Shax# Skrevet 10. januar 2009 Del Skrevet 10. januar 2009 (endret) Jeg har en Acer Aspire 5930G(Beste Versjonen) som ble kjøpt 08/08/08 faktisk :!: Og nå bruker den sånn 4-5 minutter å slå seg på, er det normalt eller tregt? Jeg har en del spill innpå, og fylt ca. halv fyll C: Harddisk. - Mini097 EDIT: Pcn har Windows Vista Home Premium Endret 21. januar 2009 av mini097 Lenke til kommentar
Warz Skrevet 10. januar 2009 Del Skrevet 10. januar 2009 Tja... det er jo noen månder siden du kjøpte den og det er utrolig hvor mye dritt som fylles på windows. Alle PCene jeg har hatt blir etterhvert trege i oppstarten, selv om de er veldig raske. Vil ikke si det er unormalt, men det kan nok optimaliseres, eks sørge for at færre programmer starter automatisk når du starter PCen. Lenke til kommentar
Shax# Skrevet 10. januar 2009 Forfatter Del Skrevet 10. januar 2009 (endret) Jojo;) Men Pcen klikker veldig ofte og får en rar "blue screen" Der det kommer sånn "Dumping Physical Memory" Det tror jeg kan krasje hele PCN og holder inne den "På" knappen. Er dette virus eller systemfeil elns? NB: Jeg har gjort alt i Norbat sin tråd om det tinget, og combofix funka ikke(ble ikke tillat av Panda). Men ellers har dem ikke sagt noe om feil Endret 10. januar 2009 av mini097 Lenke til kommentar
norbat Skrevet 10. januar 2009 Del Skrevet 10. januar 2009 Slå av Panda, og kjør Combofix. Problemet ditt trenger ikke å være knyttet til malware - heller en driver som kanskje er i 'uorden'. Lenke til kommentar
Shax# Skrevet 10. januar 2009 Forfatter Del Skrevet 10. januar 2009 (endret) Skal slå av panda å prøve, norbat;) Endret 10. januar 2009 av mini097 Lenke til kommentar
Shax# Skrevet 10. januar 2009 Forfatter Del Skrevet 10. januar 2009 (endret) Her er loggen(Vist jeg skulle poste den) : xD Klikk for å se/fjerne innholdet nedenfor ComboFix 09-01-10.01 - Kai-Morten 2009-01-10 23:25:11.1 - NTFSx86Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1044.18.3066.1557 [GMT 1:00] Kjører fra: c:\users\Kai-Morten\Desktop\ComboFix.exe * Opprettet nytt gjenopprettingspunkt . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\Microsoft\Network\Downloader\qmgr0.dat c:\programdata\Microsoft\Network\Downloader\qmgr1.dat c:\users\Kai-Morten\AppData\Roaming\.# ----- BITS: Mulige infiserte sider ----- hxxp://madtorrents.info . ((((((((((((((((((((((((((( Filer Opprettet Fra 2008-12-10 til 2009-01-10 ))))))))))))))))))))))))))))))))) . 2009-01-10 20:50 . 2009-01-10 21:10 141,612 --a------ c:\windows\System32\drivers\dump_wmimmc.sys 2009-01-10 17:42 . 2009-01-10 17:42 131,072,000 --a------ c:\windows\MEMORY.DMP 2009-01-10 13:32 . 2009-01-10 13:36 <DIR> d-------- c:\users\All Users\NOS 2009-01-10 13:32 . 2009-01-10 13:36 <DIR> d-------- c:\programdata\NOS 2009-01-10 13:32 . 2009-01-10 13:32 <DIR> d-------- c:\program files\NOS 2009-01-10 12:51 . 2009-01-10 12:51 <DIR> d-------- c:\program files\Game_Maker7 2009-01-10 12:51 . 2009-01-10 12:51 0 --ah----- c:\windows\SwSys2.bmp 2009-01-10 12:51 . 2009-01-10 12:51 0 --ah----- c:\windows\SwSys1.bmp 2009-01-07 15:41 . 2009-01-07 15:41 <DIR> d-------- c:\users\Kai-Morten\AppData\Roaming\OpenOffice.org 2009-01-07 15:39 . 2009-01-07 15:39 <DIR> d-------- c:\program files\OpenOffice.org 3 2009-01-07 15:39 . 2009-01-07 15:39 <DIR> d-------- c:\program files\JRE 2009-01-07 15:33 . 2009-01-07 15:33 <DIR> d-------- c:\users\Kai-Morten\OpenOffice.org 3.0 (en-US) Installation Files 2009-01-07 15:00 . 2009-01-07 15:00 <DIR> d-------- c:\windows\Sun 2009-01-04 19:51 . 2002-11-02 09:53 57,344 --a------ c:\windows\System32\WNASPINT.DLL 2009-01-04 19:45 . 2009-01-04 19:45 <DIR> d-------- C:\eJay 2009-01-04 18:34 . 2009-01-04 18:34 0 --a------ c:\windows\System32\REN4C6D.tmp 2009-01-04 18:34 . 2009-01-04 18:34 0 --a------ c:\windows\System32\REN4C5D.tmp 2009-01-04 18:34 . 2009-01-04 18:34 0 --a------ c:\windows\System32\REN4C5C.tmp 2009-01-03 06:53 . 2009-01-03 06:53 25,280 --a------ c:\windows\System32\drivers\hamachi.sys 2009-01-03 00:54 . 2009-01-10 23:41 <DIR> d-------- c:\program files\Steam 2009-01-03 00:54 . 2009-01-06 21:45 <DIR> d-------- c:\program files\Common Files\Steam 2008-12-31 17:23 . 2008-12-31 17:23 <DIR> d-------- c:\users\Kai-Morten\AppData\Roaming\Malwarebytes 2008-12-31 17:23 . 2008-12-31 17:23 <DIR> d-------- c:\users\All Users\Malwarebytes 2008-12-31 17:23 . 2008-12-31 17:23 <DIR> d-------- c:\programdata\Malwarebytes 2008-12-31 17:23 . 2008-12-31 17:23 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-31 17:23 . 2008-12-03 19:52 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2008-12-31 17:23 . 2008-12-03 19:52 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2008-12-29 20:59 . 2008-12-29 20:59 56 --ah----- c:\windows\System32\ezsidmv.dat 2008-12-27 17:06 . 2008-12-27 17:06 <DIR> d-------- c:\users\Kai-Morten\AppData\Roaming\Sony 2008-12-27 16:31 . 2008-12-27 17:02 <DIR> d-------- c:\program files\Microsoft SQL Server 2008-12-27 16:29 . 2008-12-27 16:38 <DIR> d-------- c:\program files\Sony Setup 2008-12-27 14:19 . 2009-01-10 23:42 <DIR> d-------- c:\users\Kai-Morten\AppData\Roaming\Skype 2008-12-27 14:19 . 2008-12-27 14:19 <DIR> d-------- c:\program files\Skype 2008-12-27 14:19 . 2008-12-27 14:19 <DIR> d-------- c:\program files\Common Files\Skype 2008-12-25 19:55 . 2008-12-25 19:55 <DIR> d-------- c:\windows\System32\AGEIA 2008-12-25 19:55 . 2008-12-25 19:55 <DIR> d-------- c:\program files\AGEIA Technologies 2008-12-25 19:54 . 2008-12-25 19:54 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2008-12-25 19:20 . 2008-12-25 19:20 <DIR> d-------- C:\NVIDIA 2008-12-25 18:26 . 2008-12-25 18:26 <DIR> d-------- c:\users\Kai-Morten\AppData\Roaming\Auslogics 2008-12-25 18:25 . 2008-12-25 18:25 <DIR> d-------- c:\program files\Auslogics 2008-12-25 01:51 . 2008-12-25 01:51 <DIR> d-------- c:\users\All Users\Age of Empires 3 2008-12-25 01:51 . 2008-12-25 01:51 <DIR> d-------- c:\programdata\Age of Empires 3 2008-12-25 01:45 . 2008-12-25 01:45 <DIR> d-------- c:\program files\Common Files\Microsoft Games 2008-12-24 09:48 . 2008-12-24 09:48 0 --ah----- c:\windows\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2008-12-23 18:44 . 2008-12-23 18:44 <DIR> d-------- c:\program files\VS Revo Group 2008-12-21 22:42 . 2009-01-01 03:19 <DIR> d-------- c:\users\Kai-Morten\AppData\Roaming\Spotify 2008-12-21 22:41 . 2008-12-21 22:42 <DIR> d-------- c:\program files\Spotify 2008-12-21 17:42 . 2008-12-21 17:42 <DIR> d-------- c:\users\Kai-Morten\Option 2008-12-19 22:28 . 2008-12-19 22:29 <DIR> d-------- c:\users\Kai-Morten\AppData\Roaming\U3 2008-12-18 21:54 . 2005-05-26 15:34 2,297,552 --a------ c:\windows\System32\d3dx9_26.dll 2008-12-18 21:04 . 2008-12-18 21:04 <DIR> d-------- c:\program files\Ubisoft 2008-12-18 03:00 . 2008-12-13 07:23 1,659,392 --a------ c:\windows\System32\mshtml.tlb 2008-12-12 11:18 . 2008-12-12 11:18 87,336 --a------ c:\windows\System32\dns-sd.exe 2008-12-12 11:11 . 2008-12-12 11:11 61,440 --a------ c:\windows\System32\dnssd.dll 2008-12-10 21:24 . 2008-12-28 14:09 <DIR> d-------- c:\program files\TeamViewer 2008-12-10 11:35 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll 2008-12-10 11:15 . 2008-11-01 02:21 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll 2008-12-10 11:15 . 2008-11-01 04:44 28,672 --a------ c:\windows\System32\Apphlpdm.dll 2008-12-10 11:14 . 2008-10-29 07:29 2,927,104 --a------ c:\windows\explorer.exe 2008-12-10 11:14 . 2008-06-23 02:59 2,868,736 --a------ c:\windows\System32\mf.dll 2008-12-10 11:14 . 2008-06-23 02:59 996,352 --a------ c:\windows\System32\WMNetMgr.dll 2008-12-10 11:14 . 2008-10-21 06:25 296,960 --a------ c:\windows\System32\gdi32.dll 2008-12-10 11:14 . 2008-06-23 02:58 94,720 --a------ c:\windows\System32\logagent.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-10 22:41 32,346 ----a-w c:\users\All Users\nvModes.dat 2009-01-10 22:41 32,346 ----a-w c:\programdata\nvModes.dat 2009-01-10 22:41 1,132 ----a-w c:\windows\system32\drivers\APPFLTR.CFG.bck 2009-01-10 22:41 1,132 ----a-w c:\windows\system32\drivers\APPFLTR.CFG 2009-01-10 22:39 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\DNA 2009-01-10 21:28 328,512 ----a-w c:\windows\system32\drivers\APPFCONT.DAT.bck 2009-01-10 21:28 328,512 ----a-w c:\windows\system32\drivers\APPFCONT.DAT 2009-01-10 20:23 --------- d-----w c:\program files\Counter-Strike 1.6 2009-01-10 19:29 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\FileZilla 2009-01-10 16:48 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\skypePM 2009-01-10 16:42 323,289,039 ----a-w c:\windows\DUMP94df.tmp 2009-01-10 12:54 --------- d-----w c:\program files\Common Files\Adobe 2009-01-08 06:24 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\Azureus 2009-01-07 14:35 --------- d-----w c:\program files\Java 2009-01-07 14:14 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\OpenOffice.org2 2009-01-04 19:25 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-04 18:40 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\BitTorrent 2009-01-02 10:47 --------- d-----w c:\programdata\NVIDIA 2009-01-01 18:21 --------- d-----w c:\program files\Acer GameZone 2008-12-31 16:45 --------- d-----w c:\program files\Trend Micro 2008-12-27 16:19 --------- d-----w c:\program files\Dealio 2008-12-27 13:19 --------- d-----w c:\programdata\Skype 2008-12-26 22:59 --------- d-----w c:\programdata\Microsoft Help 2008-12-25 16:32 --------- d-----w c:\program files\MSN Messenger 2008-12-25 00:15 --------- d-----w c:\program files\Microsoft Games 2008-12-23 17:50 --------- d-----w c:\program files\NaturalMotion 2008-12-20 20:18 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\Apple Computer 2008-12-20 19:20 --------- d-----w c:\program files\Bonjour 2008-12-18 20:53 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2008-12-18 20:53 22,328 ----a-w c:\users\Kai-Morten\AppData\Roaming\PnkBstrK.sys 2008-12-16 16:50 --------- d-----w c:\program files\Electronic Arts 2008-12-10 10:37 --------- d-----w c:\program files\Windows Mail 2008-12-09 20:24 --------- d-----w c:\programdata\FLEXnet 2008-12-08 16:42 7,451,712 ----a-w c:\windows\system32\drivers\nvlddmkm.sys 2008-12-06 17:43 --------- d-----w c:\program files\DAEMON Tools Toolbar 2008-11-29 11:16 --------- d-----w c:\program files\Vuze 2008-11-28 17:00 --------- d-----w c:\programdata\Apple Computer 2008-11-28 17:00 --------- d-----w c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-11-28 17:00 --------- d-----w c:\program files\QuickTime 2008-11-28 17:00 --------- d-----w c:\program files\iTunes 2008-11-28 17:00 --------- d-----w c:\program files\iPod 2008-11-23 16:16 --------- d-----w c:\program files\Common Files\Nullsoft 2008-11-22 18:00 --------- d-----w c:\program files\DAEMON Tools Lite 2008-11-22 17:52 717,296 ----a-w c:\windows\system32\drivers\sptd.sys 2008-11-22 17:51 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\DAEMON Tools 2008-11-22 17:23 --------- d-----w c:\program files\Google 2008-11-22 12:36 --------- d-----w c:\programdata\Azureus 2008-11-21 13:50 --------- d-----w c:\program files\Bethesda Softworks 2008-11-19 14:27 --------- d-----w c:\program files\Common Files\Adobe AIR 2008-11-17 15:22 --------- d-----w c:\program files\Common Files\Macrovision Shared 2008-11-16 20:11 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\Download Manager 2008-11-16 19:07 --------- d-----w c:\program files\Red Kawa 2008-11-15 13:41 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\Red Kawa 2008-11-15 13:37 --------- d-----w c:\program files\AviSynth 2.5 2008-11-15 08:30 30 ----a-w c:\users\Kai-Morten\jagex_runescape_preferences.dat 2008-11-15 08:10 --------- d-----w c:\program files\Yahoo! 2008-11-14 11:55 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\mIRC 2008-11-11 16:40 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\LimeWire 2008-11-11 16:19 --------- d-----w c:\program files\BitTorrent 2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll 2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-03-04 22:38 121392 --a------ c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] "Steam"="c:\program files\steam\steam.exe" [2009-01-03 1410296] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-18 21633320] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-11-11 289088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-22 1037608] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040] "PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-04-01 793096] "eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768] "eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-30 397312] "ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-04-10 147456] "CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-04-10 167936] "PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-04-18 167936] "WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104] "APVXDWIN"="c:\program files\Panda Security\Panda Antivirus Pro 2009\APVXDWIN.EXE" [2008-12-03 869632] "SCANINICIO"="c:\program files\Panda Security\Panda Antivirus Pro 2009\Inicio.exe" [2008-07-07 50432] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-08 13601312] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-08 92704] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-04 136600] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-25 c:\windows\RtHDVCpl.exe] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2008-08-08 1216512] BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-02-12 723496] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1778150080-963567772-2609252161-1000] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{22919167-C38C-465B-88D2-AF01E0E9090D}"= c:\program files\Skype\Phone\Skype.exe:Skype "TCP Query User{FC884C74-E846-45DA-A8AD-BE539EDEB916}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus "UDP Query User{247DF314-ADAE-4C14-B3EE-6B9D03275B3C}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus "{973497EB-6BFA-45B4-9EAF-CA56494CD5A2}"= UDP:c:\program files\DNA\btdna.exe:DNA "{587DCD38-31A7-4458-A639-8AE1A0758DDA}"= TCP:c:\program files\DNA\btdna.exe:DNA "{0D19BFED-FB4E-4659-918C-D5E1122C4B3E}"= UDP:c:\program files\DNA\btdna.exe:DNA "{04BF6CB3-0C19-4EAA-8EC7-F114F5B45BF8}"= TCP:c:\program files\DNA\btdna.exe:DNA [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent R0 pavboot;Panda boot driver;c:\windows\System32\drivers\pavboot.sys [2008-09-06 28544] R1 APPFLT;App Filter Plugin;c:\windows\System32\drivers\APPFLT.SYS [2008-11-22 73728] R1 DSAFLT;DSA Filter Plugin;c:\windows\System32\drivers\dsaflt.sys [2008-11-22 52992] R1 FNETMON;NetMon Filter Plugin;c:\windows\System32\drivers\fnetmon.sys [2008-11-22 22072] R1 IDSFLT;Ids Filter Plugin;c:\windows\System32\drivers\idsflt.sys [2008-11-22 193792] R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\System32\drivers\NETFLTDI.SYS [2008-11-22 18:40:00 158848] R1 ShldDrv;Panda File Shield Driver;c:\windows\System32\drivers\ShlDrv51.sys [2008-09-06 41144] R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\System32\drivers\wnmflt.sys [2008-11-22 46720] R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34;c:\windows\System32\drivers\neti1634.sys [2008-09-06 197888] R3 NETw5v32;Intel® Wireless WiFi Link-kortdriver for Windows Vista 32-bit;c:\windows\System32\drivers\NETw5v32.sys [2008-08-09 3658752] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [2008-09-24 45600] R4 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-08-08 17:21:10 61424] R4 AmFSM;AmFSM;c:\windows\System32\drivers\amm8660.sys [2008-09-06 49208] R4 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384] R4 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-08-08 81504] R4 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-05-12 24576] R4 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k Panda --> c:\windows\system32\svchost -k Panda [?] R4 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424] R4 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-08-08 122368] R4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072] R4 PavProc;Panda Process Protection Driver;c:\windows\System32\drivers\PavProc.sys [2008-09-06 179640] R4 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Antivirus Pro 2009\psksvc.exe [2008-09-06 28928] R4 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2008-08-08 233472] R4 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [2008-12-23 185640] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [2008-01-21 179712] S3 Dfrsvrt;Dfrsvrt; [x] S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2009-01-10 33752] S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [2008-08-08 84240] --- Other Services/Drivers In Memory --- *Deregistered* - AvFlt *Deregistered* - PavSRK.sys *Deregistered* - PavTPK.sys *Deregistered* - sptd [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ panda REG_MULTI_SZ Gwmsrv [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{14559d87-663d-11dd-92ea-001d723bb4fb}] \shell\AutoRun\command - F:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{43f75498-ce0f-11dd-bfe0-001d723bb4fb}] \shell\AutoRun\command - I:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45423b2c-b6ec-11dd-8d7e-001d723bb4fb}] \shell\AutoRun\command - F:\OblivionLauncher.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{87c59603-d8ba-11dd-bd95-001d723bb4fb}] \shell\AutoRun\command - G:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f91cb12-abc8-11dd-9f14-001d723bb4fb}] \shell\AutoRun\command - F:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d1e483e9-cbfe-11dd-966b-001d723bb4fb}] \shell\AutoRun\command - G:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd7331a5-b9ed-11dd-b747-001d723bb4fb}] \shell\AutoRun\command - G:\OblivionLauncher.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f72b66dd-b8be-11dd-a743-001d723bb4fb}] \shell\AutoRun\command - F:\autorun.exe . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-01-10 c:\windows\Tasks\User_Feed_Synchronization-{B0CBF002-F36A-4C32-B9F5-AA7F13E2448B}.job - c:\windows\system32\msfeedssync.exe [2008-08-22 11:05] . - - - - TOMME PEKERE FJERNET - - - - HKLM-Run-eRecoveryService - (no file) . ------- Tilleggsskanning ------- . uStart Page = hxxp://google.no/ mStart Page = hxxp://no.intl.acer.yahoo.com LSP: c:\windows\system32\wpclsp.dll FF - ProfilePath - c:\users\Kai-Morten\AppData\Roaming\Mozilla\Firefox\Profiles\ezte5j9e.default\ FF - prefs.js: browser.startup.homepage - hxxp://mafiaenshevn.com/ FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFE0BD779-44EE-4A4B-AA2E-743C63F2E5E6", "AllAccess"); c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-10 23:41:54 Windows 6.0.6001 Service Pack 1 NTFS detected NTDLL code modification: ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... c:\users\KAI-MO~1\AppData\Local\Temp\WPDNSE skanning vellykket skjulte filer: 1 ************************************************************************** . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'Explorer.exe'(4432) c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll c:\windows\system32\btmmhook.dll c:\windows\System32\SysHook.dll c:\windows\system32\btncopy.dll . ------------------------ Andre Kjørende Prosesser ------------------------ . c:\windows\System32\nvvsvc.exe c:\program files\Panda Security\Panda Antivirus Pro 2009\TPSrv.exe c:\windows\System32\audiodg.exe c:\windows\System32\rundll32.exe c:\windows\System32\conime.exe c:\windows\System32\agrsmsvc.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Launch Manager\LManager.exe c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe c:\windows\System32\rundll32.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\acer\Mobility Center\MobilityService.exe c:\program files\Panda Security\Panda Antivirus Pro 2009\PsCtrlS.exe c:\program files\Panda Security\Panda Antivirus Pro 2009\PavFnSvr.exe c:\program files\Common Files\Panda Security\PavShld\PavPrSrv.exe c:\program files\Panda Security\Panda Antivirus Pro 2009\pavsrvx86.exe c:\windows\System32\PnkBstrA.exe c:\program files\Panda Security\Panda Antivirus Pro 2009\AVENGINE.EXE c:\windows\System32\PnkBstrB.exe c:\program files\Panda Security\Panda Antivirus Pro 2009\PsImSvc.exe c:\users\KAI-MO~1\AppData\Local\Temp\RtkBtMnt.exe c:\program files\Cyberlink\Shared files\RichVideo.exe c:\program files\Panda Security\Panda Antivirus Pro 2009\FIREWALL\PSHost.exe c:\program files\iPod\bin\iPodService.exe c:\windows\System32\wbem\unsecapp.exe c:\windows\System32\wbem\unsecapp.exe c:\program files\Synaptics\SynTP\SynTPHelper.exe c:\program files\Acer\Acer VCM\acp2HID.exe c:\program files\MSN Messenger\usnsvc.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Tidspunkt ferdig: 2009-01-10 23:46:30 - maskinen ble startet på nytt [Kai-Morten] ComboFix-quarantined-files.txt 2009-01-10 22:46:14 Pre-Run: 80,045,662,208 byte ledig Post-Run: 80,283,267,072 byte ledig 343 --- E O F --- 2009-01-09 05:43:18 Endret 10. januar 2009 av mini097 Lenke til kommentar
raWrz Skrevet 10. januar 2009 Del Skrevet 10. januar 2009 (endret) skal gi deg et tips i oppstarten: hold inn windows tasten og R, skriv in MSCONFIG.exe under boot trykker du på avangsterte alternativer - kryss på antall prosessorer og velg 2. trykk OK på alt (trenger ikke reboote når den sier det ) edit: er noe som skal bort i combofix loggen Endret 10. januar 2009 av Submit Lenke til kommentar
Shax# Skrevet 10. januar 2009 Forfatter Del Skrevet 10. januar 2009 (endret) Hva skal bort i Combofix loggen da? Ka du si hva jeg skal gjøre annet enn det med oppstart? BTW. Er dette: Klikk for å se/fjerne innholdet nedenfor "hold inn windows tasten og R, skriv in MSCONFIG.exeunder boot trykker du på avangsterte alternativer - kryss på antall prosessorer og velg 2. trykk OK på alt (trenger ikke reboote når den sier det wink.gif)" Noe jeg må gjøre hver gang under oppstart? Tar det kortere å slå pcn på da? Endret 10. januar 2009 av mini097 Lenke til kommentar
raWrz Skrevet 10. januar 2009 Del Skrevet 10. januar 2009 nei gjør det en gang og de blir der til du forandrer på det vista bruker bare 1 kjerna av prosessoren når den starter opp. hvis du gjør det ja skrev så vil du bruke maks antall prosessorer som du har (kommer ann på om du har dual core eller quad core ) Lenke til kommentar
Shax# Skrevet 10. januar 2009 Forfatter Del Skrevet 10. januar 2009 (endret) Tror jeg har Dual Core, skal finne ut av det. EDIT: Jeg har dette: Intel Core 2 Duo T7350 prosessor (1066 FSB, 3 mb cache). Fant det på en nettside Endret 10. januar 2009 av mini097 Lenke til kommentar
-LarsLR Skrevet 10. januar 2009 Del Skrevet 10. januar 2009 Jeg har en Acer Aspire 5930G(Beste Versjonen) som ble kjøpt 08/08/08 faktisk :!: Og nå bruker den sånn 4-5 minutter å slå seg på, er det normalt eller tregt? Jeg har en del spill innpå, og fylt ca. halv fyll C: Harddisk. - Mini097 EDIT: Pcn har Windows Vista Home Premium Har faktisk lignende problem med mine spesifikasjoner, PC min bruker kanskje 1-3 min på og laste seg inn men når jeg skal skru den av bruker den sånn 3-5 min Lenke til kommentar
Shax# Skrevet 10. januar 2009 Forfatter Del Skrevet 10. januar 2009 LarsLR; Da har vi omtrendt det samme ja;) Lenke til kommentar
