Sio Skrevet 28. august 2007 Del Skrevet 28. august 2007 (endret) PCen min e veldig treg så jeg har mistanke om at noe at noe svekker den. Symptomer som fikk meg til å trekke den slutningen: -Når jeg skriver hender det at jeg ikke kan se teksten før etter noen sekunder. Da kommer bokstavene flyvende omtrent som at en usynlig person skriver det. -Filmer blir bare bilder som skifter etter ca 2sekunder (den for en FPS rate på 0,5) -Oppstart tar tid. Nå har jeg en hijack this log. Jeg poster den og etterpå nå skal jeg kjøre CCleaner mens jeg headhunter program som jeg ikke trenger. Men jeg ha en mistanke om at noe er galt. -------------------------------------------------------- Klikk for å se/fjerne innholdet nedenfor Logfile of Trend Micro HijackThis v2.0.2Scan saved at 20:17:17, on 28.08.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe C:\Programfiler\Fellesfiler\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programfiler\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\Programfiler\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe C:\Programfiler\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Dell\QuickSet\quickset.exe C:\Programfiler\Apoint\Apoint.exe C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe C:\Programfiler\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Programfiler\DAEMON Tools\daemon.exe C:\Programfiler\PowerISO\SCDEmuApp.exe C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Nokia\Nokia PC Suite 6\PcSync2.exe C:\WINDOWS\java\explorer.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Apoint\Apntex.exe C:\Programfiler\iPod\bin\iPodService.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\PROGRA~1\FELLES~1\PCSuite\Services\SERVIC~1.EXE C:\PROGRA~1\FELLES~1\Nokia\MPAPI\MPAPI3s.exe C:\Programfiler\Digital Line Detect\DLG.exe C:\Programfiler\Fellesfiler\Microsoft Shared\Works Shared\wkcalrem.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Programfiler\I8kfanGUI\I8kfanGUI.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Documents and Settings\Arild\Skrivebord\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default....c=no&l=no&s=gen R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O1 - Hosts: 208.101.9.2 l2authd.lineage2.com O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programfiler\Fellesfiler\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programfiler\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: Norton-verktøylinjen - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programfiler\Fellesfiler\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [intelWireless] C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Dell QuickSet] C:\Programfiler\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint\Apoint.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Fourbone2help] C:\Documents and Settings\All Users\Programdata\TWO HECK FOUR BONE\web open.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programfiler\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [winupdates] C:\Programfiler\winupdates\winupdates.exe /auto O4 - HKLM\..\Run: [sCDEmuApp.exe] C:\Programfiler\PowerISO\SCDEmuApp.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [EZcop] C:\Program Files\EZcop\EZcop.exe O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Programfiler\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PcSync] C:\Programfiler\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [heartdrive] C:\DOCUME~1\Arild\PROGRA~1\MEDIAJ~1\dupe license.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programfiler\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [googletalk] "C:\Programfiler\Google\Google Talk\googletalk.exe" /autostart O4 - HKCU\..\Run: [Java 2.9] C:\WINDOWS\java\explorer.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [i8kfangui] C:\Programfiler\I8kfanGUI\I8kfanGUI.exe /startup O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ? O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Broken Internet access because of LSP provider 'c:\programfiler\newdotnet\newdotnet7_22.dll' missing O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: expatriates - {1a01a98c-4f25-42e1-971a-185cf63569b2} - (no file) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Unknown owner - C:\Programfiler\Canon\CAL\CALMAIN.exe (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\VAScanner\comHost.exe O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Programfiler\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe -- End of file - 11025 bytes Om noen har forslag som kan øke ytelsen til min CPU er de velkomne. Edit: La til /skjul Endret 28. august 2007 av Sio Lenke til kommentar
Gjest Slettet+981234789 Skrevet 28. august 2007 Del Skrevet 28. august 2007 format C: legg inn windows på nytt... Lenke til kommentar
norbat Skrevet 28. august 2007 Del Skrevet 28. august 2007 Du har en lett blanding av div. så gjør følgende: Kjør en rens med CCleaner (noe du hadde tenkt å gjøre) Last ned SAS, installer, oppdater og kjør en full (Complete) scan. Post loggen fra SAS (preferences->statistics/logs) + ny HJT-logg. Lenke til kommentar
Sio Skrevet 28. august 2007 Forfatter Del Skrevet 28. august 2007 format C: legg inn windows på nytt... 9379651[/snapback] Nei det har jeg ikke tenkt å gjøre enda. Kanskje til helgen men nå skal jeg fjerne dritten først og så for jeg bestemme selv om en formatering er nødvending. Lenke til kommentar
Sio Skrevet 28. august 2007 Forfatter Del Skrevet 28. august 2007 (endret) Du har en lett blanding av div. så gjør følgende: Kjør en rens med CCleaner (noe du hadde tenkt å gjøre) Last ned SAS, installer, oppdater og kjør en full (Complete) scan. Post loggen fra SAS (preferences->statistics/logs) + ny HJT-logg. 9379700[/snapback] SAS har stått til min tjeneste helt siden du ba meg om å skaffe det. Noe som var ekstremt lenge siden. Fullt opptadert. Jeg skal poste en log fra SAS ASAP Edit: feil rettet. Edit: SAS tar laaang tid.... men jeg lover å poste så snart den er klar. Endret 28. august 2007 av Sio Lenke til kommentar
Sio Skrevet 28. august 2007 Forfatter Del Skrevet 28. august 2007 SUPERAntiSpyware Scan Log Generated 08/28/2007 at 10:49 PM Application Version : 3.4.1000 Core Rules Database Version : 3143 Trace Rules Database Version: 1159 Scan type : Complete Scan Total Scan Time : 01:54:24 Memory items scanned : 689 Memory threats detected : 0 Registry items scanned : 7265 Registry threats detected : 0 File items scanned : 130 File threats detected : 0 Lenke til kommentar
Sio Skrevet 28. august 2007 Forfatter Del Skrevet 28. august 2007 Jeg går å legger meg. Sliter enda med: -Når jeg skriver hender det at jeg ikke kan se teksten før etter noen sekunder. Da kommer bokstavene flyvende omtrent som at en usynlig person skriver det. -Filmer blir bare bilder som skifter etter ca 2sekunder (den for en FPS rate på 0,5) -Oppstart tar tid. -Programmer "lagger" ofte -Windows utforsker må loade (den dumme lommelykten vet du) Lenke til kommentar
norbat Skrevet 28. august 2007 Del Skrevet 28. august 2007 Det var en beskjend mengde filer den rakk å scanne på 2 timer Last ned Winsockfix og legg det på skrivebordet. Dette fixet bruker du om internettilkoblingen ryker under rensingen. Start HJT, velg "Do a system scan only", sett merke framfor følgende linjer og klikk 'Fix checked': O4 - HKLM\..\Run: [Fourbone2help] C:\Documents and Settings\All Users\Programdata\TWO HECK FOUR BONE\web open.exe O4 - HKLM\..\Run: [winupdates] C:\Programfiler\winupdates\winupdates.exe /auto O4 - HKCU\..\Run: [heartdrive] C:\DOCUME~1\Arild\PROGRA~1\MEDIAJ~1\dupe license.exe O22 - SharedTaskScheduler: expatriates - {1a01a98c-4f25-42e1-971a-185cf63569b2} - (no file) Hent NoLop.exe, legg det på skrivebordet. Kjør programmet. Trykk "Search and Destroy"-knappen. Hvis den finner noe, bli du bedt om å trykke på Reboot-knappen. Hent Avenger og pakk det ut. Start programmet, sett prikk i "Input Script Manually" og klikk på lupen. I vinduet som kommer opp kopierer du og limer inn det som er i fet skrift under: Folders to delete: C:\Documents and Settings\All Users\Programdata\TWO HECK FOUR BONE C:\Programfiler\winupdates C:\DOCUME~1\Arild\PROGRA~1\MEDIAJ~1 Klikk på Trafikklyset. Restart pc'n. Hent Smitfraudfix, legg det på skrivebordet Restart i sikker modus (tapp F8 under oppstart, velg sikker modus) Kjør Smitfraudfix, velg valg 2. Fra normal tilstand poster du ny HJT-logg og loggen fra Smitfraudfix (Vanligvis å finne i C:\rapport.txt) Lenke til kommentar
Sio Skrevet 30. august 2007 Forfatter Del Skrevet 30. august 2007 Jeg klarer ikke å bruke Avenger. Jeg for bare meldingen "Does not seem to be a valid script" Eller noe. Muligens "Files does ot seem osv..." Eller noe i den dur Uanset så vet jeg ikke hva jeg skal gjøre videre. Jeg kunne velge meldom "Avbryt" og "Log error and continue" Jeg valgte Avbryt siden jeg er redd for å gjøre noe feil. Beklager at jeg svarte så sent men jeg var veldig opptatt igår. Lenke til kommentar
norbat Skrevet 30. august 2007 Del Skrevet 30. august 2007 Kjør Avenger igjen og når du får 'feilmeldingen' velger du 'Log error and continue' Fortsett bare videre med veiledningen og post de loggene det etterspørres. Lenke til kommentar
Sio Skrevet 31. august 2007 Forfatter Del Skrevet 31. august 2007 (endret) Klikk for å se/fjerne innholdet nedenfor Logfile of Trend Micro HijackThis v2.0.2Scan saved at 13:33:23, on 31.08.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe C:\Programfiler\Fellesfiler\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe C:\Programfiler\Dell\QuickSet\quickset.exe C:\Programfiler\Apoint\Apoint.exe C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe C:\Programfiler\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Programfiler\DAEMON Tools\daemon.exe C:\Programfiler\PowerISO\SCDEmuApp.exe C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Programfiler\Google\Google Talk\googletalk.exe C:\WINDOWS\java\explorer.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\I8kfanGUI\I8kfanGUI.exe C:\Programfiler\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\Programfiler\Apoint\Apntex.exe C:\PROGRA~1\FELLES~1\PCSuite\Services\SERVIC~1.EXE C:\Programfiler\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\PROGRA~1\FELLES~1\Nokia\MPAPI\MPAPI3s.exe C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\WINDOWS\system32\fxssvc.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\iPod\bin\iPodService.exe C:\Programfiler\Digital Line Detect\DLG.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Programfiler\Fellesfiler\Microsoft Shared\Works Shared\wkcalrem.exe C:\Documents and Settings\Arild\Skrivebord\HiJackThis.exe C:\Documents and Settings\Arild\Skrivebord\HiJackThis.exe O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe -- End of file - 3207 bytes -------------------------------------------------------------------------- SmitFraudFix v2.218 Scan done at 13:15:24,98, 31.08.2007 Run from C:\Documents and Settings\Arild\SmitfraudFix OS: Microsoft Windows XP [Versjon 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in safe mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !Attention, following keys are not inevitably infected! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost 208.101.9.2 l2authd.lineage2.com »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CS3\Services\Tcpip\..\{71DA1C9E-520C-4497-86E4-C8816EA43FA1}: DhcpNameServer=152.93.5.4 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=152.93.5.4 »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !Attention, following keys are not inevitably infected! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning not selected. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix !Attention, following keys are not inevitably infected! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End Endret 31. august 2007 av Sio Lenke til kommentar
norbat Skrevet 31. august 2007 Del Skrevet 31. august 2007 Vi fortsetter: Hent Combofix, og legg det på skrivebordet Kjør combofix.exe, og følg veiledningen. Du må ikke klikke på vinduet mens programmet kjører. Post loggfilen fra combofix (vanligvis c:\combofix.txt) sammen med ny HJT-logg Lenke til kommentar
Sio Skrevet 31. august 2007 Forfatter Del Skrevet 31. august 2007 Klikk for å se/fjerne innholdet nedenfor ComboFix 07-08-30.3 - "Arild" 2007-08-31 14:21:29.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1044.18.1457 [GMT 2:00] * Created a new restore point ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Programfiler\Fellesfiler\Yazzle1162OinUninstaller.exe C:\Programfiler\winupdates C:\WINDOWS\system32\components C:\WINDOWS\system32\netstat.com C:\WINDOWS\system32\ping.com C:\WINDOWS\system32\regedit.com C:\WINDOWS\system32\taskkill.com C:\WINDOWS\system32\tasklist.com C:\WINDOWS\system32\tracert.com ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) -------\LEGACY_SXSERV ((((((((((((((((((((((((( Files Created from 2007-07-28 to 2007-08-31 ))))))))))))))))))))))))))))))) 2007-08-31 14:09 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-08-31 13:13 4,558 --a------ C:\WINDOWS\system32\tmp.reg 2007-08-31 13:12 <DIR> d-------- C:\DOCUME~1\Arild\SmitfraudFix 2007-08-31 13:04 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-08-31 13:04 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-08-31 13:04 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-08-29 01:02 <DIR> d-------- C:\NoLopBackups 2007-08-28 19:38 <DIR> d-------- C:\Programfiler\EA GAMES 2007-08-28 19:35 <DIR> dr-h----- C:\DOCUME~1\Arild\Siste 2007-08-28 17:48 14,464 --a------ C:\WINDOWS\system32\drivers\fanio.sys 2007-08-28 17:48 <DIR> d-------- C:\Programfiler\I8kfanGUI 2007-08-28 16:09 22,112 -ra------ C:\WINDOWS\system32\drivers\COH_Mon.sys 2007-08-28 00:06 <DIR> d-------- C:\DOCUME~1\Sondre\PROGRA~1\PC Suite 2007-08-28 00:05 <DIR> d-------- C:\DOCUME~1\Sondre\PROGRA~1\Real 2007-08-16 14:47 <DIR> d-------- C:\Programfiler\MSXML 4.0 2007-08-05 16:27 <DIR> d-------- C:\tmp 2007-08-05 16:27 <DIR> d-------- C:\SibFiles 2007-08-05 16:27 <DIR> d-------- C:\MY MOVIE 2 312E0199 2007-08-05 16:27 <DIR> d-------- C:\DOCUME~1\Arild\PROGRA~1\Pinnacle Systems 2007-08-05 16:27 <DIR> d-------- C:\AuxFiles 2007-07-14 17:10 <DIR> d-------- C:\Team17 (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-08-28 20:54 --------- d-------- C:\Programfiler\SUPERAntiSpyware 2007-08-28 20:30 --------- d-------- C:\Programfiler\Fellesfiler\Symantec Shared 2007-08-28 19:36 --------- d-------- C:\Programfiler\Audacity 1.3 Beta 2007-08-28 17:54 --------- d-------- C:\DOCUME~1\Arild\PROGRA~1\Skype 2007-08-28 16:10 --------- d-------- C:\DOCUME~1\ALLUSE~1\PROGRA~1\Symantec 2007-08-27 23:26 --------- d-------- C:\Programfiler\Norton Internet Security 2007-08-22 19:08 --------- d--h----- C:\Programfiler\InstallShield Installation Information 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll 2007-07-13 18:45 --------- d-------- C:\DOCUME~1\Arild\PROGRA~1\uTorrent 2007-06-26 16:53 665088 --------- C:\WINDOWS\system32\dllcache\wininet.dll 2007-06-26 15:57 851968 --------- C:\WINDOWS\system32\dllcache\vgx.dll 2007-06-26 08:10 1104896 --a------ C:\WINDOWS\system32\msxml3.dll 2007-06-26 08:10 1104896 --------- C:\WINDOWS\system32\dllcache\msxml3.dll 2007-06-19 15:33 282112 --a------ C:\WINDOWS\system32\gdi32.dll 2007-06-19 15:33 282112 --------- C:\WINDOWS\system32\dllcache\gdi32.dll 2007-06-15 10:14 96768 --------- C:\WINDOWS\system32\dllcache\inseng.dll 2007-06-15 10:14 616960 --------- C:\WINDOWS\system32\dllcache\urlmon.dll 2007-06-15 10:14 55808 --------- C:\WINDOWS\system32\dllcache\extmgr.dll 2007-06-15 10:14 532480 --------- C:\WINDOWS\system32\dllcache\mstime.dll 2007-06-15 10:14 474112 --------- C:\WINDOWS\system32\dllcache\shlwapi.dll 2007-06-15 10:14 449024 --------- C:\WINDOWS\system32\dllcache\mshtmled.dll 2007-06-15 10:14 39424 --------- C:\WINDOWS\system32\dllcache\pngfilt.dll 2007-06-15 10:14 357888 --------- C:\WINDOWS\system32\dllcache\dxtmsft.dll 2007-06-15 10:14 3085312 --------- C:\WINDOWS\system32\dllcache\mshtml.dll 2007-06-15 10:14 251904 --------- C:\WINDOWS\system32\dllcache\iepeers.dll 2007-06-15 10:14 205824 --------- C:\WINDOWS\system32\dllcache\dxtrans.dll 2007-06-15 10:14 16384 --------- C:\WINDOWS\system32\dllcache\jsproxy.dll 2007-06-15 10:14 151552 --------- C:\WINDOWS\system32\dllcache\cdfview.dll 2007-06-15 10:14 1498112 --------- C:\WINDOWS\system32\dllcache\shdocvw.dll 2007-06-15 10:14 146432 --------- C:\WINDOWS\system32\dllcache\msrating.dll 2007-06-15 10:14 1054720 --------- C:\WINDOWS\system32\dllcache\danim.dll 2007-06-15 10:14 1022976 --------- C:\WINDOWS\system32\dllcache\browseui.dll 2007-06-14 12:32 18432 --------- C:\WINDOWS\system32\dllcache\iedw.exe 2007-06-13 15:24 1033216 --a------ C:\WINDOWS\explorer.exe 2007-06-13 15:24 1033216 --------- C:\WINDOWS\system32\dllcache\explorer.exe ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "ATIPTA"="C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-05-12 22:00] "IntelWireless"="C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-30 15:59] "Dell QuickSet"="C:\Programfiler\Dell\QuickSet\quickset.exe" [2005-03-04 12:26] "Apoint"="C:\Programfiler\Apoint\Apoint.exe" [2004-09-13 17:33] "DVDLauncher"="C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 17:19] "DMXLauncher"="C:\Programfiler\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 02:02] "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-06 02:05] "ISUSPM Startup"="C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [] "ISUSScheduler"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [] "PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2005-12-13 08:49] "DAEMON Tools"="C:\Programfiler\DAEMON Tools\daemon.exe" [2005-12-10 16:57] "SCDEmuApp.exe"="C:\Programfiler\PowerISO\SCDEmuApp.exe" [2005-10-16 03:15] "TkBellExe"="C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" [2006-11-11 14:35] "EZcop"="C:\Program Files\EZcop\EZcop.exe" [] "ccApp"="C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" [2006-11-28 21:51] "osCheck"="C:\Programfiler\Norton Internet Security\osCheck.exe" [2006-09-05 19:22] "QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2007-02-16 10:54] "iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2007-03-14 19:05] "PinnacleDriverCheck"="C:\WINDOWS\system32\\PSDrvCheck.exe" [2004-03-11 00:26] "Symantec PIF AlertEng"="C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 13:00] "PcSync"="C:\Programfiler\Nokia\Nokia PC Suite 6\PcSync2.exe" [2005-11-30 16:56] "googletalk"="C:\Programfiler\Google\Google Talk\googletalk.exe" [2007-01-01 23:22] "Java 2.9"="C:\WINDOWS\java\explorer.exe" [2006-08-26 15:24] "SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2006-12-06 14:40] "i8kfangui"="C:\Programfiler\I8kfanGUI\I8kfanGUI.exe" [2007-02-16 18:58] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2006-09-28 12:22 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2006-10-19 10:12 258048 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless] C:\Programfiler\Intel\Wireless\Bin\LgNotify.dll 2004-09-07 17:08 110592 C:\Programfiler\Intel\Wireless\Bin\LgNotify.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 nwprovau R1 fanio;FanIO driver;\??\C:\WINDOWS\system32\drivers\fanio.sys S0 fetmdiyd;fetmdiyd;C:\WINDOWS\system32\drivers\iqsafgrh.sys S2 Automatisk LiveUpdate-planlegging;Automatisk LiveUpdate-planlegging;"C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe" S3 SQLAgent$MICROSOFTBCM;SQLAgent$MICROSOFTBCM;C:\Programfiler\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlagent.EXE -i MICROSOFTBCM S4 viaagp;VIA AGP-bussfilter;C:\WINDOWS\system32\DRIVERS\viaagp.sys *Newly Created Service* - COMHOST Contents of the 'Scheduled Tasks' folder 2007-07-13 18:00:00 C:\WINDOWS\Tasks\Norton Internet Security - Kjør fullstendig systemsøk - Arild.job 2007-08-31 13:17:00 C:\WINDOWS\Tasks\Symantec NetDetect.job - C:\Programfiler\Symantec\LiveUpdate\NDetect.exe ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-08-31 15:07:39 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\viaagp] "ImagePath"="\SystemRoot\system32\DRIVERS\viaagp.sys" Completion time: 2007-08-31 15:22:06 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-08-31 15:22 --- E O F --- --------------------------------------------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:43:01, on 31.08.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe C:\Programfiler\Fellesfiler\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programfiler\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\fxssvc.exe C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe C:\Programfiler\Dell\QuickSet\quickset.exe C:\Programfiler\Apoint\Apoint.exe C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe C:\Programfiler\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Programfiler\DAEMON Tools\daemon.exe C:\Programfiler\PowerISO\SCDEmuApp.exe C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\Programfiler\Apoint\Apntex.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Programfiler\Google\Google Talk\googletalk.exe C:\WINDOWS\java\explorer.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\I8kfanGUI\I8kfanGUI.exe C:\Programfiler\iPod\bin\iPodService.exe C:\PROGRA~1\FELLES~1\PCSuite\Services\SERVIC~1.EXE C:\PROGRA~1\FELLES~1\Nokia\MPAPI\MPAPI3s.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Programfiler\Digital Line Detect\DLG.exe C:\Programfiler\Fellesfiler\Microsoft Shared\Works Shared\wkcalrem.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Programfiler\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Documents and Settings\Arild\Skrivebord\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default....c=no&l=no&s=gen R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programfiler\Fellesfiler\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programfiler\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: Norton-verktøylinjen - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programfiler\Fellesfiler\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [intelWireless] C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Dell QuickSet] C:\Programfiler\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint\Apoint.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [sCDEmuApp.exe] C:\Programfiler\PowerISO\SCDEmuApp.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [EZcop] C:\Program Files\EZcop\EZcop.exe O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Programfiler\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PcSync] C:\Programfiler\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [googletalk] "C:\Programfiler\Google\Google Talk\googletalk.exe" /autostart O4 - HKCU\..\Run: [Java 2.9] C:\WINDOWS\java\explorer.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [i8kfangui] C:\Programfiler\I8kfanGUI\I8kfanGUI.exe /startup O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ? O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Unknown owner - C:\Programfiler\Canon\CAL\CALMAIN.exe (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\VAScanner\comHost.exe O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\isPwdSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Programfiler\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe -- End of file - 10250 bytes Lenke til kommentar
norbat Skrevet 31. august 2007 Del Skrevet 31. august 2007 Dette ser bra ut. Hvordan kjører pc'n? Lenke til kommentar
Sio Skrevet 31. august 2007 Forfatter Del Skrevet 31. august 2007 PCen er fremdeles veldig treg. Ting som Flash, filmer og spill kan ikke brukes ettersom det lagger veldig mye. Når jeg skriver kommer ofte teksten etter noen sekunders venting. Lenke til kommentar
norbat Skrevet 31. august 2007 Del Skrevet 31. august 2007 Sjekk om ikke noen systemfiler er blitt i ulage: Klikk: Start -> Kjør Skriv: sfc /scannow (mellomrom mellom sfc og / ) Du trenger muligens XP-cd'n Lenke til kommentar
Sio Skrevet 31. august 2007 Forfatter Del Skrevet 31. august 2007 Det ser ut til å ta lang tid, jeg vil poste ny melding når scannen er ferdig. Lenke til kommentar
Sio Skrevet 2. september 2007 Forfatter Del Skrevet 2. september 2007 Det ser ut til å ta lang tid, jeg vil poste ny melding når scannen er ferdig. 9399426[/snapback] Scannen fant ingenting. Men jeg tror den reinnstallerte Iexplorer for en eller annen grunn. Laptopen er fremdeles som en giraff med kvikksand til halsen (Veldig treg altså) Den kan fremdeles ikke spille av lyd/bilde filer uten at de lagger så mye at det er uholdbart. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå