new modem any adjustments?

TNATireFryer · Post by **TNATireFryer** » Mon Nov 02, 2009 12:08 pm

« SpeedGuide.net TCP Analyzer Results »
Tested on: 11.02.2009 12:05
IP address: 67.185.xxx.xxx
Client OS: Windows XP

TCP options string: 020405ac0103030201010402
MSS: 1452
MTU: 1492
TCP Window: 182952 (multiple of MSS)
RWIN Scaling: 2 bits (2^2=4)
Unscaled RWIN : 45738
Recommended RWINs: 63888, 127776, 255552, 511104, 1022208
BDP limit (200ms): 7318kbps (915KBytes/s)
BDP limit (500ms): 2927kbps (366KBytes/s)
MTU Discovery: ON
TTL: 111
Timestamps: OFF
SACKs: ON
IP ToS: 00100000 (32)
Precedence: 001 (priority)
Delay: 0 (normal delay)
Throughput: 0 (normal throughput)
Reliability: 0 (normal reliability)
Cost: 0 (normal cost)
Check bit: 0 (correct)
DiffServ: CS1 001000 (8) - class 1 (RFC 2474). Similar forwarding behavior to the ToS Precedence field.
comcast cable -
« SpeedGuide.net Speed Test Results »
10464 kbps down (~10.46 Mbps, 1277 KB/s)↓
2433 kbps up (~2.43 Mbps, 297 KB/s)↑
3072 KB downloaded in 2.405 seconds
3072 KB uploaded in 10.342 seconds
Tested on: 2009.11.02 12:14 EST
Tested from: dvrsupply.com
Test Link: http://www.speedguide.net/speedtest/res ... st=2652184
Provider: wa.comcast.net
Location: South Bend, IN, US

akbarri · Post by **akbarri** » Mon Nov 02, 2009 12:24 pm

Try the following with TCP Optimizer:
General Settings tab:
Custom settings - check
Modify All Network Adapters - check
network adapter selection - your NIC
MTU - 1492
TTL - 64
Windows Scaling - check
TCP Receive Window - 255552
MTU Discovery - Yes
Black Hole Detect - No
Selective Acks - Yes
Max Duplicate ACKs - 2
TCP 1323 Options:
Timestamps - uncheck

Advanced Settings tab:
Max Connections per Server - 10
Max Connections per 1.0 Server - 10
LocalPriority - 5
Host Priority - 6
DNSPriority - 7
NetbtPriority - 8
Lan Browsing speedup - optimized
QoS: NonBestEffortLimit - 0
ToS: DisableUserTOSSetting - 0
ToS: DefaultTOSValue - 32
MaxNegativeCacheTtl - 0
NetFailureCacheTime - 0
NegativeSOACache Time - 0
LAN Request Buffer Size - 32768

TNATireFryer · Post by **TNATireFryer** » Mon Nov 02, 2009 12:51 pm

« SpeedGuide.net TCP Analyzer Results »
Tested on: 11.02.2009 12:48
IP address: 67.185.xxx.xxx
Client OS: Windows XP

TCP options string: 020405ac0103030201010402
MSS: 1452
MTU: 1492
TCP Window: 182952 (multiple of MSS)
RWIN Scaling: 2 bits (2^2=4)
Unscaled RWIN : 45738
Recommended RWINs: 63888, 127776, 255552, 511104, 1022208
BDP limit (200ms): 7318kbps (915KBytes/s)
BDP limit (500ms): 2927kbps (366KBytes/s)
MTU Discovery: ON
TTL: 47
Timestamps: OFF
SACKs: ON
IP ToS: 00100000 (32)
Precedence: 001 (priority)
Delay: 0 (normal delay)
Throughput: 0 (normal throughput)
Reliability: 0 (normal reliability)
Cost: 0 (normal cost)
Check bit: 0 (correct)
DiffServ: CS1 001000 (8) - class 1 (RFC 2474). Similar forwarding behavior to the ToS Precedence field.
10561 kbps down (~10.56 Mbps, 1289 KB/s) ↓
2389 kbps up (~2.39 Mbps, 292 KB/s) ↑

Details:
3072 KB downloaded in 2.383 seconds
3072 KB uploaded in 10.533 seconds
Speed @ 254% of the average for wa.comcast.net
199 times faster than 56k dialup
Tested on: 2009.11.02 12:50 EST
Tested from: dvrsupply.com
Test ID: 2652243
User Test History: User Stats
Browser/OS: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.15) Gecko/2009101601 Firefox/3.0.15 (.NET CLR 3.5.30729)
IP Address: 67.185.230.197
Provider: wa.comcast.net
Location: South Bend, IN, US

akbarri · Post by **akbarri** » Mon Nov 02, 2009 1:01 pm

TNATireFryer wrote:« SpeedGuide.net TCP Analyzer Results »
Tested on: 11.02.2009 12:48
IP address: 67.185.xxx.xxx
Client OS: Windows XP

TCP options string: 020405ac0103030201010402
MSS: 1452
MTU: 1492
TCP Window: 182952 (multiple of MSS)
RWIN Scaling: 2 bits (2^2=4)
Unscaled RWIN : 45738
Recommended RWINs: 63888, 127776, 255552, 511104, 1022208
BDP limit (200ms): 7318kbps (915KBytes/s)
BDP limit (500ms): 2927kbps (366KBytes/s)
MTU Discovery: ON
TTL: 47
Timestamps: OFF
SACKs: ON
IP ToS: 00100000 (32)
Precedence: 001 (priority)
Delay: 0 (normal delay)
Throughput: 0 (normal throughput)
Reliability: 0 (normal reliability)
Cost: 0 (normal cost)
Check bit: 0 (correct)
DiffServ: CS1 001000 (8) - class 1 (RFC 2474). Similar forwarding behavior to the ToS Precedence field.
10561 kbps down (~10.56 Mbps, 1289 KB/s) ↓
2389 kbps up (~2.39 Mbps, 292 KB/s) ↑

Details:
3072 KB downloaded in 2.383 seconds
3072 KB uploaded in 10.533 seconds
Speed @ 254% of the average for wa.comcast.net
199 times faster than 56k dialup
Tested on: 2009.11.02 12:50 EST
Tested from: dvrsupply.com
Test ID: 2652243
User Test History: User Stats
Browser/OS: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.15) Gecko/2009101601 Firefox/3.0.15 (.NET CLR 3.5.30729)
IP Address: 67.185.230.197
Provider: wa.comcast.net
Location: South Bend, IN, US

use CABLENUT (google for it)
ONLY change Cablenut setting for:
DefaultReceiveWindow = 255552
DefaultSendWindow = 255552

TNATireFryer · Post by **TNATireFryer** » Mon Nov 02, 2009 1:25 pm

ok i got the download - made the adjustments - and redid the test but it still came up the same number - any suggestions - and yes saved it to registry - but didnt seem to take effect?

Rollingstone · Post by **Rollingstone** » Mon Nov 02, 2009 7:07 pm

DefaultSendWindow = 255552

Just let you know, DefaultSendWindow = upload * 128

TNATireFryer · Post by **TNATireFryer** » Mon Nov 02, 2009 8:13 pm

upload * 128 um what?

akbarri · Post by **akbarri** » Mon Nov 02, 2009 10:29 pm

Rollingstone wrote:Just let you know, DefaultSendWindow = upload * 128

thx Rollingstone, i already knew it(advance setting for DefaultSendWindow = upload * 128)!
for "TNATireFryer case", i just want to make sure that AFD override RWIN value,
thats why a make it simple first :
DefaultReceiveWindow = DefaultSendWindow = RWIN
after that i'll give complete cablenut settings.

BUT,

TNATireFryer wrote:ok i got the download - made the adjustments - and redid the test but it still came up the same number - any suggestions - and yes saved it to registry - but didnt seem to take effect?

i think TCP Window still 182952!!

what kind of modem did u use anyway??

Rollingstone · Post by **Rollingstone** » Mon Nov 02, 2009 10:49 pm

@akbarri : DefaultReceiveWindow 255552 - I believe that's enough for overwriting TCP Window

@TNATireFryer : post your new TCP Analyzer

akbarri · Post by **akbarri** » Mon Nov 02, 2009 11:02 pm

TNATireFryer wrote:ok i got the download - made the adjustments - and redid the test but it still came up the same number - any suggestions - and yes saved it to registry - but didnt seem to take effect?

from his post i think TNA still got same problem "RWIN = 182952" after change CABLENUT setting DefaultReceiveWindow = DefaultSendWindow = 255552.

But let see TNA new TCP Analizer

TNATireFryer · Post by **TNATireFryer** » Tue Nov 03, 2009 10:32 am

« SpeedGuide.net TCP Analyzer Results »
Tested on: 11.03.2009 10:30
IP address: 67.185.xxx.xxx
Client OS: Windows XP

TCP options string: 020405ac0103030201010402
MSS: 1452
MTU: 1492
TCP Window: 182952 (multiple of MSS)
RWIN Scaling: 2 bits (2^2=4)
Unscaled RWIN : 45738
Recommended RWINs: 63888, 127776, 255552, 511104, 1022208
BDP limit (200ms): 7318kbps (915KBytes/s)
BDP limit (500ms): 2927kbps (366KBytes/s)
MTU Discovery: ON
TTL: 47
Timestamps: OFF
SACKs: ON
IP ToS: 00100000 (32)
Precedence: 001 (priority)
Delay: 0 (normal delay)
Throughput: 0 (normal throughput)
Reliability: 0 (normal reliability)
Cost: 0 (normal cost)
Check bit: 0 (correct)
DiffServ: CS1 001000 (8) - class 1 (RFC 2474). Similar forwarding behavior to the ToS Precedence field.
scientific atlanta 2100 modem

trogers · Post by **trogers** » Tue Nov 03, 2009 7:29 pm

Post a Hijackthis log.

Could be that he is already running a tweak software.

TNATireFryer · Post by **TNATireFryer** » Wed Nov 04, 2009 10:22 am

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:32:06 AM, on 11/4/2009
Platform: Windows XP SP3, v.3311 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\PROGRA~1\MI948F~1\GAMECO~1\common\swtrayv4.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\AVG\AVG8\avgupd.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Documents and Settings\Owner\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MI948F~1\GAMECO~1\common\swtrayv4.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKUS\S-1-5-21-3756688246-2890152980-3708610915-500\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Administrator')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6052590578
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 6065 bytes

Rollingstone · Post by **Rollingstone** » Wed Nov 04, 2009 6:51 pm

TuneUp > Customize Windows > Adjust Internet settings >Internet > Setting > Receive Window (RWIN) 127776 > OK > reboot !

TNATireFryer · Post by **TNATireFryer** » Wed Nov 04, 2009 8:00 pm

ok, the tune up utility is deleted /removed -
i redid the analizer and came up with the same number .....

anything else i can do?
« SpeedGuide.net TCP Analyzer Results »
Tested on: 11.04.2009 20:01
IP address: 67.185.xxx.xxx
Client OS: Windows XP

TCP options string: 020405ac0103030201010402
MSS: 1452
MTU: 1492
TCP Window: 182952 (multiple of MSS)
RWIN Scaling: 2 bits (2^2=4)
Unscaled RWIN : 45738
Recommended RWINs: 63888, 127776, 255552, 511104, 1022208
BDP limit (200ms): 7318kbps (915KBytes/s)
BDP limit (500ms): 2927kbps (366KBytes/s)
MTU Discovery: ON
TTL: 31
Timestamps: OFF
SACKs: ON
IP ToS: 00100000 (32)
Precedence: 001 (priority)
Delay: 0 (normal delay)
Throughput: 0 (normal throughput)
Reliability: 0 (normal reliability)
Cost: 0 (normal cost)
Check bit: 0 (correct)
DiffServ: CS1 001000 (8) - class 1 (RFC 2474). Similar forwarding behavior to the ToS Precedence field.

Rollingstone · Post by **Rollingstone** » Wed Nov 04, 2009 11:31 pm

RUn Winsockfix then apply TCP Settings akbarri gave

TNATireFryer · Post by **TNATireFryer** » Thu Nov 05, 2009 12:22 am

is that download free?-

perhaps link me to the proper - im sorry but everything i tried leads to this Quad download - and in the end it isnt free -

trogers · Post by **trogers** » Thu Nov 05, 2009 2:44 am

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0

This line may show the browser is running through a proxy server. Thus RWIN may be that of this proxy, and not the comp's.

TNATireFryer · Post by **TNATireFryer** » Thu Nov 05, 2009 1:33 pm

is this a good - or a bad thing?
im not sure what proxy means - never had this before -

Rollingstone · Post by **Rollingstone** » Thu Nov 05, 2009 8:37 pm

TNATireFryer wrote:is this a good - or a bad thing?
im not sure what proxy means - never had this before -

Winsockfix will restore your proxy to default.

http://www.softpedia.com/get/Tweak/Netw ... kFix.shtml

akbarri · Post by **akbarri** » Fri Nov 06, 2009 8:30 am

trogers wrote:R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0

This line may show the browser is running through a proxy server. Thus RWIN may be that of this proxy, and not the comp's.

START > CONTROL PANEL > INTERNET OPTIONS > CONNECTION > LAN SETTINGS > "UNTICK ALL OPTIONS"

check ur HIJACK again & do WINSOCKFIX

TNATireFryer · Post by **TNATireFryer** » Fri Nov 06, 2009 10:38 am

thanks for the link to the Fix!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:48:55 AM, on 11/6/2009
Platform: Windows XP SP3, v.3311 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\PROGRA~1\MI948F~1\GAMECO~1\common\swtrayv4.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Documents and Settings\Owner\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SideWinderTrayV4] C:\PROGRA~1\MI948F~1\GAMECO~1\common\swtrayv4.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6052590578
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 6497 bytes

akbarri · Post by **akbarri** » Sat Nov 07, 2009 2:11 am

so what about ur TCP/IP Analyzer result??

TNATireFryer · Post by **TNATireFryer** » Sat Nov 07, 2009 9:06 am

sorry i forgot that -
« SpeedGuide.net TCP Analyzer Results »
Tested on: 11.07.2009 09:04
IP address: 67.185.xxx.xxx
Client OS: Windows XP

TCP options string: 020405b401010402
MSS: 1460
MTU: 1500
TCP Window: 65535 (NOT multiple of MSS)
RWIN Scaling: 0 bits
Unscaled RWIN : 65535
Recommended RWINs: 64240, 128480, 256960, 513920, 1027840
BDP limit (200ms): 2621kbps (328KBytes/s)
BDP limit (500ms): 1049kbps (131KBytes/s)
MTU Discovery: ON
TTL: 111
Timestamps: OFF
SACKs: ON
IP ToS: 00100000 (32)
Precedence: 001 (priority)
Delay: 0 (normal delay)
Throughput: 0 (normal throughput)
Reliability: 0 (normal reliability)
Cost: 0 (normal cost)
Check bit: 0 (correct)
DiffServ: CS1 001000 (8) - class 1 (RFC 2474). Similar forwarding behavior to the ToS Precedence field.

TNATireFryer · Post by **TNATireFryer** » Sat Nov 07, 2009 9:18 am

i think i got it now ?
« SpeedGuide.net TCP Analyzer Results »
Tested on: 11.07.2009 09:17
IP address: 67.185.xxx.xxx
Client OS: Windows XP

TCP options string: 020405b40103030201010402
MSS: 1460
MTU: 1500
TCP Window: 255552 (NOT multiple of MSS)
RWIN Scaling: 2 bits (2^2=4)
Unscaled RWIN : 63888
Recommended RWINs: 64240, 128480, 256960, 513920, 1027840
BDP limit (200ms): 10222kbps (1278KBytes/s)
BDP limit (500ms): 4089kbps (511KBytes/s)
MTU Discovery: ON
TTL: 111
Timestamps: OFF
SACKs: ON
IP ToS: 00100000 (32)
Precedence: 001 (priority)
Delay: 0 (normal delay)
Throughput: 0 (normal throughput)
Reliability: 0 (normal reliability)
Cost: 0 (normal cost)
Check bit: 0 (correct)
DiffServ: CS1 001000 (8) - class 1 (RFC 2474). Similar forwarding behavior to the ToS Precedence field.

Rollingstone · Post by **Rollingstone** » Sat Nov 07, 2009 9:21 am

TCP Window: 255552 (NOT multiple of MSS)

MTU changed so TCP WIndow has to change to 256960

TNATireFryer · Post by **TNATireFryer** » Sat Nov 07, 2009 10:39 am

« SpeedGuide.net TCP Analyzer Results »
Tested on: 11.07.2009 10:37
IP address: 67.185.xxx.xxx
Client OS: Windows XP

TCP options string: 020405b40103030201010402
MSS: 1460
MTU: 1500
TCP Window: 256960 (multiple of MSS)
RWIN Scaling: 2 bits (2^2=4)
Unscaled RWIN : 64240
Recommended RWINs: 64240, 128480, 256960, 513920, 1027840
BDP limit (200ms): 10278kbps (1285KBytes/s)
BDP limit (500ms): 4111kbps (514KBytes/s)
MTU Discovery: ON
TTL: 111
Timestamps: OFF
SACKs: ON
IP ToS: 00100000 (32)
Precedence: 001 (priority)
Delay: 0 (normal delay)
Throughput: 0 (normal throughput)
Reliability: 0 (normal reliability)
Cost: 0 (normal cost)
Check bit: 0 (correct)
DiffServ: CS1 001000 (8) - class 1 (RFC 2474). Similar forwarding behavior to the ToS Precedence field.

Rollingstone · Post by **Rollingstone** » Sat Nov 07, 2009 7:20 pm

Correct !

TNATireFryer · Post by **TNATireFryer** » Sun Nov 08, 2009 11:00 am

thanks alot you all for the help!- i owe ya a beer or a soda!

akbarri · Post by **akbarri** » Tue Nov 10, 2009 1:04 pm

interesting case!!
when :
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
MSS: 1452
MTU: 1492
TCP Window: cannot be changes, even using CABLENUT

after
START > CONTROL PANEL > INTERNET OPTIONS > CONNECTION > LAN SETTINGS > "UNTICK ALL OPTIONS"
and WISOCKFIX
MSS: 1460
MTU: 1500
TCP Window: normal

next time i'll recommend to post HIJACK result