treg oppstart - er loggene ok?

[the_masked_cow]

Bærbarpc'n min (ASUS) er utrulig treg under oppstarten. etter boot blir PC-en svart og kan være det i allt ifra 1-10 min, før den endelig starter opp. Har opplevd ca 2 ganger, bluescreen under oppstart. en gang skjedde det noe som jeg aldri har sett maken til. Etter denne "svarte" perioden kom musa frem på skjermen, (tegn på at snart innloggings skjermen kom) så begynnte PC-en å pipe som et uvær! mens musa bevegde seg opp mot høyre hjørne :S

 

her er mine logger:

 

 

hijackthis log:

Klikk for å se/fjerne innholdet nedenfor

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:21:48, on 14.01.2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16575)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\ASUS Live Update\ALU.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\Net4Switch\Net4Switch.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

C:\Program Files\ASUS\ATK Media\DMedia.exe

C:\Windows\System32\ASUSTPE.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\ASScrPro.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Windows\WindowsMobile\wmdSync.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\text.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE

O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe

O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe

O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"

O4 - HKLM\..\Run: [Zshutdown] c:\Preload\patch\sysprep.cmd

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/legacy/ractrl.cab?lmi=100

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

 

--

End of file - 7077 bytes

 

combofix log:

Klikk for å se/fjerne innholdet nedenfor

ComboFix 08-01-14.3 - Mats 2008-01-14 10:27:50.2 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1044.18.1172 [GMT 1:00]

Running from: C:\Users\Mats\Desktop\ComboFix.exe

.

 

((((((((((((((((((((((((( Files Created from 2007-12-14 to 2008-01-14 )))))))))))))))))))))))))))))))

.

 

2008-01-14 10:19 . 2008-01-14 10:19 <DIR> d-------- C:\Program Files\Trend Micro

2008-01-14 10:09 . 2008-01-14 10:09 <DIR> d-------- C:\Program Files\AdVantage

2008-01-14 10:07 . 2008-01-14 10:15 <DIR> d-------- C:\Users\Mats\AppData\Roaming\DAEMON Tools

2008-01-14 10:07 . 2008-01-14 10:09 <DIR> d-------- C:\Program Files\DAEMON Tools Lite

2008-01-14 09:49 . 2000-08-31 08:00 51,200 --a------ C:\Windows\NirCmd.exe

2008-01-14 09:18 . 2008-01-14 09:18 715,248 --a------ C:\Windows\System32\drivers\sptd.sys

2008-01-14 08:38 . 2008-01-14 08:38 <DIR> d-------- C:\Users\All Users\SUPERAntiSpyware.com

2008-01-14 08:38 . 2008-01-14 08:38 <DIR> d-------- C:\ProgramData\SUPERAntiSpyware.com

2008-01-14 08:36 . 2008-01-14 08:36 <DIR> d-------- C:\Users\Mats\AppData\Roaming\SUPERAntiSpyware.com

2008-01-14 08:36 . 2008-01-14 10:22 <DIR> d-------- C:\Program Files\SUPERAntiSpyware

2008-01-14 08:35 . 2008-01-14 08:35 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard

2008-01-10 05:37 . 2008-01-10 05:37 802,816 --a------ C:\Windows\System32\drivers\tcpip.sys

2008-01-10 05:37 . 2008-01-10 05:37 216,760 --a------ C:\Windows\System32\drivers\netio.sys

2008-01-10 05:37 . 2008-01-10 05:37 167,424 --a------ C:\Windows\System32\tcpipcfg.dll

2008-01-10 05:37 . 2008-01-10 05:37 24,064 --a------ C:\Windows\System32\netcfg.exe

2008-01-10 05:37 . 2008-01-10 05:37 22,016 --a------ C:\Windows\System32\netiougc.exe

2008-01-10 05:32 . 2008-01-10 05:32 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll

2008-01-10 05:32 . 2008-01-10 05:32 1,686,016 --a------ C:\Windows\System32\gameux.dll

2008-01-10 05:32 . 2008-01-10 05:32 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys

2008-01-10 05:32 . 2008-01-10 05:32 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys

2008-01-10 05:32 . 2008-01-10 05:32 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys

2008-01-10 05:32 . 2008-01-10 05:32 109,624 --a------ C:\Windows\System32\drivers\ataport.sys

2008-01-10 05:32 . 2008-01-10 05:32 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys

2008-01-10 05:32 . 2008-01-10 05:32 21,560 --a------ C:\Windows\System32\drivers\atapi.sys

2008-01-10 05:32 . 2008-01-10 05:32 15,928 --a------ C:\Windows\System32\drivers\pciide.sys

2008-01-10 05:31 . 2008-01-10 05:31 11,776 --a------ C:\Windows\System32\sbunattend.exe

2008-01-09 18:38 . 2008-01-09 18:38 <DIR> d-------- C:\Users\All Users\Apple Computer

2008-01-09 18:38 . 2008-01-09 18:38 <DIR> d-------- C:\ProgramData\Apple Computer

2008-01-09 18:38 . 2008-01-09 18:38 <DIR> d-------- C:\Program Files\QuickTime

2008-01-09 18:37 . 2008-01-09 18:37 <DIR> d-------- C:\Users\All Users\Apple

2008-01-09 18:37 . 2008-01-09 18:37 <DIR> d-------- C:\ProgramData\Apple

2008-01-09 18:37 . 2008-01-09 18:37 <DIR> d-------- C:\Program Files\Apple Software Update

2008-01-09 10:34 . 2008-01-09 10:34 <DIR> d-------- C:\Program Files\Hot CPU Tester Pro 4 LE

2008-01-09 10:34 . 2007-03-05 11:51 360,580 --a------ C:\Windows\eSellerateEngine.dll

2008-01-08 08:27 . 2008-01-08 08:27 <DIR> d-------- C:\Program Files\SystemRequirementsLab

2008-01-07 08:59 . 2008-01-14 10:16 <DIR> d-------- C:\Program Files\Steam

2008-01-07 08:59 . 2008-01-08 08:20 <DIR> d-------- C:\Program Files\Common Files\Steam

2008-01-03 17:39 . 2008-01-14 10:14 <DIR> d-------- C:\Users\Mats\AppData\Roaming\Hamachi

2008-01-03 17:38 . 2008-01-03 17:39 <DIR> d-------- C:\Program Files\Hamachi

2008-01-03 17:38 . 2008-01-03 17:38 25,280 --a------ C:\Windows\System32\drivers\hamachi.sys

2007-12-24 23:42 . 2008-01-10 13:23 <DIR> d-------- C:\Program Files\World of Warcraft

2007-12-24 23:42 . 2007-12-24 23:44 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment

2007-12-18 19:24 . 1998-05-07 18:57 143,872 --------- C:\Windows\System32\iacenc.dll

2007-12-18 19:24 . 1997-06-13 16:56 56,832 --------- C:\Windows\System32\iyvu9_32.dll

2007-12-17 13:53 . 2007-12-17 13:54 <DIR> d-------- C:\Program Files\Opera

2007-12-16 23:43 . 2007-12-16 23:43 1,244,672 --a------ C:\Windows\System32\mcmde.dll

2007-12-16 23:41 . 2007-12-16 23:41 1,984,512 --a------ C:\Windows\System32\authui.dll

2007-12-16 23:41 . 2007-12-16 23:41 712,192 --a------ C:\Windows\System32\WindowsCodecs.dll

2007-12-16 23:41 . 2007-12-16 23:41 269,824 --a------ C:\Windows\System32\schannel.dll

2007-12-16 23:41 . 2007-12-16 23:41 220,160 --a------ C:\Windows\System32\ntprint.dll

2007-12-16 23:41 . 2007-12-16 23:41 120,320 --a------ C:\Windows\System32\dhcpcsvc6.dll

2007-12-16 23:41 . 2007-12-16 23:41 61,440 --a------ C:\Windows\System32\ntprint.exe

2007-12-16 23:41 . 2007-12-16 23:41 10,240 --a------ C:\Windows\System32\dhcpcmonitor.dll

2007-12-16 23:40 . 2007-12-16 23:40 8,138,240 --a------ C:\Windows\System32\ssBranded.scr

2007-12-16 23:40 . 2007-12-16 23:40 123,904 --a------ C:\Windows\System32\msvfw32.dll

2007-12-16 23:40 . 2007-12-16 23:40 88,576 --a------ C:\Windows\System32\avifil32.dll

2007-12-16 23:40 . 2007-12-16 23:40 82,944 --a------ C:\Windows\System32\mciavi32.dll

2007-12-16 23:40 . 2007-12-16 23:40 69,632 --a------ C:\Windows\System32\sendmail.dll

2007-12-16 23:40 . 2007-12-16 23:40 65,024 --a------ C:\Windows\System32\avicap32.dll

2007-12-16 23:40 . 2007-12-16 23:40 31,232 --a------ C:\Windows\System32\msvidc32.dll

2007-12-16 23:40 . 2007-12-16 23:40 12,800 --a------ C:\Windows\System32\msrle32.dll

2007-12-16 22:38 . 2007-12-16 22:38 <DIR> d-------- C:\Users\All Users\Adobe Systems

2007-12-16 22:38 . 2007-12-16 22:38 <DIR> d-------- C:\ProgramData\Adobe Systems

2007-12-16 22:02 . 2007-12-16 22:02 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared

2007-12-16 21:40 . 2007-12-16 21:40 <DIR> d-------- C:\wally

2007-12-16 21:39 . 2007-12-16 23:27 <DIR> d-------- C:\ValveHammerEditor

2007-12-14 09:15 . 2007-12-14 09:15 <DIR> d-------- C:\Program Files\CCleaner

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-01-14 09:13 45,056 ----a-w C:\Windows\System32\acovcnt.exe

2008-01-10 04:47 --------- d-----w C:\Program Files\Windows Sidebar

2008-01-10 04:47 --------- d-----w C:\Program Files\Windows Mail

2008-01-10 04:32 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll

2008-01-10 04:32 449,024 ----a-w C:\Windows\AppPatch\AcSpecfc.dll

2008-01-10 04:32 2,143,744 ----a-w C:\Windows\AppPatch\AcGenral.dll

2008-01-10 04:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll

2007-12-18 18:23 --------- d-----w C:\Program Files\Microsoft Games

2007-12-17 17:57 --------- d-----w C:\ProgramData\ASUS

2007-12-17 07:13 174 --sha-w C:\Program Files\desktop.ini

2007-12-16 21:04 --------- d-----w C:\Program Files\Common Files\Adobe

2007-12-16 20:48 --------- d-----w C:\Program Files\Windows Live

2007-12-16 20:43 --------- d-----w C:\ProgramData\WLInstaller

2007-12-16 01:39 --------- d-----w C:\Program Files\Windows Calendar

2007-12-16 01:34 8,192 ----a-w C:\Windows\System32\riched32.dll

2007-12-16 01:34 77,824 ----a-w C:\Windows\System32\rascfg.dll

2007-12-16 01:34 70,144 ----a-w C:\Windows\system32\drivers\pacer.sys

2007-12-16 01:34 694,784 ----a-w C:\Windows\System32\localspl.dll

2007-12-16 01:34 619,008 ----a-w C:\Windows\system32\drivers\dxgkrnl.sys

2007-12-16 01:34 61,952 ----a-w C:\Windows\system32\drivers\wanarp.sys

2007-12-16 01:34 52,736 ----a-w C:\Windows\System32\rasdiag.dll

2007-12-16 01:34 48,640 ----a-w C:\Windows\system32\drivers\ndproxy.sys

2007-12-16 01:34 384,000 ----a-w C:\Windows\System32\netcfgx.dll

2007-12-16 01:34 36,864 ----a-w C:\Windows\System32\cdd.dll

2007-12-16 01:34 33,280 ----a-w C:\Windows\System32\traffic.dll

2007-12-16 01:34 32,768 ----a-w C:\Windows\System32\rasmxs.dll

2007-12-16 01:34 286,208 ----a-w C:\Windows\System32\ipnathlp.dll

2007-12-16 01:34 22,016 ----a-w C:\Windows\System32\rasser.dll

2007-12-16 01:34 20,480 ----a-w C:\Windows\system32\drivers\ndistapi.sys

2007-12-16 01:34 15,360 ----a-w C:\Windows\System32\pacerprf.dll

2007-12-16 01:34 134,656 ----a-w C:\Windows\System32\dps.dll

2007-12-16 01:34 13,824 ----a-w C:\Windows\System32\wshqos.dll

2007-12-16 01:34 13,824 ----a-w C:\Windows\System32\icsunattend.exe

2007-12-13 08:27 --------- d-----w C:\Program Files\Windows Defender

2007-12-13 07:55 87,040 ----a-w C:\Windows\System32\msoert2.dll

2007-12-13 07:55 39,424 ----a-w C:\Windows\System32\ACCTRES.dll

2007-12-13 07:55 205,824 ----a-w C:\Windows\System32\msoeacct.dll

2007-12-13 07:54 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr

2007-12-13 07:54 67,584 ----a-w C:\Windows\System32\wlanhlp.dll

2007-12-13 07:54 542,720 ----a-w C:\Windows\System32\sysmain.dll

2007-12-13 07:54 502,784 ----a-w C:\Windows\System32\wlansvc.dll

2007-12-13 07:54 47,104 ----a-w C:\Windows\System32\wlanapi.dll

2007-12-13 07:54 297,984 ----a-w C:\Windows\System32\wlansec.dll

2007-12-13 07:54 290,816 ----a-w C:\Windows\System32\wlanmsm.dll

2007-12-13 07:54 28,344 ----a-w C:\Windows\system32\drivers\battc.sys

2007-12-13 07:54 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys

2007-12-13 07:54 24,064 ----a-w C:\Windows\System32\wtsapi32.dll

2007-12-13 07:54 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys

2007-12-13 07:54 2,923,520 ----a-w C:\Windows\explorer.exe

2007-12-13 07:54 2,027,008 ----a-w C:\Windows\System32\win32k.sys

2007-12-13 07:54 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys

2007-12-13 07:53 49,664 ----a-w C:\Windows\System32\csrsrv.dll

2007-12-13 07:53 376,320 ----a-w C:\Windows\System32\winsrv.dll

2007-12-13 07:51 414,208 ----a-w C:\Windows\System32\msscp.dll

2007-12-13 07:51 374,456 ----a-w C:\Windows\System32\mcupdate_GenuineIntel.dll

2007-12-13 07:50 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL

2007-12-13 07:50 7,680 ----a-w C:\Windows\System32\spwmp.dll

2007-12-13 07:50 4,096 ----a-w C:\Windows\System32\dxmasf.dll

2007-12-13 07:50 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll

2007-12-13 07:49 86,016 ----a-w C:\Windows\System32\icfupgd.dll

2007-12-13 07:49 63,488 ----a-w C:\Windows\system32\drivers\mpsdrv.sys

2007-12-13 07:49 61,952 ----a-w C:\Windows\System32\cmifw.dll

2007-12-13 07:49 396,800 ----a-w C:\Windows\System32\MPSSVC.dll

2007-12-13 07:49 392,192 ----a-w C:\Windows\System32\FirewallAPI.dll

2007-12-13 07:49 23,040 ----a-w C:\Windows\system32\drivers\tunnel.sys

2007-12-13 07:49 178,688 ----a-w C:\Windows\System32\iphlpsvc.dll

2007-12-13 07:49 16,896 ----a-w C:\Windows\System32\wfapigp.dll

2007-12-13 07:49 15,360 ----a-w C:\Windows\system32\drivers\TUNMP.SYS

2007-12-13 07:48 104,448 ----a-w C:\Windows\System32\DWWIN.EXE

2007-12-13 07:48 1,191,936 ----a-w C:\Windows\System32\msxml3.dll

2007-12-13 07:47 8,704 ----a-w C:\Windows\System32\hcrstco.dll

2007-12-13 07:47 8,704 ----a-w C:\Windows\System32\hccoin.dll

2007-12-13 07:47 5,888 ----a-w C:\Windows\system32\drivers\usbd.sys

2007-12-13 07:47 38,400 ----a-w C:\Windows\system32\drivers\usbehci.sys

2007-12-13 07:47 224,768 ----a-w C:\Windows\system32\drivers\usbport.sys

2007-12-13 07:47 192,000 ----a-w C:\Windows\system32\drivers\usbhub.sys

2007-12-13 07:47 19,456 ----a-w C:\Windows\system32\drivers\usbohci.sys

2007-12-13 07:46 1,327,104 ----a-w C:\Windows\System32\quartz.dll

2007-12-13 07:45 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL

2007-12-13 07:45 57,856 ----a-w C:\Windows\System32\SLUINotify.dll

2007-12-13 07:45 566,784 ----a-w C:\Windows\System32\SLCommDlg.dll

2007-12-13 07:45 39,936 ----a-w C:\Windows\System32\slcinst.dll

2007-12-13 07:45 351,232 ----a-w C:\Windows\System32\SLUI.exe

2007-12-13 07:45 33,280 ----a-w C:\Windows\System32\slwmi.dll

2007-12-13 07:45 268,288 ----a-w C:\Windows\System32\mcbuilder.exe

2007-12-13 07:45 223,232 ----a-w C:\Windows\System32\WMASF.DLL

2007-12-13 07:45 223,232 ----a-w C:\Windows\System32\SLC.dll

2007-12-13 07:45 2,605,568 ----a-w C:\Windows\System32\SLsvc.exe

2007-12-13 07:45 186,368 ----a-w C:\Windows\System32\SLLUA.exe

2007-12-13 07:44 84,480 ----a-w C:\Windows\System32\INETRES.dll

2007-12-13 07:44 737,792 ----a-w C:\Windows\System32\inetcomm.dll

2007-12-13 07:44 1,335,296 ----a-w C:\Windows\System32\msxml6.dll

2007-12-13 07:42 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys

2007-12-13 07:42 824,832 ----a-w C:\Windows\System32\wininet.dll

2007-12-13 07:42 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys

2007-12-13 07:42 56,320 ----a-w C:\Windows\System32\iesetup.dll

2007-12-13 07:42 53,760 ----a-w C:\Windows\system32\drivers\hdaudbus.sys

2007-12-13 07:42 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll

2007-12-13 07:42 26,624 ----a-w C:\Windows\System32\ieUnatt.exe

2007-12-13 07:42 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys

.

 

((((((((((((((((((((((((((((( snapshot@2008-01-14_ 9.54.49,76 )))))))))))))))))))))))))))))))))))))))))

.

- 2008-01-14 07:21:08 67,584 --s-a-w C:\Windows\bootstat.dat

+ 2008-01-14 09:12:17 67,584 --s-a-w C:\Windows\bootstat.dat

- 2008-01-14 08:36:50 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat

+ 2008-01-14 09:28:09 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat

- 2008-01-14 07:23:30 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT

+ 2008-01-14 09:14:27 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT

- 2008-01-14 07:27:49 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat

+ 2008-01-14 09:27:56 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat

- 2008-01-14 07:23:25 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT

+ 2008-01-14 09:14:20 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT

+ 2008-01-14 09:14:20 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1

- 2008-01-14 08:26:40 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2008-01-14 09:18:02 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2008-01-14 08:26:40 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2008-01-14 09:18:02 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2008-01-14 08:26:40 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2008-01-14 09:18:02 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2008-01-13 20:33:45 103,924 ----a-w C:\Windows\System32\perfc009.dat

+ 2008-01-14 09:19:04 103,924 ----a-w C:\Windows\System32\perfc009.dat

- 2008-01-13 20:33:45 79,408 ----a-w C:\Windows\System32\perfc014.dat

+ 2008-01-14 09:19:04 79,408 ----a-w C:\Windows\System32\perfc014.dat

- 2008-01-13 20:33:45 610,142 ----a-w C:\Windows\System32\perfh009.dat

+ 2008-01-14 09:19:04 610,142 ----a-w C:\Windows\System32\perfh009.dat

- 2008-01-13 20:33:45 476,858 ----a-w C:\Windows\System32\perfh014.dat

+ 2008-01-14 09:19:04 476,858 ----a-w C:\Windows\System32\perfh014.dat

- 2008-01-14 07:30:48 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT

+ 2008-01-14 09:01:19 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT

- 2008-01-14 07:23:53 6,158 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3009421180-2598939579-1761750245-1000_UserData.bin

+ 2008-01-14 09:14:45 6,210 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3009421180-2598939579-1761750245-1000_UserData.bin

- 2008-01-14 07:23:52 60,108 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

+ 2008-01-14 09:14:45 60,828 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin

- 2008-01-14 07:23:49 31,026 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2008-01-14 09:14:41 32,176 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 05:31 1232896]

"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]

"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]

"Steam"="C:\Program Files\Steam\Steam.exe" [2008-01-07 09:06 1266936]

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06 1318912]

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-01-03 14:54 486856]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-13 08:52 1006264]

"RtHDVCpl"="RtHDVCpl.exe" [2006-12-02 06:37 4186112 C:\Windows\RtHDVCpl.exe]

"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-09 20:43 729088]

"ATKMEDIA"="C:\Program Files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 17:27 61440]

"ASUSTPE"="C:\Windows\system32\ASUSTPE.exe" [2006-12-13 00:06 106496]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-23 06:27 815104]

"ASUS Camera ScreenSaver"="C:\Windows\ASScrProlog.exe" [2007-12-11 09:56 37232]

"ASUS Screen Saver Protector"="C:\Windows\ASScrPro.exe" [2007-12-11 09:56 33136]

"PowerForPhone"="C:\Program Files\PowerForPhone\PowerForPhone.exe" [2007-01-16 00:17 778240]

"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-12-15 01:38 107112]

"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2006-12-15 01:34 22696]

"Zshutdown"="c:\Preload\patch\sysprep.cmd" [ ]

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 10:56 286720]

"Windows Mobile-based device management"="%windir%\WindowsMobile\wmdSync.exe" [ ]

 

C:\Users\Mats\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]

hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe [2008-01-03 17:38:57]

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

@="IEEE 1394 Bus host controllers"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

@="SBP2 IEEE 1394 Devices"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

@="SecurityDevices"

 

R0 CLFS;Common Log (CLFS);C:\Windows\system32\CLFS.sys [2006-11-02 10:51]

R0 crcdisk;Crcdisk Filter Driver;C:\Windows\system32\drivers\crcdisk.sys [2006-11-02 10:49]

R0 Ecache;ReadyBoost Caching Driver;C:\Windows\system32\drivers\ecache.sys [2006-11-02 13:34]

R0 FileInfo;File Information FS MiniFilter;C:\Windows\system32\drivers\fileinfo.sys [2006-11-02 10:49]

R0 msisadrv;ISA/EISA Class Driver;C:\Windows\system32\drivers\msisadrv.sys [2006-11-02 10:49]

R0 spldr;Security Processor Loader Driver;C:\Windows\system32\drivers\spldr.sys [2006-11-02 10:49]

R0 volmgr;Volume Manager Driver;C:\Windows\system32\drivers\volmgr.sys [2006-11-02 10:50]

R0 volmgrx;Dynamic Volume Manager;C:\Windows\system32\drivers\volmgrx.sys [2006-11-02 10:51]

R1 DfsC;Dfs Client Driver;C:\Windows\system32\Drivers\dfsc.sys [2006-11-02 09:31]

R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080111.002\IDSvix86.sys [2007-12-04 17:51]

R1 nsiproxy;NSI proxy service;C:\Windows\system32\drivers\nsiproxy.sys [2006-11-02 09:57]

R1 RDPENCDD;RDP Encoder Mirror Driver;C:\Windows\system32\drivers\rdpencdd.sys [2006-11-02 10:02]

R1 Smb;Meldingsorientert TCP/IP- og TCP/IPv6-protokoll (SMB-økt);C:\Windows\system32\DRIVERS\smb.sys [2006-11-02 09:57]

R1 tdx;TDI-støttedriver for eldre NetIO;C:\Windows\system32\DRIVERS\tdx.sys [2006-11-02 09:57]

R1 Wanarpv6;Remote Access IPv6 ARP Driver;C:\Windows\system32\DRIVERS\wanarp.sys [2007-12-16 02:34]

R2 AeLookupSvc;Application Experience;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R2 ASLDRService;ASLDR Service;C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 03:13]

R2 AudioEndpointBuilder;Windows Audio Endpoint Builder;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

R2 BFE;Base Filtering Engine;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R2 DPS;Diagnostic Policy Service;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

R2 EMDMgmt;ReadyBoost;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R2 FDResPub;Function Discovery Resource Publication;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R2 ghaio;ghaio;C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2006-12-28 17:17]

R2 gpsvc;Group Policy Client;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R2 IKEEXT;IKE and AuthIP IPsec Keying Modules;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R2 iphlpsvc;IP Helper;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

R2 KtmRm;KtmRm for Distributed Transaction Coordinator;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;C:\Windows\system32\DRIVERS\lltdio.sys [2006-11-02 09:56]

R2 luafv;UAC File Virtualization;C:\Windows\system32\drivers\luafv.sys [2006-11-02 09:33]

R2 MMCSS;Multimedia Class Scheduler;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R2 MpsSvc;Windows Firewall;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R2 netprofm;Network List Service;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

R2 NlaSvc;Network Location Awareness;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

R2 nsi;Network Store Interface Service;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R2 PcaSvc;Program Compatibility Assistant Service;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R2 PEAUTH;PEAUTH;C:\Windows\system32\drivers\peauth.sys [2006-11-02 10:04]

R2 ProfSvc;User Profile Service;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R2 RapiMgr;Tilkobling for Windows Mobile-basert enhet;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R2 slsvc;Software Licensing;C:\Windows\system32\SLsvc.exe [2007-12-13 08:45]

R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;C:\Windows\System32\StkCSrv.exe [2006-12-11 09:31]

R2 SysMain;Superfetch;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R2 TabletInputService;Tablet PC Input Service;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

R2 tcpipreg;TCP/IP Registry Compatibility;C:\Windows\system32\drivers\tcpipreg.sys [2006-11-02 09:57]

R2 UxSms;Desktop Window Manager Session Manager;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

R2 WcesComm;Tilkobling for Windows Mobile 2003-basert enhet;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R2 WerSvc;Windows Error Reporting Service;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

R2 Wlansvc;WLAN AutoConfig;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R2 WPDBusEnum;Portable Device Enumerator Service;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R3 Appinfo;Application Information;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R3 Atc002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Controller;C:\Windows\system32\DRIVERS\L260x86.sys [2006-12-13 19:00]

R3 bowser;Bowser;C:\Windows\system32\DRIVERS\bowser.sys [2006-11-02 09:31]

R3 DXGKrnl;LDDM Graphics Subsystem;C:\Windows\system32\drivers\dxgkrnl.sys [2007-12-16 02:34]

R3 fdPHost;Function Discovery Provider Host;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

R3 iScsiPrt;iScsiPort Driver;C:\Windows\system32\DRIVERS\msiscsi.sys [2006-11-02 10:51]

R3 KeyIso;CNG Key Isolation;C:\Windows\system32\lsass.exe [2006-11-02 10:45]

R3 monitor;Microsoft Monitor Class Function Driver Service;C:\Windows\system32\DRIVERS\monitor.sys [2006-11-02 09:54]

R3 mpsdrv;Driver for Windows-brannmurgodkjenning;C:\Windows\system32\drivers\mpsdrv.sys [2007-12-13 08:49]

R3 mrxsmb10;SMB 1.x MiniRedirector;C:\Windows\system32\DRIVERS\mrxsmb10.sys [2006-11-02 09:31]

R3 mrxsmb20;SMB 2.0 MiniRedirector;C:\Windows\system32\DRIVERS\mrxsmb20.sys [2007-12-13 08:42]

R3 NativeWifiP;NativeWiFi Filter;C:\Windows\system32\DRIVERS\nwifi.sys [2008-01-10 05:32]

R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-02-02 08:09]

R3 RTSTOR;USB Mass Storage Device;C:\Windows\system32\drivers\RTSTOR.SYS [2007-01-11 03:18]

R3 srv2;srv2;C:\Windows\system32\DRIVERS\srv2.sys [2007-12-13 08:42]

R3 srvnet;srvnet;C:\Windows\system32\DRIVERS\srvnet.sys [2007-12-13 08:42]

R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;C:\Windows\system32\Drivers\StkCMini.sys [2007-01-19 16:19]

R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2006-12-15 01:41]

R3 TrustedInstaller;Windows Modules Installer;C:\Windows\servicing\TrustedInstaller.exe [2006-11-02 10:45]

R3 tunnel;Microsoft IPv6 Tunnel Miniport Adapter Driver;C:\Windows\system32\DRIVERS\tunnel.sys [2007-12-13 08:49]

R3 umbus;UMBus Enumerator Driver;C:\Windows\system32\DRIVERS\umbus.sys [2006-11-02 09:55]

R3 WCPU;WCPU;C:\Program Files\P4G\WCPU.sys [2007-01-03 00:37]

R3 WdiSystemHost;Diagnostic System Host;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

R3 WinHttpAutoProxySvc;WinHTTP Web Proxy Auto-Discovery Service;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver;C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-13 18:08]

S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;C:\Windows\system32\drivers\brfiltlo.sys [2006-11-02 09:24]

S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;C:\Windows\system32\drivers\brfiltup.sys [2006-11-02 09:24]

S3 BrUsbSer;Brother MFC USB Serial WDM Driver;C:\Windows\system32\drivers\brusbser.sys [2006-11-02 09:24]

S3 CertPropSvc;Certificate Propagation;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

S3 DFSR;DFS Replication;C:\Windows\system32\DFSR.exe [2006-11-02 13:36]

S3 E1G60;Intel® PRO/1000 NDIS 6 Adapter Driver;C:\Windows\system32\DRIVERS\E1G60I32.sys [2006-11-02 08:30]

S3 Filetrace;FileTrace;C:\Windows\system32\drivers\filetrace.sys [2006-11-02 09:32]

S3 IPBusEnum;PnP-X IP Bus Enumerator;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

S3 lltdsvc;Link-Layer Topology Discovery Mapper;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

S3 MSiSCSI;Microsoft iSCSI Initiator Service;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

S3 MsRPC;MsRPC;C:\Windows\system32\drivers\MsRPC.sys [2006-11-02 10:51]

S3 NETw3v32;Intel® PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 08:30]

S3 p2pimsvc;Peer Networking Identity Manager;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

S3 p2psvc;Peer Networking Grouping;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

S3 pla;Performance Logs & Alerts;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

S3 PNRPAutoReg;PNRP Machine Name Publication Service;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

S3 PNRPsvc;Peer Name Resolution Protocol;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

S3 QWAVE;Quality Windows Audio Video Experience;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

S3 RTL8169;Realtek 8169 NT Driver;C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 08:30]

S3 SCPolicySvc;Smart Card Removal Policy;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

S3 SDRSVC;Windows Backup;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

S3 SessionEnv;Terminal Services Configuration;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

S3 sffp_mmc;SFF Storage Protocol Driver for MMC;C:\Windows\system32\drivers\sffp_mmc.sys [2006-11-02 09:51]

S3 SLUINotify;SL UI Notification Service;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-01-07 23:23]

S3 TBS;TPM Base Services;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

S3 THREADORDER;Thread Ordering Server;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

S3 TPM;TPM;C:\Windows\system32\drivers\tpm.sys [2006-11-02 10:50]

S3 tssecsrv;Terminal Services Security Filter Driver;C:\Windows\system32\DRIVERS\tssecsrv.sys [2006-11-02 10:02]

S3 UI0Detect;Interactive Services Detection;C:\Windows\system32\UI0Detect.exe [2006-11-02 10:45]

S3 uliagpkx;Uli AGP Bus Filter;C:\Windows\system32\drivers\uliagpkx.sys [2006-11-02 10:50]

S3 vga;vga;C:\Windows\system32\DRIVERS\vgapnp.sys [2006-11-02 09:53]

S3 wcncsvc;Windows Connect Now - Config Registrar;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

S3 WcsPlugInService;Windows Color System;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

S3 WdiServiceHost;Diagnostic Service Host;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

S3 Wecsvc;Windows Event Collector;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

S3 wercplsupport;Problem Reports and Solutions Control Panel Support;C:\Windows\System32\svchost.exe [2006-11-02 10:45]

S3 WinRM;Windows Remote Management (WS-Management);C:\Windows\System32\svchost.exe [2006-11-02 10:45]

S3 WPCSvc;Parental Controls;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

S4 adp94xx;adp94xx;C:\Windows\system32\drivers\adp94xx.sys [2006-11-02 10:51]

S4 adpahci;adpahci;C:\Windows\system32\drivers\adpahci.sys [2006-11-02 10:51]

S4 amdide;amdide;C:\Windows\system32\drivers\amdide.sys [2006-11-02 10:49]

S4 arc;arc;C:\Windows\system32\drivers\arc.sys [2006-11-02 10:50]

S4 arcsas;arcsas;C:\Windows\system32\drivers\arcsas.sys [2006-11-02 10:50]

S4 Brserid;Brother MFC Serial Port Interface Driver (WDM);C:\Windows\system32\drivers\brserid.sys [2006-11-02 09:25]

S4 BrSerWdm;Brother WDM Serial driver;C:\Windows\system32\drivers\brserwdm.sys [2006-11-02 09:24]

S4 BrUsbMdm;Brother MFC USB Fax Only Modem;C:\Windows\system32\drivers\brusbmdm.sys [2006-11-02 09:24]

S4 circlass;Consumer IR Devices;C:\Windows\system32\drivers\circlass.sys [2006-11-02 09:55]

S4 Crusoe;Transmeta Crusoe Processor Driver;C:\Windows\system32\drivers\crusoe.sys [2006-11-02 09:30]

S4 elxstor;elxstor;C:\Windows\system32\drivers\elxstor.sys [2006-11-02 10:51]

S4 HpCISSs;HpCISSs;C:\Windows\system32\drivers\hpcisss.sys [2006-11-02 10:50]

S4 iaStorV;Intel RAID Controller Vista;C:\Windows\system32\drivers\iastorv.sys [2006-11-02 10:51]

S4 iirsp;iirsp;C:\Windows\system32\drivers\iirsp.sys [2006-11-02 10:50]

S4 IPMIDRV;IPMIDRV;C:\Windows\system32\drivers\ipmidrv.sys [2006-11-02 09:42]

S4 iteraid;ITERAID_Service_Install;C:\Windows\system32\drivers\iteraid.sys [2006-11-02 10:50]

S4 LSI_FC;LSI_FC;C:\Windows\system32\drivers\lsi_fc.sys [2006-11-02 10:50]

S4 LSI_SAS;LSI_SAS;C:\Windows\system32\drivers\lsi_sas.sys [2006-11-02 10:50]

S4 LSI_SCSI;LSI_SCSI;C:\Windows\system32\drivers\lsi_scsi.sys [2006-11-02 10:50]

S4 Mcx2Svc;Windows Media Center Extender Service;C:\Windows\system32\svchost.exe [2006-11-02 10:45]

S4 megasas;megasas;C:\Windows\system32\drivers\megasas.sys [2006-11-02 10:49]

S4 mpio;Microsoft Multi-Path Bus Driver;C:\Windows\system32\drivers\mpio.sys [2006-11-02 10:50]

S4 msahci;msahci;C:\Windows\system32\drivers\msahci.sys [2006-11-02 10:49]

S4 msdsm;Microsoft Multi-Path Device Specific Module;C:\Windows\system32\drivers\msdsm.sys [2006-11-02 10:50]

S4 nfrd960;nfrd960;C:\Windows\system32\drivers\nfrd960.sys [2006-11-02 10:50]

S4 ntrigdigi;N-trig HID Tablet Driver;C:\Windows\system32\drivers\ntrigdigi.sys [2006-11-02 08:36]

S4 nvstor;nvstor;C:\Windows\system32\drivers\nvstor.sys [2006-11-02 10:50]

S4 ql2300;QLogic Fibre Channel Miniport Driver;C:\Windows\system32\drivers\ql2300.sys [2006-11-02 10:51]

S4 ql40xx;QLogic iSCSI Miniport Driver;C:\Windows\system32\drivers\ql40xx.sys [2006-11-02 10:50]

S4 SiSRaid2;SiSRaid2;C:\Windows\system32\drivers\sisraid2.sys [2006-11-02 10:50]

S4 SiSRaid4;SiSRaid4;C:\Windows\system32\drivers\sisraid4.sys [2006-11-02 10:50]

S4 uliahci;uliahci;C:\Windows\system32\drivers\uliahci.sys [2006-11-02 10:51]

S4 ulsata2;ulsata2;C:\Windows\system32\drivers\ulsata2.sys [2006-11-02 10:50]

S4 usbcir;eHome Infrared Receiver (USBCIR);C:\Windows\system32\drivers\usbcir.sys [2006-11-02 09:55]

S4 ViaC7;VIA C7 Processor Driver;C:\Windows\system32\drivers\viac7.sys [2006-11-02 09:30]

S4 vsmraid;vsmraid;C:\Windows\system32\drivers\vsmraid.sys [2006-11-02 10:50]

S4 WacomPen;Wacom Serial Pen HID Driver;C:\Windows\system32\drivers\wacompen.sys [2006-11-02 09:52]

S4 Wd;Microsoft Watchdog Timer Driver;C:\Windows\system32\drivers\wd.sys [2006-11-02 10:49]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalService REG_MULTI_SZ nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient

LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum

NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc ehstart

NetworkService REG_MULTI_SZ CryptSvc DHCP TermService KtmRm DNSCache NapAgent nlasvc WinRM WECSVC Tapisrv

WerSvcGroup REG_MULTI_SZ wersvc

swprv REG_MULTI_SZ swprv

LocalServiceNetworkRestricted REG_MULTI_SZ DHCP eventlog AudioSrv LmHosts wscsvc p2pimsvc PNRPSvc p2psvc WPCSvc PnrpAutoReg

regsvc REG_MULTI_SZ RemoteRegistry

wcssvc REG_MULTI_SZ WcsPlugInService

DcomLaunch REG_MULTI_SZ PlugPlay DcomLaunch

wdisvc REG_MULTI_SZ WdiServiceHost

sdrsvc REG_MULTI_SZ sdrsvc

secsvcs REG_MULTI_SZ WinDefend

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

AeLookupSvc

wercplsupport

Themes

CertPropSvc

SCPolicySvc

lanmanserver

gpsvc

IKEEXT

AudioSrv

FastUserSwitchingCompatibility

Nla

NWCWorkstation

SRService

Wmi

WmdmPmSp

TermService

wuauserv

BITS

ShellHWDetection

LogonHours

PCAudit

helpsvc

uploadmgr

iphlpsvc

seclogon

AppInfo

msiscsi

MMCSS

ProfSvc

EapHost

winmgmt

schedule

SessionEnv

browser

hkmsvc

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]

\shell\AutoRun\command - E:\Installer.exe

 

*Newly Created Service* - COMHOST

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]

C:\Windows\system32\unregmp2.exe /ShowWMP

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

.

Contents of the 'Scheduled Tasks' folder

"2008-01-04 19:31:39 C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Mats.job"

- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeB/TASK:

.

**************************************************************************

 

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-01-14 10:31:20

Windows 5.1.2600 Service Pack 2 NTFS

 

detected NTDLL code modification:

ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

Completion time: 2008-01-14 10:32:50

ComboFix2.txt 2008-01-14 08:55:40

.

2008-01-10 04:37:27 --- E O F ---

 

 

superantispyware log:

Klikk for å se/fjerne innholdet nedenfor

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

 

Generated 01/14/2008 at 09:43 AM

 

Application Version : 3.9.1008

 

Core Rules Database Version : 3379

Trace Rules Database Version: 1373

 

Scan type : Complete Scan

Total Scan Time : 01:00:42

 

Memory items scanned : 760

Memory threats detected : 0

Registry items scanned : 6033

Registry threats detected : 0

File items scanned : 58018

File threats detected : 2

 

Adware.Tracking Cookie

C:\Users\Mats\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt

C:\Users\Mats\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt

 

Jelg velger å legge med loggen som ble laget da jeg fikk bluescreen:

Klikk for å se/fjerne innholdet nedenfor

Problemsignatur:

Navn på problemhendelse: BlueScreen

OS-versjon: 6.0.6000.2.0.0.768.3

ID for nasjonal innstilling: 1044

 

Tilleggsinformasjon om problemet:

BCCode: 1000007e

BCP1: C0000005

BCP2: 8E94297A

BCP3: 87DCCA44

BCP4: 87DCC740

OS Version: 6_0_6000

Service Pack: 0_0

Product: 768_1

 

Filer som bidrar til å beskrive problemet:

C:\Windows\Minidump\Mini010708-01.dmp

C:\Users\Mats\AppData\Local\Temp\WER-484000-0.sysdata.xml

C:\Users\Mats\AppData\Local\Temp\WERA834.tmp.version.txt

 

Les vår personvernerklæring:

http://go.microsoft.com/fwlink/?linkid=501...mp;clcid=0x0414

 

legger også med en test av Hotcpu tester:

 

Klikk for å se/fjerne innholdet nedenfor

Hot CPU Tester Pro(Lite Edition) 4.4.1

Copyright © 1999-2003 7Byte Computers

Friday, January 11, 2008 - 07:12:13

Diagnostic Report

---------------------------------------------

Test Started at: 00:11:01

Test Duration: 06:00:03

Physical Processors Available: 2

Logical Processors Available: 2

Multi-Processors System(SMP): Available

Hyper-Threading Technology: Not Available

CPU Name String: Genuine Intel® CPU T2080 @ 1.73GHz

Speed: 1728MHz

Logical Processors Tested: CPU 0, CPU 1

Average CPU(s) Performance: 100.0%

 

Modules Results:

Complex Matrix: Finished without error

Calculating Pi: Finished without error

Sorting Algorithms: Finished without error

Prime Test: Finished without error

Fast Fourier Transforms:

Chipset:

L1 Cache:

L2 Cache:

Memory: Finished without error

HD: File Exception error:All or part of the path is invalid:CPU 0: an unnamed file contains an invalid path.

MMX: Finished without error

SSE:

SSE2/SSE3:

3DNow!:

 

Edit: pcn er ikke treg når jeg først har fått startet den skikkelig opp.

Endret 14. januar 2008 av the_masked_cow

[the_masked_cow]

ingen som orker å ta en kikk?

[norbat]

Kan ikke se noe spesielt i loggene dine, the_masked_cow.

 

Og, når problemet bare er i oppstarten, så vil jeg tro at dette ikke har noe med malware å gjøre. Kanksje Vista-forumet har noen tips? ==> https://www.diskusjon.no/index.php?showforum=382

[GeirGrusom]

Den tregeste funksjonen til en harddisk, er "seek" som kan ta flere millisekunder hver gang.

En defragmentering kan redusere seek tid, som igjen kan føre til mindre rumling på disken og raskere oppstart. Ytelsen kan økes med noen sekunder.

 

Det er også en fordel å vite hvilke programmer som starter opp med Windows, det er ingen programmer som ligger i Run-nøkkelen eller "Startup" som er system-kritisk, men noen kan være nyttig, så bare fjern de du er sikker på at du ikke trenger, og som du vet hva er for noe.

 

F.eks. Steam, Winamp Agent, Open Office Quick start, eller andre quick-start programmer kan være ting som ikke trenger å starte automatisk hver gang.

Hvis du ikke bruker programmet hver gang du starter PC-en, er det heller ikke nødvendig at det startes med en gang. De fleste programmer kan man skru av at de starter automatisk i instillingene til programmet.

 

Etter min erfaring så er det fryktelig mange som ukritisk installerer ekstra programmer, og en dårlig vedlikeholdt Windows er ofte vist ved at systray (der hvor klokka er) er stappet full av ikoner.

 

Men ikke skru av funksjoner du ikke vet hva er. Lurer du på f.eks. hva Shadow Copy servicen er til, enten kjør et google søk, eller spør noen kvalifiserte før du gjør noe som helst.

 

Vær kritisk til programmene du installerer, spesielt programmer som ikke direkte har noen nytte for deg (screensavers og småspill f.eks.) de fleste virus (ikke ormer) forplanter seg ved å lure brukeren til å tro at det er noe interressant.

 

Alle programmer kan åpne en sikkerhetstrussel i et hvilket som helst operativsystem, men det andre OS gjør klokt i som Windows også burde gjøre, er å ikke tillate brukeren å logge inn som administrator(root i *nix), samt stenge av systemfiler fra alle andre brukere en System og Administrator. Dette begrenser potensielle skadevirkninger et program kan ha til å kun angripe eller overvåke den påloggede brukerens datafiler.

Med andre ord: Ikke bruk Administrator kontoen til daglig.