Gulliksen Skrevet 1. mars 2008 Rapporter Del Skrevet 1. mars 2008 (endret) Hei, PC-en min har blitt fryktelig treig i det siste. Legger ut SAS, combofix og hijackthis loggene. Kunne noen sett over om det er noe som er feil ? På forhånd takk smile.gif SAS: SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 03/01/2008 at 12:35 PM Application Version : 4.0.1152 Core Rules Database Version : 3412 Trace Rules Database Version: 1404 Scan type : Complete Scan Total Scan Time : 00:51:19 Memory items scanned : 470 Memory threats detected : 0 Registry items scanned : 6020 Registry threats detected : 0 File items scanned : 16581 File threats detected : 0 Combofix: ComboFix 08-03-01 - Daniel Gulliksen 2008-03-01 12:36:50.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1044.18.376 [GMT 1:00] Running from: C:\Documents and Settings\Daniel Gulliksen\Skrivebord\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-02-01 to 2008-03-01 ))))))))))))))))))))))))))))))) . 2008-03-01 01:04 . 2008-03-01 01:04 <DIR> dr-h----- C:\Documents and Settings\Daniel Gulliksen\Siste 2008-03-01 00:48 . 2008-03-01 00:48 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com 2008-03-01 00:47 . 2008-03-01 00:47 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware 2008-03-01 00:47 . 2008-03-01 00:47 <DIR> d-------- C:\Documents and Settings\Daniel Gulliksen\Programdata\SUPERAntiSpyware.com 2008-03-01 00:46 . 2008-03-01 00:46 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard 2008-03-01 00:45 . 2008-03-01 00:45 <DIR> d-------- C:\Programfiler\CCleaner 2008-03-01 00:35 . 2008-03-01 00:35 <DIR> d-------- C:\Sandbox 2008-03-01 00:35 . 2008-03-01 00:55 1,560 --a------ C:\WINDOWS\Sandboxie.ini 2008-03-01 00:34 . 2008-03-01 00:34 <DIR> d-------- C:\Programfiler\Sandboxie 2008-02-29 18:03 . 2008-02-29 18:03 <DIR> d-------- C:\Programfiler\Opera 2008-02-27 23:17 . 2008-02-27 23:17 <DIR> d-------- C:\Programfiler\Network Stumbler 2008-02-26 01:11 . 2008-02-26 09:57 664 --a------ C:\WINDOWS\system32\d3d9caps.dat 2008-02-24 12:53 . 2008-02-24 12:59 <DIR> d-------- C:\Programfiler\Daily Planner Plus 6.0 2008-02-24 00:35 . 2008-02-24 00:35 <DIR> d-------- C:\Documents and Settings\LocalService\Programdata\AVG7 2008-02-24 00:35 . 2008-03-01 11:31 <DIR> d-------- C:\Documents and Settings\Daniel Gulliksen\Programdata\AVG7 2008-02-24 00:35 . 2008-02-24 00:35 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Grisoft 2008-02-24 00:35 . 2008-02-24 08:00 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\avg7 2008-02-24 00:35 . 2008-02-24 00:35 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll 2008-02-24 00:35 . 2008-02-24 00:35 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll 2008-02-24 00:33 . 2008-02-24 00:33 <DIR> d-------- C:\Documents and Settings\Daniel Gulliksen\Programdata\Desktop Calendar 2008-02-22 12:37 . 2008-02-22 12:37 <DIR> d-------- C:\Programfiler\JoshMadison 2008-02-21 15:41 . 2008-02-21 16:46 <DIR> d-------- C:\Documents and Settings\Daniel Gulliksen\Programdata\ImgBurn 2008-02-21 15:24 . 2008-02-21 15:24 <DIR> d-------- C:\Programfiler\ImgBurn 2008-02-20 21:39 . 2008-02-20 21:40 <DIR> d-------- C:\Programfiler\SopCast 2008-02-20 21:06 . 2008-02-20 21:06 <DIR> d-------- C:\Tvnett 2008-02-20 21:06 . 2008-02-20 21:06 <DIR> d-------- C:\Programfiler\x264 2008-02-20 21:06 . 2008-02-20 21:06 <DIR> d-------- C:\Program Files 2008-02-20 21:06 . 2008-02-20 21:06 579,602 --a------ C:\WINDOWS\system32\x264vfw.dll 2008-02-20 20:50 . 2008-02-20 20:50 <DIR> d-------- C:\Programfiler\Fellesfiler\NSV 2008-02-16 22:28 . 2008-02-16 22:33 <DIR> d-a------ C:\Documents and Settings\All Users\Programdata\TEMP 2008-02-16 22:28 . 2008-02-16 22:28 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\MumboJumbo 2008-02-16 22:27 . 2008-02-16 22:27 <DIR> d-------- C:\Programfiler\The Office 2008-02-16 22:27 . 2008-02-16 22:27 <DIR> d-------- C:\Documents and Settings\Daniel Gulliksen\Programdata\SpinTop 2008-02-14 14:03 . 2008-02-14 14:03 <DIR> d-------- C:\Programfiler\iTunes 2008-02-14 14:03 . 2008-02-14 14:03 <DIR> d-------- C:\Programfiler\iPod 2008-02-14 14:03 . 2008-03-01 11:31 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-02-14 14:03 . 2008-02-14 14:03 1,409 --a------ C:\WINDOWS\QTFont.for 2008-02-14 14:02 . 2008-02-14 14:02 <DIR> d-------- C:\Programfiler\QuickTime 2008-02-10 23:13 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-02-06 00:36 . 2008-02-06 00:36 <DIR> d-------- C:\WINDOWS\Downloaded Installations 2008-02-03 18:03 . 2008-02-29 17:58 <DIR> d-------- C:\Min mappe 2008-02-02 16:07 . 2005-03-22 13:58 60,085 --a------ C:\WINDOWS\system32\igfx.hlp 2008-02-01 16:27 . 2008-02-01 16:27 <DIR> d-------- C:\Programfiler\pTravelAlarm 2008-02-01 16:27 . 2003-07-12 19:35 231,936 --a------ C:\WINDOWS\epsuninst.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-29 16:43 27,928 ----a-w C:\WINDOWS\system32\drivers\INFCACHE.1 2008-02-28 17:15 --------- d-----w C:\Programfiler\Kostplanleggeren 2008-02-28 17:12 --------- d-----w C:\Programfiler\MSN Messenger 2008-02-28 17:03 --------- d-----w C:\Programfiler\Windows Live 2008-02-28 17:02 --------- dcsh--w C:\Programfiler\Fellesfiler\WindowsLiveInstaller 2008-02-28 17:02 --------- d-----w C:\Documents and Settings\All Users\Programdata\WLInstaller 2008-02-26 21:20 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\uTorrent 2008-02-24 20:05 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\dvdcss 2008-02-23 14:22 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\LimeWire 2008-02-19 17:10 --------- d-----w C:\Programfiler\Microsoft.NET 2008-02-19 14:39 --------- d-----w C:\Documents and Settings\All Users\Programdata\Microsoft Help 2008-02-10 22:13 --------- d-----w C:\Programfiler\Java 2008-02-02 09:31 --------- d-----w C:\Programfiler\uTorrent 2008-02-01 14:34 --------- d-----w C:\Programfiler\Microsoft ActiveSync 2008-01-28 10:15 --------- d-----w C:\Programfiler\Synaptics 2008-01-27 15:14 90,786 ----a-w C:\WINDOWS\wubi-uninstall.exe 2008-01-20 15:32 --------- d-----w C:\Programfiler\Fellesfiler\Adobe 2008-01-14 14:54 --------- d-----w C:\Programfiler\DietPower 4.0 2008-01-14 13:45 --------- d-----w C:\Documents and Settings\All Users\Programdata\{152C45C0-1455-47B6-B5A4-73CC4F988D86} 2008-01-14 13:33 --------- d-----w C:\Programfiler\MPD 2008-01-10 22:30 --------- d-----w C:\Programfiler\Octoshape Streaming Services 2008-01-10 20:45 --------- d-----w C:\Documents and Settings\All Users\Programdata\FLEXnet 2008-01-10 20:39 --------- d-----w C:\Programfiler\Bonjour 2008-01-10 20:30 --------- d-----w C:\Programfiler\Fellesfiler\Macrovision Shared 2008-01-10 16:56 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\TVA 2008-01-10 16:53 --------- d-----w C:\Programfiler\LCHSoft Inc 2008-01-10 14:37 --------- d-----w C:\Programfiler\DAEMON Tools Lite 2008-01-10 14:37 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\DAEMON Tools 2008-01-10 14:33 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-01-09 18:22 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\Apple Computer 2008-01-09 18:22 --------- d-----w C:\Documents and Settings\All Users\Programdata\Apple Computer 2008-01-09 18:21 --------- d-----w C:\Programfiler\Fellesfiler\Apple 2008-01-09 18:21 --------- d-----w C:\Programfiler\Apple Software Update 2008-01-09 18:21 --------- d-----w C:\Documents and Settings\All Users\Programdata\Apple 2008-01-09 11:28 --------- d-----w C:\Programfiler\epson 2008-01-07 23:50 --------- d-----w C:\Programfiler\LimeWire 2008-01-07 21:01 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\Winamp 2008-01-07 20:59 --------- d-----w C:\Programfiler\Winamp 2008-01-07 08:04 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-01-07 08:04 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf 2008-01-07 08:04 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\Logitech 2008-01-07 08:04 --------- d-----w C:\Documents and Settings\All Users\Programdata\LogiShrd 2008-01-07 08:03 --------- d--h--w C:\Programfiler\InstallShield Installation Information 2008-01-07 08:03 --------- d-----w C:\Programfiler\Logitech 2008-01-07 08:03 --------- d-----w C:\Programfiler\Fellesfiler\Logishrd 2008-01-07 08:03 --------- d-----w C:\Documents and Settings\All Users\Programdata\Logitech 2008-01-07 08:02 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\InstallShield 2008-01-06 21:33 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\Media Player Classic 2008-01-06 21:32 --------- d-----w C:\Programfiler\Real Alternative 2008-01-06 21:27 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\vlc 2008-01-06 21:19 --------- d-----w C:\Programfiler\Combined Community Codec Pack 2008-01-06 21:17 --------- d-----w C:\Programfiler\VideoLAN 2008-01-06 20:53 --------- d-----w C:\Programfiler\MSXML 4.0 2008-01-06 20:25 --------- d-----w C:\Programfiler\MSBuild 2008-01-06 20:25 --------- d-----w C:\Programfiler\Microsoft Works 2008-01-06 19:44 --------- d-----w C:\Programfiler\Fellesfiler\Nero 2008-01-06 19:44 --------- d-----w C:\Documents and Settings\Daniel Gulliksen\Programdata\Nero 2008-01-06 19:42 --------- d-----w C:\Programfiler\Nero 2008-01-06 19:42 --------- d-----w C:\Documents and Settings\All Users\Programdata\Nero 2008-01-06 19:15 --------- d-----w C:\Programfiler\Intel 2008-01-06 19:10 --------- d-----w C:\Programfiler\Fellesfiler\InstallShield 2008-01-06 19:10 --------- d-----w C:\Programfiler\Analog Devices 2008-01-06 18:53 9,388 ----a-w C:\WINDOWS\system32\drivers\iaStor.PNF 2008-01-06 18:53 7,280 ----a-w C:\WINDOWS\system32\drivers\viamraid.PNF 2008-01-06 18:53 63,240 ----a-w C:\WINDOWS\system32\drivers\Si3112r.PNF 2008-01-06 18:53 6,984 ----a-w C:\WINDOWS\system32\drivers\SiSRaid.PNF 2008-01-06 18:53 12,432 ----a-w C:\WINDOWS\system32\drivers\adpu320.PNF 2008-01-06 18:53 12,204 ----a-w C:\WINDOWS\system32\drivers\nvraid.PNF 2008-01-06 18:26 10,828 ----a-w C:\WINDOWS\system32\drivers\iaAHCI.PNF 2008-01-06 18:22 --------- d-----w C:\Programfiler\microsoft frontpage 2008-01-06 18:20 --------- d-----w C:\Programfiler\Fellesfiler\Java 2008-01-06 18:16 --------- d-----w C:\Programfiler\Elektroniske tjenester 2008-01-06 18:15 --------- d-----w C:\Programfiler\Fellesfiler\Tjenester 2007-12-07 02:17 824,832 ----a-w C:\WINDOWS\system32\wininet.dll 2007-12-04 18:42 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 13:00 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programfiler\Fellesfiler\Nero\Lib\NMBgMonitor.exe" [2007-10-23 14:18 202024] "H/PC Connection Agent"="C:\Programfiler\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 17:56 1289000] "DAEMON Tools Lite"="C:\Programfiler\DAEMON Tools Lite\daemon.exe" [2008-01-03 14:54 486856] "SandboxieControl"="C:\Programfiler\Sandboxie\SbieCtrl.exe" [2008-01-13 12:53 370688] "SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-28 14:23 1481968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Snarvei til egenskapsside for High Definition Audio"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-03-22 13:57 155648] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-03-22 13:53 126976] "NeroFilterCheck"="C:\Programfiler\Fellesfiler\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136] "NBKeyScan"="C:\Programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 08:51 1836328] "GrooveMonitor"="C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 03:10 55824 C:\WINDOWS\KHALMNPR.Exe] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 13:00 110592 C:\WINDOWS\system32\bthprops.cpl] "Adobe Reader Speed Launcher"="C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792] "EPSON Stylus DX4200 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.exe" [2005-08-16 18:01 98304] "SynTPLpr"="C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe" [2004-10-05 16:25 98394] "SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [2004-10-05 16:24 688218] "QuickTime Task"="C:\Programfiler\QuickTime\QTTask.exe" [2008-01-31 23:13 385024] "iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2008-02-04 14:18 267048] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-02-24 00:35 579072] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 13:00 15360] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-24 00:35 219136] C:\Documents and Settings\Daniel Gulliksen\Start-meny\Programmer\Oppstart\ OneNote 2007 Screen Clipper og Launcher.lnk - C:\Programfiler\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54 98632] C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ Logitech SetPoint.lnk - C:\Programfiler\Logitech\SetPoint\SetPoint.exe [2008-01-07 09:03:20 784912] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] c:\programfiler\fellesfiler\logishrd\bluetooth\LBTWlgn.dll 2007-11-15 10:10 72208 c:\Programfiler\Fellesfiler\Logishrd\Bluetooth\LBTWLgn.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programfiler\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Programfiler\\Microsoft Office\\Office12\\GROOVE.EXE"= "C:\\Programfiler\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Programfiler\\uTorrent\\uTorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\Programfiler\Microsoft ActiveSync\rapimgr.exe"= C:\Programfiler\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Programfiler\Microsoft ActiveSync\wcescomm.exe"= C:\Programfiler\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "C:\Programfiler\Microsoft ActiveSync\WCESMgr.exe"= C:\Programfiler\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Programfiler\\Bonjour\\mDNSResponder.exe"= "C:\\Programfiler\\Octoshape Streaming Services\\Daniel Gulliksen\\OctoshapeClient.exe"= "C:\\Programfiler\\LimeWire\\LimeWire.exe"= "C:\\Programfiler\\iTunes\\iTunes.exe"= "C:\\Programfiler\\SopCast\\adv\\SopAdver.exe"= "C:\\Programfiler\\SopCast\\SopCast.exe"= "C:\\Programfiler\\Grisoft\\AVG7\\avginet.exe"= "C:\\Programfiler\\Grisoft\\AVG7\\avgamsvr.exe"= "C:\\Programfiler\\Grisoft\\AVG7\\avgcc.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R3 SbieDrv;SbieDrv;C:\Programfiler\Sandboxie\SbieDrv.sys [2008-01-13 12:53] S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\NSNDIS5.SYS [2004-03-24 03:12] S3 USBAAPL;Apple Mobile USB Driver;C:\WINDOWS\system32\Drivers\usbaapl.sys [2007-10-31 14:09] . Contents of the 'Scheduled Tasks' folder "2008-02-28 12:57:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Programfiler\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-01 12:40:15 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-03-01 12:41:02 . 2008-02-14 10:15:42 --- E O F --- Hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:44:18, on 01.03.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Programfiler\Bonjour\mDNSResponder.exe C:\Programfiler\Nero\Nero8\Nero BackItUp\NBService.exe C:\Programfiler\Sandboxie\SbieSvc.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Fellesfiler\Nero\Lib\NMBgMonitor.exe C:\Programfiler\Microsoft ActiveSync\wcescomm.exe C:\Programfiler\DAEMON Tools Lite\daemon.exe C:\Programfiler\Sandboxie\SbieCtrl.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Fellesfiler\Nero\Lib\NMIndexingService.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Programfiler\Fellesfiler\Nero\Lib\NMIndexStoreSvr.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\Programfiler\Fellesfiler\Logishrd\KHAL2\KHALMNPR.EXE C:\Programfiler\iPod\bin\iPodService.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Programfiler\Windows Live\Messenger\msnmsgr.exe C:\Programfiler\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\explorer.exe C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [snarvei til egenskapsside for High Definition Audio] HDAShCut.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200" O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programfiler\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programfiler\DAEMON Tools Lite\daemon.exe" O4 - HKCU\..\Run: [sandboxieControl] "C:\Programfiler\Sandboxie\SbieCtrl.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper og Launcher.lnk = C:\Programfiler\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Opprett mobil favoritt... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Programfiler/The%20Office/Images/stg_drm.ocx O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1199651790034 O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Programfiler/The%20Office/Images/armhelper.ocx O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programfiler\Fellesfiler\Logishrd\Bluetooth\LBTServ.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programfiler\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programfiler\Fellesfiler\Nero\Lib\NMIndexingService.exe O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Programfiler\Sandboxie\SbieSvc.exe -- End of file - 9534 bytes Endret 1. mars 2008 av Gulliksen Lenke til kommentar
norbat Skrevet 1. mars 2008 Rapporter Del Skrevet 1. mars 2008 Ja, straks loggene blir lagt ut, så vil noen se på de Lenke til kommentar
Gulliksen Skrevet 1. mars 2008 Forfatter Rapporter Del Skrevet 1. mars 2008 Ja, straks loggene blir lagt ut, så vil noen se på de Da loggene lagt ut Lenke til kommentar
norbat Skrevet 1. mars 2008 Rapporter Del Skrevet 1. mars 2008 Kan ikke se noe som tyder på malware. Ble PC-en plutselig treg eller er det noe som gradvis har skjedd? En generell opprydding kan kanskje hjelpe litt: 1. Fjern programmer du ikke bruker 2. Kjør en rens med f.eks. CCleaner: Last ned CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. 3. Sjekk om PC-en trenger en diskdefragmentering: Tilbehør->systemverktøy->diskdefragmentering. 4. Fjern program fra oppstarten som ikke behøver å starte sammenen med Windows: Start->Kjør, skriv: msconfig. Under fanearket Oppstart, kan du avmerke prosesser du ikke behøver å la starte sammtidig med Windows. Lenke til kommentar
Gulliksen Skrevet 1. mars 2008 Forfatter Rapporter Del Skrevet 1. mars 2008 Den ble plutselig treg i går.. Men jeg skjønner nå at det er større problemer her.. Nå starter den bare opp på 3-4 forsøket.. Holder inne power knappen, men skjermen er fortsatt svart, kun "power lyset" er på.. (dette er en laptop). Legger opp et par bilder av prosessene som kjører og cpu bruken. Som forøvrig er på 100% !!!! Lenke til kommentar
norbat Skrevet 1. mars 2008 Rapporter Del Skrevet 1. mars 2008 Du kunne ha kjørt en systemgjenoppretting til før denne tregheten oppsto. Om dette heller ikke hjelper, så må det nok mer feilsøking til. Lenke til kommentar
Gulliksen Skrevet 1. mars 2008 Forfatter Rapporter Del Skrevet 1. mars 2008 Feilen var hardware relatert så tråden kan stenges. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå