Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pings Hitting 45,000ms Every Few Minutes


  • This topic is locked This topic is locked
6 replies to this topic

#1 mist420

mist420

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 30 June 2008 - 06:28 PM

Pings hitting 45,000, tried everything..any suggestions?

about every 3-4 minutes my pings jump from about 60ms to over 45,000ms which slows down my entire system, sometimes for minutes at a time.

Tried everything I can think of. Anyone here of this before? Any suggestions?


I am losing my mind with this.

everything closed/removed from starting, virus scans run, all non essentials services that I could figure out myself are stopped, increased ram from 1 gig to 3 gigs, restored system, rebooted everything in every possable order........

Have run 4 dif virus scanners, adaware, spybot S&D.

also, just fyi, was in IT for 12 years up till about 5 years ago, so not a noob...much.

Here's my DSS/Hijackthis log....

Deckard's System Scanner v20071014.68
Run by AC on 2008-06-30 19:02:02
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
61: 2008-06-30 23:02:17 UTC - RP61 - Deckard's System Scanner Restore Point
60: 2008-06-24 00:35:45 UTC - RP60 - Installed Adobe Reader 8.1.2
59: 2008-06-23 18:15:50 UTC - RP59 - Installed FriendFinder Messenger v4.1
58: 2008-06-19 00:26:27 UTC - RP58 - Installed Windows Media Format Runtime
57: 2008-06-18 22:15:13 UTC - RP57 - Installed Modem Helper


-- First Restore Point --
1: 2008-04-17 03:58:55 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as AC.exe) --------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:05:40 PM, on 6/30/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\AC\Local Settings\Temporary Internet Files\Content.IE5\G5YJOT2R\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\AC.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - http://w4s2.work4sure.com/c/ge/w4sgeen9.exe
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} (Scanner.SysScanner) - http://i.dell.com/images/global/js/scanner/SysProExe.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1213237512875

--
End of file - 2746 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

S0 cercsr6 - c:\windows\system32\drivers\cercsr6.sys <Not Verified; Adaptec, Inc.; Dell RAID Controller>
S4 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2008-05-30 and 2008-06-30 -----------------------------

2008-06-30 17:42:35 0 d-------- C:\Program Files\Startup Inspector for Windows
2008-06-30 17:03:59 0 d-------- C:\Documents and Settings\AC\Application Data\Malwarebytes
2008-06-30 17:03:55 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-30 17:03:53 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-30 16:59:41 0 d-------- C:\Program Files\Trend Micro
2008-06-30 13:03:57 0 d-------- C:\Documents and Settings\AC\DoctorWeb
2008-06-23 17:01:50 40960 --a------ C:\WINDOWS\system32\PicEng.dll <Not Verified; Xirlink, Inc; PicEng>
2008-06-23 17:01:50 61440 --a------ C:\WINDOWS\system32\camiodll.dll <Not Verified; Xirlink; Xirlink camiodll>
2008-06-23 17:01:50 57344 --a------ C:\WINDOWS\system32\CamCapEx.dll <Not Verified; Xirlink, Inc; Xirlink USB Camera API>
2008-06-23 17:01:49 86016 --a------ C:\WINDOWS\system32\xl_x263dec.dll <Not Verified; Xirlink, Inc.; Visionlink>
2008-06-23 17:01:49 0 d-------- C:\Program Files\Veo Mobile Connect
2008-06-23 17:01:45 0 d-------- C:\SETUP
2008-06-23 14:15:51 0 d-------- C:\Program Files\FriendFinder
2008-06-19 01:21:47 0 d-------- C:\Program Files\SecondLifeReleaseCandidate
2008-06-18 22:09:44 0 d-------- C:\Program Files\SHOUTcast
2008-06-18 20:27:01 0 d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-06-18 20:26:57 0 d-------- C:\Program Files\Winamp Remote
2008-06-18 20:26:28 0 d-------- C:\WINDOWS\RegisteredPackages
2008-06-18 20:24:32 0 d-------- C:\Program Files\Winamp
2008-06-18 20:24:32 0 d-------- C:\Documents and Settings\AC\Application Data\Winamp
2008-06-18 18:27:01 770048 --a------ C:\WINDOWS\system32\BCMLogon.dll <Not Verified; Dell Inc.; Wireless Network Logon Provider>
2008-06-18 18:27:00 33664 --a------ C:\WINDOWS\system32\drivers\BCMWLNPF.SYS <Not Verified; CACE Technologies; WinPcap Netgroup Packet Filter Driver>
2008-06-18 18:26:59 86016 --a------ C:\WINDOWS\system32\preflib.dll
2008-06-18 18:26:59 253952 --a------ C:\WINDOWS\system32\bcmwlu00.exe <Not Verified; Dell Inc.; Dell Wireless WLAN Card Uninstaller>
2008-06-18 18:26:59 69632 --a------ C:\WINDOWS\system32\bcmwlpkt.dll <Not Verified; CACE Technologies; WinPcap low level packet library>
2008-06-18 18:26:58 20480 --a------ C:\WINDOWS\system32\WLTRYSVC.EXE
2008-06-18 18:26:58 1392640 --a------ C:\WINDOWS\system32\WLTRAY.EXE <Not Verified; Dell Inc.; Dell Wireless WLAN Card Wireless Network Tray Applet>
2008-06-18 18:26:58 2129920 --a------ C:\WINDOWS\system32\WLBCGCBPRO731.DLL <Not Verified; BCGSoft Ltd; BCGControlBar Professional Dynamic Link Library>
2008-06-18 18:26:58 1253376 --a------ C:\WINDOWS\system32\BCMWLTRY.EXE <Not Verified; Dell Inc.; Dell Wireless WLAN Card Wireless Network Controller>
2008-06-18 18:26:58 757760 --a------ C:\WINDOWS\system32\bcm1xsup.dll
2008-06-18 18:25:31 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Intel
2008-06-18 18:25:31 0 d-------- C:\Documents and Settings\LocalService\Application Data\Intel
2008-06-18 18:25:31 0 d-------- C:\Documents and Settings\Default User\Application Data\Intel
2008-06-18 18:25:30 0 d-------- C:\Documents and Settings\AC\Application Data\Intel
2008-06-18 18:25:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Intel
2008-06-18 18:24:54 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-06-18 18:22:05 0 d-------- C:\Program Files\CONEXANT
2008-06-18 18:17:34 0 d-------- C:\Program Files\Intel
2008-06-18 17:58:33 666 --a------ C:\WINDOWS\speed.reg
2008-06-18 02:34:40 86016 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE>
2008-06-18 02:34:34 86016 --a------ C:\WINDOWS\unvise32qt.exe <Not Verified; MindVision; Installer VISE 2.8.3>
2008-06-18 02:34:33 0 d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
2008-06-18 02:34:27 0 d-------- C:\WINDOWS\system32\QuickTime
2008-06-18 02:33:46 0 d-------- C:\Program Files\The Rosetta Stone
2008-06-18 01:56:39 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-15 13:30:00 0 d-------- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
2008-06-11 23:02:23 0 d-------- C:\WINDOWS\system32\scripting
2008-06-11 23:02:22 0 d-------- C:\WINDOWS\system32\en
2008-06-11 23:02:22 0 d-------- C:\WINDOWS\system32\bits
2008-06-11 23:02:22 0 d-------- C:\WINDOWS\l2schemas
2008-06-11 23:00:21 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-11 22:58:22 0 d-------- C:\WINDOWS\network diagnostic
2008-06-11 22:55:40 0 d-------- C:\WINDOWS\EHome
2008-06-11 22:31:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-06-11 22:30:11 0 d-------- C:\WINDOWS\system32\PreInstall
2008-06-11 22:25:32 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-06-11 18:38:24 0 d-------- C:\Documents and Settings\AC\.housecall6.6
2008-06-11 18:38:14 0 d-------- C:\WINDOWS\Sun
2008-06-11 09:06:15 68951 --a------ C:\WINDOWS\hpoins05.dat
2008-06-11 09:06:14 19696 -----n--- C:\WINDOWS\hpomdl05.dat
2008-06-11 08:59:18 0 d-------- C:\I386
2008-06-11 08:57:35 0 d-------- C:\Program Files\Modem Helper
2008-06-11 08:51:03 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-06-10 20:23:40 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-06-10 20:23:13 0 d-------- C:\Program Files\Microsoft Works
2008-06-10 20:22:46 0 d-------- C:\Program Files\Microsoft.NET
2008-06-10 18:38:15 0 d-------- C:\Program Files\Hewlett-Packard
2008-06-09 21:42:35 0 d-------- C:\WINDOWS\system32\unknown
2008-06-09 21:42:19 212992 -ra------ C:\WINDOWS\system32\hptcpmui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-06-09 21:42:18 98304 -ra------ C:\WINDOWS\system32\hpzjsn01.dll <Not Verified; Hewlett Packard Company; HPJZSN01 Dynamic Link Library>
2008-06-09 21:42:18 102400 -ra------ C:\WINDOWS\system32\hpzjrd01.dll <Not Verified; Hewlett Packard; Hewlett Packard Rediscovery Library>
2008-06-09 21:42:18 28672 -ra------ C:\WINDOWS\system32\hpzjfw01.dll <Not Verified; Hewlett-Packard; Firewall>
2008-06-09 21:42:18 122880 -ra------ C:\WINDOWS\system32\hptcpmon.dll <Not Verified; Hewlett Packard; HP® Standard Port Monitor>
2008-06-09 21:42:18 73728 -ra------ C:\WINDOWS\system32\hptcpmib.dll <Not Verified; Hewlett Packard; HP® Standard Port Monitor>
2008-06-09 21:41:24 57344 --a------ C:\WINDOWS\system32\HPZisn12.dll <Not Verified; HP; HP SNMP Windows>
2008-06-09 21:41:24 94208 --a------ C:\WINDOWS\system32\HPZipt12.dll <Not Verified; HP; HP SNMP Windows>
2008-06-09 21:41:24 204800 --a------ C:\WINDOWS\system32\HPZipr12.dll <Not Verified; HP; HP PmlRtl>
2008-06-09 21:41:24 69632 --a------ C:\WINDOWS\system32\HPZipm12.exe <Not Verified; HP; HP PML>
2008-06-09 21:41:24 61440 --a------ C:\WINDOWS\system32\HPZinw12.exe <Not Verified; HP; HP Dot4Net Windows>
2008-06-09 21:41:24 278584 --a------ C:\WINDOWS\system32\HPZidr12.dll <Not Verified; HP; HP Dot4Rtl>
2008-06-09 21:41:21 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-06-07 16:53:36 0 d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-06-06 16:34:06 0 d-------- C:\Documents and Settings\AC\Application Data\gtk-2.0
2008-06-06 11:26:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-06-05 19:54:56 0 d-------- C:\Documents and Settings\AC\Application Data\Mozilla
2008-06-05 19:50:43 1052672 --a------ C:\WINDOWS\system32\stlang.dll <Not Verified; SigmaTel, Inc.; C-Major Audio>
2008-06-05 19:50:43 282624 --a------ C:\WINDOWS\stsystra.exe <Not Verified; SigmaTel, Inc.; C-Major Audio>
2008-06-05 19:50:34 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-05 19:50:01 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-05 19:45:42 0 d-------- C:\WINDOWS\system32\vmm32
2008-06-05 19:04:36 0 d-------- C:\Program Files\SecondLife
2008-06-05 19:04:34 0 d-------- C:\Program Files\Online Services
2008-06-05 18:32:43 0 d-------- C:\Program Files\Lavasoft(2)
2008-06-05 03:00:11 96966 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-06-05 03:00:11 88774 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-06-05 02:59:36 38176 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-05 02:59:36 4888608 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-05 02:59:36 0 d-------- C:\Program Files\Kaspersky Lab
2008-06-05 02:59:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab


-- Find3M Report ---------------------------------------------------------------

2008-06-23 20:36:39 0 d-------- C:\Documents and Settings\AC\Application Data\Adobe
2008-06-23 20:35:51 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-23 17:01:49 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-18 02:34:40 0 d-------- C:\Program Files\QuickTime
2008-06-15 01:12:50 11148 --a------ C:\WINDOWS\system32\nvModes.dat
2008-06-11 23:02:58 0 d-------- C:\Program Files\Messenger
2008-06-11 23:02:21 0 d-------- C:\Program Files\Movie Maker
2008-06-11 23:00:08 0 d-------- C:\Program Files\Windows NT
2008-06-11 18:37:44 0 d-------- C:\Program Files\Java
2008-06-11 09:18:06 0 d-------- C:\Program Files\HP
2008-06-10 20:23:18 0 d-------- C:\Program Files\Common Files
2008-06-10 18:40:38 0 d-------- C:\Program Files\Common Files\HP
2008-06-06 16:29:30 0 d-------- C:\Program Files\GIMP-2.0
2008-06-06 11:26:06 0 d-------- C:\Program Files\Yahoo!
2008-06-05 19:45:42 0 d-------- C:\Program Files\Dell
2008-06-05 19:05:51 0 d-------- C:\Program Files\LimeWire
2008-06-05 19:05:49 0 d-------- C:\Documents and Settings\AC\Application Data\LimeWire
2008-06-05 19:05:43 0 d-------- C:\Program Files\Replay Music 3
2008-06-05 19:05:43 0 d-------- C:\Documents and Settings\AC\Application Data\Orbit
2008-06-05 19:05:42 0 d-------- C:\Program Files\CyberLink
2008-06-05 19:05:40 0 d-------- C:\Documents and Settings\AC\Application Data\SecondLife
2008-06-05 19:05:06 0 d-------- C:\Program Files\Freecorder Toolbar
2008-06-05 19:05:05 0 d-------- C:\Program Files\Freecorder
2008-05-08 20:38:59 42 --a------ C:\END
2008-04-21 23:31:20 6624 --a------ C:\Documents and Settings\AC\Application Data\Replay Music 3 Setup Log.txt
2008-04-16 23:52:32 0 -rahs---- C:\MSDOS.SYS
2008-04-16 23:52:32 0 -rahs---- C:\IO.SYS
2008-04-16 23:52:32 0 --a------ C:\CONFIG.SYS
2008-04-16 23:52:32 0 --a------ C:\AUTOEXEC.BAT
2008-04-16 23:49:55 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-04-16 19:38:14 62 --ahs---- C:\Documents and Settings\AC\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/13/2008 08:12 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"disableregistrytools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=C:\WINDOWS\pss\HP Image Zone Fast Start.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
C:\WINDOWS\system32\WLTRAY.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
"C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVHotkey]
rundll32.exe nvHotkey.dll,Start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
"C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
stsystra.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
"C:\Program Files\Winamp\winampa.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MDM"=2 (0x2)
"ose"=3 (0x3)
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)
"Themes"=2 (0x2)
"Eventlog"=2 (0x2)
"ERSvc"=2 (0x2)
"ALG"=3 (0x3)
"wltrysvc"=2 (0x2)
"Pml Driver HPZ12"=2 (0x2)
"NVSvc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
AutoRun\command- D:\setup.exe




-- Hosts -----------------------------------------------------------------------

192.168.1.100 HP000D9D29933B


-- End of Deckard's System Scanner: finished at 2008-06-30 19:09:01 ------------

"extra.txt" log attached as per instructions...

Attached Files



BC AdBot (Login to Remove)

 


m

#2 mist420

mist420
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 30 June 2008 - 06:30 PM

also ran kaspersky, it didnt find anything so no log generated.

Thanks for you help in advance :thumbsup:

#3 mist420

mist420
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 30 June 2008 - 06:41 PM

System specs:

Dell Latitude D820
CPU: Intel Core 2 Series Processor (1828 MHz)
Memory: 3071 MB
OS Version: Microsoft Windows XP Service Pack 3 (Build 2600)
Graphics Card Vendor: NVIDIA Corporation
Graphics Card: GeForce Go 7400/PCI/SSE2
OpenGL Version: 2.0.1

#4 mist420

mist420
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 05 July 2008 - 05:45 PM

Help! I am losing my mind!

I see people that JUST posted yesterday are getting help, can someone please help me? been waiting 6 days now... :thumbsup:

#5 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:11:52 AM

Posted 05 July 2008 - 05:56 PM

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. :thumbsup:

I don't see any indication of malware in your log.
Are you having any other symptoms that might indicate malware as a cause of your issue?
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#6 mist420

mist420
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 05 July 2008 - 06:04 PM

I am stuck, my band width seems to get eaten up every 3-4 minutes sending my pings over 45k to pretty much any website or server I have tried, at the same times my cpu slows to a crawl.

Any suggestions?

#7 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:11:52 AM

Posted 05 July 2008 - 06:16 PM

I don't see that you are running an antivirus or a firewall. I would suggest that you install both of those, especially a firewall since you are suspecting something using your connection. Seems kind of odd that you wouldn't have one to begin with.

I just don't see anything that would appear to be malicious.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users