MrBaboy Skrevet 15. september 2011 Del Skrevet 15. september 2011 (endret) Maskinen min jobber noe så infernalsk her selv om jeg ikke har oppe noe som helst, og så fort jeg åpner en browser eller noe går viftene nesten helt amokk. Virker som det er et eller annet som bruker veldig mye resurser selv om jeg ikke bruker maskinen. Har en CPU på nesten 90% bare nå med browseren oppe og jeg skriver dette innlegget. Kan noen se på min HijackThis-logg om det er noe synlig muffnes der? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:34:45, on 15.09.2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Fellesfiler\logishrd\LVMVFM\UMVPFSrv.exe C:\WINDOWS\CTHELPER.EXE C:\WINDOWS\system32\CTXFIHLP.EXE C:\Programfiler\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe C:\Programfiler\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe C:\Programfiler\Dell\Media Experience\DMXLauncher.exe C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Programfiler\CyberLink\PCM4Everio\EverioService.exe C:\Programfiler\HP\Digital Imaging\bin\hpqSRMon.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\Programfiler\Logitech\LWS\Webcam Software\LWS.exe C:\Programfiler\Telenor Norway\Telenorhjelpen\Telenorhjelpen.exe C:\Programfiler\Yuna Software\Messenger Plus!\PlusService.exe C:\Programfiler\Fellesfiler\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Windows Live\Messenger\msnmsgr.exe C:\Programfiler\Skype\Phone\Skype.exe C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programfiler\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Programfiler\Telenor Norway\ESUS_TNO\ESUS_TNO.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Programfiler\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\CyberLink\Shared Files\RichVideo.exe C:\Programfiler\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Telenor Norway\Telenorhjelpen\Service.exe C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Programfiler\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Programfiler\iPod\bin\iPodService.exe C:\WINDOWS\system32\WgaTray.exe C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://no.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.woofi.info R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programfiler\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BHO - {2EF1BAF9-1988-42a1-82BC-5CB6197AED28} - C:\Programfiler\Telenor Norway\Telenorhjelpen\BHO\IEBHO.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programfiler\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programfiler\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programfiler\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programfiler\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Programfiler\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Telenor Telenorhjelpen Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - C:\Programfiler\Telenor\Telenorhjelpen\IEFixItNowPlugin.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programfiler\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programfiler\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Programfiler\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [iAAnotif] "C:\Programfiler\Intel\Intel Matrix Storage Manager\iaanotif.exe" O4 - HKLM\..\Run: [DVDLauncher] "C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [CTDVDDET] "C:\Programfiler\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [VolPanel] "C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Programfiler\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [DMXLauncher] "C:\Programfiler\Dell\Media Experience\DMXLauncher.exe" O4 - HKLM\..\Run: [iSUSPM Startup] "C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [EverioService] "C:\Programfiler\CyberLink\PCM4Everio\EverioService.exe" O4 - HKLM\..\Run: [Name of App] C:\Programfiler\SAMSUNG\FW LiveUpdate\FWManager.exe r O4 - HKLM\..\Run: [hpqSRMon] C:\Programfiler\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DivX Download Manager] "C:\Programfiler\DivX\DivX Plus Web Player\DDmService.exe" start O4 - HKLM\..\Run: [LWS] C:\Programfiler\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Programfiler\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [Telenorhjelpen] "C:\Programfiler\Telenor Norway\Telenorhjelpen\Telenorhjelpen.exe" -autorun O4 - HKLM\..\Run: [Adobe ARM] "C:\Programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [PlusService] C:\Programfiler\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre6\bin\jp2iexp.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programfiler\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programfiler\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Vis eller skjul HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programfiler\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-activex-2.0.4.4.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Programfiler\Yahoo!\Common\Yinsthelper200711281.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lover-girl1992.spaces.live.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1138223154390 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - https://eurofoto.if.no/uploader/ImageUploader4.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://213.161.226.178:1111/activex/AMC.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programfiler\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatisk LiveUpdate-planlegging - Unknown owner - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Telenor Norway Software Update Service (ESUSClient_TNO) - Telenor Norway - C:\Programfiler\Telenor Norway\ESUS_TNO\ESUS_TNO.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programfiler\Google\Update\GoogleUpdate.exe O23 - Service: Google-oppdatering-tjenesten (gupdatem) (gupdatem) - Google Inc. - C:\Programfiler\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Programfiler\Intel\Intel Matrix Storage Manager\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Programfiler\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programfiler\CyberLink\Shared Files\RichVideo.exe O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Programfiler\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe O23 - Service: Telenorhjelpen Service (TelenorhjelpenSvc) - Unknown owner - C:\Programfiler\Telenor Norway\Telenorhjelpen\Service.exe O23 - Service: UMVPFSrv - Logitech Inc. - C:\Programfiler\Fellesfiler\logishrd\LVMVFM\UMVPFSrv.exe -- End of file - 15545 bytes Endret 15. september 2011 av MrBaboy Lenke til kommentar
Svenni212000 Skrevet 16. september 2011 Del Skrevet 16. september 2011 Ser ikke noe galt med tanke på malware. Men du har mye unødvendig rot som starter sammen med Windows, deaktiver disse og få tilbake litt av PCens ytelse. Her er en liste over prosesser du kan deaktivere. HKLM\..\Run: [CTHelper] CTHELPER.EXE HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE HKLM\..\Run: [iAAnotif] "C:\Programfiler\Intel\Intel Matrix Storage Manager\iaanotif.exe HKLM\..\Run: [DVDLauncher] "C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe HKLM\..\Run: [CTDVDDET] "C:\Programfiler\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE HKLM\..\Run: [VolPanel] "C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE HKLM\..\Run: [DMXLauncher] "C:\Programfiler\Dell\Media Experience\DMXLauncher.exe HKLM\..\Run: [iSUSPM Startup] "C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch. exe HKLM\..\Run: [EverioService] "C:\Programfiler\CyberLink\PCM4Everio\EverioService.exe <<?? HKLM\..\Run: [hpqSRMon] C:\Programfiler\HP\Digital Imaging\bin\hpqSRMon.exe HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe HKLM\..\Run: [LWS] C:\Programfiler\Logitech\LWS\Webcam Software\LWS.exe HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe HKLM\..\Run: "C:\Programfiler\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe HKLM\..\Run: [Adobe ARM] "C:\Programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe HKCU\..\Run: [bgMonitor_C:\Programfiler\Fellesfiler\Ahead\lib\NMBgMonitor.exe HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe HKCU\..\Run: [msnmsgr] "C:\Programfiler\Windows Live\Messenger\msnmsgr.exe HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe ^^^ Noter: Det å deaktivere programmet fra å starte med Windows betyr ikke at du fjerner hele programmet, det betyr du må starte programmet manuelt etter behov. Tenk deg dette som en bil som heletiden står på tomgang. Det går raskere for man slipper det steget med å starte bilen, men det bruker også mye energi og penger. Slike oppstartsprogrammer gjør det raskere å få tilgang til diverse ekstrafunksjoner, men det kan også og oftest ta et kraftig javs av PCens ytelse. Jeg vil anbefale du klikker deg inn på linkene og lese dens funksjoner og deretter deaktivere alle du ikke har behov for. Jo mer du deaktiverer jo bedre. ^^^ For å deaktivere disse programmene kan du bruke MSCONFIG som er innebygget i Windows, eller du kan laste ned en Startup Manager 1 Lenke til kommentar
Dr.Geek Skrevet 16. september 2011 Del Skrevet 16. september 2011 Maskinen min jobber noe så infernalsk her selv om jeg ikke har oppe noe som helst, og så fort jeg åpner en browser eller noe går viftene nesten helt amokk. Du har mye software running. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.woofi.info Denne startsiden er tvilsom. Har du opprettet den? Hvis ikke er dette et tegn på at malware har skiftet din Main, Start Page. Scan full scan med Malwarebytes Anti Malware og post loggen: > https://www.diskusjon.no/index.php?showtopic=691246 Lenke til kommentar
MrBaboy Skrevet 17. september 2011 Forfatter Del Skrevet 17. september 2011 Tusen takk for kjempegode svar. Da har jeg stoppet alle de unødige oppstartene og restartet maskinen og brukt den en del. Den har jo blitt superrask i forhold og bruker 1/3 av tiden ved oppstart...hehe Hadde oppdatert og kjørt Malwarebytes før jeg kjørte HijackThis også, og den fant ikke noe gruff... Kjørte den igjen nå med dette resultatet.: Malwarebytes' Anti-Malware 1.51.2.1300www.malwarebytes.org Databaseversjon: 7733 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 17.09.2011 13:09:43 mbam-log-2011-09-17 (13-09-43).txt Skanntype: Hurtigsøk Objekter skannet: 199636 Tid tilbakelagt: 8 minutt(er), 19 sekund(er) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert 0 Minneprosesser infisert: (Ingen skadelige objekter funnet) Minnemoduler infisert: (Ingen skadelige objekter funnet) Registernøkler infisert: (Ingen skadelige objekter funnet) Registerverdier infisert: (Ingen skadelige objekter funnet) Registerfiler infisert: (Ingen skadelige objekter funnet) Mapper infisert: (Ingen skadelige objekter funnet) Filer infisert (Ingen skadelige objekter funnet) Jeg har ikke selv lagt inn den startsiden du nevnte (http://no.woofi.info). Jeg har www.startsiden.no som startside, og det er den som alltid kommer opp, så jeg vet ikke hvor/hva den der befinner seg/styrer med. Hvor vil jeg finne og fjerne dette? Lenke til kommentar
Dr.Geek Skrevet 18. september 2011 Del Skrevet 18. september 2011 Tusen takk for kjempegode svar. Hadde oppdatert og kjørt Malwarebytes før jeg kjørte HijackThis også, og den fant ikke noe gruff... Kjørte den igjen nå med dette resultatet.: Skanntype: Hurtigsøk Hai, scan en "Fullscan" med Malwarebytes. Den vil da scanne mer grundig. Post loggen Jeg har ikke selv lagt inn den startsiden du nevnte (http://no.woofi.info). Hvor vil jeg finne og fjerne dette? Fix det med Hijackthis. Scan med Hijackthis, marker/sett kryss ved denne: R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.woofi.info og klikk "Fixchecked". Hijackthis vil da korrigere dette. 1 Lenke til kommentar
Alastor Skrevet 18. september 2011 Del Skrevet 18. september 2011 Everioservice er for de som lurer en tjeneste for JVC videokamera, at kameraet oppdages når man kobler det til og rett redigeringsprogram starter. Men selvfølgelig ikke noe man trenger å ha kjørende . 1 Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå