Maskinen er treg og låser seg

2 innlegg i emnet

Skrevet

Prosesorkraften , ytelsen viser 100 % selv om dette ikke vises på prosess visningen så ståt den på 100 % på yteleses visningen.

Jeg har forsøkt å kjøre combofix og Malwarebytes' Anti-Malware og ett par andre, men dette hjelper ikke denne gangen.

Noen som kan hjelpe meg videre ?

Takker..

Hei. Jeg har litt av samme problemer på min maskin. Den er treg og låser seg, og prossessene kjører for fullt veldig ofte. Har kjørt ccleaner, norton antivirus og spybot search and destroy. Nå har jeg kjørt RSIT, å legger loggen hær:

Kan noen se over den om den er grei? :)

RSIT logg (klikk for å vise/skjule)

Logfile of random's system information tool 1.06 (written by random/random)

Run by Månestråle at 2009-07-24 12:23:13

Microsoft Windows XP Home Edition Service Pack 3

System drive C: has 12 GB (22%) free of 54 GB

Total RAM: 1023 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:23:29, on 24/07/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Intel\Wireless\Bin\ZcfgSvc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe

C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe

C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Programfiler\Bonjour\mDNSResponder.exe

C:\Programfiler\Java\jre6\bin\jqs.exe

C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

C:\Programfiler\CDBurnerXP\NMSAccessU.exe

C:\Programfiler\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe

C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe

C:\Programfiler\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\UPHClean\uphclean.exe

C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe

C:\Programfiler\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe

C:\Programfiler\Apoint\Apoint.exe

C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe

C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programfiler\Windows Live\Messenger\msnmsgr.exe

C:\Programfiler\Apoint\Apntex.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Windows Live\Contacts\wlcomm.exe

C:\Programfiler\Internet Explorer\iexplore.exe

C:\Programfiler\Internet Explorer\iexplore.exe

C:\Programfiler\Internet Explorer\iexplore.exe

C:\Programfiler\Outlook Express\msimn.exe

C:\Documents and Settings\Månestråle\Lokale innstillinger\Temporary Internet Files\Content.IE5\5W91Y38C\RSIT[1].exe

C:\Programfiler\trend micro\Månestråle.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: (no name) - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - (no file)

O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programfiler\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programfiler\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Telenor Telenorhjelpen Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - C:\Programfiler\Telenor\Telenorhjelpen\IEFixItNowPlugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)

O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programfiler\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll

O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint\Apoint.exe

O4 - HKLM\..\Run: [ATIPTA] "C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [intelWireless] C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [HP Component Manager] "C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Programfiler\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Programfiler\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100429 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SIMBAR Enabled; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab

O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab

O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} (MGLaunch_v1004 Class) - http://hero.netgame.com/launch/object/mglaunch_USAv1004.cab

O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} -

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Programfiler\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe

O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Programfiler\CDBurnerXP\NMSAccessU.exe

O23 - Service: NNServ - Unknown owner - (no file)

O23 - Service: Norton Internet Security - Symantec Corporation - C:\Programfiler\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe

--

End of file - 11990 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{111CAA23-6F4F-42AC-8555-B48C1D87BBAB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

Symantec NCO BHO - C:\Programfiler\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Symantec Intrusion Prevention - C:\Programfiler\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516}]

Telenor Telenorhjelpen Plugin - C:\Programfiler\Telenor\Telenorhjelpen\IEFixItNowPlugin.dll [2008-02-19 123584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Programfiler\Java\jre6\bin\jp2ssv.dll [2009-03-13 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-13 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Programfiler\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Apoint"=C:\Programfiler\Apoint\Apoint.exe [2004-09-13 155648]

"ATIPTA"=C:\Programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-08-05 344064]

"IntelWireless"=C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe [2004-10-30 385024]

"ISUSScheduler"=C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe [2005-06-10 81920]

"HP Component Manager"=C:\Programfiler\HP\hpcoretech\hpcmpmgr.exe [2005-01-12 241664]

"UCam_Menu"=C:\Programfiler\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]

"QuickTime Task"=C:\Programfiler\QuickTime\qttask.exe [2009-01-05 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"msnmsgr"=C:\Programfiler\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE [2008-03-19 439736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [2007-03-09 63712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]

C:\Programfiler\Alcohol Soft\Alcohol 120\axcmd.exe [2009-02-23 203928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

C:\Documents and Settings\Månestråle\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]

C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-02-27 67128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]

C:\Programfiler\Microsoft LifeCam\LifeExp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

C:\Programfiler\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Programfiler\QuickTime\qttask.exe [2009-01-05 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]

C:\Programfiler\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-04-01 405504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Programfiler\Java\jre6\bin\jusched.exe [2009-03-13 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Telenorhjelpen]

C:\Programfiler\Telenor\Telenorhjelpen\Telenor.exe [2008-02-07 189120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]

C:\WINDOWS\vVX1000.exe [2008-08-04 721936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

C:\Programfiler\Windows Defender\MSASCui.exe [2006-11-03 866584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^Digital Line Detect.lnk]

C:\PROGRA~1\DIGITA~1\DLG.exe [2003-10-29 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^HP Digital Imaging Monitor.lnk]

C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2003-09-16 237568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^Logitech Desktop Messenger.lnk]

C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [2007-02-27 67128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless]

C:\Programfiler\Intel\Wireless\Bin\LgNotify.dll [2004-09-07 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=

"NoDriveTypeAutoRun"=

"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Programfiler\LimeWire\LimeWire.exe"="C:\Programfiler\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

"C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

"C:\Programfiler\Telenor\Online Start\Telenor.exe"="C:\Programfiler\Telenor\Online Start\Telenor.exe:*:Enabled:Online Start"

"C:\Programfiler\Skype\Phone\Skype.exe"="C:\Programfiler\Skype\Phone\Skype.exe:*:Enabled:Skype"

"C:\Programfiler\Azureus\Azureus.exe"="C:\Programfiler\Azureus\Azureus.exe:*:Enabled:Azureus"

"C:\Programfiler\Telenor\Telenorhjelpen\Telenor.exe"="C:\Programfiler\Telenor\Telenorhjelpen\Telenor.exe:*:Enabled:Telenorhjelpen"

"C:\Programfiler\Sony Ericsson\Update Service\Update Service.exe"="C:\Programfiler\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"

"C:\Programfiler\FlashGet\FlashGet.exe"="C:\Programfiler\FlashGet\FlashGet.exe:*:Enabled:Flashget"

"C:\Programfiler\BitTyrant\Azureus.exe"="C:\Programfiler\BitTyrant\Azureus.exe:*:Enabled:Azureus"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"

"C:\Programfiler\Team MediaPortal\MediaPortal TV Server\TvService.exe"="C:\Programfiler\Team MediaPortal\MediaPortal TV Server\TvService.exe:LocalSubNet:Enabled:MediaPortal TV Server"

"C:\Programfiler\Team MediaPortal\MediaPortal\MediaPortal.exe"="C:\Programfiler\Team MediaPortal\MediaPortal\MediaPortal.exe:LocalSubNet:Enabled:MediaPortal"

"C:\Programfiler\Internet Explorer\iexplore.exe"="C:\Programfiler\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"

"C:\Programfiler\Mozilla Firefox\firefox.exe"="C:\Programfiler\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox"

"C:\Programfiler\MSN Messenger\livecall.exe"="C:\Programfiler\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\Programfiler\Bonjour\mDNSResponder.exe"="C:\Programfiler\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

"C:\Programfiler\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe"="C:\Programfiler\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe:*:Enabled:Symantec Service Framework"

"C:\Programfiler\Windows Live\Messenger\wlcsdk.exe"="C:\Programfiler\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Programfiler\Windows Live\Messenger\msnmsgr.exe"="C:\Programfiler\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Programfiler\MSN Messenger\livecall.exe"="C:\Programfiler\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\Programfiler\Windows Live\Messenger\wlcsdk.exe"="C:\Programfiler\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Programfiler\Windows Live\Messenger\msnmsgr.exe"="C:\Programfiler\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======File associations======

.js - open - NOTEPAD.EXE %1

.vbs - open - NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2009-07-24 12:05:32 ----D---- C:\Programfiler\trend micro

2009-07-24 12:05:26 ----D---- C:\rsit

2009-07-24 11:47:49 ----D---- C:\WINDOWS\LastGood

2009-07-16 00:23:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$

2009-07-16 00:22:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$

2009-07-16 00:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$

2009-07-09 23:48:48 ----D---- C:\WINDOWS\ie8updates

2009-07-09 23:38:13 ----HDC---- C:\WINDOWS\ie8

2009-06-25 16:37:12 ----D---- C:\Documents and Settings\All Users\Programdata\Microgaming

2009-06-25 16:37:12 ----D---- C:\Documents and Settings\All Users\Programdata\MGS

2009-06-25 16:36:41 ----D---- C:\Microgaming

======List of files/folders modified in the last 1 months======

2009-07-24 12:06:52 ----D---- C:\WINDOWS\Prefetch

2009-07-24 12:05:32 ----AD---- C:\Programfiler

2009-07-24 12:05:31 ----D---- C:\WINDOWS\Temp

2009-07-24 11:55:30 ----D---- C:\WINDOWS\system32\drivers

2009-07-24 11:48:15 ----SD---- C:\WINDOWS\Downloaded Program Files

2009-07-24 11:48:14 ----D---- C:\WINDOWS\BDOSCAN8

2009-07-24 11:47:51 ----HD---- C:\WINDOWS\inf

2009-07-24 11:47:49 ----D---- C:\WINDOWS

2009-07-24 11:46:23 ----D---- C:\WINDOWS\system32\CatRoot2

2009-07-24 11:37:54 ----SD---- C:\WINDOWS\Tasks

2009-07-24 10:55:15 ----A---- C:\WINDOWS\SchedLgU.Txt

2009-07-24 00:37:37 ----D---- C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy

2009-07-24 00:31:18 ----D---- C:\WINDOWS\Debug

2009-07-21 22:05:32 ----D---- C:\Documents and Settings\Månestråle\Programdata\Azureus

2009-07-16 10:39:37 ----D---- C:\WINDOWS\system32

2009-07-16 00:23:21 ----HD---- C:\WINDOWS\$hf_mig$

2009-07-16 00:23:04 ----RSHD---- C:\WINDOWS\system32\dllcache

2009-07-10 04:17:08 ----RASH---- C:\boot.ini

2009-07-10 04:17:08 ----A---- C:\WINDOWS\win.ini

2009-07-10 04:17:08 ----A---- C:\WINDOWS\system.ini

2009-07-10 04:16:21 ----D---- C:\WINDOWS\pss

2009-07-10 00:07:30 ----D---- C:\WINDOWS\system32\nb-no

2009-07-10 00:07:30 ----D---- C:\WINDOWS\Media

2009-07-10 00:07:30 ----D---- C:\Programfiler\Internet Explorer

2009-07-10 00:07:29 ----D---- C:\WINDOWS\Help

2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe

2009-07-05 12:58:59 ----D---- C:\Programfiler\LimeWire

2009-07-05 12:58:17 ----SHD---- C:\WINDOWS\Installer

2009-07-05 12:58:17 ----SHD---- C:\Config.Msi

2009-06-29 00:12:51 ----AD---- C:\Programfiler\Fellesfiler

2009-06-29 00:12:10 ----D---- C:\Programfiler\DJBCP Codec Pack

2009-06-28 00:26:06 ----D---- C:\Documents and Settings\Månestråle\Programdata\FrostWire

2009-06-26 02:08:14 ----D---- C:\Programfiler\Mozilla Firefox

2009-06-26 02:07:23 ----D---- C:\Programfiler\Graboid

2009-06-26 01:33:10 ----D---- C:\Downloads

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-03 16128]

R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608]

R1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-03-20 482352]

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Programfiler\Fellesfiler\Symantec Shared\EENGINE\eeCtrl.sys []

R1 hwinterface;hwinterface; C:\WINDOWS\System32\Drivers\hwinterface.sys [2007-08-24 3026]

R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090715.003\IDSxpx86.sys []

R1 intelppm;Intel-prosessordriver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]

R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-13 17153]

R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []

R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\WINDOWS\system32\drivers\NIS\1005000.087\SRTSPX.SYS []

R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMTDI.SYS [2009-03-12 217392]

R1 Tcpip6;Microsoft IPv6-protokolldriver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]

R1 WS2IFSL;Windows Socket 2.0-støttemiljø for ikke-IFS-tjenesteleverandør; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.0.1; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-01-13 17056]

R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]

R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]

R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-08-31 11354]

R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-11-16 108791]

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344]

R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2004-05-26 44928]

R3 CmBatt;Driver for batteri med Microsoft ACPI-kontrollmetode; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Programfiler\Fellesfiler\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []

R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-17 1041536]

R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-06-17 200064]

R3 IWCA;Intel Wireless Connection Agent Miniport for Win XP; C:\WINDOWS\system32\DRIVERS\iwca.sys [2004-08-12 234496]

R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2004-06-21 78976]

R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090723.066\NAVENG.SYS []

R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090723.066\NAVEX15.SYS []

R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]

R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760]

R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\STAC97.sys [2005-03-11 273168]

R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []

R3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMFW.SYS [2009-03-12 89776]

R3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMIDS.SYS [2009-03-12 34736]

R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400]

R3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMNDIS.SYS [2009-03-12 37296]

R3 tunmp;Microsoft Tun Miniport-kortdriver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]

R3 usbehci;Miniportdriver for Microsoft USB 2.0 forbedret vertskontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;USB2 aktivert hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbuhci;Miniportdriver for Microsoft USB universell vertskontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 w29n51;Intel® PRO/Wireless 2200BG nettverkstilkoblingsdriver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-21 3210496]

R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-06-17 685056]

S3 61883;61883 enhet; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]

S3 Arp1394;1394 ARP-klientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

S3 au194vjs;au194vjs; C:\WINDOWS\system32\drivers\au194vjs.sys []

S3 Avc;AVC-enhet; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]

S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys [2004-03-24 4272]

S3 CCDECODE;Dekoder for teksting for hørselshemmede; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 cxbu0wdm;CardMan 3x21; C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys [2005-12-05 80384]

S3 EL90XBC;Driver for 3Com EtherLink XL 90XB/C-kort; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]

S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-06-03 13352]

S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2008-06-03 21672]

S3 HidUsb;Microsoft HID-klassedriver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-02-26 51056]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-02-26 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-02-26 21488]

S3 irsir;Microsoft seriell infrarød driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]

S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]

S3 MSTEE;Tee/Sink-to-Sink-konverterer for Microsoft Streaming; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;NABTS/FEC VBI-kodek; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Microsoft TV/video-tilkobling; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 NIC1394;1394-nettverksdriver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

S3 nm;Driver for Network Monitor; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]

S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]

S3 PID_0920;Logitech QuickCam Express(PID_0920); C:\WINDOWS\system32\DRIVERS\LV532AV.SYS []

S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]

S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]

S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]

S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]

S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]

S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\WINDOWS\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]

S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]

S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\WINDOWS\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]

S3 SaiH1589;SaiH1589; C:\WINDOWS\system32\DRIVERS\SaiH1589.sys [2004-07-26 56576]

S3 SaiU1589;SaiU1589; C:\WINDOWS\system32\DRIVERS\SaiU1589.sys [2004-07-26 19584]

S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-05-01 61600]

S3 sffdisk;SFF-lagringsklassedriver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]

S3 sffp_sd;SFF-lagringsprotokolldriver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 SONYPVU1;Sony USB-filterdriver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\NIS\1002000.007\SYMDNS.SYS []

S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400]

S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\NIS\1002000.007\SYMREDRV.SYS []

S3 usbaudio;USB-lyddriver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

S3 usbccgp;Microsoft USB generell overordnet driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbprint;Microsoft USB PRINTER-klasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;USB-skannerdriver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;USB-masselagringsenhet; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 V0090VID;Creative WebCam Vista Plus; C:\WINDOWS\system32\DRIVERS\V0090Vid.sys [2005-04-14 138112]

S3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2008-08-04 1964432]

S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]

S3 WSTCODEC;World Standard Teletext-kodek; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 agp440;Intel AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]

S4 agpCPQ;Compaq AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]

S4 alim1541;ALI AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]

S4 amdagp;Driver for AMD AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]

S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]

S4 sisagp;SIS AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]

S4 sr;Filterdriver for systemgjenoppretting; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

S4 viaagp;VIA AGP-bussfilter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928]

R2 Bonjour Service;Bonjour Service; C:\Programfiler\Bonjour\mDNSResponder.exe [2008-12-12 238888]

R2 EvtEng;EvtEng; C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe [2004-09-07 86016]

R2 JavaQuickStarterService;Java Quick Starter; C:\Programfiler\Java\jre6\bin\jqs.exe [2009-03-13 152984]

R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Programfiler\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]

R2 NICCONFIGSVC;NICCONFIGSVC; C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe [2005-06-09 356352]

R2 NMSAccessU;NMSAccessU; C:\Programfiler\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]

R2 Norton Internet Security;Norton Internet Security; C:\Programfiler\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-03-12 115560]

R2 RegSrvc;RegSrvc; C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe [2004-09-07 139264]

R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe [2004-09-07 360521]

R2 SQLBrowser;SQL Server Browser; C:\Programfiler\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]

R2 SQLWriter;SQL Server VSS Writer; C:\Programfiler\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]

R2 UPHClean;User Profile Hive Cleanup; C:\Programfiler\UPHClean\uphclean.exe [2005-04-27 241725]

R2 WinDefend;Windows Defender; C:\Programfiler\Windows Defender\MsMpEng.exe [2006-11-03 13592]

R2 WLANKEEPER;WLANKEEPER; C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe [2004-09-07 225353]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S2 6to4;IPv6-hjelpetjeneste; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S3 aspnet_state;Statustjeneste for ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 fsssvc;Windows Live Family Safety; C:\Programfiler\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]

S3 gusvc;Google Updater Service; C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-01 136120]

S3 IDriverT;InstallDriver Table Manager; C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 ose;Office Source Engine; C:\Programfiler\Fellesfiler\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-02-26 65795]

S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Programfiler\Windows Media Player\WMPNetwk.exe [2006-11-15 914944]

S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Programfiler\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]

S4 NetTcpPortSharing;Tjenesten Net.Tcp Port Sharing; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet (endret)

trineline:

Det lønner seg å ha en egen tråd. Denne her risikerer du at blir oversett av de som normalt svarer på malwaresaker.

Jeg regnet med at loggen kom til å bli flyttet av en moderator da jeg så på den tidligere idag, men de har sikkert oversett den.

Jeg kan analysere Hijackthis-delen av loggen, men du får bedre svar om jeg lar en av spesialistene se på den. Jeg tar en foreløpig oversikt.

Resultat:

Siden det er relativt mye å sjekke her anbefaler jeg at du kjører en scan med Malwarebytes Anti Malware. Nærmere beskrivelse og link til nedlasting finner du i vår felles malwareguide. MBAM vil trolig rydde opp i enkelte av sakene her.

------

Foreløpig liste over ting jeg bør sjekke i loggen:

Fil mangler (klikk for å vise/skjule)

O2 - BHO: (no name) - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - (no file)

O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)

O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)

Resultat:

Jeg tror samtlige av disse oppføringene kan slettes. Dette er oppføringer i registeret hvor selve filen mangler. Noe av dette har tilhørt "uønskede programmer" selv om disse ikke er malware (forskjellen kan være liten).

SWEETIM toolbar regner jeg som "uønsket", og 2 av linjene tilhører den,

FREE.DOWNLOADS.NET toolbar er den nest siste linjen, den er også mistenkelig.

Dette er registeroppføringer som er oppført med "No file". Her sjekker jeg den lange ID-en for om det er sammenheng med malware.

Dette er ukjente programmer (for HJT) som også bør sjekkes:

Ukjente programmer i HJT-logg (klikk for å vise/skjule)

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100429 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SIMBAR Enabled; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab

O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab

O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab

O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} (MGLaunch_v1004 Class) - http://hero.netgame.com/launch/object/mglaunch_USAv1004.cab

O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} -

O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab

O23 - Service: NNServ - Unknown owner - (no file)

Resultat:

Her er det for mange jeg ikke kjenner. WorldWinner-gamene kan være mistenkelige, men her må noen andre uttale seg.

Endret av r2d290
0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!


Start en konto

Logg inn

Har du allerede en konto? Logg inn her.


Logg inn nå

  • Hvem er aktive   0 medlemmer

    Ingen innloggede medlemmer aktive