tribal73 Skrevet 12. desember 2008 Del Skrevet 12. desember 2008 (endret) Hei, trenger en flink person til å sjekke loggene mine for uhumskheter. Har explorer heng veldig ofte og div program heng.. Er FORMATERING eneste løsning?? På forhånd takk for svar og hjelp.. Klikk for å se/fjerne innholdet nedenfor < ComboFix 08-12-11.06 - 2008-12-12 18:53:20.1 - NTFSx86Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1044.18.959 [GMT 1:00] Kjører fra: c:\users\\Desktop\Ny mappe\ComboFix.exe * Opprettet nytt gjenopprettingspunkt . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\Microsoft\Network\Downloader\qmgr0.dat c:\programdata\Microsoft\Network\Downloader\qmgr1.dat c:\windows\Downloaded Program Files\setup.inf ----- BITS: Mulige infiserte sider ----- hxxp://TribalServer:55000 . ((((((((((((((((((((((((((( Filer Opprettet Fra 2008-11-12 til 2008-12-12 ))))))))))))))))))))))))))))))))) . 2008-12-12 18:30 . 2008-12-12 18:30 <DIR> d-------- c:\users\tribal\AppData\Roaming\Malwarebytes 2008-12-12 18:30 . 2008-12-03 19:52 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2008-12-12 18:29 . 2008-12-12 18:29 <DIR> d-------- c:\users\All Users\Malwarebytes 2008-12-12 18:29 . 2008-12-12 18:29 <DIR> d-------- c:\programdata\Malwarebytes 2008-12-12 18:29 . 2008-12-12 18:30 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-12 18:29 . 2008-12-03 19:52 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2008-12-09 21:51 . 2008-12-09 21:50 410,984 --a------ c:\windows\System32\deploytk.dll 2008-12-09 21:32 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll 2008-12-09 21:16 . 2008-10-21 06:25 296,960 --a------ c:\windows\System32\gdi32.dll 2008-12-09 21:15 . 2008-11-01 02:21 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll 2008-12-09 21:15 . 2008-10-29 07:29 2,927,104 --a------ c:\windows\explorer.exe 2008-12-09 21:15 . 2008-06-23 02:59 2,868,736 --a------ c:\windows\System32\mf.dll 2008-12-09 21:15 . 2008-06-23 02:59 996,352 --a------ c:\windows\System32\WMNetMgr.dll 2008-12-09 21:15 . 2008-06-23 02:58 94,720 --a------ c:\windows\System32\logagent.exe 2008-12-09 21:15 . 2008-11-01 04:44 28,672 --a------ c:\windows\System32\Apphlpdm.dll 2008-12-03 19:33 . 2008-10-16 22:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll 2008-12-03 19:33 . 2008-10-16 21:56 1,524,736 --a------ c:\windows\System32\wucltux.dll 2008-12-03 19:33 . 2008-10-16 22:12 561,688 --a------ c:\windows\System32\wuapi.dll 2008-12-03 19:33 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll 2008-12-03 19:33 . 2008-10-16 21:55 83,456 --a------ c:\windows\System32\wudriver.dll 2008-12-03 19:33 . 2008-10-16 22:09 51,224 --a------ c:\windows\System32\wuauclt.exe 2008-12-03 19:33 . 2008-10-16 22:09 43,544 --a------ c:\windows\System32\wups2.dll 2008-12-03 19:33 . 2008-10-16 22:08 34,328 --a------ c:\windows\System32\wups.dll 2008-12-03 19:33 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe 2008-11-26 10:04 . 2008-10-21 06:25 1,645,568 --a------ c:\windows\System32\connect.dll 2008-11-26 10:04 . 2008-08-28 04:37 712,704 --a------ c:\windows\System32\WindowsCodecs.dll 2008-11-26 10:04 . 2008-08-28 04:40 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll 2008-11-26 10:04 . 2008-08-28 04:37 347,648 --a------ c:\windows\System32\WindowsCodecsExt.dll 2008-11-26 10:04 . 2008-10-22 04:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll 2008-11-21 16:35 . 2008-11-04 09:35 499,712 --a------ c:\windows\System32\msvcp71.dll 2008-11-21 16:35 . 2008-11-04 09:35 348,160 --a------ c:\windows\System32\msvcr71.dll 2008-11-12 15:19 . 2008-09-10 04:40 1,334,272 --a------ c:\windows\System32\msxml6.dll 2008-11-12 15:19 . 2008-09-05 06:14 1,191,936 --a------ c:\windows\System32\msxml3.dll 2008-11-12 15:19 . 