Did malware wreck my wireless internet connection?

Hello all,

I'd like to request help with a problem I've been having with my laptop that I suspect is malware related. My internet connection appears to have been wrecked by malware. I have run through this forum's Malware Removal Guide but am still having trouble. All relevant logs are attached to this message and its follow-up.

(Please forgive the length of this post; I wanted to provide as much information up front as possible in the hopes of being helpful; I apologize if any of this is superfluous.)

Short summary of my problem: I'm on a Dell Inspiron E1505 laptop running Windows XP home edition v 2002. After contracting and (I thought) removing Spyware Protect 2009, my wireless internet connection has been dramatically slowed. My ISP is Comcast broadband and, despite Comcast's bad reputation, my connection normally works for me at very high speeds. In the wake of contracting malware, however, it runs very slowly, if at all. Websites take minutes instead of seconds to load, if they load at all, and I frequently lose my connection to gchat and gmail. File downloads - word documents and pdf attachments to gmail, not peer2peer - take very long to download; I must frequently cancel and restart downloads as they typically stall halfway through.

Oddly, I have found that if I try to repair my wireless connection or otherwise toggle my wireless card off and on, I have a few moments - maybe 30 seconds to a minute - in which speeds return to normal and pages load instantly. However, it very quickly returns to its slow/choppy connection status. My wife, on her macbook, connects through the same router and is not experiencing any trouble, so I know the problem is on my end. Intel PROSet reports that my connection status is excellent at broadband speeds, but this is a vicious lie.

Details: My computer contracted the Spyware Protect 2009 malware a little over a week ago. To remove it, I followed the directions found here:
http://www.2-spyware.com/remove-spyware-protect-2009.html - I killed
the processes, deleted the registry entries, and deleted the files. This did not seem to fix the problem completely, as I was still getting pop-ups and my internet connection was dramatically slowed. I downloaded and ran Malewarebytes, after struggling to get the page to load and download to work, which seemed to fix them problem.

The next day, internet still running fine, I updated and ran McAfee Security Center, Ad-Aware, and Malwarebytes. I also downloaded and ran Spybot Search & Destroy and Hijack This. No infections were found, though Spybot's Tea Timer began identifying registry changes. At first, I simply told Tea Timer to remove the bad registry values but I was still receiving pop-ups. I then disabled Tea Timer and have since uninstalled Spybot. I worry that, in my ignorance, I damaged my registry; is this a concern?

This is about when my connection tanked again. I thought perhaps that I or the malware had changed my DNS, but as I understand it, this would also affect my wife's connection. I thought maybe the malware had corrupted my winsock or something along those lines, so I ran winsockxpfix, LSPFix, and XP TCPIP Repair. None of these helped and my connection remained slow. Hopefully I did not run anything that made my problem worse; forgive my ignorance if I did.

So, I started cleaning house. I uninstalled and cleared out old instances of Java and plan to (but have not yet) update to 6 build 12. I uninstalled an older version of Acrobat reader and installed 9.1. I removed bittorrent and limewire, which I had not used in some time, just in case. I followed all of the instructions in this forum's Malware Removal Guide - I found and removed one instance of spyware using add/remove programs; emptied my quarantine folders; and ran (or re-ran) SUPERAntiSpyware, Malwarebytes, Combofix, and MGTools. All logs are attached.

Everything ran smoothly; Combofix did restart my computer while running, which I didn't expect, but still produced a log. During startup, my computer briefly offers me a chance to boot into normal or safe mode, which it did not before, though it automatically boots into normal mode after a second or two. Is this a problem?

Anyway, to make a long story short, I need help. I did my best to fix this problem on my own but really have no idea what to do at this point; I long ago exhausted my knowledge. I defer, instead, to the expertise of the generous people running this forum. Please help! I'm ready and eager to proceed at your convenience.

Disclaimer: I made a small edit to the newfiles.txt log created by MGTools. In the list of desktop files and My Documents, I edited the file names of several word documents to remove my name and the name of my employer. I also removed from the list a single folder, containing word documents, to remove my wife's name. I only did this to preserve my anonymity and made no other changes to this log or any others.

 

Here are the other two logs. Thanks for your consideration!

 

Thank you so much for your reply. Sorry about the long delay in responding; I've been traveling for work, but promise to respond more promptly in the future.

I did eventually think, genius that I am, to try a hardwire connection to my modem. When I'm plugged in, my internet speeds return to normal. I only have trouble when trying to connect wirelessly.

I did update McAfee and run a full scan a couple of times after this started, once right before posting my first message here. A friend recommended I try Windows Live OneCare, so I uninstalled McAfee and loaded OneCare. Uninstalling McAfee has had no effect on my connection. OneCare did detect a Trojan the other scans had missed (or that I had gotten after running the scans), but removing that also had no effect on my speeds.

I've tried both Firefox and Internet Explorer. There's no difference between the two. I've fully upgraded both but that hasn't helped.

I had tried flushing my DNS cache before, but that hadn't helped. As you suggested, I just flushes all my caches. Unfortunately, I now can't connect to my wireless network at all. I'm guessing this is a problem on Comcast's end, since last night we had a service outage that was only restored today. When trying to connect via Intel PROSet, I simply receive a message that I cannot connect. It appears that I can connect to other networks, at least, which is why I suspect Comcast is at fault (that is, this latest problem is not related to the malware issue). So, as soon as I get THIS problem settled, I'll re-flush my caches and see if that has any effect.

I've also thought about uninstalling and reinstalling my wireless drivers; any thoughts?

Thank you again, tremendously, for your time and your help.

 

Just to update...

I managed to get my issue with Comcast resolved. Having done that, I reinstalled the driver for my wireless card and upgraded my wireless management software. I also flushed all my caches.

I saw a small increase in wireless speed and the stability of my connection. However, it's still no where near where it was before all this started. I'll go through periods when sites load very quickly and periods when pages load slow, if at all, and I'm frequently booted of gchat. The whole time my connection is spotty, my wireless card reports a strong signal strength and high speeds.

I'm wondering if maybe the wireless card is just shot? I'm thinking of picking up a replacement and switching them out to see if its a hardware problem. Thoughts?

Thanks again for helping folks like me.