Gå til innhold

» Data » IKT-drift og sikkerhet

CPU i 100 nesten hele tiden

eivindhetalnd

Av eivindhetalnd
2. desember 2008 i IKT-drift og sikkerhet

Anbefalte innlegg

eivindhetalnd

eivindhetalnd

Skrevet 2. desember 2008

Skrevet 2. desember 2008

Når jeg har MSN og opera oppe, så er CPU'en i ca 100% nesten hele tiden. Det er som oftest opera som bruker mest, den ligger ofte mellom 80% og 95%. Noen som vet hva det kan komme av?

Videoannonse

Annonse

norbat

norbat

Skrevet 2. desember 2008

Skrevet 2. desember 2008

Bruker du nyeste versjon av Opera?

Hvis ikke, laster du ned den.

eivindhetalnd

eivindhetalnd

Skrevet 2. desember 2008

Forfatter

Skrevet 2. desember 2008

Jeg bruker 9.62. Etter hva jeg ser så er det den siste...

norbat

norbat

Skrevet 2. desember 2008

Skrevet 2. desember 2008

Hva om du bruker IE, er det fortsatt høy cpu?

eivindhetalnd

eivindhetalnd

Skrevet 2. desember 2008

Forfatter

Skrevet 2. desember 2008

Summen er fremdeles stort sett 100%, men explorer er mellom 75% og 90%

norbat

norbat

Skrevet 2. desember 2008

Skrevet 2. desember 2008

Vi kan sjekke for malware. Kjør da gjennom veiledningen

eivindhetalnd

eivindhetalnd

Skrevet 2. desember 2008

Forfatter

Skrevet 2. desember 2008

Da har jeg følgende logger:

Malwarebytes' Anti-Malware 1.28

Database versjon: 1184

Windows 5.1.2600 Service Pack 3

02.12.2008 21:59:08

mbam-log-2008-12-02 (21-59-08).txt

Skanntype: Rask Skann

Objekter skannet: 47889

Tid tilbakelagt: 18 minute(s), 46 second(s)

Minneprosesser infisert: 0

Minnemoduler infisert: 0

Registernøkler infisert: 0

Registerverdier infisert: 0

Registerfiler infisert: 0

Mapper infisert: 0

Filer infisert: 0

Minneprosesser infisert:

(Ingen mistenkelige filer funnet)

Minnemoduler infisert:

(Ingen mistenkelige filer funnet)

Registernøkler infisert:

(Ingen mistenkelige filer funnet)

Registerverdier infisert:

(Ingen mistenkelige filer funnet)

Registerfiler infisert:

(Ingen mistenkelige filer funnet)

Mapper infisert:

(Ingen mistenkelige filer funnet)

Filer infisert:

(Ingen mistenkelige filer funnet)

ComboFix 08-12-01.03 - Eivind 2008-12-02 22:04:23.3 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2060 [GMT 1:00]

Running from: d:\documents and settings\Eivind\Desktop\ComboFix.exe

* Created a new restore point

* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

d:\windows\Readme.txt

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_NSESVC

-------\Service_nsesvc

((((((((((((((((((((((((( Files Created from 2008-11-02 to 2008-12-02 )))))))))))))))))))))))))))))))

.

2008-12-02 19:07 . <DIR> d:\windows\LastGood.Tmp

2008-12-01 18:52 . 2008-12-01 18:52 <DIR> d-------- d:\program files\Common Files\Wise Installation Wizard

2008-11-23 13:23 . 2008-11-23 13:23 4,444 --a------ d:\windows\system32\pid.PNF

2008-11-22 18:46 . 2008-11-22 18:46 <DIR> d-------- d:\documents and settings\All Users\Application Data\Office Genuine Advantage

2008-11-12 22:12 . 2008-11-12 22:12 <DIR> d-------- d:\program files\Opera

2008-11-12 21:06 . 2008-09-04 18:15 1,106,944 -----c--- d:\windows\system32\dllcache\msxml3.dll

2008-11-12 21:06 . 2008-10-24 12:21 455,296 -----c--- d:\windows\system32\dllcache\mrxsmb.sys

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-02 21:11 --------- d-----w d:\program files\Norman