2008-08-27 02:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-12 15:24 5,022 ----a-w c:\windows\System32\PerfStringBackup.TMP 2008-12-12 14:55 --------- d-----w c:\users\tribal\AppData\Roaming\Azureus 2008-12-09 21:36 --------- d-----w c:\program files\Windows Home Server 2008-12-09 20:50 --------- d-----w c:\program files\Java 2008-12-09 20:37 --------- d-----w c:\program files\Windows Mail 2008-12-09 20:35 --------- d-----w c:\programdata\Microsoft Help 2008-12-07 19:16 --------- d-----w c:\program files\Launch Manager 2008-12-07 14:35 --------- d-----w c:\users\tribal\AppData\Roaming\dvdcss 2008-11-21 17:43 --------- d-----w c:\program files\Azureus 2008-11-13 20:51 --------- d-----w c:\program files\Hewlett-Packard 2008-11-09 08:30 --------- d-----w c:\users\tribal\AppData\Roaming\Windows Home Server 2008-11-06 21:11 --------- d-----w c:\programdata\HP Product Assistant 2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll 2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-10-31 16:42 82,446 ----a-w c:\users\tribal\AppData\Roaming\nvModes.dat 2008-10-24 13:46 12,632 ----a-w c:\windows\System32\lsdelete.exe 2008-10-23 17:23 --------- d-----w c:\program files\Winamp 2008-10-22 10:01 --------- d-----w c:\program files\Microsoft Silverlight 2008-10-12 08:29 --------- d-----w c:\users\tribal\AppData\Roaming\Winamp 2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe 2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe 2008-09-18 04:56 147,456 ----a-w c:\windows\System32\Faultrep.dll 2008-09-18 04:56 125,952 ----a-w c:\windows\System32\wersvc.dll 2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys 2008-09-16 00:12 200,704 ----a-w c:\windows\System32\ssldivx.dll 2008-09-16 00:12 1,044,480 ----a-w c:\windows\System32\libdivx.dll 2008-04-26 09:28 174 --sha-w c:\program files\desktop.ini . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 1688872] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-09 865840] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216] "eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-06-11 1286144] "PLFSet"="c:\windows\PLFSet.dll" [2007-04-25 45056] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872] "LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2007-07-31 707080] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-09 136600] "PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-05-24 206952] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-11-28 583048] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-09-12 36352] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152] "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-28 1261336] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 2213160] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696] "NvSvc"="c:\windows\system32\nvsvc.dll" [2008-01-11 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-01-11 8501792] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-01-11 81920] "RtHDVCpl"="RtHDVCpl.exe" [2007-09-04 c:\windows\RtHDVCpl.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552] c:\users\tribal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper og Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2007-10-18 1208320] BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-03-29 719664] Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-08-16 535336] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 210520] Windows Home Server.lnk - c:\windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe [2008-11-09 552296] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-01-11 22:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent] --a------ 2007-09-06 14:08 136136 c:\program files\DAEMON Tools Pro\DTProAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-09-06 14:09 413696 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] --a------ 2008-02-20 16:20 356352 c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\AuthorizedApplications\List] "c:\\Program Files\\Logitech\\Logitech Harmony Remote Software 7\\HarmonyRemote.exe"= c:\program files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{C838F199-B1ED-4E88-AEBF-E9A4D29805AC}"= c:\program files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician "{AEFAA8AC-EDC0-4749-A353-C462F267EB99}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia "{4660D352-2FAC-4636-AB0B-D8372BE3D089}"= c:\program files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard "{7711912B-3A87-400D-9C57-6C98F16CBA40}"= c:\program files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine "{66BFA8A2-588A-417C-A4BC-A14C91FB3142}"= c:\program files\Acer\Acer VCM\VC.exe:Acer VCM "{A7B4B0AB-6A87-4506-A4D9-B08ABE1F02F8}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe "{53A7A943-733A-4A7C-BCE9-90FA468C050A}"= c:\program files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie "{AE7A646F-E7E5-4B3B-946B-2FCC021FE512}"= c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program "{7E6FEB0D-C831-4D4E-AAFB-41E57659D6E0}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent "{C0A5210A-36E5-4A49-8259-ED97A161C1D0}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent "{15D47DE4-352E-4F67-8D50-D49F56E7BE14}"= UDP:12977:BitComet 12977 TCP "{AC205961-8297-4829-AA98-D5BD54CB08C7}"= TCP:12977:BitComet 12977 UDP "{F5690C42-F83F-4326-8948-FAC782BE2722}"= Disabled:UDP:f:\setup\HPZNUI01.EXE:hpznui01.exe "{C4B15C8A-84DF-4776-9DDF-6434F02AF3CC}"= Disabled:TCP:f:\setup\HPZNUI01.EXE:hpznui01.exe "{D5154C58-7439-4DBD-9198-16657468CF43}"= Disabled:UDP:c:\users\tribal\AppData\Local\Temp\7zS2941.tmp\setup\HPZnui01.exe:hpznui01.exe "{B78D710C-DB59-4E8F-A371-DD84A260E0FD}"= Disabled:TCP:c:\users\tribal\AppData\Local\Temp\7zS2941.tmp\setup\HPZnui01.exe:hpznui01.exe "{C1F33295-C87F-4AC7-8FA6-C710DAE73B7F}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe "TCP Query User{F8F8605E-2066-4438-906D-F7ABB5A9055E}c:\\program files\\azureus\\azureus.exe"= UDP:c:\program files\azureus\azureus.exe:Azureus "UDP Query User{D602E6B8-5887-410B-9C6B-8DB31E97D838}c:\\program files\\azureus\\azureus.exe"= TCP:c:\program files\azureus\azureus.exe:Azureus "TCP Query User{98424E3F-60DF-4B28-9256-A43744554B23}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{04FDAE35-A752-4640-8605-2E69A1B72DD5}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{1E096610-45CF-4C29-B7B2-B684866DF08E}c:\\program files\\tmnationsforever\\tmforever.exe"= UDP:c:\program files\tmnationsforever\tmforever.exe:TmForever "UDP Query User{7EC2AF3B-667A-47ED-ACD3-557F8D324F04}c:\\program files\\tmnationsforever\\tmforever.exe"= TCP:c:\program files\tmnationsforever\tmforever.exe:TmForever "TCP Query User{4B802D49-DE25-4989-BF06-56958186FAD3}c:\\program files\\azureus\\azureus.exe"= UDP:c:\program files\azureus\azureus.exe:Azureus "UDP Query User{0CA5D19B-A4B1-4E93-97C2-A4F149EE6111}c:\\program files\\azureus\\azureus.exe"= TCP:c:\program files\azureus\azureus.exe:Azureus "TCP Query User{FFED86CF-5FD4-42AC-AE70-D95E709E889A}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{19A97456-F9C1-4039-835A-E7DD7B9016EE}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "{28CCF90D-E7C4-4316-AF1B-B04AE661F4EF}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{A1E91AE3-8220-4598-8F4E-BFDD11E82515}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{100A47BA-27CF-44D7-9286-C485B42AD5C5}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{B04F1FAB-6A9E-446E-87AC-7A066D3EEC83}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{E805AD10-F984-4D1E-BB63-BCCA7561D50E}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{C6992C8E-3504-4099-978C-17B3118DD8C6}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone) "{D5648423-6C1B-44DB-83CF-F37C93A1B646}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone) "{9169E78B-719F-4109-ADF4-EE10CA795829}"= UDP:c:\program files\Windows Home Server\Discovery.exe:Windows Home Server Connector "{FC7FE57F-6F3F-4580-954B-DC852137272D}"= TCP:c:\program files\Windows Home Server\Discovery.exe:Windows Home Server Connector [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\Logitech\\Logitech Harmony Remote Software 7\\HarmonyRemote.exe"= c:\program files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-07-11 97928] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2007-10-18 14:55:28 39408] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-07-11 231704] R2 WHSConnector;Windows Home Server Connector Service;"c:\program files\Windows Home Server\WHSConnector.exe" [2008-10-31 325480] R3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-08-16 43008] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-08-16 179712] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 HPService REG_MULTI_SZ HPSLPSVC hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4e29b6e2-fd8c-11dc-873f-b6351d99cd71}] \shell\AutoRun\command - G:\setup.exe /autorun \shell\dxsetup\command - g:\directx\dxsetup.exe \shell\Register\command - g:\goodies\runshell.exe http://www.microsoft.com/games/product_reg...ion/motocross2/ \shell\setup\command - G:\setup.exe /autorun \shell\Web\command - g:\goodies\runshell.exe http://www.microsoft.com/games/motocross2 \shell\Zone\command - g:\goodies\ZoneA650.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{90ab9015-b8aa-11dd-9726-a8c25299fe07}] \shell\AutoRun\command - J:\setupSNK.exe *Newly Created Service* - CATCHME *Newly Created Service* - PROCEXP90 . - - - - TOMME PEKERE FJERNET - - - - WebBrowser-{A33FA729-D155-4B23-842B-2C665ECABDB6} - (no file) HKLM-Run-SetPanel - c:\acer\APanel\APanel.cmd HKLM-Run-Acer Tour - (no file) HKLM-Run-eRecoveryService - (no file) MSConfigStartUp-BitComet - c:\program files\BitComet\BitComet.exe ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-12 18:57:38 Windows 6.0.6001 Service Pack 1 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(860) c:\windows\system32\avgrsstx.dll - - - - - - - > 'lsass.exe'(752) c:\windows\system32\avgrsstx.dll . Tidspunkt ferdig: 2008-12-12 19:01:37 ComboFix-quarantined-files.txt 2008-12-12 18:01:35 Pre-Run: 32 498 106 368 byte ledig Post-Run: 34,804,490,240 byte ledig 244 --- E O F --- 2008-12-09 20:36:02 > Klikk for å se/fjerne innholdet nedenfor < Malwarebytes' Anti-Malware 1.31Databaseversjon: 1493 Windows 6.0.6001 Service Pack 1 12.12.2008 18:50:32 mbam-log-2008-12-12 (18-50-32).txt Skanntype: Rask Skann Objekter skannet: 61828 Tid tilbakelagt: 19 minute(s), 44 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 0 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: (Ingen mistenkelige filer funnet) Registerverdier infisert: (Ingen mistenkelige filer funnet) Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: (Ingen mistenkelige filer funnet) > Klikk for å se/fjerne innholdet nedenfor <Logfile of Trend Micro HijackThis v2.0.2Scan saved at 19:03:47, on 12.12.2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18241) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\DAEMON Tools Pro\DTProAgent.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Acer\Acer VCM\AcerVCM.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Windows Home Server\WHSTrayApp.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Windows\System32\mobsync.exe C:\Program Files\Acer\Acer VCM\acp2HID.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conime.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\notepad.exe C:\Windows\Explorer.exe C:\Program Files\Trend Micro\Dag\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.intl.acer.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/def...://uk.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BrowserHelper Class - {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Program Files\Windows Home Server\WHSDeskBands.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll (file missing) O3 - Toolbar: Home Server Banner - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Program Files\Windows Home Server\WHSDeskBands.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper og Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Acer VCM.lnk = ? O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Windows Home Server.lnk = ? O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send bilde til &Bluetooth-enhet... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send side til &Bluetooth-enhet... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (file missing) O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} - http://webcam.atomicmods.com//activex/AMC.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 12961 bytes > Endret 18. desember 2008 av tribal73 Lenke til kommentar
raWrz Skrevet 12. desember 2008 Del Skrevet 12. desember 2008 (endret) hvis du skal ha proff hjelp ja så kommer sikkert norbat innom en tur men ser ut som om combofix tok det som var av rusk edit: skriveleif edit2: forresten ser du har rester av et Symantec programm (Norton?) last ned dette programmet:ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe og kjør det Endret 12. desember 2008 av Submit Lenke til kommentar
tribal73 Skrevet 19. desember 2008 Forfatter Del Skrevet 19. desember 2008 Er det noen der som har peiling??? Eller er det formatering som er den eneste løsning??? Lenke til kommentar
norbat Skrevet 19. desember 2008 Del Skrevet 19. desember 2008 Oppdater MBAM og kjør en rask skann Last ned CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Oppsto dette problemet nylig eller er det noe som har pågått en stund Lenke til kommentar
tribal73 Skrevet 19. desember 2008 Forfatter Del Skrevet 19. desember 2008 Oppdater MBAM og kjør en rask skann Last ned CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Oppsto dette problemet nylig eller er det noe som har pågått en stund MBAM fullført og Ccleaner fullført... Dette problemet har jeg hatt i ca 14 dager. Den Bærbare til samboeren min har også begynt med samme problem. Takker for svar å hjelp. Lenke til kommentar
tribal73 Skrevet 19. desember 2008 Forfatter Del Skrevet 19. desember 2008 post Mbam loggen Malwarebytes' Anti-Malware 1.31 Databaseversjon: 1520 Windows 6.0.6001 Service Pack 1 19.12.2008 16:51:38 mbam-log-2008-12-19 (16-51-38).txt Skanntype: Rask Skann Objekter skannet: 53847 Tid tilbakelagt: 3 minute(s), 6 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 0 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: (Ingen mistenkelige filer funnet) Registerverdier infisert: (Ingen mistenkelige filer funnet) Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: (Ingen mistenkelige filer funnet) Lenke til kommentar
snippsat Skrevet 19. desember 2008 Del Skrevet 19. desember 2008 Har explorer heng veldig ofte og div program heng Er problemet der ennå går vi videre med andre verktøy. Lenke til kommentar
tribal73 Skrevet 19. desember 2008 Forfatter Del Skrevet 19. desember 2008 Har explorer heng veldig ofte og div program heng Er problemet der ennå går vi videre med andre verktøy. Hadde endelig en ca 30 min på nettet uten heng,men så ble det samme gamle opplegget! Klar for neste skritt!! Lenke til kommentar
snippsat Skrevet 19. desember 2008 Del Skrevet 19. desember 2008 (endret) Last ned Process monitor Last ned Autorun Se også på om explorer bruker mye av cpu,vi har også Process explorer som kan hjelpe til og finne problemet. Dette problemet har jeg hatt i ca 14 dager. Skal se litt på loggen rundt den tiden,husker du om dette kom etter du installerte noe? Kjør register-renser i CCleaner. Last ned kjør CCleaner 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer som er eldere enn 48 t. Kjør register-renser "svar ja til og reparere" --> backup svar ja når du blir spørt. Kjør register-renser et par ganger til alle feil er borte. Andre ting som bør gjøres. Start->kjør->cmd chkdsk /r finner skadede sektorer og gjenoppretter lesbar informasjon. chkdsk /f retter feil på disken. Auslogics Registry Defrag(gratis) http://www.auslogics.com/en/software/registry-defrag Auslogics Disk Defrag(gratis) http://www.auslogics.com/en/software/disk-defrag Endret 19. desember 2008 av SNIPPSAT Lenke til kommentar
tribal73 Skrevet 20. desember 2008 Forfatter Del Skrevet 20. desember 2008 (endret) Last ned Process monitor Last ned Autorun Se også på om explorer bruker mye av cpu,vi har også Process explorer som kan hjelpe til og finne problemet. Dette problemet har jeg hatt i ca 14 dager. Skal se litt på loggen rundt den tiden,husker du om dette kom etter du installerte noe? Kjør register-renser i CCleaner. Last ned kjør CCleaner 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer som er eldere enn 48 t. Kjør register-renser "svar ja til og reparere" --> backup svar ja når du blir spørt. Kjør register-renser et par ganger til alle feil er borte. Andre ting som bør gjøres. Start->kjør->cmd chkdsk /r finner skadede sektorer og gjenoppretter lesbar informasjon. chkdsk /f retter feil på disken. Auslogics Registry Defrag(gratis) http://www.auslogics.com/en/software/registry-defrag Auslogics Disk Defrag(gratis) http://www.auslogics.com/en/software/disk-defrag Da er alt gjort, men fortsatt ikke noe bedre.Va litt kjapp å tok seieren på forskudd her! Tror jeg ikke helt skjønte processmonitor å hvordan jeg skulle bruke den! Har 2 bærbare på trådløstnett, 2 stasjonære med kabel og en server med kabel kan dette være en årsak? Endret 20. desember 2008 av tribal73 Lenke til kommentar
snippsat Skrevet 20. desember 2008 Del Skrevet 20. desember 2008 (endret) Tror jeg ikke helt skjønte processmonitor å hvordan jeg skulle bruke den! Process monitor registrer alt som skjer opp mot register,filsystem,prosesser,nettverk. Nå har vi filtrerer ut explorer. Når explorer henger må du bruke den og så stoppe og gå igjenomm loggen for og se hva explorer hadde problemer med. Har 2 bærbare på trådløstnett, 2 stasjonære med kabel og en server med kabel kan dette være en årsak? Umulig og si derfor må man bruke verktøy som process monitor for og finne ut av det. Endret 20. desember 2008 av SNIPPSAT Lenke til kommentar
norbat Skrevet 20. desember 2008 Del Skrevet 20. desember 2008 Du kan sjekke om systemfilene er intakte: Klikk: Start->Kjør Skriv: cmd Høyreklikk på cmd og velg å kjør som administrator Skriv: sfc /scannow Lenke til kommentar
tribal73 Skrevet 20. desember 2008 Forfatter Del Skrevet 20. desember 2008 Du kan sjekke om systemfilene er intakte: Klikk: Start->Kjør Skriv: cmd Høyreklikk på cmd og velg å kjør som administrator Skriv: sfc /scannow Den fant skadede filer men kunne ikke reparere noen av dem!! Masse styr dette!! Takker for at det finnes noen snille sjeler som dere, som vil bruke tid på dette!! Lenke til kommentar
norbat Skrevet 20. desember 2008 Del Skrevet 20. desember 2008 Har du en vista dvd, så kunne du ha forsøkt å kjøre sfc igjen med dvd i. Lenke til kommentar
tribal73 Skrevet 20. desember 2008 Forfatter Del Skrevet 20. desember 2008 Har du en vista dvd, så kunne du ha forsøkt å kjøre sfc igjen med dvd i. Har ikke cd. Acer bærbar med forhånds installert vista!! Lenke til kommentar
norbat Skrevet 20. desember 2008 Del Skrevet 20. desember 2008 Restart i sikker modus og prøv å kjøre sfc igjen derfra. Lenke til kommentar
-pils- Skrevet 20. desember 2008 Del Skrevet 20. desember 2008 sikkert vært bra med en ny hijackthis log etter at nortons removal tool ble kjørt Lenke til kommentar
tribal73 Skrevet 20. desember 2008 Forfatter Del Skrevet 20. desember 2008 Restart i sikker modus og prøv å kjøre sfc igjen derfra. Får ikke tid til dette idag!! Skal trå til imorgen å gjøre dette.Takker for flott hjelp! Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå