I think that I must have some malware or spyware runnning as I've contacted my ISP regarding my terrible download speeds. Rarely do I download faster than 40 or 35 kb/s on a 1 meg broadband connection (top end 120 kb/s - average should be about 90 kb/s so said the technician). I've tested this by downloading files from the microsoft website.
Now I run Adaware SE and Spybot religiously every couple of days and they show nothing unusual. Norton 2005 did throw up a Keygen threat due to a dodgy version of Limewire Pro I had (now removed with all other p2p muck spreaders that were installed on my system). A lesson learned.
My ISP technician told me to RUN>> "cmd" and enter "netstat -a" and tell him how many lines of data appeared. He expected about 8 and I gave him over 60! Spyware city, he said.
I downloaded Microsoft Antispyware Beta on his recommendation and found a couple of threats lurking in my system (namely Transponder.VX2.A and Windows AdTools) which I duly removed. This is what it came up with:
Spyware Scan Details
Start Date: 07/09/2005 11:19:53
End Date: 07/09/2005 11:26:25
Total Time: 6 mins 32 secs
Detected Threats
Adware more information...
Details: Transponder.VX2.A is an Internet Explorer browser helper object that monitors Web page requests and data entered into forms and displays pop-up advertisements. Transponder.VX2.A also collects and sends personal information.
Status: Removed
High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.
Infected files detected
c:\windows\conscorr.ini
c:\windows\inf\conscorr.inf
Windows AdTools Adware
Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/WinAdCtlX.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/WinAdCtlX.dll .Owner {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/WinAdCtlX.dll {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs C:\WINDOWS\Downloaded Program Files\WinAdCtlX.dll
Warez P2P Software Bundler
Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\warez\shell\open\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\warezq\shell\open\command "C:\Program Files\Warez P2P Client\Warez.exe" "%L"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\warezq URL:Warez_Query protocol
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\warezq URL Protocol
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\warez\shell\open\command "C:\Program Files\Warez P2P Client\Warez.exe" "%L"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\warez
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\warez\shell\open\command "C:\Program Files\Warez P2P Client\Warez.exe" "%L"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\warez URL:Warez protocol
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\warez URL Protocol
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\warezq\shell\open\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\warezq\shell\open\command "C:\Program Files\Warez P2P Client\Warez.exe" "%L"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\warezq
eDonkey2000 Software Bundler
Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320154BB-D666-48F6-990E-172B32954620}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320154BB-D666-48F6-990E-172B32954620}\InProcServer32 C:\Program Files\eDonkey2000\plugins\ed2kie.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320154BB-D666-48F6-990E-172B32954620}\InProcServer32 ThreadingModel Both
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320154BB-D666-48F6-990E-172B32954620}\ProgID eD2KDownloadManager.object.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320154BB-D666-48F6-990E-172B32954620}\TypeLib {379919F2-1612-45B7-B9F4-773F6D5214F5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320154BB-D666-48F6-990E-172B32954620}\VersionIndependentProgID eD2KDownloadManager.object
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320154BB-D666-48F6-990E-172B32954620} eD2K downloadManager object
Detected Spyware Cookies
No spyware cookies were found during this scan.
Now when I RUN>> "cmd" and enter "netstat -a" there are only about 29 lines of info. But still, my download speed is about 35 kb/s! It should be here:
|
|
V
These images are from after the clean up.
I have also ran CWShredder (no results) and CleanUP! (no temp files etc left). I would appreciate any advice you can give me that would help improve my performance or clean up my act!