TechSpot

WiFi connection speed mysteriously reduced ever since anti-hijack tinkering...

By GeorgieBoy
Oct 10, 2007
Topic Status:
Not open for further replies.
  1. I have a Dell Desktop running XP, connected to my home wireless network with a Linksys Wireless G USB adaptor. My network has WEP security enabled. I've never had any problems as far as the network goes (except on occasion when the cable internet service goes out).

    My system recently had a rootkit that was causing a variety of issues, not the least of which was Internet Explorer 6 not working properly and evidence of diversion of my browser to adware sites, etc. At the same time I noticed these problems and began tinkering, I found that my WiFi network connection speed was slower than normal, according to the connection status. It was and continues to show as 18 Mbps - 24 Mbps. It's not clear whether this was due to the "infection" or to a setting getting messed up during the initial attempts to figure out what was going wrong.

    I just got through disinfecting the system (with a great deal of help from one of the members of this site). See here if interested in the details, with many logs, etc: http://www.techspot.com/vb/topic88712.html

    What is very strange is that I have two other computers in the same room, on the same network, and they were showing and continue to show the normal WiFi speed I get: 54 Mbps. There is clearly nothing wrong with my WiFi.

    After considerable effort, my system now appears to be clean. All normal functionality has been restored...except that the connection status still consistently shows the reduced speed, usually 24 Mbps but sometimes dropping to 18 Mbps. This is despite the fact that the signal still shows as "Excellent" and as noted, my other machines are showing 54 Mbps. :(

    This seems very odd! Is there a setting that might have been messed up and needs to be reset? There were some initial problems with IE being unable to find some files, I messed around with putting in the OEM Dell XP system disk so they could be retrieved, etc. Not sure if that could have anything whatsoever to do with any of this, or if it was (or is???) related to the infection.

    Anyone have any ideas? I'm unsure what to even check... :eek:
     
  2. tipstir

    tipstir TS Ambassador Posts: 4,664   +86

    when you type: ipconfig /flushdns do you get an error?
     
  3. kontradictor

    kontradictor TS Rookie

    Have you actually test the download speeds you are getting or are you only relying on what the network speed is connecting at? Sometimes this can be very unreliable. I would do a download test on the pcpitstop.com website on all computers then you will be able to better understand if its just a inital connection issue or if you really are losing bandwidth or connection speed. You may try to re install your wireless card if you have not already done so.
     
  4. GeorgieBoy

    GeorgieBoy TS Rookie Topic Starter Posts: 17

    No...it did run that command

    I ran it in Start > Run; a Dos box opened for a second or two as it ran and that was it. No error messages. However, it did not appear to have any affect on the speed displayed when I "roll over" the Wireless Connection icon in the task bar.

    In fact, at this moment, it's showing 18.0 Mbps whereas a couple of laptop computers a short distance away are showing 54.0 Mbps.

    I did notice that when I restart this machine, it comes up with a message that says NTLDR NOT FOUND -- press any key to restart (or something like that). Then, when I do that, it comes to a screen giving me the choice of which operating system I wish to run: XP Media Center Home Edition or XP Professional Setup. This is very odd and did not start happening until the other issues occurred. In the past, the computer booted up normally with no hitches, and runs Windows XP Media Center Home Edition. I have no idea as to whether this has anything at all to do with this network speed issue; just seems to be another glitch in the aftermath of the effort to clean up the system of its virus.

    Feel free to provide any thoughts or suggestions!
     
  5. GeorgieBoy

    GeorgieBoy TS Rookie Topic Starter Posts: 17

    Good idea -- I may do a comparison test..

    With this desktop, I'm using an external Linksys Wireless USB adaptor. I believe it has some software that I installed initially. Are you recommending reinstalling the software?
     
  6. GeorgieBoy

    GeorgieBoy TS Rookie Topic Starter Posts: 17

    Uh oh....just ran HJT and it detected a backdoor Trojan is still on my system.

    I guess I'm going to be reformatting my hard drive after all... )-:
     
  7. tipstir

    tipstir TS Ambassador Posts: 4,664   +86

    Run AVG Anti-spyware and it's rootkit can get rid of that and also NOD32 AV make sure that won't get on the system in the first place. You don't have to re-format the system. What you can do is remove the problem. Backup your favorites, desktop, cookies if you need. Then go into the safemode as the admin not you profile your using and then delete the profile. Now when you log back in Windows MCE you'll see a new profile for your current login name. Just restore back the save Favorites and desktop settings and you should be okay..
     
  8. Rolfman

    Rolfman TS Enthusiast Posts: 125

    I was about to say .. check if you have the latest firmware version.
    until i saw that you have other pc's running ok and that you still have active malware on your system.

    Anyhow a back door Trojan may be responsible .... they start running applications behind the antivirus firewall that are constantly seeking a default gateway to access the internet , and once they get to infect your Internet explorer all h0pes are lost.
    Even after a clean up.... the system never remains the same. plus its a Trojan will constantly multiply and spread to other areas.

    with all do respect to ''tipstir'' I wouldn't advise you to back up your favorite files , it is too risky , and might end up with the same infection after the format.
     
  9. tipstir

    tipstir TS Ambassador Posts: 4,664   +86

    the favorites are just link files you can always go in remove bad links but if you scan the system with AVG Anti-spyware it will catch everything . Favorites is optional if you want to back them up. Otherwise you'll have to start from scratch.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.