View Full Version : Help me tweak my broadband
hi,
Help me tweak my broadband connection, located here in the philippines.
My speed test from www.speedtest.net:
http://www.speedtest.net/result/226262297.png (http://www.speedtest.net)
My tcp analyzer:
« SpeedGuide.net TCP Analyzer Results »
Tested on: 01.24.2008 22:29
IP address: 222.127.xxx.x
TCP options string: 0204054801010402
MSS: 1352
MTU: 1392
TCP Window: 65535 (NOT multiple of MSS)
RWIN Scaling: 0
Unscaled RWIN : 65535
Reccomended RWINs: 64896, 129792, 259584, 519168
BDP limit (200ms): 2621kbps (328KBytes/s)
BDP limit (500ms): 1049kbps (131KBytes/s)
MTU Discovery: ON
TTL: 108
Timestamps: OFF
SACKs: ON
IP ToS: 00000000 (0)
trogers
01-24-08, 10:34 PM
First send a private message to doomsweek of this thread and ask him where to get the latest firmware for your Prolink:
http://forums.speedguide.net/showthread.php?t=236208
thanks... i'll PM him now.
ok, check on the net and on the website of prolink, my modems firmware is up to date..
trogers
01-25-08, 11:43 AM
Try the following with TCP Optimizer:
General Settings tab:
Custom settings - check
Modify All Network Adapters - check
network adapter selection - your NIC
MTU 1392
TTL - 64
TCP Receive Window - 32448
MTU Discovery - Yes
Black Hole Detect - No
Selective Acks - Yes
Max Duplicate ACKs - 2
TCP 1323 Options:
Windows Scaling - uncheck
Timestamps - uncheck
Advanced Settings tab:
Max Connections per Server - 10
Max Connections per 1.0 Server - 10
LocalPriority - 1
Host Priority - 1
DNSPriority - 1
NetbtPriority - 1
Lan Browsing speedup - optimized
QoS: NonBestEffortLimit - 0
ToS: DisableUserTOSSetting - 0
ToS: DefaultTOSValue - 80
MaxNegativeCacheTtl - 0
NetFailureCacheTime - 0
NegativeSOACache Time - 0
LAN Request Buffer Size - 32768
Then select "Apply Changes" and reboot to take effect
Sorry for the delay of my reply, I was out of town.
By the way, applied the settings and here the result:
From TCP analyzer:
« SpeedGuide.net TCP Analyzer Results »
Tested on: 01.28.2008 03:48
IP address: 222.127.xxx.x
TCP options string: 0204054801010402
MSS: 1352
MTU: 1392
TCP Window: 65535 (NOT multiple of MSS)
RWIN Scaling: 0
Unscaled RWIN : 65535
Reccomended RWINs: 64896, 129792, 259584, 519168
BDP limit (200ms): 2621kbps (328KBytes/s)
BDP limit (500ms): 1049kbps (131KBytes/s)
MTU Discovery: ON
TTL: 44
Timestamps: OFF
SACKs: ON
IP ToS: 01010000 (80)
Precedence: 010 (immediate)
Delay: 1 (low delay)
Throughput: 0 (normal throughput)
Reliability: 0 (normal reliability)
Cost: 0 (normal cost)
Check bit: 0 (correct)
DiffServ: AF22 010100 (20) - Assured Forwarding class 2, medium drop precedence (RFC 2597).
And from speedtest:
http://www.speedtest.net/result/227424680.png (http://www.speedtest.net)
trogers
01-28-08, 04:43 AM
Run my settings again. When done correctly, TCP Window should become 32448.
OK, done.
Here's the result from speedtest.net:
http://www.speedtest.net/result/227515747.png (http://www.speedtest.net)
From TCP Analyzer:
« SpeedGuide.net TCP Analyzer Results »
Tested on: 01.28.2008 10:11
IP address: 222.127.xxx.x
TCP options string: 0204054801010402
MSS: 1352
MTU: 1392
TCP Window: 32448 (multiple of MSS)
RWIN Scaling: 0
Unscaled RWIN : 32448
Reccomended RWINs: 64896, 129792, 259584, 519168
BDP limit (200ms): 1298kbps (162KBytes/s)
BDP limit (500ms): 519kbps (65KBytes/s)
MTU Discovery: ON
TTL: 44
Timestamps: OFF
SACKs: ON
IP ToS: 01010000 (80)
Precedence: 010 (immediate)
Delay: 1 (low delay)
Throughput: 0 (normal throughput)
Reliability: 0 (normal reliability)
Cost: 0 (normal cost)
Check bit: 0 (correct)
DiffServ: AF22 010100 (20) - Assured Forwarding class 2, medium drop precedence (RFC 2597).
And this is my second test result from www.speedtest.net:
http://www.speedtest.net/result/227519141.png (http://www.speedtest.net)
And by the way i had a 384 kbps plan...
trogers
01-28-08, 08:56 PM
Do a tracert to www.yahoo.com and post.
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\Administrator>tracert www.yahoo.com
Tracing route to www.yahoo-ht3.akadns.net [209.131.36.158]
over a maximum of 30 hops:
1 <1 ms 1 ms 1 ms 192.168.1.1
2 16 ms 17 ms 17 ms 222.127.239.1
3 18 ms 17 ms 17 ms 222.127.228.33
4 168 ms 169 ms 171 ms 124.6.148.229
5 218 ms 219 ms 221 ms so-1-2-0.gw4.mnl1.asianetcom.net [203.192.188.13
]
6 254 ms 255 ms 255 ms po1-0-0.cr1.nrt1.asianetcom.net [202.147.24.214]
7 372 ms * 372 ms po1-0.gw1.sjc1.asianetcom.net [202.147.50.133]
8 384 ms 385 ms 424 ms PAT1.SJC.yahoo.com [206.223.116.150]
9 371 ms 383 ms 385 ms g-0-0-0-p170.msr2.sp1.yahoo.com [216.115.107.81]
10 386 ms 379 ms 389 ms te-9-1.bas-a1.sp1.yahoo.com [209.131.32.21]
11 * 386 ms 387 ms f1.www.vip.sp1.yahoo.com [209.131.36.158]
Trace complete.
trogers
01-29-08, 09:34 PM
Post your Hijackthis log:
http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:29:35 PM, on 1/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LClock\LClock.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\$ISR\$APP\ISRMonitor.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\$ISR\0\ISRService.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\PROGRA~1\MOZILL~2\FIREFOX.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Most Wanted Edition Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ISR_MONITOR] C:\$ISR\$APP\ISRMonitor.exe
O4 - HKUS\S-1-5-19\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5587603-473B-42D9-AD07-389843689CE0}: NameServer = 208.67.222.222,203.177.255.10,208.67.222.220,203.177.255.11
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FirstDefense-ISR Service (ISRService) - Horizon DataSys Corporation - C:\$ISR\0\ISRService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - Unknown owner - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe (file missing)
--
End of file - 6776 bytes
trogers
01-30-08, 02:01 AM
Uninstall Free Download Manager and clean your registry. Reboot and check to see if
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE')
is still present in your log. It is now present 4 times.
There is a conflict on DNS server. There should only be a set of 2 IP addresses: 208.67.222.222 and 208.67.222.220 as a set which belongs to OpenDNS, and 203.177.255.10 and 203.177.255.11 which probably belongs to your ISP. Use one set or the other. Not both.
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5587603-473B-42D9-AD07-389843689CE0}: NameServer = 208.67.222.222,203.177.255.10,208.67.222.220,203.177.255.11
"Uninstall Free Download Manager"
So you mean i'm going to uninstall DFM and not using it anymore?
trogers
01-30-08, 02:08 AM
"Uninstall Free Download Manager"
So you mean i'm going to uninstall DFM and not using it anymore?
Yes. Your uTorrent program can also do the job of this DFM.
ok, i'm going to do it right now.
and what am i going to post? the tcp analyzer or the speedtest?
trogers
01-30-08, 02:17 AM
ok, i'm going to do it right now.
and what am i going to post? the tcp analyzer or the speedtest?
Post both.
TCP Analyzer:
« SpeedGuide.net TCP Analyzer Results »
Tested on: 01.30.2008 02:28
IP address: 222.127.xxx.x
TCP options string: 0204054801010402
MSS: 1352
MTU: 1392
TCP Window: 32448 (multiple of MSS)
RWIN Scaling: 0
Unscaled RWIN : 32448
Reccomended RWINs: 64896, 129792, 259584, 519168
BDP limit (200ms): 1298kbps (162KBytes/s)
BDP limit (500ms): 519kbps (65KBytes/s)
MTU Discovery: ON
TTL: 44
Timestamps: OFF
SACKs: ON
IP ToS: 01010000 (80)
Precedence: 010 (immediate)
Delay: 1 (low delay)
Throughput: 0 (normal throughput)
Reliability: 0 (normal reliability)
Cost: 0 (normal cost)
Check bit: 0 (correct)
DiffServ: AF22 010100 (20) - Assured Forwarding class 2, medium drop precedence (RFC 2597).
Speedtest:
http://www.speedtest.net/result/228231680.png (http://www.speedtest.net)
trogers
01-30-08, 04:42 AM
Post your Hijackthis log.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:19:52 AM, on 1/31/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LClock\LClock.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\$ISR\$APP\ISRMonitor.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\$ISR\0\ISRService.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Most Wanted Edition Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ISR_MONITOR] C:\$ISR\$APP\ISRMonitor.exe
O4 - HKUS\S-1-5-19\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5587603-473B-42D9-AD07-389843689CE0}: NameServer = 208.67.222.222,208.67.222.220
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FirstDefense-ISR Service (ISRService) - Horizon DataSys Corporation - C:\$ISR\0\ISRService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - Unknown owner - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe (file missing)
--
End of file - 6146 bytes
trogers
01-30-08, 07:42 PM
O4 - HKUS\S-1-5-19\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
Skype phone may affect wireless signals, depending on its operating frequency.
Free Download Manager is still present.
The syssetub.dll is present 4 times. I do not know if it is part of GoogleTalk or FDM.
ok, i already run a system registry cleaner using easy cleaner. and what i cant understand is that, google talk, FDM, skype and others that i already uninstalled are still present even if i alreayd run a registry cleaned?
do you have any recommendation what kind of registry cleaner should i used?
trogers
01-30-08, 11:49 PM
ok, i already run a system registry cleaner using easy cleaner. and what i cant understand is that, google talk, FDM, skype and others that i already uninstalled are still present even if i alreayd run a registry cleaned?
do you have any recommendation what kind of registry cleaner should i used?
Try using Hijackthis to remove them. Another free cleaner is Regseeker.
vBulletin® v3.7.3, Copyright ©2000-2008, Jelsoft Enterprises Ltd.