raWrz Skrevet 10. januar 2009 Del Skrevet 10. januar 2009 (endret) @ mini097: Trykk Start - Alle Programmer - Tilbehør - Notisblokk Kopier og Lim inn teksten i kodeboksen nedenfor, inn i Notisblokken: File:: c:\windows\System32\REN4C6D.tmp c:\windows\System32\REN4C5D.tmp c:\windows\System32\REN4C5C.tmp c:\windows\DUMP94df.tmp Lagre det som CFScript på Skrivebordet Dra CFScript over ComboFix.exe som ligger på Skrivebordet, slik animasjonen nedenfor viser. Dette vil starte ComboFix igjen. Hvis maskinen ber om en omstart, lar du den gjøre det med én gang. Post innholdet til ComboFix.txt inn i ditt neste svar på forumet. LarsLR prøv det jeg skrev litt opp Endret 10. januar 2009 av Submit Lenke til kommentar
Shax# Skrevet 10. januar 2009 Forfatter Del Skrevet 10. januar 2009 Den startet og kjøre av seg selv, restarta pcn av seg selv. Her er loggen: Klikk for å se/fjerne innholdet nedenfor ComboFix 09-01-10.01 - Kai-Morten 2009-01-11 0:26:53.2 - NTFSx86Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1044.18.3066.1726 [GMT 1:00] Kjører fra: c:\users\Kai-Morten\Desktop\ComboFix.exe Command switches brukt :: c:\users\Kai-Morten\Desktop\CFScript.txt * Opprettet nytt gjenopprettingspunkt FILE :: c:\windows\DUMP94df.tmp c:\windows\System32\REN4C5C.tmp c:\windows\System32\REN4C5D.tmp c:\windows\System32\REN4C6D.tmp . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\DUMP94df.tmp c:\windows\System32\REN4C5C.tmp c:\windows\System32\REN4C5D.tmp c:\windows\System32\REN4C6D.tmp . ((((((((((((((((((((((((((( Filer Opprettet Fra 2008-12-10 til 2009-01-10 ))))))))))))))))))))))))))))))))) . 2009-01-10 20:50 . 2009-01-10 21:10 141,612 --a------ c:\windows\System32\drivers\dump_wmimmc.sys 2009-01-10 17:42 . 2009-01-10 17:42 131,072,000 --a------ c:\windows\MEMORY.DMP 2009-01-10 13:32 . 2009-01-10 13:36 <DIR> d-------- c:\users\All Users\NOS 2009-01-10 13:32 . 2009-01-10 13:36 <DIR> d-------- c:\programdata\NOS 2009-01-10 13:32 . 2009-01-10 13:32 <DIR> d-------- c:\program files\NOS 2009-01-10 12:51 . 2009-01-10 12:51 <DIR> d-------- c:\program files\Game_Maker7 2009-01-10 12:51 . 2009-01-10 12:51 0 --ah----- c:\windows\SwSys2.bmp 2009-01-10 12:51 . 2009-01-10 12:51 0 --ah----- c:\windows\SwSys1.bmp 2009-01-07 15:41 . 2009-01-07 15:41 <DIR> d-------- c:\users\Kai-Morten\AppData\Roaming\OpenOffice.org 2009-01-07 15:39 . 2009-01-07 15:39 <DIR> d-------- c:\program files\OpenOffice.org 3 2009-01-07 15:39 . 2009-01-07 15:39 <DIR> d-------- c:\program files\JRE 2009-01-07 15:33 . 2009-01-07 15:33 <DIR> d-------- c:\users\Kai-Morten\OpenOffice.org 3.0 (en-US) Installation Files 2009-01-07 15:00 . 2009-01-07 15:00 <DIR> d-------- c:\windows\Sun 2009-01-04 19:51 . 2002-11-02 09:53 57,344 --a------ c:\windows\System32\WNASPINT.DLL 2009-01-04 19:45 . 2009-01-04 19:45 <DIR> d-------- C:\eJay 2009-01-03 06:53 . 2009-01-03 06:53 25,280 --a------ c:\windows\System32\drivers\hamachi.sys 2009-01-03 00:54 . 2009-01-11 00:38 <DIR> d-------- c:\program files\Steam 2009-01-03 00:54 . 2009-01-06 21:45 <DIR> d-------- c:\program files\Common Files\Steam 2008-12-31 17:23 . 2008-12-31 17:23 <DIR> d-------- c:\users\Kai-Morten\AppData\Roaming\Malwarebytes 2008-12-31 17:23 . 2008-12-31 17:23 <DIR> d-------- c:\users\All Users\Malwarebytes 2008-12-31 17:23 . 2008-12-31 17:23 <DIR> d-------- c:\programdata\Malwarebytes 2008-12-31 17:23 . 2008-12-31 17:23 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-31 17:23 . 2008-12-03 19:52 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2008-12-31 17:23 . 2008-12-03 19:52 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2008-12-29 20:59 . 2008-12-29 20:59 56 --ah----- c:\windows\System32\ezsidmv.dat 2008-12-27 17:06 . 2008-12-27 17:06 <DIR> d-------- c:\users\Kai-Morten\AppData\Roaming\Sony 2008-12-27 16:31 . 2008-12-27 17:02 <DIR> d-------- c:\program files\Microsoft SQL Server 2008-12-27 16:29 . 2008-12-27 16:38 <DIR> d-------- c:\program files\Sony Setup 2008-12-27 14:19 . 2009-01-11 00:39 <DIR> d-------- c:\users\Kai-Morten\AppData\Roaming\Skype 2008-12-27 14:19 . 2008-12-27 14:19 <DIR> d-------- c:\program files\Skype 2008-12-27 14:19 . 2008-12-27 14:19 <DIR> d-------- c:\program files\Common Files\Skype 2008-12-25 19:55 . 2008-12-25 19:55 <DIR> d-------- c:\windows\System32\AGEIA 2008-12-25 19:55 . 2008-12-25 19:55 <DIR> d-------- c:\program files\AGEIA Technologies 2008-12-25 19:54 . 2008-12-25 19:54 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2008-12-25 19:20 . 2008-12-25 19:20 <DIR> d-------- C:\NVIDIA 2008-12-25 18:26 . 2008-12-25 18:26 <DIR> d-------- c:\users\Kai-Morten\AppData\Roaming\Auslogics 2008-12-25 18:25 . 2008-12-25 18:25 <DIR> d-------- c:\program files\Auslogics 2008-12-25 01:51 . 2008-12-25 01:51 <DIR> d-------- c:\users\All Users\Age of Empires 3 2008-12-25 01:51 . 2008-12-25 01:51 <DIR> d-------- c:\programdata\Age of Empires 3 2008-12-25 01:45 . 2008-12-25 01:45 <DIR> d-------- c:\program files\Common Files\Microsoft Games 2008-12-24 09:48 . 2008-12-24 09:48 0 --ah----- c:\windows\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2008-12-23 18:44 . 2008-12-23 18:44 <DIR> d-------- c:\program files\VS Revo Group 2008-12-21 22:42 . 2009-01-01 03:19 <DIR> d-------- c:\users\Kai-Morten\AppData\Roaming\Spotify 2008-12-21 22:41 . 2008-12-21 22:42 <DIR> d-------- c:\program files\Spotify 2008-12-21 17:42 . 2008-12-21 17:42 <DIR> d-------- c:\users\Kai-Morten\Option 2008-12-19 22:28 . 2008-12-19 22:29 <DIR> d-------- c:\users\Kai-Morten\AppData\Roaming\U3 2008-12-18 21:54 . 2005-05-26 15:34 2,297,552 --a------ c:\windows\System32\d3dx9_26.dll 2008-12-18 21:04 . 2008-12-18 21:04 <DIR> d-------- c:\program files\Ubisoft 2008-12-18 03:00 . 2008-12-13 07:23 1,659,392 --a------ c:\windows\System32\mshtml.tlb 2008-12-12 11:18 . 2008-12-12 11:18 87,336 --a------ c:\windows\System32\dns-sd.exe 2008-12-12 11:11 . 2008-12-12 11:11 61,440 --a------ c:\windows\System32\dnssd.dll 2008-12-10 21:24 . 2008-12-28 14:09 <DIR> d-------- c:\program files\TeamViewer 2008-12-10 11:35 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll 2008-12-10 11:15 . 2008-11-01 02:21 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll 2008-12-10 11:15 . 2008-11-01 04:44 28,672 --a------ c:\windows\System32\Apphlpdm.dll 2008-12-10 11:14 . 2008-10-29 07:29 2,927,104 --a------ c:\windows\explorer.exe 2008-12-10 11:14 . 2008-06-23 02:59 2,868,736 --a------ c:\windows\System32\mf.dll 2008-12-10 11:14 . 2008-06-23 02:59 996,352 --a------ c:\windows\System32\WMNetMgr.dll 2008-12-10 11:14 . 2008-10-21 06:25 296,960 --a------ c:\windows\System32\gdi32.dll 2008-12-10 11:14 . 2008-06-23 02:58 94,720 --a------ c:\windows\System32\logagent.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-10 23:39 1,132 ----a-w c:\windows\system32\drivers\APPFLTR.CFG.bck 2009-01-10 23:39 1,132 ----a-w c:\windows\system32\drivers\APPFLTR.CFG 2009-01-10 23:38 32,346 ----a-w c:\users\All Users\nvModes.dat 2009-01-10 23:38 32,346 ----a-w c:\programdata\nvModes.dat 2009-01-10 23:36 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\DNA 2009-01-10 21:28 328,512 ----a-w c:\windows\system32\drivers\APPFCONT.DAT.bck 2009-01-10 21:28 328,512 ----a-w c:\windows\system32\drivers\APPFCONT.DAT 2009-01-10 20:23 --------- d-----w c:\program files\Counter-Strike 1.6 2009-01-10 19:29 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\FileZilla 2009-01-10 16:48 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\skypePM 2009-01-10 12:54 --------- d-----w c:\program files\Common Files\Adobe 2009-01-08 06:24 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\Azureus 2009-01-07 14:35 --------- d-----w c:\program files\Java 2009-01-07 14:14 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\OpenOffice.org2 2009-01-04 19:25 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-04 18:40 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\BitTorrent 2009-01-04 17:35 410,984 ----a-w c:\windows\System32\deploytk.dll 2009-01-02 10:47 --------- d-----w c:\programdata\NVIDIA 2009-01-01 18:21 --------- d-----w c:\program files\Acer GameZone 2008-12-31 16:45 --------- d-----w c:\program files\Trend Micro 2008-12-27 16:19 --------- d-----w c:\program files\Dealio 2008-12-27 13:19 --------- d-----w c:\programdata\Skype 2008-12-26 22:59 --------- d-----w c:\programdata\Microsoft Help 2008-12-25 16:32 --------- d-----w c:\program files\MSN Messenger 2008-12-25 00:15 --------- d-----w c:\program files\Microsoft Games 2008-12-23 17:50 --------- d-----w c:\program files\NaturalMotion 2008-12-20 20:18 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\Apple Computer 2008-12-20 19:20 --------- d-----w c:\program files\Bonjour 2008-12-18 20:53 66,872 ----a-w c:\windows\System32\PnkBstrA.exe 2008-12-18 20:53 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2008-12-18 20:53 22,328 ----a-w c:\users\Kai-Morten\AppData\Roaming\PnkBstrK.sys 2008-12-18 20:53 2,250,024 ----a-w c:\windows\System32\pbsvc.exe 2008-12-18 20:53 107,832 ----a-w c:\windows\System32\PnkBstrB.exe 2008-12-16 21:07 453,152 ----a-w c:\windows\System32\nvuninst.exe 2008-12-16 16:50 --------- d-----w c:\program files\Electronic Arts 2008-12-10 10:37 --------- d-----w c:\program files\Windows Mail 2008-12-09 20:24 --------- d-----w c:\programdata\FLEXnet 2008-12-06 17:43 --------- d-----w c:\program files\DAEMON Tools Toolbar 2008-11-29 11:16 --------- d-----w c:\program files\Vuze 2008-11-28 17:00 --------- d-----w c:\programdata\Apple Computer 2008-11-28 17:00 --------- d-----w c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-11-28 17:00 --------- d-----w c:\program files\QuickTime 2008-11-28 17:00 --------- d-----w c:\program files\iTunes 2008-11-28 17:00 --------- d-----w c:\program files\iPod 2008-11-23 16:16 --------- d-----w c:\program files\Common Files\Nullsoft 2008-11-22 18:00 --------- d-----w c:\program files\DAEMON Tools Lite 2008-11-22 17:52 717,296 ----a-w c:\windows\system32\drivers\sptd.sys 2008-11-22 17:51 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\DAEMON Tools 2008-11-22 17:23 --------- d-----w c:\program files\Google 2008-11-22 12:36 --------- d-----w c:\programdata\Azureus 2008-11-21 13:50 --------- d-----w c:\program files\Bethesda Softworks 2008-11-19 14:27 --------- d-----w c:\program files\Common Files\Adobe AIR 2008-11-17 15:22 --------- d-----w c:\program files\Common Files\Macrovision Shared 2008-11-16 20:11 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\Download Manager 2008-11-16 19:07 --------- d-----w c:\program files\Red Kawa 2008-11-15 13:41 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\Red Kawa 2008-11-15 13:37 --------- d-----w c:\program files\AviSynth 2.5 2008-11-15 08:30 30 ----a-w c:\users\Kai-Morten\jagex_runescape_preferences.dat 2008-11-15 08:10 --------- d-----w c:\program files\Yahoo! 2008-11-14 11:55 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\mIRC 2008-11-11 16:40 --------- d-----w c:\users\Kai-Morten\AppData\Roaming\LimeWire 2008-11-11 16:19 --------- d-----w c:\program files\BitTorrent 2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll 2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll 2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll 2008-10-16 21:13 1,809,944 ----a-w c:\windows\System32\wuaueng.dll 2008-10-16 21:12 561,688 ----a-w c:\windows\System32\wuapi.dll 2008-10-16 21:09 51,224 ----a-w c:\windows\System32\wuauclt.exe 2008-10-16 21:09 43,544 ----a-w c:\windows\System32\wups2.dll 2008-10-16 21:08 34,328 ----a-w c:\windows\System32\wups.dll 2008-10-16 20:56 1,524,736 ----a-w c:\windows\System32\wucltux.dll 2008-10-16 20:55 83,456 ----a-w c:\windows\System32\wudriver.dll 2008-10-16 13:08 162,064 ----a-w c:\windows\System32\wuwebv.dll 2008-10-16 12:56 31,232 ----a-w c:\windows\System32\wuapp.exe 2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini . ((((((((((((((((((((((((((((( snapshot@2009-01-10_23.44.36.48 ))))))))))))))))))))))))))))))))))))))))) . - 2009-01-10 22:40:41 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-01-10 23:37:43 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-01-10 22:40:41 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-01-10 23:37:43 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2009-01-10 22:41:03 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2009-01-10 23:38:14 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2009-01-10 23:38:14 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2009-01-10 22:42:49 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2009-01-10 23:38:15 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT - 2009-01-10 22:42:32 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-01-10 23:17:03 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-01-10 22:42:32 65,536 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-01-10 23:17:03 65,536 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-01-10 22:42:32 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-01-10 23:17:03 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-01-10 21:29:37 101,710 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2009-01-10 22:43:17 101,764 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2009-01-10 21:29:35 84,038 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-01-10 22:43:15 84,366 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-03-04 22:38 121392 --a------ c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] "Steam"="c:\program files\steam\steam.exe" [2009-01-03 1410296] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-18 21633320] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-11-11 289088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-22 1037608] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040] "PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-04-01 793096] "eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768] "eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-30 397312] "ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-04-10 147456] "CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-04-10 167936] "PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-04-18 167936] "WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104] "APVXDWIN"="c:\program files\Panda Security\Panda Antivirus Pro 2009\APVXDWIN.EXE" [2008-12-03 869632] "SCANINICIO"="c:\program files\Panda Security\Panda Antivirus Pro 2009\Inicio.exe" [2008-07-07 50432] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-08 13601312] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-08 92704] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-04 136600] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-25 c:\windows\RtHDVCpl.exe] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2008-08-08 1216512] BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-02-12 723496] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1778150080-963567772-2609252161-1000] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{22919167-C38C-465B-88D2-AF01E0E9090D}"= c:\program files\Skype\Phone\Skype.exe:Skype "TCP Query User{FC884C74-E846-45DA-A8AD-BE539EDEB916}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus "UDP Query User{247DF314-ADAE-4C14-B3EE-6B9D03275B3C}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus "{973497EB-6BFA-45B4-9EAF-CA56494CD5A2}"= UDP:c:\program files\DNA\btdna.exe:DNA "{587DCD38-31A7-4458-A639-8AE1A0758DDA}"= TCP:c:\program files\DNA\btdna.exe:DNA "{0D19BFED-FB4E-4659-918C-D5E1122C4B3E}"= UDP:c:\program files\DNA\btdna.exe:DNA "{04BF6CB3-0C19-4EAA-8EC7-F114F5B45BF8}"= TCP:c:\program files\DNA\btdna.exe:DNA [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent R0 pavboot;Panda boot driver;c:\windows\System32\drivers\pavboot.sys [2008-09-06 28544] R1 APPFLT;App Filter Plugin;c:\windows\System32\drivers\APPFLT.SYS [2008-11-22 73728] R1 DSAFLT;DSA Filter Plugin;c:\windows\System32\drivers\dsaflt.sys [2008-11-22 52992] R1 FNETMON;NetMon Filter Plugin;c:\windows\System32\drivers\fnetmon.sys [2008-11-22 22072] R1 IDSFLT;Ids Filter Plugin;c:\windows\System32\drivers\idsflt.sys [2008-11-22 193792] R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\System32\drivers\NETFLTDI.SYS [2008-11-22 18:40:00 158848] R1 ShldDrv;Panda File Shield Driver;c:\windows\System32\drivers\ShlDrv51.sys [2008-09-06 41144] R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\System32\drivers\wnmflt.sys [2008-11-22 46720] R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34;c:\windows\System32\drivers\neti1634.sys [2008-09-06 197888] R3 NETw5v32;Intel® Wireless WiFi Link-kortdriver for Windows Vista 32-bit;c:\windows\System32\drivers\NETw5v32.sys [2008-08-09 3658752] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [2008-09-24 45600] R4 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-08-08 17:21:10 61424] R4 AmFSM;AmFSM;c:\windows\System32\drivers\amm8660.sys [2008-09-06 49208] R4 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384] R4 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-08-08 81504] R4 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-05-12 24576] R4 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k Panda --> c:\windows\system32\svchost -k Panda [?] R4 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424] R4 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-08-08 122368] R4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072] R4 PavProc;Panda Process Protection Driver;c:\windows\System32\drivers\PavProc.sys [2008-09-06 179640] R4 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Antivirus Pro 2009\psksvc.exe [2008-09-06 28928] R4 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2008-08-08 233472] R4 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [2008-12-23 185640] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [2008-01-21 179712] S3 Dfrsvrt;Dfrsvrt; [x] S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2009-01-10 33752] S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [2008-08-08 84240] --- Other Services/Drivers In Memory --- *Deregistered* - AvFlt *Deregistered* - PavSRK.sys *Deregistered* - PavTPK.sys *Deregistered* - sptd [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ panda REG_MULTI_SZ Gwmsrv [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{14559d87-663d-11dd-92ea-001d723bb4fb}] \shell\AutoRun\command - F:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{43f75498-ce0f-11dd-bfe0-001d723bb4fb}] \shell\AutoRun\command - I:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45423b2c-b6ec-11dd-8d7e-001d723bb4fb}] \shell\AutoRun\command - F:\OblivionLauncher.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{87c59603-d8ba-11dd-bd95-001d723bb4fb}] \shell\AutoRun\command - G:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f91cb12-abc8-11dd-9f14-001d723bb4fb}] \shell\AutoRun\command - F:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d1e483e9-cbfe-11dd-966b-001d723bb4fb}] \shell\AutoRun\command - G:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd7331a5-b9ed-11dd-b747-001d723bb4fb}] \shell\AutoRun\command - G:\OblivionLauncher.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f72b66dd-b8be-11dd-a743-001d723bb4fb}] \shell\AutoRun\command - F:\autorun.exe . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-01-10 c:\windows\Tasks\User_Feed_Synchronization-{B0CBF002-F36A-4C32-B9F5-AA7F13E2448B}.job - c:\windows\system32\msfeedssync.exe [2008-08-22 11:05] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://google.no/ mStart Page = hxxp://no.intl.acer.yahoo.com LSP: c:\windows\system32\wpclsp.dll FF - ProfilePath - c:\users\Kai-Morten\AppData\Roaming\Mozilla\Firefox\Profiles\ezte5j9e.default\ FF - prefs.js: browser.startup.homepage - hxxp://mafiaenshevn.com/ FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFE0BD779-44EE-4A4B-AA2E-743C63F2E5E6", "AllAccess"); c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-11 00:38:19 Windows 6.0.6001 Service Pack 1 NTFS detected NTDLL code modification: ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'Explorer.exe'(4552) c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll c:\windows\System32\SysHook.dll . ------------------------ Andre Kjørende Prosesser ------------------------ . c:\windows\System32\nvvsvc.exe c:\program files\Panda Security\Panda Antivirus Pro 2009\TPSrv.exe c:\program files\Panda Security\Panda Antivirus Pro 2009\WebProxy.exe c:\windows\System32\audiodg.exe c:\windows\System32\rundll32.exe c:\windows\System32\conime.exe c:\windows\System32\agrsmsvc.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\acer\Mobility Center\MobilityService.exe c:\program files\Panda Security\Panda Antivirus Pro 2009\PsCtrlS.exe c:\program files\Panda Security\Panda Antivirus Pro 2009\PavFnSvr.exe c:\program files\Common Files\Panda Security\PavShld\PavPrSrv.exe c:\program files\Panda Security\Panda Antivirus Pro 2009\pavsrvx86.exe c:\windows\System32\PnkBstrA.exe c:\program files\Panda Security\Panda Antivirus Pro 2009\AVENGINE.EXE c:\windows\System32\PnkBstrB.exe c:\program files\Panda Security\Panda Antivirus Pro 2009\PsImSvc.exe c:\program files\Cyberlink\Shared files\RichVideo.exe c:\program files\Panda Security\Panda Antivirus Pro 2009\FIREWALL\PSHost.exe c:\windows\System32\wbem\unsecapp.exe c:\program files\Launch Manager\LManager.exe c:\windows\System32\rundll32.exe c:\windows\System32\wbem\unsecapp.exe c:\users\KAI-MO~1\AppData\Local\Temp\RtkBtMnt.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Synaptics\SynTP\SynTPHelper.exe c:\program files\MSN Messenger\usnsvc.exe c:\program files\Acer\Acer VCM\acp2HID.exe c:\windows\servicing\TrustedInstaller.exe c:\windows\System32\taskmgr.exe c:\windows\System32\dllhost.exe . ************************************************************************** . Tidspunkt ferdig: 2009-01-11 0:43:42 - maskinen ble startet på nytt ComboFix-quarantined-files.txt 2009-01-10 23:43:35 ComboFix2.txt 2009-01-10 22:46:31 Pre-Run: 79 977 693 184 byte ledig Post-Run: 79,845,773,312 byte ledig 380 --- E O F --- 2009-01-09 05:43:18 Lenke til kommentar
raWrz Skrevet 10. januar 2009 Del Skrevet 10. januar 2009 hold inne windows tasten + R skriv inn msconfig.exe. trykk på statup/oppstart og ta et Screen Shot av oppstarten (NB: ikke skru av ting du tror ikke trenger og være der) Lenke til kommentar
Shax# Skrevet 10. januar 2009 Forfatter Del Skrevet 10. januar 2009 (endret) OK. Skal dette gjøres mens pcen blir slått på? Eller kan jeg gjøre det når Pcen er på? EDIT: Nå har jeg gjort det og restarta PCN, gikk ikke så mye fortere. Endret 10. januar 2009 av mini097 Lenke til kommentar
raWrz Skrevet 10. januar 2009 Del Skrevet 10. januar 2009 (endret) det er det samma programmene som er i oppstarten forandrer seg ikke så ofte edit: gjør det jeg skrev i innlege over Endret 10. januar 2009 av Submit Lenke til kommentar
Shax# Skrevet 11. januar 2009 Forfatter Del Skrevet 11. januar 2009 Men det gikk ikke så mye raskere, kom innpå alt(Msn osv.) på 2 minutter. Men selve oppstarten går ikke noe raskere egentlig. hold inne windows tasten + R skriv inn msconfig.exe.trykk på statup/oppstart og ta et Screen Shot av oppstarten (NB: ikke skru av ting du tror ikke trenger og være der) Vist det er det du mener, så har jeg gjort det. Lenke til kommentar
raWrz Skrevet 11. januar 2009 Del Skrevet 11. januar 2009 les en gang til har ikke fått et screen shot av hva som starter i oppstarten skal si hva du kan skru av Lenke til kommentar
Shax# Skrevet 11. januar 2009 Forfatter Del Skrevet 11. januar 2009 (endret) Åja:P SS'er: Endret 11. januar 2009 av mini097 Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå