Gjest Slettet+142 Skrevet 14. juli 2007 Del Skrevet 14. juli 2007 (endret) Hei! Jeg har opplevd veldig mange ganger at pcen min loader fullt når jeg står opp (da pcen står på om natten). Si at jeg legger meg klokken 24 og står opp klokken 12. - Jeg går bort til pcen, og sjekker kjapt gjennom om det er noe nytt. Men.. CPUen loader jo for fullt, så jeg kan ikke det. Det rare er at det ikke er samme prosessen som loader for hver gang. Men det er alltid kun én om gangen. Igår kunne prosessen vært explorer.exe, mens idag _ER_ det LogitechDesktopMessenger.exe. Ble veldig rotete og dårlig forklart, men har jeg virus? Jeg kan ikke akkurat sjekke med antivirusprogram heller, fordi at Norman klikket under installasjonen og vil hverken startes eller avinnstalleres :/ Noen måter jeg kan finne ut om jeg har virus, eller hørtes problemet såpass kjent ut at dere vet svaret med en gang? Takk for hjelp! -Mariyo EDIT: Jeg glemte å si at det hjelper ikke å avslutte prosessen, for da begynner en annen prosess å loade 100%. Jeg har også prøvd å sette prosessprioriteten til Idle, men skjer ingenting da heller. Endret 14. juli 2007 av Slettet+142 Lenke til kommentar
Goscinny Skrevet 14. juli 2007 Del Skrevet 14. juli 2007 Du burde nå iallfall ha et operativt AV, men om virus er grunnen, veit jeg ikke. Søkt med Spybot, Adaware, osv? Du kan jo også forsøke diverse sikre internettantivirusprogrammer ... Goscinny Lenke til kommentar
Gjest Slettet+142 Skrevet 14. juli 2007 Del Skrevet 14. juli 2007 Jeg har søkt med Spybot og Adaware, ja. Resulterte ikke i noe. Men internettantivirusprogram har jeg jammen ikke tenkt på. *Se om jeg finner et internettantivirusprogram* for et langt ord da; internettantivirusprogram Lenke til kommentar
Varen Skrevet 14. juli 2007 Del Skrevet 14. juli 2007 du burde nesten laste ned avg antivirus. funker bra for meg. har blitt angrepet av virus 1 gang, og da fant avg og slettet det i samme sekund. det er gratis om du bruker free edition Lenke til kommentar
Gjest Slettet+142 Skrevet 14. juli 2007 Del Skrevet 14. juli 2007 (endret) Ja, jeg burde/må jo ha ev AV. Men problemet er som jeg nevnte over, at jeg ikke får avinnstallert Norman. - Og heller ikke startet det. Det eneste Norman vil, er å restarte maskinen min "pga. en oppdatering". Og det har den villet helt siden installasjon. Og ja, jeg har restartet maskinen uttallige ganger, men Norman gir seg ikke Har da i samme slengen vurdert å reinnstallere Windows XP, men det er så enormt stress EDIT: Det jeg egentlig skulle si, var at man bør vel ikke ha to AV's innstallert på maskinen samtidig? Selv om det ene er defekt..? Endret 14. juli 2007 av Slettet+142 Lenke til kommentar
Gjest Slettet+142 Skrevet 14. juli 2007 Del Skrevet 14. juli 2007 Oida. etter 35min's søk har den hertil funnet en trojansk hest :/ Generic5.IGU - mirc.rar Noen som vet om en side hvor jeg får info om de forskjellige virus og trojaner? Vil finne ut om denne trojanen er problemet.. Lenke til kommentar
Goscinny Skrevet 14. juli 2007 Del Skrevet 14. juli 2007 Dårlig tid, men google kan nok hjelpe deg http://www.google.no/search?hl=no&client=f...=S%C3%B8k&meta= Goscinny Lenke til kommentar
Gjest Slettet+142 Skrevet 14. juli 2007 Del Skrevet 14. juli 2007 Allerede søkt, men det står jo ingenting om Generic5.IGU.. Lenke til kommentar
norbat Skrevet 14. juli 2007 Del Skrevet 14. juli 2007 Legg gjerne ut en HJT-logg: Last ned Hijackthis. Legg det i en egen mappe på skrivebordet. Start programmet, velg "Do a system scan and save a logfile". Loggfilen kopierer du og poster. Lenke til kommentar
