Gå til innhold

PC-en oppfører seg som en steinaldermaskin!


Anbefalte innlegg

Hei,

 

PC-en min har blitt fryktelig treig i det siste. Legger ut SAS, combofix og hijackthis loggene. Kunne noen sett over om det er noe som er feil ?

 

På forhånd takk smile.gif

SAS:

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

 

Generated 03/01/2008 at 12:35 PM

 

Application Version : 4.0.1152

 

Core Rules Database Version : 3412

Trace Rules Database Version: 1404

 

Scan type : Complete Scan

Total Scan Time : 00:51:19

 

Memory items scanned : 470

Memory threats detected : 0

Registry items scanned : 6020

Registry threats detected : 0

File items scanned : 16581

File threats detected : 0

 

Combofix:

ComboFix 08-03-01 - Daniel Gulliksen 2008-03-01 12:36:50.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1044.18.376 [GMT 1:00]

Running from: C:\Documents and Settings\Daniel Gulliksen\Skrivebord\ComboFix.exe

* Created a new restore point

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

 

((((((((((((((((((((((((( Files Created from 2008-02-01 to 2008-03-01 )))))))))))))))))))))))))))))))

.

 

2008-03-01 01:04 . 2008-03-01 01:04 <DIR> dr-h----- C:\Documents and Settings\Daniel Gulliksen\Siste

2008-03-01 00:48 . 2008-03-01 00:48 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com

2008-03-01 00:47 . 2008-03-01 00:47 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware

2008-03-01 00:47 . 2008-03-01 00:47 <DIR> d-------- C:\Documents and Settings\Daniel Gulliksen\Programdata\SUPERAntiSpyware.com

2008-03-01 00:46 . 2008-03-01 00:46 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard

2008-03-01 00:45 . 2008-03-01 00:45 <DIR> d-------- C:\Programfiler\CCleaner

2008-03-01 00:35 . 2008-03-01 00:35 <DIR> d-------- C:\Sandbox

2008-03-01 00:35 . 2008-03-01 00:55 1,560 --a------ C:\WINDOWS\Sandboxie.ini

2008-03-01 00:34 . 2008-03-01 00:34 <DIR> d-------- C:\Programfiler\Sandboxie

2008-02-29 18:03 . 2008-02-29 18:03 <DIR> d-------- C:\Programfiler\Opera

2008-02-27 23:17 . 2008-02-27 23:17 <DIR> d-------- C:\Programfiler\Network Stumbler

2008-02-26 01:11 . 2008-02-26 09:57 664 --a------ C:\WINDOWS\system32\d3d9caps.dat

2008-02-24 12:53 . 2008-02-24 12:59 <DIR> d-------- C:\Programfiler\Daily Planner Plus 6.0

2008-02-24 00:35 . 2008-02-24 00:35 <DIR> d-------- C:\Documents and Settings\LocalService\Programdata\AVG7

2008-02-24 00:35 . 2008-03-01 11:31 <DIR> d-------- C:\Documents and Settings\Daniel Gulliksen\Programdata\AVG7

2008-02-24 00:35 . 2008-02-24 00:35 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Grisoft

2008-02-24 00:35 . 2008-02-24 08:00 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\avg7

2008-02-24 00:35 . 2008-02-24 00:35 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll

2008-02-24 00:35 . 2008-02-24 00:35 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll

2008-02-24 00:33 . 2008-02-24 00:33 <DIR> d-------- C:\Documents and Settings\Daniel Gulliksen\Programdata\Desktop Calendar

2008-02-22 12:37 . 2008-02-22 12:37 <DIR> d-------- C:\Programfiler\JoshMadison

2008-02-21 15:41 . 2008-02-21 16:46 <DIR> d-------- C:\Documents and Settings\Daniel Gulliksen\Programdata\ImgBurn

2008-02-21 15:24 . 2008-02-21 15:24 <DIR> d-------- C:\Programfiler\ImgBurn

2008-02-20 21:39 . 2008-02-20 21:40 <DIR> d-------- C:\Programfiler\SopCast

2008-02-20 21:06 . 2008-02-20 21:06 <DIR> d-------- C:\Tvnett

2008-02-20 21:06 . 2008-02-20 21:06 <DIR> d-------- C:\Programfiler\x264

2008-02-20 21:06 . 2008-02-20 21:06 <DIR> d-------- C:\Program Files

2008-02-20 21:06 . 2008-02-20 21:06 579,602 --a------ C:\WINDOWS\system32\x264vfw.dll

2008-02-20 20:50 . 2008-02-20 20:50 <DIR> d-------- C:\Programfiler\Fellesfiler\NSV

2008-02-16 22:28 . 2008-02-16 22:33 <DIR> d-a------ C:\Documents and Settings\All Users\Programdata\TEMP

2008-02-16 22:28 . 2008-02-16 22:28 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\MumboJumbo

2008-02-16 22:27 . 2008-02-16 22:27 <DIR> d-------- C:\Programfiler\The Office

2008-02-16 22:27 . 2008-02-16 22:27 <DIR> d-------- C:\Documents and Settings\Daniel Gulliksen\Programdata\SpinTop

2008-02-14 14:03 . 2008-02-14 14:03 <DIR> d-------- C:\Programfiler\iTunes

2008-02-14 14:03 . 2008-02-14 14:03 <DIR> d-------- C:\Programfiler\iPod

2008-02-14 14:03 . 2008-03-01 11:31 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-02-14 14:03 . 2008-02-14 14:03 1,409 --a------ C:\WINDOWS\QTFont.for

2008-02-14 14:02 . 2008-02-14 14:02 <DIR> d-------- C:\Programfiler\QuickTime

2008-02-10 23:13 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl

2008-02-06 00:36 . 2008-02-06 00:36 <DIR> d-------- C:\WINDOWS\Downloaded Installations

2008-02-03 18:03 . 2008-02-29 17:58 <DIR> d-------- C:\Min mappe

2008-02-02 16:07 . 2005-03-22 13:58 60,085 --a------ C:\WINDOWS\system32\igfx.hlp

2008-02-01 16:27 . 2008-02-01 16:27 <DIR> d-------- C:\Programfiler\pTravelAlarm

2008-02-01 16:27 . 2003-07-12 19:35 231,936 --a------ C:\WINDOWS\epsuninst.exe

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-02-29 16:43 27,928 ----a-w C:\WINDOWS\system32\drivers\INFCACHE.1

2008-02-28 17:15 --------- d-----w C:\Programfiler\Kostplanleggeren

2008-02-28 17:12 --------- d-----w C:\Programfiler\MSN Messenger

2008-02-28 17:03 --------- d-----w C:\Programfiler\Windows Live

2008-02-28 17:02 --------- dcsh--w C:\Programfiler\Fellesfiler\WindowsLiveInstaller

2008-02-28 17:02 --------- d-----w C:\Documents and Settings\All Users\Programdata\WLInstaller

2008-02-26 21:20 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\uTorrent

2008-02-24 20:05 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\dvdcss

2008-02-23 14:22 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\LimeWire

2008-02-19 17:10 --------- d-----w C:\Programfiler\Microsoft.NET

2008-02-19 14:39 --------- d-----w C:\Documents and Settings\All Users\Programdata\Microsoft Help

2008-02-10 22:13 --------- d-----w C:\Programfiler\Java

2008-02-02 09:31 --------- d-----w C:\Programfiler\uTorrent

2008-02-01 14:34 --------- d-----w C:\Programfiler\Microsoft ActiveSync

2008-01-28 10:15 --------- d-----w C:\Programfiler\Synaptics

2008-01-27 15:14 90,786 ----a-w C:\WINDOWS\wubi-uninstall.exe

2008-01-20 15:32 --------- d-----w C:\Programfiler\Fellesfiler\Adobe

2008-01-14 14:54 --------- d-----w C:\Programfiler\DietPower 4.0

2008-01-14 13:45 --------- d-----w C:\Documents and Settings\All Users\Programdata\{152C45C0-1455-47B6-B5A4-73CC4F988D86}

2008-01-14 13:33 --------- d-----w C:\Programfiler\MPD

2008-01-10 22:30 --------- d-----w C:\Programfiler\Octoshape Streaming Services

2008-01-10 20:45 --------- d-----w C:\Documents and Settings\All Users\Programdata\FLEXnet

2008-01-10 20:39 --------- d-----w C:\Programfiler\Bonjour

2008-01-10 20:30 --------- d-----w C:\Programfiler\Fellesfiler\Macrovision Shared

2008-01-10 16:56 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\TVA

2008-01-10 16:53 --------- d-----w C:\Programfiler\LCHSoft Inc

2008-01-10 14:37 --------- d-----w C:\Programfiler\DAEMON Tools Lite

2008-01-10 14:37 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\DAEMON Tools

2008-01-10 14:33 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys

2008-01-09 18:22 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\Apple Computer

2008-01-09 18:22 --------- d-----w C:\Documents and Settings\All Users\Programdata\Apple Computer

2008-01-09 18:21 --------- d-----w C:\Programfiler\Fellesfiler\Apple

2008-01-09 18:21 --------- d-----w C:\Programfiler\Apple Software Update

2008-01-09 18:21 --------- d-----w C:\Documents and Settings\All Users\Programdata\Apple

2008-01-09 11:28 --------- d-----w C:\Programfiler\epson

2008-01-07 23:50 --------- d-----w C:\Programfiler\LimeWire

2008-01-07 21:01 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\Winamp

2008-01-07 20:59 --------- d-----w C:\Programfiler\Winamp

2008-01-07 08:04 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf

2008-01-07 08:04 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf

2008-01-07 08:04 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\Logitech

2008-01-07 08:04 --------- d-----w C:\Documents and Settings\All Users\Programdata\LogiShrd

2008-01-07 08:03 --------- d--h--w C:\Programfiler\InstallShield Installation Information

2008-01-07 08:03 --------- d-----w C:\Programfiler\Logitech

2008-01-07 08:03 --------- d-----w C:\Programfiler\Fellesfiler\Logishrd

2008-01-07 08:03 --------- d-----w C:\Documents and Settings\All Users\Programdata\Logitech

2008-01-07 08:02 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\InstallShield

2008-01-06 21:33 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\Media Player Classic

2008-01-06 21:32 --------- d-----w C:\Programfiler\Real Alternative

2008-01-06 21:27 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\vlc

2008-01-06 21:19 --------- d-----w C:\Programfiler\Combined Community Codec Pack

2008-01-06 21:17 --------- d-----w C:\Programfiler\VideoLAN

2008-01-06 20:53 --------- d-----w C:\Programfiler\MSXML 4.0

2008-01-06 20:25 --------- d-----w C:\Programfiler\MSBuild

2008-01-06 20:25 --------- d-----w C:\Programfiler\Microsoft Works

2008-01-06 19:44 --------- d-----w C:\Programfiler\Fellesfiler\Nero

2008-01-06 19:44 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\Nero

2008-01-06 19:42 --------- d-----w C:\Programfiler\Nero

2008-01-06 19:42 --------- d-----w C:\Documents and Settings\All Users\Programdata\Nero

2008-01-06 19:15 --------- d-----w C:\Programfiler\Intel

2008-01-06 19:10 --------- d-----w C:\Programfiler\Fellesfiler\InstallShield

2008-01-06 19:10 --------- d-----w C:\Programfiler\Analog Devices

2008-01-06 18:53 9,388 ----a-w C:\WINDOWS\system32\drivers\iaStor.PNF

2008-01-06 18:53 7,280 ----a-w C:\WINDOWS\system32\drivers\viamraid.PNF

2008-01-06 18:53 63,240 ----a-w C:\WINDOWS\system32\drivers\Si3112r.PNF

2008-01-06 18:53 6,984 ----a-w C:\WINDOWS\system32\drivers\SiSRaid.PNF

2008-01-06 18:53 12,432 ----a-w C:\WINDOWS\system32\drivers\adpu320.PNF

2008-01-06 18:53 12,204 ----a-w C:\WINDOWS\system32\drivers\nvraid.PNF

2008-01-06 18:26 10,828 ----a-w C:\WINDOWS\system32\drivers\iaAHCI.PNF

2008-01-06 18:22 --------- d-----w C:\Programfiler\microsoft frontpage

2008-01-06 18:20 --------- d-----w C:\Programfiler\Fellesfiler\Java

2008-01-06 18:16 --------- d-----w C:\Programfiler\Elektroniske tjenester

2008-01-06 18:15 --------- d-----w C:\Programfiler\Fellesfiler\Tjenester

2007-12-07 02:17 824,832 ----a-w C:\WINDOWS\system32\wininet.dll

2007-12-04 18:42 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 13:00 15360]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programfiler\Fellesfiler\Nero\Lib\NMBgMonitor.exe" [2007-10-23 14:18 202024]

"H/PC Connection Agent"="C:\Programfiler\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 17:56 1289000]

"DAEMON Tools Lite"="C:\Programfiler\DAEMON Tools Lite\daemon.exe" [2008-01-03 14:54 486856]

"SandboxieControl"="C:\Programfiler\Sandboxie\SbieCtrl.exe" [2008-01-13 12:53 370688]

"SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-28 14:23 1481968]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Snarvei til egenskapsside for High Definition Audio"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]

"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-03-22 13:57 155648]

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-03-22 13:53 126976]

"NeroFilterCheck"="C:\Programfiler\Fellesfiler\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]

"NBKeyScan"="C:\Programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 08:51 1836328]

"GrooveMonitor"="C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 03:10 55824 C:\WINDOWS\KHALMNPR.Exe]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 13:00 110592 C:\WINDOWS\system32\bthprops.cpl]

"Adobe Reader Speed Launcher"="C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]

"EPSON Stylus DX4200 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.exe" [2005-08-16 18:01 98304]

"SynTPLpr"="C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe" [2004-10-05 16:25 98394]

"SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [2004-10-05 16:24 688218]

"QuickTime Task"="C:\Programfiler\QuickTime\QTTask.exe" [2008-01-31 23:13 385024]

"iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2008-02-04 14:18 267048]

"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-02-24 00:35 579072]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 13:00 15360]

"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-24 00:35 219136]

 

C:\Documents and Settings\Daniel Gulliksen\Start-meny\Programmer\Oppstart\

OneNote 2007 Screen Clipper og Launcher.lnk - C:\Programfiler\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54 98632]

 

C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\

Logitech SetPoint.lnk - C:\Programfiler\Logitech\SetPoint\SetPoint.exe [2008-01-07 09:03:20 784912]

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

c:\programfiler\fellesfiler\logishrd\bluetooth\LBTWlgn.dll 2007-11-15 10:10 72208 c:\Programfiler\Fellesfiler\Logishrd\Bluetooth\LBTWLgn.dll

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Programfiler\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"C:\\Programfiler\\Microsoft Office\\Office12\\GROOVE.EXE"=

"C:\\Programfiler\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"C:\\Programfiler\\uTorrent\\uTorrent.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\Programfiler\Microsoft ActiveSync\rapimgr.exe"= C:\Programfiler\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"C:\Programfiler\Microsoft ActiveSync\wcescomm.exe"= C:\Programfiler\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"C:\Programfiler\Microsoft ActiveSync\WCESMgr.exe"= C:\Programfiler\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"C:\\Programfiler\\Bonjour\\mDNSResponder.exe"=

"C:\\Programfiler\\Octoshape Streaming Services\\Daniel Gulliksen\\OctoshapeClient.exe"=

"C:\\Programfiler\\LimeWire\\LimeWire.exe"=

"C:\\Programfiler\\iTunes\\iTunes.exe"=

"C:\\Programfiler\\SopCast\\adv\\SopAdver.exe"=

"C:\\Programfiler\\SopCast\\SopCast.exe"=

"C:\\Programfiler\\Grisoft\\AVG7\\avginet.exe"=

"C:\\Programfiler\\Grisoft\\AVG7\\avgamsvr.exe"=

"C:\\Programfiler\\Grisoft\\AVG7\\avgcc.exe"=

"C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

 

R3 SbieDrv;SbieDrv;C:\Programfiler\Sandboxie\SbieDrv.sys [2008-01-13 12:53]

S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\NSNDIS5.SYS [2004-03-24 03:12]

S3 USBAAPL;Apple Mobile USB Driver;C:\WINDOWS\system32\Drivers\usbaapl.sys [2007-10-31 14:09]

 

.

Contents of the 'Scheduled Tasks' folder

"2008-02-28 12:57:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Programfiler\Apple Software Update\SoftwareUpdate.exe

.

**************************************************************************

 

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-01 12:40:15

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

Completion time: 2008-03-01 12:41:02

.

2008-02-14 10:15:42 --- E O F ---

 

Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:44:18, on 01.03.2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\Programfiler\Bonjour\mDNSResponder.exe

C:\Programfiler\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Programfiler\Sandboxie\SbieSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE

C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe

C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

C:\Programfiler\iTunes\iTunesHelper.exe

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programfiler\Fellesfiler\Nero\Lib\NMBgMonitor.exe

C:\Programfiler\Microsoft ActiveSync\wcescomm.exe

C:\Programfiler\DAEMON Tools Lite\daemon.exe

C:\Programfiler\Sandboxie\SbieCtrl.exe

C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Programfiler\Fellesfiler\Nero\Lib\NMIndexingService.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Programfiler\Fellesfiler\Nero\Lib\NMIndexStoreSvr.exe

C:\Programfiler\Logitech\SetPoint\SetPoint.exe

C:\Programfiler\Fellesfiler\Logishrd\KHAL2\KHALMNPR.EXE

C:\Programfiler\iPod\bin\iPodService.exe

C:\Programfiler\Mozilla Firefox\firefox.exe

C:\Programfiler\Windows Live\Messenger\msnmsgr.exe

C:\Programfiler\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\explorer.exe

C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [snarvei til egenskapsside for High Definition Audio] HDAShCut.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NBKeyScan] "C:\Programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200"

O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Nero\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programfiler\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programfiler\DAEMON Tools Lite\daemon.exe"

O4 - HKCU\..\Run: [sandboxieControl] "C:\Programfiler\Sandboxie\SbieCtrl.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: OneNote 2007 Screen Clipper og Launcher.lnk = C:\Programfiler\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Opprett mobil favoritt... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Programfiler/The%20Office/Images/stg_drm.ocx

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1199651790034

O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Programfiler/The%20Office/Images/armhelper.ocx

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programfiler\Fellesfiler\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programfiler\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Programfiler\Fellesfiler\Nero\Lib\NMIndexingService.exe

O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Programfiler\Sandboxie\SbieSvc.exe

 

--

End of file - 9534 bytes

Endret av Gulliksen
Lenke til kommentar
Videoannonse
Annonse

Kan ikke se noe som tyder på malware. Ble PC-en plutselig treg eller er det noe som gradvis har skjedd?

 

En generell opprydding kan kanskje hjelpe litt:

 

1. Fjern programmer du ikke bruker

 

2. Kjør en rens med f.eks. CCleaner:

Last ned CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'.

 

3. Sjekk om PC-en trenger en diskdefragmentering: Tilbehør->systemverktøy->diskdefragmentering.

 

4. Fjern program fra oppstarten som ikke behøver å starte sammenen med Windows: Start->Kjør, skriv: msconfig. Under fanearket Oppstart, kan du avmerke prosesser du ikke behøver å la starte sammtidig med Windows.

Lenke til kommentar

Den ble plutselig treg i går..

 

Men jeg skjønner nå at det er større problemer her.. Nå starter den bare opp på 3-4 forsøket.. Holder inne power knappen, men skjermen er fortsatt svart, kun "power lyset" er på.. (dette er en laptop).

 

Legger opp et par bilder av prosessene som kjører og cpu bruken. Som forøvrig er på 100% !!!!

post-26942-1204379340_thumb.jpg

post-26942-1204379348_thumb.jpg

Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
×
×
  • Opprett ny...