Azag

Great info donlysnk for those wary of running P2P and sharing files on it. I had come across a few security 3rd party add-ons for multiple P2P cleints but had not heard of PeerGuardian so I will check it out too thx. My only question is there any signifigant speed loss while running it and is there any connect related problems in your experience. And about Bearshares settings it was nice you pointed out the trusted users only setting which most people may glance over and might miss. I am not sure this helps alot but I am sure it doesn't hurt other than search results are usually lower when on but a small price to pay if you find the share/file you wanted besides if not check back later when other people are online and new/different file shares will be up for grabs. My most recent personal favorite used to be Bearshare, WinMX, and Limewire but now days for anything I find shit loads of files through an IRC search engine which monitors file shares. There are many good ones and some come and go but my favorite is http://www.ircspy.com for XDCC and F-Serve file shares they kick ass in my opinion. Them I just go to the channel link from search engine site with mIRC client and start leeching my download. It takes a little more time maybe a minute to type or cut paste things and startup mIRC but it's very reliable and IRC is the front line for the newest files especially warez like movies, music, apps, games, ebooks and other stuff. You will often even see movies and music for example there that is yet to be release in the sores or movie threater ect. to public and the files on IRC are more likely working full and real unlike some fakers on P2P as I sometimes find (but not to often fakes luckily.) Me likest the warez heheh even my OS is a warez copy and runs smooth as a virgin high school girls butt (*joke*) heheheh. Hey I'm poor right now and really I don't care what people think about ripped /cracked software and how wrong it is to steal/copy it because I'm evil and have no apologies to guilt about it. Feel free to flame me if you feel morally self-righteous about the subject I won't care or lose sleeep over it. ROFLMAO The RIAA and MPAA and other greedy moral dictating associations of like mind can just... SUCK IT !!! hehe Peace, Azag

Bearshare is a very stable and useful P2P still in my opinion and I like Limewire Pro alot too but Limewire seems to eat up my CPU and often lags me as well as eating RAM but if you have a fast computer and not as old as mine then should have no problem with any of the programs. But I will strongly suggest that you scan and clean the spyware out of your system with something like Spybot S&D and Ad-Ware but if you use Microsoft AntiSpyware Beta ber warned even if you are spyware free with Beasshare it will tell you otherwise since Microsoft blacklisted this program. I also suggest you download Bearshare Pro from the P@P once you run it and as always scan all things you download from P2P file shares with good AntiVirus software (a given.) Also if you aren't going tro upload and share your files then the chances of you getting busted are super small since they are after the people who share lots of movies, music, ms software ect. NOT the downloaders. And make sure you only set aside folders you are willing to share with the world and NOT your whole hard drive from RooT downwards also as mentioned about tax returns, social security numbers, Credit Cards, ect. NEVER store trhis type of stuff on an online PC if you need to do your tax returns online if you realling feel comfortable with that or want to purchase things online please for God's sake people delete all traces of such numbers and critical data from your PC when your done with specialty software made to clean such things like Evidence Eliminator or similar programs. I you don't identity theft credit card theft or other bad things may befall you in the future and especially if you inadvertantly get a smart worm or trojan/ RAT that searches for and leeches such damning information and sends it back to the worms owner. You don't want people trading your credit card or social security numbers for other peoples on IRC do you. I didn't thinkls so.... Please don't be paranoid about running a P2P program to download illegal or legal stuff because it doesn't matter if you use WinMX, Bit Torrent, Limewire, Beashare or andy others because they can find you if they want too and they monitor many many P2P programs and transfers of massive amountds of illegal stuff and defintitely have the means and personal to look for the people sharing lots of files with the masses. So unless the P2P you use is extremely uncommon with eery few members/users than jsutr figurew taht anyone is a potential target of MPAA and RIAA and governtment monitoring when they feel like it. If you really want to share many illegal files on popular P2P networks and are still paranoid then simply use proxies and change them often and eeven better proxy chains when possible but jsut remember to use high anonymous proxies or your just wasteing your time (hiding with transparent proxies from the authorities or other douchebags is like walking into the MPAA ofices with a paper bag over your head and saying, "hey I share bootleg movies but you you can't bust me becuse you can't find me." :haha: LOL Well I think you all get the point the ostrich with his head in the sand old wive's tale works too. So in summary it's a good program, check for spyware before and after installing all P2P programs and don't share to many illegal files at once or not at all and allows scan what you download from P2P before you run it (unless it's a .txt file lol ). Have fun just use safe common sense practices. And trust noone on P2P networks. Btw if you decide not to download it from the manufacturer's site I have some versions on my site including the cracked Pro version of Bearshare if you want. My links: url snipped by swimmer url snipped by swimmer Peace, Azag

A few questions first off for you. Are you on a wireless or wired to a router on this LAN. Second how many computers are attached to LAN and are they on-line at the same time or sometimes at least (downloading or surfing I mean.) There is a very remote chance that you have a bad router or modem but doubtful. I would definitely make sure you have the lastest firmware from manufacturer if on router for LAN regardless. Also what service pack is the Win XP on your PC (ie: SP1, SP1a, SP2 =yuck lol.) Next of course make sure you have done or do spyware/ad-ware scans and virus scans of PC or all PC(s) attached to LAN. Maybe your on a switch on the LAN dunno let us know and if so what brand and model. Setting you IPA to a specific static one should cause no problems so I greatly doubt this has any thing to do with it. Check wires to NICK card and router or switch if present to see they are seated tightly (obvious.) And run a check on router if accessable and look at all stats if you can post them. Also did you install any recent software or make some changes to OS or programs lately just before problems if so what or which ones. Check that some process(es) or running program(s) aren't hogging CPU time or RAM significantly if not needed and hogging them or there is way to many if you know they aren't needed then kill those processes. Post back the info run Hijack this to if still no dice or all else seems fine and post log of it. If all this doesn't seem to get you anywhere than call ISP and have them run a line test and if not or no problems are detected in line from their end to yours or they aren't having service problems or upgrading servers or system or there isn't a systems problem in your area than demand they send a service tech out to your house ASAP to troubleshoot problem and of coarse ask nicely. What is your systems parameters including those of the pc and what are your ISP's set bandwidth limits for your area, by the way. Hope all is remedied soon. Let us know what's up if anybody here can help. And good luck I will cross my fingers for you. Also, who the heck is your ISP ... since I seem to have missed that or have no clue since I can't find any info about it from your profile or your validation link for speed test Peace, Azag

I never personally tried it but have seen some seemly unbiased comparisons of AntiVirus software. In one particlar large recent test using 386,000 + sample viruses. Many popular AntiVirus solutions were compared.

I haven't yet used Norton Ghost myself but I must admit I have heard only good things about this product from a diversity of users and i gotta say it sounds good to me too. Well at least they make one good program I am willing to try it for myself soon as I download a working rip of it to go along with my hardly used version 2005 of Norton AntiVirus but I think we already know how I feel about their AV and Norton Internet (In)Security ... Thx for the review. Now to go download it in full. And helloimtim I got to agree with your statement, "Let me say I HATE HATE HATE nortons anti virus and security."

Norton and Security is an oxymoron I think while reading this thread I stubbed my brain because my ears are bleeding and I have a migraine now. My personal solution of choice would be to delete all traces of Symantec Norton from my system and try something else but that's just me...

Here are some free online scanners to try cleaning with: PCPitstop AntiVirus Online Scan: http://www.pcpitstop.com/antivirus/avload.asp Trend Micro's free online (Housecall) virus scanner: http://housecall.trendmicro.com/ Panda ActiveScan Online Virus Scan: http://www.pandasoftware.com/activescan/com/activescan_principal.htm BitDefender Free Online Virus Scan: http://www.bitdefender.com/scan/licence.php McAfee FreeScan: http://ts.mcafeehelp.com/freescan.asp There are more just can't think of other good ones right now... Here is some articles worth reading if you have time or any interest but I doubt they will help you much in the way of worm cleaning: http://www.theregister.co.uk/2005/04/15/im_worm_runs_amok/ http://www.reuters.com/newsArticle.jhtml?type=topNews&storyID=8192842 http://www.theregister.co.uk/2005/02/04/msn_messenger_bropia_worm/ Here is some manual details to disable to process or the worm in memory follow instructions on page or look for rougue process and terminate then shut down system restore if on then use your choice of any scanners to find and destroy any traces of worm. With some knowlege of what processes normal run on your sytem and some luck this might work...let's hope. Those online scans will take some time and patience but might pay off. Just don't delete any critical files of the OS or you might have problems if you haven't a way to get the backup files before rebooting. Hope your pc gets well soon. Peace, Azag

I agree with everything peepnklown said. I couldn't have said it better. Hardware firewalls are much better and I think most software firewalls I've tested are mostly alot of bells and whistles to lull the end-user into a sense of false security and make them believe it is doing something important/useful but many software firewalls can be killed, tunneled, DoS'd, flooded, exploited, ect. so don't think that your safe and secure cause your not. As for Microsoft's built-in firewall that is a simplistic gimmick and a total piece of crap and personally I wouldn't recommend it to anyone except my worst enemies.. But if you want a software firewall to add to ur hardware firewall then try Sygate Pro or Tiny Firewall if you must. I tend towards Tiny Firewall since it uses Snort rule sets or a rip of them anyway. Peace, Azag

I hate to bash most software companies but the truth hurts. I have tested and used many AV solutions and Symantec Norton not only sucks since it doesn't have enough virus definitions and misnames many non-volitale hacker tools as Backdoors or Trojans when they are not but that's not all... As I have said many times it will also intentionally fuck your system up if you have installed other competitors Anti-Virus solutions as well especially well know popular ones. To me this is unexceptable and borders on intentional savatage of ones OS and in some cases causes irreversible damge to OS which can lead to reformatting for some. Ironically they own a big chunk of the market share as an AV company and the true reason why is advertising not good programming that is tragic but sadly all to many people are suckers for ads and get sucked into their flock of followers including big companies who use this crap for "corperate security". If a corperation uses this piece of crap or any of Norton's other crappy products for security reasons they are friggin idiots and shouldn't be allowed to touch or be around any computers in my opinion any any consumers of these companies that do should take their business eleswhere if they have a brain cell. I do not base my harsh opinions lightly for any Norton devotees out there I have testes and used multiple versions of Symantec Norton products on the market including testing Norton AntiVirus 2005 and my opinions are based solely on my and others experience and not some news article or other biased aggenda. As much as Norton has shaped up slightly at the AV game they still in my opinion suck BIG TIME but if you must then judge for yourself and compare but be warned My current AV solutions in order of importance and quality are Kaspersky Anti-Virus Personal Pro v4.5.095, ESET NOD32 v2.12.2, AVP (AntiViral Toolkit Pro by Eugene Kaspersky for DOS) and F-Prot v3.16b.. Peace, Azag

Sorry to hear another person fell victim to this. Get rid of My Web Search Assistant I am pretty sure it's spyware/crapware. And read all the following links fully especially my posts. If you can or want to feel free to send me a copy of the MSN virus for my zoo (virus collection) in a WinRAR file if possible and password protected (again if possible) as I would like to study it in a safe environment. In any case you may want to try downloading and running a different Anti-Virus and Microsoft AntiSpyware Beta since it often finds other spyware/malware the other programs like Spybot Search & Destroy and Ad-Aware misses or leaves behind but don't get me wrong I use all those programs to and they are very good and useful. Please refer to these links for more in depth info to clean MSN Worm and set up a pro-active scanner integration into MSN IM so it won't happen in the future hopefully... Btw Norton sucks! http://www.2-spyware.com/file-agrsmmsg-exe.html https://testmy.net/forum/index.php?topic=4402.0 https://testmy.net/forum/index.php?topic=4852.0 Check back after all this and I wish you success in cleaning your system. Also you may install multiple Anti-Viruses but only use one as an active monitor and the other(s) as configured for manual scans only. More than one active monitor can cause major problems with several AV's especially with Norton's crappy software. Good luck. Peace, Azag

You have the Kelvir Worm there is no doubt as I have tried to worn people as I saw this was going to quickly escalate out of control. Even Reuter's IM went down and was infected for a while. See post for original MSN VIRUS ALERT!!! here: https://testmy.net/topic-4402;all The same thing happened to Gore here is a removal tool if will clean most variants of this worm but I'm sure new versions will arise soon it's inevitable Here is Symantec Norton link for removal tool: W32.Kelvir Removal Tool (FREE): http://www.sarc.com/avcenter/venc/data/w32.kelvir.removal.tool.html Sorry if you missed the older post about the MSN VIRUS ALERT!!! that is unfortunate because if more people read it I explained how to proactively avoid it and integrate an AV into MSN IM but alas some will miss my points made or maybe ignore it . Well look I DO NO about viruses, worms, trojans and malware as well as AntiVirus engines, ect. because I in fact collect them and learn to understand them. I hope I am not comming off as arrogant or sarcastic to anyone because this is not my intention but sorry if it appears that way to anyone. Anyhow here is excerpt from that other post as mentioned above: "Ok dunno if u ever cleaned it successfully or not but just so u know what it is your MSN worm was a newer nasty one and many variants are coming out of it as well. It appears to be based off SDBot variant (W32.SpyBot.Worm - name reference see Sophos) as far as I can tell which has been through many changes and add-ons with added exploits and spreading features for years and has gone through many versions as well as ripped off offshoots from ppl taking the source code and altering it to suite their needs or to be lame and act like they are 1337 like they made something new LOL some are just script kiddiots ROFLMAO Laughing Anyway should be detected by ESET NOD32 Anti-Virus as well as Trend Micro AV, Symantec Norton AV and I've heard Zone Alarm Security Suite (if u use it's AV ..which is generally pretty weak and not really a reliable enough Anti-Virus solution in my opinion ergo it's crap evil6) . Most AV w/ all most current updates should take care of this but I am posting this so everyone is aware that some newer variants will likely be missed in AV detections if they are custom encrypted or obfuscated in some variety of ways so be on the look out especially MSN Instant Messanger users or and IM user (probably) Idea here are some helpful links about it: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_KELVIR.N http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM%5FKELVIR%2EN&VSect=Sn Scroll to middle of forum page here same thing happened to this guy :and his friends: http://www.wilderssecurity.com/showthread.php?t=75510 You all can easily check for many W32.Kelvir Worm variants with a free tool from Symantec (as much as I hate Norton Symantec does make many useful FREEWARE removal tools provided u have any idea what your infected with Wink ) Anyway here is the link to W32.Kelvir Removal Tool (FREE): http://www.sarc.com/avcenter/venc/data/w32.kelvir.removal.tool.html Also people with MSN IM do this as stated in Wilders Security Forum so eloquently by Gauthreau, "In MSN 7.0 go to Tools -> Options -> File Transfer. Check the box that says "Scan files for viruses using:" Then click the browse button. You want to go to: "C:Program FilesESETnod32.exe" Conversely, if you have Nod32 installed to the same above directory, you can just copy and past the above directory to the MSN window (quotes included) then OK your way out." The same goes for whatever AV you may have installed in your system use same steps and put the scanner executable in the text box from Tools-->Options-->Messages (TAB)-->File Transfer-->CHECK THE BOX-->Browse (for Anti-Virus Scanner Module) or cut and paste it in (example for KAV v4.5.095 user: C:Program FilesKaspersky LabKaspersky Anti-Virus Personal ProAvp32.exe) -->Click OK (at bottom of Options)--> YOUR DONE!" Hope this helps since many people have put good info here to help you but unfortunately aren't sure what sort of infection or malware problem you have on your machine, You do not need to panic and reformat unless your paranoid, this is pointless and will just set you back more than likely. What is on your machine is positively the KELVIR WORM I would bet money on it if I wasn't currently broke. But I would assure you I am right and have been gathering intel on this worm since it infected Gore until now. BTW check out my site if you wish for some Anti-Virus and Anti-Spyware solutions here is a link for my site but I will suggest you stay in this section unless you want to infect yourself with more real viruses that I use to test AVs out with url snipped by swimmer Good luck and let us know if you get it fixed or still need help fixing this nasty worm. Peace, Azag

xyther4523 good ideas an thoughtful on how ppl can elevate privileges and crack passwords to get in luckily most ppl aren't that smart and don't try much more than a simple port scan. I'm glad you test your skills and attempt to hack test box instead of mine. Luckily I beefed it up with Anti- DoS or DDoS attacks which I don't personally count as hacking in and of itself since the process is to easy most of the time as there are many automateds DoS and DDoS tools out there. As for SYN floods I would count them as possible DoS attacks when excessive not to discredit what .s1 said as he has some good insight as well from what I've read and created this great thread too. Also don't forget about custom crafted packets as a means of attack. But .s1 is right most people will never need a firewall and are not in anyway much more vulnerable than those who use software firewalls since for all their bells and whistles they are more hype than a real useful utility and when reporting hack or port scan attempts to the attackers ISP or yours your message is most likely ignored since most attempts are neither invasive or harmful and most users will misread or misunderstand the type of attempt or it's severity (which is most of the time quite minimal and should just be ignored). If you have a server than it's a good idea to have a firewall but much better to have a hardware firewall since software firewalls are mostly hype and not protection as I said. I personally have hardened my system since I am more vulnerable than the average internet surfer but find being behind a NAT box is enough without software firewall crap and I turn off NETBIOS and tweak registry against DoS and DDoS attacks (ever since multiple SYN floods on me lol although SYN packets as with many others do have legitimate uses most often.) SYN packets are good until you have hundreds or thousands per second comming at your connection LOL ...then not so much. I would also say what most people need MUCH more than a firewall is 2 or more Anti-Spyware apps as this is the typical problem and of course an Anti-Virus solution or 2. Supposedly 1 in 3 computers are infected with spyware as I recall ...but sadly I can't quote the source but it sounds about right from what I have seen on other's computers when cleaning that type of crapware or maleware out. Needless to say even if the figure is wrong it does happen alot (referring to spyware/ad-ware infection) and many average users don't have a clue that something from surfing or how ever penetrated their system without their knowledge. Alot of great points and ideas about hackers, hacking and security on this thread by the way. Nice job all. Peace, Azag

Well at least this thread produced a very insightful discussion and all because of some lamer hacker wannbe. Actually this topic took a surprisingly technical twist considering the idiot we are laughing at . Btw thanks for useful info knightshade43 and zs (although not news to me it was informative.) It just goes to show you no matter if your a black hat or white hat or neither it is always best to know about both sides of the coin, which is not a view shared by security expert/white hats or AV researchers (note: AV ppl collect viruses but say no one else can and only share with the inner sphere of pro researchers in big companies... friggin' hypocrits ). I was interested in the fact you brought up passive OS identification (or server ID) tools, I get to see this alot lately on my server because of netcraft.com comes by due to a few users checking me out or trying to in vain anyway with the sites online tool called What's That Site Running. Sadly I have alot of these tools including: p0f, ID Serve, Archaeopteryx v1.0, N-Stalker, netcat, nmap (many versions), and a to many others to name probably a few dozen tools with this particular capability and yet as so far none can figure out the server I run (so far..) . Well anyway here is my ID Serve for laughs: Initiating server query ... Looking up IP address for domain: vxchaos.no-ip.org The IP address for the domain is: x.x.x.x Connecting to the server on standard HTTP port: 80 [Connected] Requesting the server's default page. The server returned the following response headers: HTTP/1.1 200 OK Content-Type: text/html Content-Range: bytes 0-4245/4246 Content-Length: 4246 Accept-Ranges: bytes Content-Encoding: gzip The server's response did not contain the expected 'Server:' header to identify itself. Therefore, server's identity can not be determined. Query complete. I am also surprised after 100 passes or so over 20-30 days Netcraft.com doesn't even know what operating system I am on I think they're slacking a little or something nowadays hehe. Peace, Azag

:haha: Ditto to exactly what php said. He summed it up nicely. I would add that, children as stupid as that hacker er um I mean moron is, should be smothered at birth or aborted lol. OKay that may sound extreme but I don't have patience when it comes to drooling morons like bitchchecker and I think killing off stupid people is a reasonable form of population control. Sorry if this offends anyone but I like my idea and an over-population problem for the planet is on the horizon if nature doesn't take care of it with a large plague or some big natural disasters to clean house. Alright, I admit I do have a social problem ... when it comes to stupid pplz. It is fortunate in this case this idiot bitch-hacker =p is already stupid enough to destroy himself it would seem. I hope he hurries up or maybe someone helps him along to that end...

Like in the previous post as said b4 "you wont get the same speeds wireless as wired." Very true. And yes I would remove all cordless phones and microwaves and cellphones and even am/fm radio receivers ect. out of that room and no where near it when online. That can make a big differance but if it messes u up because you miight forget than power cycle/turn (off for 90 seconds then back on) your modem and router or at least router really. I have seen my speed drop from 3.5Mbps to 200Kbps from a simple cellphone call ten feet from wireless router antennae on my pc so it does happen. Anything giving off RF noise can effect your signal or anything in path of signal blocking it. I myself am wireless and speedtest at 3Mbps to 3.7Mbps on speedtests here but my real download speeds when downloading a big file are much better in real life actually about 5.1Mbps is average for downloads over 1MB. And my upload tests here arew about 350Kbps to 390Kbps but in real life and on tests from .edu sites they are 2.3Mbps to 2.8Mbps (no lie I can provide screen shots as proof ). As for Van Burens tweaks they helped me just fine and I retweaked them with custom cable nut setting of my own but they were good spring boards to start from. Trial and error is the best test for twaeking but always back up old settings of coarse . Btw I'm on cable and your on DSL obviously so tweaking is a little different and I tend to benefit alot more because cable tweaking works were as DSL tweaking doesn't usually take u as far. But anyway you said ur 10 feet away and I am about 120 feet to 150 feet away from my router which has to go through a brick wall (3' and thick old windows 2 inches as well as my window which is thinner and has a few big white pines in the path between and I get 3.1Mbps about average on a 5000/384 package lol not to shabby heheh. Also dopn't forget to upgrade ur routers firmware and your wireless antennae drivers for remote PC, as this could be a big benefit to stablity of connect and speed too! Good luck. Hope it stays back to normal for you.

Ok dunno if u ever cleaned it successly or not but just so u know what it is your MSN worm was a newer nasty one and many variants are coming out of it as well. It appears to be based off SDBot variant (W32.SpyBot.Worm - name reference see Sophos) as far as I can tell which has been through many changes and add-ons with added exploits and spreading features for years and has gone through many versions as well as ripped off offshoots from ppl taking the source code and altering it to suite their needs or to be lame and act like they are 1337 like they made something new LOL some are just script kiddiots ROFLMAO Anyway should be detected by ESET NOD32 Anti-Virus as well as Trend Micro AV, Symantec Norton AV and I've heard Zone Alarm Security Suite (if u use it's AV ..which is generally pretty weak and not really a reliable enough Anti-Virus solution in my opinion ergo it's crap ) . Most AV w/ all most current updates should take care of this but I am posting this so everyone is aware that some newer variants will likely be missed in AV detections if they are custom encrypted or obfuscated in some variety of ways so be on the look out especially MSN Instant Messanger users or and IM user (probably) here are some helpful links about it: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_KELVIR.N http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM%5FKELVIR%2EN&VSect=Sn Scroll to middle of forum page here same thing happened to this guy :oand his friends: http://www.wilderssecurity.com/showthread.php?t=75510 You all can easily check for many W32.Kelvir Worm variants with a free tool from Symantec (as much as I hate Norton Symantec does make many useful FREEWARE removal tools provided u have any idea what ur infected with ) Anyway here is the link to W32.Kelvir Removal Tool (FREE): http://www.sarc.com/avcenter/venc/data/w32.kelvir.removal.tool.html Also ppl with MSN IM do this as stated in Wilders Security Forum so eloquently by Gauthreau, "In MSN 7.0 go to Tools -> Options -> File Transfer. Check the box that says "Scan files for viruses using:" Then click the browse button. You want to go to: "C:Program FilesESETnod32.exe" Conversely, if you have Nod32 installed to the same above directory, you can just copy and past the above directory to the MSN window (quotes included) then OK your way out." The same goes for whatever AV you may have installed in ur system use same steps and put the scanner executable in the text box from Tools-->Options-->Messages (TAB)-->File Transfer-->CHECK THE BOX-->Browse (for AntiVrus Scanner Module) or cut and paste it in (example for KAV v4.5.095 user: C:Program FilesKaspersky LabKaspersky Anti-Virus Personal ProAvp32.exe) -->Click OK (at bottom of Options)--> YOUR DONE! I hope that Gore is no longer infected and didn't have to reinstall OS as that would suck big time . But as I said this is more to alert ppl in general before they get caught with their pants down so to speak like some of the other unfortunate victims. Hope someone benefits from some info here. And happy speed testing all. L8rz Peace, Azag Don't forget to check out url snipped by swimmer My site has Free Anti-Viruses, Anti-Spyware and other tools currently serving 5185 files and all for free !

Almost forgot if u try installing another Anti-Virus solution with active monitoring then you will need to uninstall Norton AV 1st as it has issue with other AV's especially with active monitoring turned on be warned this is an issue they point out whenever u try to install thenm with another AV already there (to opposite is also true) they by design or on purpose will f*ck up ppls systems stablitiy as well as worse results as I have been witness to see Symantec Norton's release notes about issues or their web site. This is very much an ongoing problem and a particular reason (though I can name many others lol), that I loathe Norton AV (also they need more virus defintions). The bottom line is they don't play nice with others and they don't care what u or I think but that's another story. Azag

Sounds like a trojan or really mean spyware. I think something is creating a process at startup or is embedded into a common process in memory (if not starting it's own process). Scan all running processes that u see in task manager (if u see something u don't recognize there that might be the thing that infected u). Use START--> Search-->Search-->For Files or Folders...--> "any name of process in task manager" Scan them all online here: http://virusscan.jotti.org/ or http://www.virustotal.com/flash/index_en.html (Best to try both...) If that finds nothing and u still are stumped try Microsoft AntiSpyware v1.0Beta or a better Anti-Virus manufacturer such as Kaspersky Anti-Virus Personal Pro v4.9.095 (really v4.9.094 but after updates number changes) or ESET NOD32 Anti-Virus (do all updates for whatever alternate AV engine you choose... for Kaspersky use upadates_x [see site for details if u don't know about special bases]). When/if u find something in a scan backup in quarentine if possible DON'T DELETE WINDOWS system processes or anything critical to operations and before u go to fix/clean a vx or malware turn off system restore (if on) then clean/fix in SAFE MODE then reboot then rescan and if your clean turn back on System Restore maybe reboot again if u want...and then ur in the clear for now Also if u installed some software recently just before this problem ocurred might wanna try uninstalling it (if u found no infect or spyware problems.) Here is my sight if u need to try some other anti-spyware or Anti-Virus just scroll through and find what u might need or try manufacturers sites if u wish. url snipped by swimmer Hope this helps and yes a HijackThis log cut and paste here might help too, but do scans with other tools or online av's if u can it's highly recommended IMHO . Peace and good luck,, Azag My site:http://vxchaos.no-ip.org

I case anybody didn't notice, and this may come as a surprise to some but there are also 1TB FREE webmail accounts. No it's not a miss print I really mean 1 TeraByte ! Not that anyone really needs this but here is one example... http://www.hriders.com/create_account.cfm No kidding a motorcycle riders page is giving away Free 1Terbyte mail accounts sign up if u like or don't as I am in no way affiliated with them or anyone linked to them I don't care Do a little google searching to there may be others I remember coming across a 1000GB or something close on a MAC OS fansite or forum webpage that was also free but can' remeber or find the details and I looked around becuase I saved the link but it will take some searching with 3 hard drives ..wish me luck On the downside of my hriders.com account has some issues with logins to view my damn mail since I have server type software as it would seem to be the culprit.. perhaps...?

1st off if u know what the name of the file is that was downloaded to ur computer please post any info u have. As u may not next download a trial version of Kaspersky Anti-Virus Personal Pro from http://www.kaspersky.com or my site for free if u want it has been multi-AV scanned and is clean I personally guarantee it but if u want to use a Mult-Antivirus scan for FREE online I suggest http://virusscan.jotti.org/ or http://www.virustotal.com/flash/index_en.html both are very good but the 1st one I spoke of is more reliable . Now the down side of these sites is they only scan 1 file at a time which u have to upload but it's very convenient if do know the file that was downloaded from IM link sent to u as u are alreadsy infected and it is obviously not a massively destrcuctive virus (deleting files recursively as u wouldnt be posting any more until reformat if it were ), I might than suggest that u try downloading the trojandownloader or trojan or keylogger again and watch the status bar as it downloads for file name but this is NOT really suggested but will probably do nothing if file was already insatlled b4 obviously do to the fact that many have a mutex check for a key word hidden within the trojan/worm, this (sounds like a worm mass mailer as u described it) checks the system to see if already infected if a well written worm/trojan then it won't reinfect since it will check if it is already there in ur system. Also by the way WARN ur friends ASAP that they should DELETE all attchements from u mailed to them or from other sources for a while to avoid spreading this pest to others and pisasing them off thinking u did it on purpose. You can download Kaspersky Anti-Virus Personal Pro v4.5.0.94 FULL from my site at url snipped by swimmer url snipped by swimmer I don't suggest u use the newer version v5 as it isn't as good and some ppl have had issues and problems When ur ready to clean if u know/find the virus/worm/trojan name or after u installed AV than turn off system restore if u have it --> reboot into safe mode as (mentioned in previous post) --> Scan entire system or at the very least all WinDir (ex: C:WINDOWS) --> fix or clean all infected files and use quarentine if they are Windows system critcal files 1st b4 fixing/disinfecting. After cleaning system and rescanning to be sure then reboot and rescan then if clean and safe then u may turn system restore back on. Free Online scans and free cleaners that u can use to scan free (but probably not in safe mode?) http://housecall.trendmicro.com/ (trendmicro av online full system scan if u want slow but worht the time) http://www.kaspersky.com/scanforvirus (kaspersky free online scan 1 file at a time ) http://www.avast.com/eng/avast_cleaner.html (avast av free cleaner download) http://vxchaos.no-ip.org/WaRez-Appz-n-Anti-Viruses/ (No direct link downloads) F-Prot Antivirus for DOS v3.16a.zip http://skaner.mks.com.pl/ (mks_vir free online av scanner) http://www.nod32.com/download/trial.htm (NOD32 trials free eval donloads) http://www.norman.com/Virus/Virus_removal_tools/en-us (Norman Anti-Virus free av tools - individual virus cleaners) If ur knowledgeable and industriopus kill rougue or unknown fishy looking processes in taste manager first and u mihgt want to use Spybot Search and Destroy and Microsoft AntiSpyware v1.0beta and maybe Ad-Aware SE and HijackThis and post ur output from HijackThis log to this forum or their's 1st if u are scared to proceed or unsure of what to do ect.. Ok hope u have sucess cleaning ur system without Windows reinstall and if u have more info or question post back. I cleaned many unknown or new 0-day or NOSend viruses/worms/trojans from the wild and elsewher, and am very knowledgable at halting and cleaning them sucessfully as I do collect and test alot of shady software. If u need help off forum feel free to email me too. Good luck and good hunting too you. vxchaos-at-gmail.com (NOSPAM Please Peace, Azag

To my own and probably others surprise, I found out of all the browsers I use and I have many for testing web site compatibility issues and such, I have found Maxthon to be the fastest for speed testing here at testmy.net and other speed test sites. The startup is a little slow when being it but when browsing or speedtest or chenaging between sites it is definitely fastest and very obviously. It is tabbed also this is good but a slight disadvantage for me as I have to many favorites in my list(s) and should put them buy individual letter rather than the groups they are in now as it goes way off screen for me in most groups lol. 10000+ is to many favorites I know but I like a lot of sites and go back to them mostly I do still like FireFox and am using it right now. It used to be faster than IE dunno what happened but about 2months ago +/- ...but lno longer, now IE is faster but still not as secure . Unlike Firefox or IE, Maxthon does not scroll favorites down but tabs out to right side (at least I can find no setting to change this so far) and goes off my screen most of time depending on group:( Of course these are my opinions and observations only

Sorry for bad link u need to go manual from site and scroll down sorry Goto: url snipped by swimmer

My real download throughput pic: [url snipped by swimmer Not a fluck since this happens often when i connect to fast servers and no I didn't photoshop it being that I never took the time to get good at using photoshop or any photo manipulaion tools for that matter but believe what u want if your skeptical

1. Your Tweakable Settings: Receive Window (RWIN): 8192000 Window Scaling: 7 Path MTU Discovery: ON RFC1323 Window Scaling: ON RFC1323 Time Stamping: OFF Selective Acks: ON MSS requested: 1460 TTL: (less any hops behind firewall) 59 TTL remaining: 49 2. Test 146000 byte download Actual data bytes sent: 146000 Actual data packets: 100 Max packet sent (MTU): 1500 Max packet recd (MTU): 1500 Retransmitted data packets: 0 sacks you sent: 0 pushed data pkts: 1 data transmit time: 0.348 secs our max idletime: 33.1 ms transfer rate: 202233 bytes/sec transfer rate: 1617 kbits/sec This is not a speed test! transfer efficiency: 100% 3. ICMP (ping) check Minimum ping: 20 ms Maximum ping: 30 ms Ping stability: 20 20 20 20 25 20 20 20 30 20 Notes and recommendations: Choose RWIN between 48180 and 125560 (FAQ #586) download/use DRTCP .. (FAQ #578) Read the tweak FAQ Notes and recommendations: Good data stream (no/few rexmits) Notes and recommendations: Looking good Still stuck? copy/paste this url: http://ttester.broadbandreports.com/tweak/block:44e47e9?service=wireless&speed=5000&os=winXP&via=normal if you are seeking forum advice. DO NOT COPY PASTE THE PAGE, JUST THE URL ABOVE. (and please don't forget to explain what you've got, cable, DSL, speed it should be etc)

Checking for Middleboxes . . . . . . . . . . . . . . . . . . Done running 10s outbound test (client to server) . . . . . 1.97Mb/s running 10s inbound test (server to client) . . . . . . 3.21Mb/s Server Fault! Please re-run test. Information: Other network traffic is congesting the link SpeedTest from: http://speedtest.umflint.edu/ WEB100 Kernel Variables: Client: localhost/127.0.0.1 AckPktsIn: 1401 AckPktsOut: 0 BytesRetrans: 1460 CongestionSignals: 1 CountRTT: 1353 CurrentCwnd: 71540 CurrentMSS: 1460 CurrentRTO: 360 CurrentRwinRcvd: 8192000 CurrentRwinSent: 5840 CurrentSsthresh: 33580 DSACKDups: 0 DataBytesIn: 0 DataBytesOut: 4032520 DataPktsIn: 0 DataPktsOut: 2762 DupAcksIn: 47 ECNEnabled: 0 FastRetran: 1 MaxCwnd: 71540 MaxMSS: 1460 MaxRTO: 390 MaxRTT: 210 MaxRwinRcvd: 8192000 MaxRwinSent: 5840 MaxSsthresh: 52560 MinMSS: 1460 MinRTO: 270 MinRTT: 70 MinRwinRcvd: 64000 MinRwinSent: 5840 NagleEnabled: 1 PktsIn: 1401 PktsOut: 2762 PktsRetrans: 1 Rcvbuf: 128000 SACKEnabled: 3 SACKsRcvd: 47 SmoothedRTT: 160 Sndbuf: 128000 SndLimTimeRwin: 0 SndLimTimeCwnd: 10079046 SndLimTimeSender: 8987 SndLimTransRwin: 0 SndLimTransCwnd: 1 SndLimTransSender: 1 SndLimBytesRwin: 0 SndLimBytesCwnd: 4032520 SndLimBytesSender: 0 SumRTT: 184270 Timeouts: 0 TimestampsEnabled: 0 WinScaleRcvd: 7 WinScaleSent: 7 DupAcksOut: 0 StartTime: 2147483647 CurrTime: 10095164 c2sData: -1 c2sAck: -1 s2cData: 6 s2cAck: 3 Checking for mismatch condition (cwndtime > .3) [0.99>.3], (MaxSsthresh > 0) [52560>0], (PktsRetrans/sec > 2) [0.10>2], (estimate > 2) [81.78>2] Checking for mismatch on uplink (speed > 50 [3.19>50], (xmitspeed < 5) [1.97<5] (rwintime > .9) [0>.9], (loss < .01) [1.0E<.01] Checking for excessive errors condition (loss/sec > .15) [1.0E>.15], (cwndtime > .6) [0.99>.6], (loss < .01) [1.0E<.01], (MaxSsthresh > 0) [52560>0] Checking for 10 Mbps link (speed < 9.5) [3.19<9.5], (speed > 3.0) [3.19>3.0] (xmitspeed < 9.5) [1.97<9.5] (loss < .01) [1.0E<.01], (link > 0) [10>0] Checking for Wireless link (sendtime = 0) [8.90=0], (speed < 5) [3.19<5] (Estimate > 50 [81.78>50], (Rwintime > 90) [0>.90] (RwinTrans/CwndTrans = 1) [0/1=1], (link > 0) [10>0] Checking for DSL/Cable Modem link (speed < 2) [3.19<2], (SndLimTransSender = 0) [1=0] (SendTime = 0) [8.908575140465936E-4=0], (link > 0) [10>0] Checking for half-duplex condition (rwintime > .95) [0>.95], (RwinTrans/sec > 30) [0>30], (SenderTrans/sec > 30) [0.10>30], OR (link <= 10) [10<=10] Checking for congestion (cwndtime > .02) [0.99>.02], (mismatch = 0) [0=0] (MaxSsthresh > 0) [52560>0] bw = 81.78 based on packet size = 11Kbits, RTT = 136.19msec, and loss = 1.0E-6 The theoretical network limit is 81.78 Mbps The transmit buffer (125.0 KByte) limits the application to 7.17 Mbps Your receive buffer (8000.0 KByte) limits the application to 458.90 Mbps The network based flow control limits the application to 4.00 Mbps Client Data reports link is 'System Fault', Client Acks report link is 'System Fault' Server Data reports link is 'OC-12', Server Acks report link is 'Ethernet' WEB100 Enabled Statistics: Checking for Middleboxes . . . . . . . . . . . . . . . . . . Done running 10s outbound test (client to server) . . . . . 1.97Mb/s running 10s inbound test (server to client) . . . . . . 3.21Mb/s ------ Client System Details ------ OS data: Name = Windows XP, Architecture = x86, Version = 5.1 Java data: Vendor = Sun Microsystems Inc., Version = 1.5.0_01 ------ Web100 Detailed Analysis ------ Interprocess communications failed, unknown link type. Link set to Half Duplex mode Information: throughput is limited by other network traffic. Good network cable(s) found Normal duplex operation found. Web100 reports the Round trip time = 136.19 msec; the Packet size = 1460 Bytes; and There were 1 packets retransmitted, 47 duplicate acks received, and 47 SACK blocks received The connection was idle 0 seconds (0%) of the time This connection is network limited 99.91% of the time. Contact your local network administrator to report a network problem Web100 reports TCP negotiated the optional Performance Settings to: RFC 2018 Selective Acknowledgment: ON RFC 896 Nagle Algorithm: ON RFC 3168 Explicit Congestion Notification: OFF RFC 1323 Time Stamping: OFF RFC 1323 Window Scaling: ON Packet size is preserved End-to-End Server IP addresses are preserved End-to-End Information: Network Address Translation (NAT) box is modifying the Client's IP address Server says [204.*.*.*] but Client says [192.168.1.100] My download isn't that great I admit but the Upload kickz and this is typical for any of the big .edu/university tests I run almost daily I can't complain..