2008-12-01 17:53 --------- d-----w d:\program files\SUPERAntiSpyware

2008-12-01 17:53 --------- d-----w d:\documents and settings\Eivind\Application Data\SUPERAntiSpyware.com

2008-12-01 17:24 --------- d-----w d:\program files\TweakNow RegCleaner

2008-12-01 17:24 --------- d-----w d:\program files\Startup Inspector for Windows

2008-11-25 21:19 --------- d-----w d:\program files\Common Files\Adobe

2008-11-11 17:11 --------- d-----w d:\program files\Java

2008-10-24 11:21 455,296 ----a-w d:\windows\system32\drivers\mrxsmb.sys

2008-10-22 14:29 --------- d-----w d:\documents and settings\All Users\Application Data\pdf995

2008-10-16 13:13 202,776 ----a-w d:\windows\system32\wuweb.dll

2008-10-16 13:13 1,809,944 ----a-w d:\windows\system32\wuaueng.dll

2008-10-16 13:12 561,688 ----a-w d:\windows\system32\wuapi.dll

2008-10-16 13:12 323,608 ----a-w d:\windows\system32\wucltui.dll

2008-10-16 13:09 92,696 ----a-w d:\windows\system32\cdm.dll

2008-10-16 13:09 51,224 ----a-w d:\windows\system32\wuauclt.exe

2008-10-16 13:09 43,544 ----a-w d:\windows\system32\wups2.dll

2008-10-16 13:08 34,328 ----a-w d:\windows\system32\wups.dll

2008-10-16 13:06 268,648 ----a-w d:\windows\system32\mucltui.dll

2008-10-16 13:06 208,744 ----a-w d:\windows\system32\muweb.dll

2008-10-05 17:33 --------- d-----w d:\program files\Trend Micro

2008-09-15 12:12 1,846,400 ----a-w d:\windows\system32\win32k.sys

2008-09-10 01:14 1,307,648 ----a-w d:\windows\system32\msxml6.dll

2008-09-04 17:15 1,106,944 ----a-w d:\windows\system32\msxml3.dll

2008-07-14 20:58 49,960 -c--a-w d:\documents and settings\Eivind\Application Data\GDIPFONTCACHEV1.DAT

2007-10-30 20:24 1,422 -c--a-w d:\documents and settings\Eivind\clean.reg

2007-01-01 19:30 98,304 -c--a-w d:\documents and settings\Eivind\mac.exe

2005-09-26 16:04 3,775,584 -c--a-w d:\program files\Clue 3.0.rar

2006-10-15 13:11 5 -csha-w d:\windows\system32\ccafbceeaee_g.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="d:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

"ctfmon.exe"="d:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"ccleaner"="d:\program files\CCleaner\ccleaner.exe" [2007-07-13 598656]

"SUPERAntiSpyware"="d:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-11-17 1805552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NeroCheck"="d:\windows\system32\NeroCheck.exe" [2002-09-11 155648]

"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2005-10-10 7286784]

"NvMediaCenter"="d:\windows\system32\NvMcTray.dll" [2005-10-10 86016]

"Norman ZANDA"="d:\program files\Norman\Npm\Bin\ZLH.EXE" [2008-06-02 277616]

"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"SunJavaUpdateSched"="d:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"Logitech Utility"="Logi_MwX.Exe" [2003-06-30 d:\windows\LOGI_MWX.EXE]

"nwiz"="nwiz.exe" [2005-10-10 d:\windows\system32\nwiz.exe]

"SoundMan"="SOUNDMAN.EXE" [2004-12-01 d:\windows\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="d:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "d:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2008-07-23 15:28 352256 d:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.VQJK"= DC31DEC.dll

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"d:\\Program Files\\Messenger\\msmsgs.exe"=

"d:\\Program Files\\mIRC\\mirc.exe"=

"d:\\Program Files\\MSN Messenger\\msrr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"d:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R0 NDIS_RD;Norman Firewall NDIS driver;d:\windows\system32\drivers\NDIS_RD.sys [2007-09-23 79752]

R1 NPROSEC;Norman Security driver;\??\d:\program files\Norman\Ngs\bin\nprosec.sys [2008-02-20 53816]

R1 SASDIFSV;SASDIFSV;\??\d:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-11-17 8944]

