Ottesen Skrevet 12. desember 2007 Del Skrevet 12. desember 2007 Heisann... Har et problem som irriterer meg, internetten er treg, går sakte å få opp sider tilogmed, og har 20mbit linje :S Jeg ble hintet inn hit av kundeservice på nexgentel, noe som er bra, men problemene er der ennå etter å gå igjennom flere programer (brannmur,virusscan, osv ifra sticky'n på denne siden) Håper noen kan ta en titt på dette: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 5:51:35 PM, on 12/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDll32.exe C:\progz\powerstrip\pstrip.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\F-Secure Internet Security\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\nvsvc32.exe E:\FRAPS\FRAPS.EXE C:\WINDOWS\system32\oodag.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\F-Secure Internet Security\FSPC\fspc.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Program Files\F-Secure Internet Security\Anti-Virus\fssm32.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Progz\SpeedFan\speedfan.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Opera\Opera.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\F-Secure Internet Security\Common\FSLAUNCH.EXE C:\Program Files\Trend Micro\Hitest\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/no/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [PowerStrip] c:\progz\powerstrip\pstrip.exe O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -s O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Fraps] E:\FRAPS\FRAPS.EXE O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: HDDlife.lnk = C:\Program Files\BinarySense\HDDlife 3\HDDlifePro.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Sperre... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Sperre... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- End of file - 8203 bytes Mvh Lenke til kommentar
norbat Skrevet 12. desember 2007 Del Skrevet 12. desember 2007 Loggen viser ingen tegn på noen infeksjoner. Når oppstod denne tregheten (installerte du noen program rundt denne perioden), har du prøvd med en annen pc og sjekket om det er det samme problemet der? Vi kan prøve en annen loggvariant: Hent Combofix, og legg det på skrivebordet Kjør combofix.exe, og følg veiledningen. Du må ikke klikke på vinduet mens programmet kjører. Post loggfilen fra combofix (c:\combofix.txt) Lenke til kommentar
Ottesen Skrevet 12. desember 2007 Forfatter Del Skrevet 12. desember 2007 Heisann Kan ikke huske noe spesielt, fordi det er egentlig ganske lenge siden. men det er gradvis blitt tregere og tregere, har akkurat installert windows igjen også, formaterte disken der den gamle windowsen lå på, men ingen av dem andre harddiskene. Intenettet mitt forsvant når jeg tok combofix også :S Loggen: ComboFix 07-12-12.3 - Administrator 2007-12-12 20:29:53.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1512 [GMT -8:00] Running from: C:\Documents and Settings\Administrator\Application Data\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2007-11-13 to 2007-12-13 ))))))))))))))))))))))))))))))) . 2007-12-12 20:26 . 2007-12-12 20:29 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2007-12-12 20:24 . 2007-12-12 20:26 <DIR> d-------- C:\WINDOWS\LastGood 2007-12-12 20:24 . 2007-12-12 20:24 <DIR> d-------- C:\Program Files\Skype 2007-12-12 20:24 . 2007-12-12 20:24 <DIR> d-------- C:\Program Files\Common Files\Skype 2007-12-12 20:24 . 2007-12-12 20:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype 2007-12-12 20:24 . 2007-12-12 20:26 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Skype 2007-12-12 20:24 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui 2007-12-12 20:24 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui 2007-12-12 20:24 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuapi.dll.mui 2007-12-12 20:24 . 2007-07-30 19:18 20,312 --a------ C:\WINDOWS\system32\wuaueng.dll.mui 2007-12-12 20:22 . 2007-12-12 20:22 <DIR> d-------- C:\Program Files\Opera 2007-12-12 20:15 . 2007-12-12 20:15 69 --a------ C:\WINDOWS\NeroDigital.ini 2007-12-12 20:06 . 2007-12-12 20:06 0 --a------ C:\WINDOWS\vpc32.INI 2007-12-12 20:05 . 2007-12-12 20:05 <DIR> d-------- C:\WINDOWS\Sun . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-13 04:30 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2007-12-13 03:59 --------- d-----w C:\Program Files\Symantec 2007-12-13 03:58 --------- d-----w C:\Program Files\Symantec Client Security 2007-12-13 03:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2007-12-13 03:57 --------- d-----w C:\Program Files\CyberLink 2007-12-13 03:57 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-12-13 03:56 --------- d-----w C:\Program Files\Java 2007-12-13 03:56 --------- d-----w C:\Program Files\Common Files\Java 2007-12-13 03:56 --------- d-----w C:\Program Files\Common Files\Ahead 2007-12-13 03:56 --------- d-----w C:\Program Files\Ahead 2007-12-13 03:55 155,995 ----a-w C:\WINDOWS\java\Packages\E669JNZH.ZIP 2007-12-13 03:50 --------- d-----w C:\Program Files\microsoft frontpage . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-12-07 15:08] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="RUNDLL32.exe" [2002-12-31 04:00 C:\WINDOWS\system32\rundll32.exe] "nwiz"="nwiz.exe" [2005-07-20 11:07 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="RUNDLL32.exe" [2002-12-31 04:00 C:\WINDOWS\system32\rundll32.exe] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2005-04-08 15:52] "vptray"="C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe" [2005-04-17 12:30] R0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys *Newly Created Service* - BITS *Newly Created Service* - CATCHME *Newly Created Service* - CCPROXY *Newly Created Service* - DMADMIN *Newly Created Service* - HTTPFILTER *Newly Created Service* - ISSVC *Newly Created Service* - PROCEXP90 *Newly Created Service* - SYMDNS *Newly Created Service* - SYMFW *Newly Created Service* - SYMIDS *Newly Created Service* - SYMIDSCO *Newly Created Service* - SYMNDIS *Newly Created Service* - SYMSECUREPORT *Newly Created Service* - UMWDF . Contents of the 'Scheduled Tasks' folder "2007-12-13 04:13:04 C:\WINDOWS\Tasks\Symantec NetDetect.job" - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-12 20:30:35 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-12 20:30:54 Lenke til kommentar
norbat Skrevet 12. desember 2007 Del Skrevet 12. desember 2007 Ser greit ut. Virker internettet igjen? Combofix har ikke som vane å stoppe den. Ville ha prøvd med en annen pc. Selv om Nextgentel sier alt er i orden fra deres side så er det greit å teste ut selv. Vet ikke om brannmuren din evt. noe annen nettbasert programvare på PC-en din kan strupe hastigheten? Lenke til kommentar
Ottesen Skrevet 12. desember 2007 Forfatter Del Skrevet 12. desember 2007 Jeg fikk mail når du svarte, men fikk opp siden akkurat nå, så rask er den nå plutselig ble den rask litegran. Internetten funger igjen etter jeg restartet, har også testet nettet uten noe som helst program som hjelper/hindrer nettet. ikke på skype brannmur, msn eller noe, ingen forskjell. Jeg trur jeg ska lprøve å låne en bærbra pc fra en kamerat å se som du sier, takker så mye for hjelpa og din tid. Takk takk mvh Ottesen Lenke til kommentar
Ottesen Skrevet 14. desember 2007 Forfatter Del Skrevet 14. desember 2007 Problem løst Fikk ringt til kundeservice igjen, og etter han trykket litt på datan og en restart av modem/ruteren så fungerte den igjen Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå