664 Generic Host Process for Win32 Services Microsoft Corporation svchost.exe 1724 Generic Host Process for Win32 Services Microsoft Corporation spoolsv.exe 1000 Spooler SubSystem App Microsoft Corporation cisvc.exe 248 Content Index service Microsoft Corporation cidaemon.exe 2300 Indexing Service filter daemon Microsoft Corporation ehRecvr.exe 632 Media Center Receiver Service Microsoft Corporation ehSched.exe 832 Media Center Scheduler Service Microsoft Corporation jqs.exe 1776 Java Quick Starter Service Sun Microsystems, Inc. PsCtrlS.exe 1752 Panda Software Controler Panda Software International PavBckPT.exe 4028 PavBckPT Aplicación Panda Software International, S.L. PAVFNSVR.EXE 428 Panda Function Service Panda Software International PavPrSrv.exe 1640 Panda Process Protection Service Panda Software PAVSRV51.EXE 380 Enhanced On-Access Anti-Malware Service. Panda Software International AVENGINE.EXE 328 Enhanced On-Access Anti-Malware Protection. Panda Software International HPZipm12.exe 1508 PML Driver HP pskmssvc.exe 348 Anti-malware protection service library executable Panda Software International PSHost.exe 704 Panda Host Service Panda Software International PsImSvc.exe 616 Panda Interface Manager Service Panda Software International StarWindService.exe 612 StarWind iSCSI Target (Alcohol Edition) Rocket Division Software svchost.exe 1388 Generic Host Process for Win32 Services Microsoft Corporation dllhost.exe 3580 COM Surrogate Microsoft Corporation alg.exe 2744 Application Layer Gateway Service Microsoft Corporation lsass.exe 1164 LSA Shell (Export Version) Microsoft Corporation ati2evxx.exe 1684 ATI External Event Utility EXE Module ATI Technologies Inc.explorer.exe 2252 Windows Explorer Microsoft Corporation RTHDCPL.exe 2404 Realtek HD Audio Control Panel Realtek Semiconductor Corp. RtkBtMnt.exe 3124 Realtek HD Audio Data Rerouter Realtek Semiconductor Corp. apvxdwin.exe 3116 Platinum permanent protection Panda Software International SrvLoad.exe 2564 Panda AntiSpam Trainer Panda Software International WebProxy.exe 3172 Internet resident proxy Panda Security International YahooMessenger.exe 1716 Yahoo! Messenger Yahoo! Inc. juno.exe 4668 Juno Juno Online Services, Inc. uTorrent.exe 5312 µTorrent BitTorrent, Inc. procexp.exe 4820 1.52 Sysinternals Process Explorer Sysinternals - www.sysinternals.comMOM.exe 2588 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. CCC.exe 2792 Catalyst Control Centre: Host application ATI Technologies Inc.firefox.exe 472 Firefox Mozilla CorporationProcess: uTorrent.exe Pid: 5312Name Description Company Name VersionACTIVEDS.dll ADs Router Layer DLL Microsoft Corporation 5.01.2600.2180adsldpc.dll ADs LDAP Provider C DLL Microsoft Corporation 5.01.2600.2180ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.01.2600.2180apphelp.dll Application Compatibility Client Library Microsoft Corporation 5.01.2600.2180ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000c_936.nls CLBCATQ.DLL Microsoft Corporation 2001.12.4414.0308COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.00.2900.2982comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.00.2900.2180COMRes.dll Microsoft Corporation 2001.12.4414.0258credui.dll Credential Manager User Interface Microsoft Corporation 5.01.2600.2180ctype.nls DNSAPI.dll DNS Client API DLL Microsoft Corporation 5.01.2600.3394GDI32.dll GDI Client DLL Microsoft Corporation 5.01.2600.3316hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 5.01.2600.2180icl_cfg.dll Internet Resident Configuration Panda Software International 7.09.0033.0503idle.dll Idle Module Yahoo! Inc. 1.00.0000.0002IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.01.2600.2180Iphlpapi.dll IP Helper API Microsoft Corporation 5.01.2600.2912kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.01.2600.3119locale.nls MPRAPI.dll Windows NT MP Router Administration DLL Microsoft Corporation 5.01.2600.2180msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.01.2600.2180MSVCP71.dll Microsoft® C++ Runtime Library Microsoft Corporation 7.10.3077.0000MSVCR71.dll Microsoft® C Runtime Library Microsoft Corporation 7.10.3052.0004msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.2600.2180mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 5.01.2600.3394NETAPI32.dll Net Win32 API DLL Microsoft Corporation 5.01.2600.2976NETSHELL.dll Network Connections Shell Microsoft Corporation 5.01.2600.2180ntdll.dll NT Layer DLL Microsoft Corporation 5.01.2600.2180ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.01.2600.2726oleaut32.dll Microsoft Corporation 5.01.2600.3266pavipc.dll PavIpc Dynamic Link Library Panda Software International 8.00.0000.0000pavlsp.dll Internet Resident Layered Service Provider Panda Software International 7.09.0022.0502pavoepl.dll Outlook Express Integration Panda Software International 8.08.0006.0005PAVSHOOK.DLL PavSHook Dynamic Link Library Panda Software International 8.00.0001.0000PavTrc.dll Internet resident forwarding Panda Security International 7.12.0026.0509PSAPI.DLL Process Status Helper Microsoft Corporation 5.01.2600.2180rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 5.01.2600.2938RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.01.2600.3173rtutils.dll Routing Utilities Microsoft Corporation 5.01.2600.2180SAMLIB.dll SAM Library DLL Microsoft Corporation 5.01.2600.2180Secur32.dll Security Support Provider Interface Microsoft Corporation 5.01.2600.2180SETUPAPI.dll Windows Setup API Microsoft Corporation 5.01.2600.2180SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.00.2900.3241shfolder.dll Shell Folder Service Microsoft Corporation 6.00.2900.2180SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.00.2900.3354sortkey.nls sorttbls.nls systools.dll SYSTOOLS Panda Software 7.00.0002.0000TpUtil.dll TpUtil Dynamic Link Library Panda Software International 8.00.0001.0000unicode.nls USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.01.2600.3099uTorrent.exe µTorrent BitTorrent, Inc. 1.08.0000.11813UxTheme.dll Microsoft UxTheme Library Microsoft Corporation 6.00.2900.2180VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.01.2600.2180WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.01.2600.2180WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.01.2600.2180WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.01.2600.2180wshtcpip.dll Windows Sockets Helper DLL Microsoft Corporation 5.01.2600.2180WSOCK32.dll Windows Socket 32-Bit DLL Microsoft Corporation 5.01.2600.2180xpsp2res.dll Service Pack 2 Messages Microsoft Corporation 5.01.2600.2180i am now getting 2.1 kb/s from the changes i have done.. please help Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.