R1 SASKUTIL;SASKUTIL;\??\d:\program files\SUPERAntiSpyware\SASKUTIL.sys [2008-11-17 55024]

R1 TDI_RD;Norman Firewall TDI driver;\??\d:\windows\system32\drivers\tdi_rd.sys [2007-09-23 74624]

R2 Ndiskio;Ndiskio;\??\d:\program files\Norman\Nse\bin\NDISKIO.SYS [2007-09-23 20448]

R2 NPFSvc32;Norman Personal Firewall Service;"d:\program files\Norman\npf\bin\npfsvc32.exe" [2008-09-19 597104]

R2 NPROSECSVC;Norman Security service;"d:\program files\Norman\Ngs\bin\NPROSEC.EXE" [2008-02-20 121912]

R2 NVOY;Norman's Very Own supplY of resources;"d:\program files\Norman\npm\bin\nvoy.exe" [2008-02-20 121912]

R3 NvcMFlt;NvcMFlt;d:\windows\system32\DRIVERS\nvcw32mf.sys [2007-09-23 19512]

R3 nvcoas;Norman Virus Control on-access component;"d:\program files\Norman\Nvc\bin\nvcoas.exe" [2007-09-23 191544]

R3 NVCScheduler;Norman Virus Control Scheduler;"d:\program files\Norman\Npm\bin\NVCSCHED.EXE" [2008-02-20 154680]

R3 SASENUM;SASENUM;\??\d:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-11-17 7408]

R3 SMC1211;SMC EZ Card 10/100 PCI (SMC1211 Series) NT 5.0 Driver;d:\windows\system32\DRIVERS\SMC1211.SYS [2001-07-11 23153]

S2 MustekMA1908Driver;MustekMA1908Driver;\??\d:\windows\system32\drivers\ma1908.sys []

S3 KodakPPCAM;Kodak EZ200 DIGITAL CAMERA;d:\windows\system32\DRIVERS\DC31VID.sys []

S3 PA7333I;Kodak Webcam Explorer Bulk Mode Device;d:\windows\system32\DRIVERS\DC31Bulk.sys []

S3 SFC4;SFC4;d:\windows\system32\drivers\SFC4.sys []

.

Contents of the 'Scheduled Tasks' folder

2008-12-02 d:\windows\Tasks\Symantec NetDetect.job

- d:\program files\Symantec\LiveUpdate\NDETECT.EXE [2004-01-02 14:20]

.

.

------- Supplementary Scan -------

.

FireFox -: Profile - d:\documents and settings\Eivind\Application Data\Mozilla\Firefox\Profiles\e1nak0k4.default\

FireFox -: prefs.js - STARTUP.HOMEPAGE - www.startsiden.no

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-02 22:11:15

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(624)

d:\program files\SUPERAntiSpyware\SASWINLO.dll

.

------------------------ Other Running Processes ------------------------

.

d:\program files\Norman\Npm\Bin\elogsvc.exe

d:\program files\Norman\Npm\Bin\Zanda.exe

d:\program files\Logitech\MouseWare\system\EM_EXEC.EXE

d:\program files\Norman\npf\bin\npfuser.exe

d:\program files\Common Files\Microsoft Shared\VS7Debug\MDM.EXE

d:\windows\system32\nvsvc32.exe

d:\windows\system32\wdfmgr.exe

d:\windows\system32\searchindexer.exe

d:\program files\Canon\CAL\CALMAIN.exe

d:\program files\Norman\Npm\Bin\Njeeves.exe

d:\program files\Norman\NVC\bin\Nip.exe

d:\program files\Norman\NVC\bin\CClaw.exe

.

**************************************************************************

.

Completion time: 2008-12-02 22:15:49 - machine was rebooted

ComboFix-quarantined-files.txt 2008-12-02 21:15:44

ComboFix2.txt 2008-10-05 17:29:38

Pre-Run: 869 580 800 bytes free

Post-Run: 618,844,160 bytes free

162 --- E O F --- 2008-11-16 16:18:37

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:18:23, on 02.12.2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\csrss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\Program Files\Norman\Npm\bin\ELOGSVC.EXE

D:\Program Files\Norman\Ngs\bin\NPROSEC.EXE

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\Program Files\Norman\Npm\Bin\Zanda.exe

D:\Program Files\Norman\npm\bin\nvoy.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\svchost.exe

D:\Program Files\Norman\npf\bin\npfsvc32.exe

D:\WINDOWS\system32\spoolsv.exe

D:\WINDOWS\SOUNDMAN.EXE

D:\Program Files\Norman\Npm\Bin\ZLH.EXE

D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

D:\Program Files\Logitech\MouseWare\system\em_exec.exe

D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

D:\WINDOWS\system32\ctfmon.exe

D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

D:\Program Files\Norman\npf\bin\npfuser.exe

D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

D:\WINDOWS\system32\nvsvc32.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\wdfmgr.exe

D:\WINDOWS\system32\SearchIndexer.exe

D:\Program Files\Canon\CAL\CALMAIN.exe

D:\Program Files\Norman\Npm\bin\NVCSCHED.EXE

D:\Program Files\Norman\Npm\bin\NJEEVES.EXE

D:\WINDOWS\System32\alg.exe

D:\Program Files\Norman\Nvc\bin\nvcoas.exe

D:\Program Files\Norman\Nvc\Bin\Nip.exe

D:\Program Files\Norman\Nvc\Bin\cclaw.exe

D:\WINDOWS\explorer.exe

D:\WINDOWS\system32\SearchProtocolHost.exe

D:\WINDOWS\system32\SearchFilterHost.exe

D:\Program Files\Windows Live\Messenger\usnsvc.exe

D:\Program Files\Internet Explorer\IEXPLORE.EXE

D:\Program Files\Opera\opera.exe

D:\Program Files\Trend Micro\HijackThis\TestThis.exe

D:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" D:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install

O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Norman ZANDA] "D:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [ccleaner] "D:\Program Files\CCleaner\ccleaner.exe" /AUTO

O4 - HKCU\..\Run: [sUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: E&xport to Microsoft Excel - d:\program files\microsoft office\office10\excel.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} - http://quickfix2.chello.no/quickfix2/asp/chelloInstall.CAB

O16 - DPF: {274967E8-7BE3-4195-B719-CFE8878B2E39} - http://web01.ifi.fi/Webupload/ActiveX/FotolaboUploader.cab

O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} - http://post.stud.his.no/iNotes6.cab

O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - http://ax.emsisoft.com/asquared.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} - http://quickfix2.chello.no/quickfix2/asp/LaunchApp.CAB

O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -

O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://nettbank.fokus.no/html/activex/e-Sa...K/e-Safekey.cab

O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp09.photoprintit.de/microsite/502...geUploader3.cab

O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - D:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - D:\Program Files\Norman\Npm\bin\ELOGSVC.EXE

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Norman NJeeves - Norman ASA - D:\Program Files\Norman\Npm\bin\NJEEVES.EXE

O23 - Service: Norman ZANDA - Norman ASA - D:\Program Files\Norman\Npm\Bin\Zanda.exe

O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - D:\Program Files\Norman\npf\bin\npfsvc32.exe

O23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - D:\Program Files\Norman\Ngs\bin\NPROSEC.EXE

O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - D:\Program Files\Norman\Nvc\bin\nvcoas.exe

O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - D:\Program Files\Norman\Npm\bin\NVCSCHED.EXE

O23 - Service: Norman's Very Own supplY of resources (NVOY) - Norman ASA - D:\Program Files\Norman\npm\bin\nvoy.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe

--

End of file - 7525 bytes

norbat

norbat

Skrevet 2. desember 2008

Skrevet 2. desember 2008

Ser ikke noe malware i loggene.

Har det vært slik lenge?

Kom det etter noen oppdateringer etc?

(Du kunne kanskje ha forsøkt og kjørt en systemgjenoppretting til før dette oppsto)

eivindhetalnd

eivindhetalnd

Skrevet 3. desember 2008

Forfatter

Skrevet 3. desember 2008

Det har vært slik en stund nå ja, men synes det har blitt værre de siste ukene. Mulig det har vært noen windows eller sikkerhetsprogram oppdateringer.

For ca 1 mnd kjøpte jeg også ekstra minne

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå

Gå til emneliste

Hvem er aktive 0 medlemmer
- Ingen innloggede medlemmer aktive

×

×

Opprett ny...