Gjest Slettet+142 Skrevet 14. juli 2007 Del Skrevet 14. juli 2007 Logfile of Trend Micro HijackThis v2.0.0 (BETA)Scan saved at 15:50:08, on 14.07.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\xampp\apache\bin\apache.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Programfiler\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe C:\WINDOWS\system32\Rundll32.exe C:\Programfiler\No-IP\DUC20.exe C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe C:\Programfiler\Norman\Bin\ZLH.EXE C:\Programfiler\Norman\Bin\Zanda.exe C:\Programfiler\DAEMON Tools\daemon.exe C:\WINDOWS\system32\rundll32.exe C:\Programfiler\Microsoft IntelliType Pro\itype.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\HPZipm12.exe C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\QuickTime\qttask.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Programfiler\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\Programfiler\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\WhatPulse\WhatPulse.exe C:\Programfiler\Steam\Steam.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Programfiler\Creative\MediaSource\Detector\CTDetect.exe C:\Programfiler\Creative\MediaSource\Go\CTCMSGo.exe C:\Programfiler\Skype\Phone\Skype.exe C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Programfiler\WinTV\Ir.exe C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\Programfiler\No-IP\DUC20.exe C:\Programfiler\xampp\mysql\bin\winmysqladmin.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Programfiler\Fellesfiler\Logitech\khalshared\KHALMNPR.EXE C:\Programfiler\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\Skype\Plugin Manager\skypePM.exe C:\Programfiler\xampp\apache\bin\apache.exe C:\WINDOWS\system32\wscntfy.exe C:\Programfiler\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Documents and Settings\Mariyo\Skrivebord\HiJackThis_v2.exe C:\Programfiler\MSN Messenger\usnsvc.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norman ZANDA] C:\Programfiler\Norman\Bin\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [itype] "C:\Programfiler\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programfiler\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programfiler\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [CTSysVol] C:\Programfiler\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\RunServices: [schedulingAgent] C:\WINDOWS\system32\mstask.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WhatPulse] C:\Programfiler\WhatPulse\WhatPulse.exe O4 - HKCU\..\Run: [steam] "C:\Programfiler\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [Creative Detector] C:\Programfiler\Creative\MediaSource\Detector\CTDetect.exe /R O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Programfiler\Creative\MediaSource\Go\CTCMSGo.exe" /SCB O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: No-IP DUC.lnk = C:\Programfiler\No-IP\DUC20.exe O4 - Startup: WinMySQLadmin.lnk = C:\Programfiler\xampp\mysql\bin\winmysqladmin.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: AutoStart IR.lnk = C:\Programfiler\WinTV\Ir.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1177546829671 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0DED5F6D-3176-4E2D-B3B1-7629C8FF8708}: NameServer = 217.13.4.24,10.0.0.1,217.13.7.140 O17 - HKLM\System\CS1\Services\Tcpip\..\{0DED5F6D-3176-4E2D-B3B1-7629C8FF8708}: NameServer = 217.13.4.24,10.0.0.1,217.13.7.140 O17 - HKLM\System\CS2\Services\Tcpip\..\{0DED5F6D-3176-4E2D-B3B1-7629C8FF8708}: NameServer = 217.13.4.24,10.0.0.1,217.13.7.140 O18 - Protocol: bw+0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: offline-8876480 - {BC8E9E39-E8EB-4B49-AB8C-95DB26E09CA0} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apache2 - Apache Software Foundation - C:\Programfiler\xampp\apache\bin\apache.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Programfiler\xampp\FileZillaFTP\FileZillaServer.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: MySql - Unknown owner - C:/Programfiler/xampp/mysql/bin/mysqld-shareware.exe (file missing) O23 - Service: MySQL501 - Unknown owner - C:\Programfiler\MySQL\MySQL.exe (file missing) O23 - Service: NoIPDUCService - Vitalwerks LLC - C:\Programfiler\No-IP\DUC20.exe O23 - Service: Norman ZANDA - Unknown owner - C:\Programfiler\Norman\Bin\Zanda.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programfiler\WinPcap\rpcapd.exe -- End of file - 22915 bytes Slik? Lenke til kommentar
norbat Skrevet 14. juli 2007 Del Skrevet 14. juli 2007 Loggen ser grei ut. Hvis norman ikke fungerer, avinstallerer du det. Prøv dette programmet: http://download.norman.no/public/Delnvc5.exe Reinstaller Norman evt. bruk et annet. Logitech desktop messenger et lite nyttig prog som du kan avinstallere fra legg til /fjern programmer. Last ned CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Kjør også noen runder med 'Saker' til det ikke finner flere feil. Lenke til kommentar
jøgleren Skrevet 14. juli 2007 Del Skrevet 14. juli 2007 (endret) Post en hijackthislog....skader vel ikke å dobbelsjekke. Kjøre en SAS scan. Sorry...du har visst gjort d Endret 14. juli 2007 av Lock Lenke til kommentar
jøgleren Skrevet 14. juli 2007 Del Skrevet 14. juli 2007 Loggen ser grei ut. Hvis norman ikke fungerer, avinstallerer du det. Prøv dette programmet: http://download.norman.no/public/Delnvc5.exe Reinstaller Norman evt. bruk et annet. Logitech desktop messenger et lite nyttig prog som du kan avinstallere fra legg til /fjern programmer. Last ned CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Kjør også noen runder med 'Saker' til det ikke finner flere feil. 9073027[/snapback] Rart at du ikke kan avinstallere norman. Prøv i safemode heller. Lenke til kommentar
Gjest Slettet+142 Skrevet 14. juli 2007 Del Skrevet 14. juli 2007 norbat: Da var punktene du gav utført Jeg vet ikke hvordan tilstanden til Norman er, men det kjører enda.. Om problemet med 100% CPU Load er fikset vet jeg ikke før imorgen tidlig Hvis Norman ikke er vekke etter en reboot som jeg utfører en eller annan gang iløpet av ikveld/imorgen, får jeg heller prøve å fjerne det i safemode, som Lock sier Lenke til kommentar
jøgleren Skrevet 14. juli 2007 Del Skrevet 14. juli 2007 norbat: Da var punktene du gav utført Jeg vet ikke hvordan tilstanden til Norman er, men det kjører enda.. Om problemet med 100% CPU Load er fikset vet jeg ikke før imorgen tidlig Hvis Norman ikke er vekke etter en reboot som jeg utfører en eller annan gang iløpet av ikveld/imorgen, får jeg heller prøve å fjerne det i safemode, som Lock sier 9073266[/snapback] Jeg hadde norton antivirus som jeg prøvde å fjerne. Hadde problemer først. Men så googlet jeg litt og fant noe som heter norton removal tool. Anbefaler deg å google litt...kanskje det finnes norman removal tool også^^ Lenke til kommentar
Gjest Slettet+142 Skrevet 15. juli 2007 Del Skrevet 15. juli 2007 Norman er fjernet Men viruset eller hva enn det er, er fremdeles på pc'en har du hijacklog her: Logfile of Trend Micro HijackThis v2.0.0 (BETA)Scan saved at 04:44:48, on 15.07.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\xampp\apache\bin\apache.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Programfiler\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe C:\WINDOWS\system32\Rundll32.exe C:\Programfiler\No-IP\DUC20.exe C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe C:\Programfiler\Norman\Bin\ZLH.EXE C:\Programfiler\Norman\Bin\Zanda.exe C:\Programfiler\DAEMON Tools\daemon.exe C:\WINDOWS\system32\rundll32.exe C:\Programfiler\Microsoft IntelliType Pro\itype.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\HPZipm12.exe C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\QuickTime\qttask.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Programfiler\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\Programfiler\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\WhatPulse\WhatPulse.exe C:\Programfiler\Steam\Steam.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Creative\MediaSource\Detector\CTDetect.exe C:\Programfiler\Creative\MediaSource\Go\CTCMSGo.exe C:\Programfiler\Skype\Phone\Skype.exe C:\Programfiler\WinTV\Ir.exe C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Programfiler\Logitech\SetPoint\SetPoint.exe C:\Programfiler\No-IP\DUC20.exe C:\Programfiler\xampp\mysql\bin\winmysqladmin.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Programfiler\Fellesfiler\Logitech\khalshared\KHALMNPR.EXE C:\Programfiler\HP\Digital Imaging\bin\hpqSTE08.exe C:\Programfiler\Skype\Plugin Manager\skypePM.exe C:\Programfiler\xampp\apache\bin\apache.exe C:\Programfiler\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Programfiler\MSN Messenger\usnsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Programfiler\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\taskmgr.exe C:\Programfiler\Ventrilo\Ventrilo.exe C:\Programfiler\Macromedia\Dreamweaver 8\Dreamweaver.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\taskmgr.exe C:\Documents and Settings\Mariyo\Skrivebord\HiJackThis_v2.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norman ZANDA] C:\Programfiler\Norman\Bin\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [itype] "C:\Programfiler\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programfiler\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programfiler\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [CTSysVol] C:\Programfiler\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\RunServices: [schedulingAgent] C:\WINDOWS\system32\mstask.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WhatPulse] C:\Programfiler\WhatPulse\WhatPulse.exe O4 - HKCU\..\Run: [steam] "C:\Programfiler\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Creative Detector] C:\Programfiler\Creative\MediaSource\Detector\CTDetect.exe /R O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Programfiler\Creative\MediaSource\Go\CTCMSGo.exe" /SCB O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: No-IP DUC.lnk = C:\Programfiler\No-IP\DUC20.exe O4 - Startup: WinMySQLadmin.lnk = C:\Programfiler\xampp\mysql\bin\winmysqladmin.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: AutoStart IR.lnk = C:\Programfiler\WinTV\Ir.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programfiler\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1177546829671 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0DED5F6D-3176-4E2D-B3B1-7629C8FF8708}: NameServer = 217.13.4.24,10.0.0.1,217.13.7.140 O17 - HKLM\System\CS1\Services\Tcpip\..\{0DED5F6D-3176-4E2D-B3B1-7629C8FF8708}: NameServer = 217.13.4.24,10.0.0.1,217.13.7.140 O17 - HKLM\System\CS2\Services\Tcpip\..\{0DED5F6D-3176-4E2D-B3B1-7629C8FF8708}: NameServer = 217.13.4.24,10.0.0.1,217.13.7.140 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apache2 - Apache Software Foundation - C:\Programfiler\xampp\apache\bin\apache.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Programfiler\xampp\FileZillaFTP\FileZillaServer.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programfiler\fellesfiler\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: MySql - Unknown owner - C:/Programfiler/xampp/mysql/bin/mysqld-shareware.exe (file missing) O23 - Service: MySQL501 - Unknown owner - C:\Programfiler\MySQL\MySQL.exe (file missing) O23 - Service: NoIPDUCService - Vitalwerks LLC - C:\Programfiler\No-IP\DUC20.exe O23 - Service: Norman ZANDA - Unknown owner - C:\Programfiler\Norman\Bin\Zanda.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programfiler\WinPcap\rpcapd.exe -- End of file - 11349 bytes Rekkefølgen for prosesser som loadet 100% etter avslutting av prosess inntil reboot: 1. dwwin.exe 2. firefox.exe 3. explorer.exe Lenke til kommentar
norbat Skrevet 15. juli 2007 Del Skrevet 15. juli 2007 HJT-loggen viser ingen infeksjoner, men spor av Normal ligger der fortsatt. Gjør følgende: Klikk Start->Kjør Skriv: services.msc Finn og stopp følgende tjeneste, høyreklikk på tjenesten og velg Egenskaper. Under oppstartstype velger du Deaktivert: Norman ZANDA Kjør HJT, sett merke framfor følgende linjer og klikk 'Fix checked': O4 - HKLM\..\Run: [Norman ZANDA] C:\Programfiler\Norman\Bin\ZLH.EXE /LOAD /SPLASH Åpne oppgavebehandlingen, og under prosesser, avslutter du ZLH.EXE om den ligger der. Bruk utforsker til å slette (i fet): C:\Programfiler\Norman Sjekk deretter om det ligger noen oppdateringer for Windows på windows update Lenke til kommentar
Gjest Slettet+142 Skrevet 15. juli 2007 Del Skrevet 15. juli 2007 HJT-loggen viser ingen infeksjoner, men spor av Normal ligger der fortsatt. Gjør følgende: Klikk Start->Kjør Skriv: services.msc ... Sjekk deretter om det ligger noen oppdateringer for Windows på windows update 9076574[/snapback] Done Men det er synd at problemet med load fremdeles er tilstede Jeg kjørte en ny runde med Spydot S&D nå, og den fant noen par saker: Advertising.com: Tracking cookie (Firefox: default) (Cookie, nothing done)Advertising.com: Tracking cookie (Firefox: default) (Cookie, nothing done) Advertising.com: Tracking cookie (Firefox: default) (Cookie, nothing done) Advertising.com: Tracking cookie (Firefox: default) (Cookie, nothing done) Advertising.com: Tracking cookie (Firefox: default) (Cookie, nothing done) CasaleMedia: Tracking cookie (Firefox: default) (Cookie, nothing done) CasaleMedia: Tracking cookie (Firefox: default) (Cookie, nothing done) CasaleMedia: Tracking cookie (Firefox: default) (Cookie, nothing done) DoubleClick: Tracking cookie (Firefox: default) (Cookie, nothing done) HitBox: Tracking cookie (Firefox: default) (Cookie, nothing done) HitBox: Tracking cookie (Firefox: default) (Cookie, nothing done) FastClick: Tracking cookie (Firefox: default) (Cookie, nothing done) HitBox: Tracking cookie (Firefox: default) (Cookie, nothing done) MediaPlex: Tracking cookie (Firefox: default) (Cookie, nothing done) Statcounter: Tracking cookie (Firefox: default) (Cookie, nothing done) Statcounter: Tracking cookie (Firefox: default) (Cookie, nothing done) Zedo: Tracking cookie (Firefox: default) (Cookie, nothing done) Zedo: Tracking cookie (Firefox: default) (Cookie, nothing done) Zedo: Tracking cookie (Firefox: default) (Cookie, nothing done) Zedo: Tracking cookie (Firefox: default) (Cookie, nothing done) HitsLink: Tracking cookie (Firefox: default) (Cookie, nothing done) WebTrends live: Tracking cookie (Firefox: default) (Cookie, nothing done) --- Spybot - Search & Destroy version: 1.4 (build: 20050523) --- 2005-05-31 blindman.exe (1.0.0.1) 2005-05-31 SpybotSD.exe (1.4.0.3) 2005-05-31 TeaTimer.exe (1.4.0.2) 2007-04-25 unins000.exe (51.41.0.0) 2005-05-31 Update.exe (1.4.0.0) Lenke til kommentar
toretors Skrevet 15. juli 2007 Del Skrevet 15. juli 2007 Grunnen til at maskinen bruker lang tid til å starte opp er fordi du har så mange småprogrammer som kjører. Lenke til kommentar
Gjest Slettet+142 Skrevet 15. juli 2007 Del Skrevet 15. juli 2007 Vel, så har jeg ikke problemer med oppstart, men når pcen har stått på lenge. Det er slik at etter at pcen har stått på så og så lenge, så bare begynner en etter en prosess å loade 100% av min CPU. Si at pcen har stått lenge på, og pluteslig begynner firefox.exe å loade 100%. Hva gjør jeg? Jeg avslutter firefox.exe-prosessen. Da forventer jeg selvfølgelig at CPU Load skal være på 1-5% ettersom hva annet PC-en driver med. Men. - Det som skjer, er at nå begynner en annen prosess å loade 100%, som f.eks explorer.exe. - Da avslutter jeg explorer.exe, men da begynner en annen prosess å loade 100% and so on.. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå