Høy prosent på ram

7 innlegg i emnet

Skrevet

Hei,

Jeg har et lite problem med pcen min. Ram prosenten ligger på 80-90% etter at pcen har stått på ca 12 timer. Og når jeg restarter pcen og kjører samme programene som jeg gjør når den ligger på 80-90% prosent så ligger den på mellom 40-50%.

Det er 8 gb ram i denne pcen. Noen som har noen ider til hva jeg kan gjøre med dette uten å måtte restarte hver gang pcen blir treig ?

Håper på rask tilbake melding :)

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Sjekk under prosesser i Oppgavebehandling hva som bruker så mye RAM...

Har du i tillegg mye crap ware (programmer fra PC produsent feks HP og Asus) kan det hjelpe på å fylle RAMen. Greit å fjerne disse programmene i så fall.

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Om den var stappet med crapware som ny (som Kakeshoma nevnte) ville jeg egentlig reinstallert hele greia. Du vet ikke hvor dypt de ekstraprogrammene ligger, ofte blir de ikke helt fjernet når du avinstallerer heller

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Woha, jeg er klar over at FF/opera med en del tabs oppe gjerne får minnebruken til å øke kraftig (spesielt om det er mye flash), men da snakker vi gjerne om maks 1 GB. Jo lenger du har nettelseren oppe, jo mer minne vil den ta opp. Men det er jo lett å sjekke i oppgavebehandler. Windows tar jo også å bruker litt minne til hurtigbufring av forskjellige programmer du bruker ofte, men SÅ mye vil det ikke bruke. Dette e

1. Sjekk at PCen faktisk tar i bruk alle 8 GB'ene. Har du 32-bit windows så sitter du i praksis med 3-3,5 GB. Og om en Ram-brikke er defekt eller ikke sitter skikkelig så har du da bare 4 GB. Og da kan det være mer forklarlig.

2. Men i bunn og grunn så tipper jeg på mye dritt og lumsk som ligger på PCen.

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet (endret)

Noen typer virus/malware infeksjoner går inn for å redusere ytelsen på pcen din. Jeg vil anbefale deg å følge veileningen fra punkt til punkt som du finner i signaturen min.

Post loggene etterpå slik det står helt i bunnen av guiden.

Jeg tror egentlig at det er ram-brikkene dine som er defekt, men dette er for å utelukke muligheten om at du kan være infisert.

Endret av Datasmurfen
0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Hei,

Da har jeg fulgt den guiden til Datasmurfen.

ComboFix 11-05-04.02 - Iperia 05.05.2011 0:32.1.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.3327.2078 [GMT 2:00]

Kjører fra: c:\documents and settings\Iperia\Mine dokumenter\Downloads\ComboFix.exe

* Opprettet nytt gjenopprettingspunkt

.

ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !!

.

.

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programfiler\YouTube Downloader Toolbar\IE\4.3\yoUTubedownloadertoolbarie.dll

E:\install.exe

F:\Autorun.inf

.

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2011-04-04 til 2011-05-04 )))))))))))))))))))))))))))))))))

.

.

2011-05-04 22:14 . 2011-05-04 22:14 -------- d-----w- c:\documents and settings\Iperia\Programdata\Malwarebytes

2011-05-04 22:13 . 2011-05-04 22:13 -------- d-----w- c:\documents and settings\All Users\Programdata\Malwarebytes

2011-05-04 22:13 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-04 22:13 . 2011-05-04 22:13 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware

2011-05-04 22:13 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-04 22:11 . 2011-05-04 22:11 -------- d--h--r- c:\documents and settings\Iperia\Siste

2011-05-04 22:06 . 2011-05-04 22:06 -------- d-----w- c:\programfiler\CCleaner

2011-05-02 18:12 . 2011-05-02 18:13 -------- d-----w- c:\programfiler\OpenVPN

2011-04-28 00:00 . 2011-04-28 00:00 -------- d-----w- c:\programfiler\RAMBooster.Net

2011-04-27 23:57 . 2011-04-27 23:57 -------- d-----w- c:\documents and settings\Iperia\Programdata\Uniblue

2011-04-27 23:57 . 2011-04-27 23:57 -------- d-----w- c:\programfiler\Uniblue

2011-04-27 19:15 . 2011-04-27 19:15 -------- d-----w- c:\programfiler\fliptoast

2011-04-27 19:03 . 2011-02-23 14:54 29520 ----a-w- c:\windows\system32\SmartDefragBootTime.exe

2011-04-27 19:03 . 2011-02-23 15:04 13496 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys

2011-04-27 19:02 . 2011-04-27 19:02 -------- d-----w- c:\documents and settings\Iperia\Programdata\IObit

2011-04-27 19:01 . 2011-04-27 19:01 -------- d-----w- c:\documents and settings\All Users\Programdata\IObit

2011-04-27 19:01 . 2011-04-27 19:03 -------- d-----w- c:\programfiler\IObit

2011-04-27 18:17 . 2011-04-29 01:38 -------- d-----w- c:\documents and settings\Iperia\Programdata\.minecraft

2011-04-27 17:32 . 2011-04-27 17:32 -------- d-----w- c:\programfiler\Ribbit Phone

2011-04-27 17:32 . 2011-04-27 17:32 -------- d-----w- c:\documents and settings\Iperia\Programdata\com.adobe.example.SimplePhone.83548B8E1549C0B02E90A4FC5E44CB1E33F76C25.1

2011-04-27 12:08 . 2011-04-27 12:08 -------- d-----w- c:\documents and settings\Iperia\Programdata\com.w3i.FlipToast

2011-04-23 00:57 . 2009-11-12 11:48 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys

2011-04-23 00:57 . 2011-04-23 00:57 -------- d-----w- c:\programfiler\CDBurnerXP

2011-04-23 00:56 . 2011-04-23 00:56 -------- d-----w- c:\documents and settings\Iperia\Lokale innstillinger\Programdata\Evernote

2011-04-23 00:56 . 2011-04-23 00:56 -------- d-----w- c:\programfiler\Evernote

2011-04-23 00:21 . 2011-04-23 00:21 -------- d-----w- C:\Nexus

2011-04-16 11:34 . 2011-04-16 11:34 -------- d-----w- C:\ubuntu

2011-04-12 05:24 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll

2011-04-12 05:24 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll

2011-04-12 05:21 . 2011-04-12 05:21 -------- d-----w- c:\documents and settings\Iperia\Programdata\Qualys

2011-04-11 10:58 . 2011-04-11 10:58 -------- d-----w- c:\documents and settings\Iperia\Lokale innstillinger\Programdata\MPlayer

2011-04-11 10:55 . 2011-04-28 02:36 -------- d-----w- c:\documents and settings\Iperia\.umplayer

2011-04-11 10:55 . 2011-04-11 10:57 -------- d-----w- c:\programfiler\UMPlayer

2011-04-08 06:18 . 2011-04-08 06:18 -------- d-----w- c:\documents and settings\Iperia\quickstart

2011-04-06 20:16 . 2011-04-28 00:05 -------- d-----w- c:\programfiler\Browser Cleaner

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-04-19 23:41 . 2010-09-23 14:22 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-04-19 23:41 . 2010-09-23 14:22 183112 ----a-w- c:\windows\system32\PnkBstrB.exe

2011-03-15 05:01 . 2011-03-15 05:01 86016 ----a-w- c:\windows\system32\frapsvid.dll

2011-02-11 07:17 . 2011-02-11 07:17 732240 ----a-w- c:\documents and settings\Iperia\VnetAuto.exe

2010-08-17 16:32 . 2010-08-17 16:32 36868 ----a-w- c:\programfiler\uninst-Particular.exe

2011-03-04 12:00 . 2011-03-13 16:42 142296 ----a-w- c:\programfiler\mozilla firefox\components\browsercomps.dll

.

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{cd90bf73-20f6-44ef-993d-bb920303bd2e}"= "c:\programfiler\Veoh_Web_Player\tbVeoh.dll" [2010-06-13 2734688]

.

[HKEY_CLASSES_ROOT\clsid\{cd90bf73-20f6-44ef-993d-bb920303bd2e}]

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cd90bf73-20f6-44ef-993d-bb920303bd2e}]

2010-06-13 17:10 2734688 ----a-w- c:\programfiler\Veoh_Web_Player\tbVeoh.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{cd90bf73-20f6-44ef-993d-bb920303bd2e}"= "c:\programfiler\Veoh_Web_Player\tbVeoh.dll" [2010-06-13 2734688]

.

[HKEY_CLASSES_ROOT\clsid\{cd90bf73-20f6-44ef-993d-bb920303bd2e}]

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{CD90BF73-20F6-44EF-993D-BB920303BD2E}"= "c:\programfiler\Veoh_Web_Player\tbVeoh.dll" [2010-06-13 2734688]

.

[HKEY_CLASSES_ROOT\clsid\{cd90bf73-20f6-44ef-993d-bb920303bd2e}]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Iperia\Programdata\Dropbox\bin\DropboxExt.13.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Iperia\Programdata\Dropbox\bin\DropboxExt.13.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Iperia\Programdata\Dropbox\bin\DropboxExt.13.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\programfiler\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]

"Steam"="c:\programfiler\Steam\Steam.exe" [2010-12-04 1242448]

"RGSC"="c:\programfiler\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]

"VeohPlugin"="c:\programfiler\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2010-07-06 2634048]

"VOIPlay"="c:\programfiler\VOIPlay\voiplay.exe" [2010-10-05 1374568]

"Wakoopa"="c:\programfiler\Wakoopa\Wakoopa.exe" [2009-03-25 573440]

"GameTracker"="c:\programfiler\GameTracker\GTLite.exe" [2010-09-02 4018984]

"X-Lite 4"="c:\programfiler\CounterPath\X-Lite 4\X-Lite4.exe" [2010-08-11 2863616]

"uTorrent"="c:\programfiler\uTorrent\uTorrent.exe" [2011-04-06 399736]

"Skype"="c:\programfiler\Skype\Phone\Skype.exe" [2010-10-11 14940040]

"Jotta"="c:\programfiler\Jotta\jotta.exe" [2011-03-19 2510664]

"WindowsLivePhone"="c:\programfiler\Windows Live\Device Manager\msgrdvmn.exe" [2008-12-22 787816]

"Aim"="c:\programfiler\AIM\aim.exe" [2011-01-05 4321112]

"SpeedUpMyPC"="c:\programfiler\Uniblue\SpeedUpMyPC\launcher.exe" [2011-01-21 67960]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMAXPnP"="c:\programfiler\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]

"Ai Nap"="c:\program files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-09-06 1426432]

"CPU Power Monitor"="c:\program files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-16 626176]

"Cpu Level Up help"="c:\program files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-09-11 880640]

"ATICustomerCare"="c:\programfiler\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]

"Launch LgDeviceAgent"="c:\programfiler\Logitech\GamePanel Software\LgDevAgt.exe" [2010-02-18 357448]

"Launch LCDMon"="c:\programfiler\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-02-18 1573448]

"Launch LGDCore"="c:\programfiler\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-02-18 3203144]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]

"AdobeAAMUpdater-1.0"="c:\programfiler\Fellesfiler\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]

"VoddlerNet Manager"="c:\programfiler\Voddler\service\VNetManager.exe" [2011-02-11 676040]

"AdobeCS4ServiceManager"="c:\programfiler\Fellesfiler\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]

"openvpn-gui"="c:\programfiler\UltraVPN\bin\openvpn-gui.exe" [2010-04-19 370948]

"Mobile Connectivity Suite"="c:\programfiler\HTC\HTC Sync\Application Launcher\Application Launcher.exe" [2009-03-25 573440]

"AdobeCS5ServiceManager"="c:\programfiler\Fellesfiler\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]

"SwitchBoard"="c:\programfiler\Fellesfiler\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"WindowsLivePhone"="c:\programfiler\Windows Live\Device Manager\msgrdvmn.exe" [2008-12-22 787816]

"googletalk"="c:\programfiler\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]

"SearchSettings"="c:\programfiler\Fellesfiler\Spigot\Search Settings\SearchSettings.exe" [2011-01-28 526336]

"Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]

"Adobe ARM"="c:\programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

"FileZilla Server Interface"="c:\programfiler\FileZilla Server\FileZilla Server Interface.exe" [2010-10-17 1259008]

"SunJavaUpdateSched"="c:\programfiler\Fellesfiler\Java\Java Update\jusched.exe" [2010-10-29 249064]

"RAMBooster.Net"="c:\programfiler\RAMBooster.Net\RAMBooster.exe" [2003-12-07 1363968]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

.

c:\documents and settings\Iperia\Start-meny\Programmer\Oppstart\

Dropbox.lnk - c:\documents and settings\Iperia\Programdata\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]

EvernoteClipper.lnk - c:\programfiler\Evernote\Evernote\EvernoteClipper.exe [2011-4-12 973824]

fliptoast.lnk - c:\programfiler\fliptoast\fliptoast.exe [2011-4-27 142848]

MagicDisc.lnk - c:\programfiler\MagicDisc\MagicDisc.exe [2011-3-25 576000]

OpenOffice.org 3.2.lnk - c:\programfiler\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]

ZooskMessenger.lnk - c:\programfiler\ZooskMessenger\ZooskMessenger.exe [N/A]

.

c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\

WDDMStatus.lnk - c:\programfiler\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-10-14 2049344]

WDSmartWare.lnk - c:\programfiler\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-10-14 9085760]

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programfiler\\Marvell\\61xx\\Apache2\\bin\\Apache.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Programfiler\\Steam\\Steam.exe"=

"c:\\Programfiler\\Bonjour\\mDNSResponder.exe"=

"c:\\Programfiler\\Zend\\Zend Studio - 7.1.0\\ZendStudio.exe"=

"c:\\Programfiler\\Adobe\\Adobe Flash Builder 4\\FlashBuilder.exe"=

"c:\\Programfiler\\BitTornado\\btdownloadgui.exe"=

"c:\\Programfiler\\Autodesk\\Backburner\\monitor.exe"=

"c:\\Programfiler\\Autodesk\\Backburner\\manager.exe"=

"c:\\Programfiler\\Autodesk\\Backburner\\server.exe"=

"c:\\Programfiler\\Autodesk\\3ds Max 2009\\3dsmax.exe"=

"c:\\Programfiler\\VideoLAN\\VLC\\vlc.exe"=

"c:\\Programfiler\\Java\\jre6\\bin\\javaw.exe"=

"c:\\Programfiler\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=

"c:\\Programfiler\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=

"c:\\Programfiler\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=

"c:\\Programfiler\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=

"c:\\Documents and Settings\\Iperia\\Programdata\\Dropbox\\bin\\Dropbox.exe"=

"c:\\Programfiler\\SpacialAudio\\SAMBC\\SAMBC.exe"=

"c:\\Programfiler\\Fellesfiler\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"c:\\Programfiler\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Updater.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Programfiler\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Game.exe"=

"c:\\Programfiler\\HLSW\\hlsw.exe"=

"c:\\Programfiler\\EA GAMES\\Battlefield 2\\BF2.exe"=

"c:\\Documents and Settings\\Iperia\\Mine dokumenter\\sctrans\\win32\\sc_trans.exe"=

"c:\\Programfiler\\CounterPath\\X-Lite 4\\X-Lite4.exe"=

"c:\\Programfiler\\Spotify\\spotify.exe"=

"c:\\Programfiler\\uTorrent\\uTorrent.exe"=

"c:\\Programfiler\\Skype\\Phone\\Skype.exe"=

"c:\\Programfiler\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Programfiler\\FrostWire\\FrostWire.exe"=

"c:\\Programfiler\\Opera\\opera.exe"=

"c:\\eclipse\\eclipse.exe"=

"c:\\Programfiler\\Boxee\\BOXEE.exe"=

"c:\\Programfiler\\Mozilla Firefox\\firefox.exe"=

"c:\\wamp\\bin\\apache\\Apache2.2.17\\bin\\httpd.exe"=

"c:\\Programfiler\\Google\\Google Talk\\googletalk.exe"=

"c:\\Programfiler\\Voddler\\service\\voddler.exe"=

"c:\\Programfiler\\mIRC\\mirc.exe"=

"c:\\Programfiler\\AIM\\aim.exe"=

"c:\\Programfiler\\Steam\\steamapps\\kenneiv\\counter-strike\\hl.exe"=

"c:\\wamp\\tools\\xdc\\xdc.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5353:TCP"= 5353:TCP:Adobe CSI CS4

"1723:TCP"= 1723:TCP:VPN

"3248:TCP"= 3248:TCP:Akamai NetSession Interface

"5000:UDP"= 5000:UDP:Akamai NetSession Interface

.

R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [15.06.2007 09:52 143256]

R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [27.04.2011 21:03 13496]

R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [15.04.2008 14:00 14336]

R2 Application Updater;Application Updater;c:\programfiler\Application Updater\ApplicationUpdater.exe [28.01.2011 18:10 387072]

R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\programfiler\Firebird\Firebird_2_1\bin\fbguard.exe -s DefaultInstance --> c:\programfiler\Firebird\Firebird_2_1\bin\fbguard.exe -s DefaultInstance [?]

R2 GS In-Game Service;GS In-Game Service;c:\programfiler\GameTracker\GSInGameService.exe [02.09.2010 21:54 1677096]

R2 MRUWebService;MRU Web Service;c:\programfiler\Marvell\61xx\Apache2\bin\Apache.exe [23.05.2007 02:17 20539]

R2 VoddlerNet;VoddlerNet;c:\programfiler\Voddler\service\voddler.exe [15.12.2010 11:52 1039640]

R2 WDDMService;WD SmartWare Drive Manager;c:\programfiler\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [14.10.2009 14:31 98304]

R3 cxbu0wdm;OMNIKEY 3x21;c:\windows\system32\drivers\cxbu0wdm.sys [25.01.2010 14:56 115712]

R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\programfiler\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance --> c:\programfiler\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance [?]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [23.11.2009 17:37 19720]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [17.08.2010 16:51 14856]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.03.2010 13:16 130384]

S2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit;c:\programfiler\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [10.03.2008 00:04 65536]

S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\programfiler\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.06.2009 09:58 20480]

S3 Marvell RAID;Marvell RAID Event Agent;c:\programfiler\Marvell\61xx\svc\mvraidsvc.exe [12.06.2007 20:54 61440]

S3 SkLaggProtocol;Marvell Link Aggregation Protocol (LAGG) Support;c:\windows\system32\DRIVERS\yk51lagg.sys --> c:\windows\system32\DRIVERS\yk51lagg.sys [?]

S3 SkVlanProtocol;Marvell Virtual LAN (VLAN) Support;c:\windows\system32\drivers\skvlan.sys [17.05.2006 02:15 19328]

S3 SwitchBoard;SwitchBoard;c:\programfiler\Fellesfiler\Adobe\SwitchBoard\SwitchBoard.exe [19.02.2010 14:37 517096]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [19.08.2010 10:02 11520]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.03.2010 13:16 753504]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Akamai REG_MULTI_SZ Akamai

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

.

2011-05-04 c:\windows\Tasks\AdobeAAMUpdater-1.0-IPERIA-499323BF-Iperia.job

- c:\programfiler\Fellesfiler\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-02-28 02:44]

.

2011-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-484763869-688789844-1801674531-1004Core.job

- c:\documents and settings\Iperia\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe [2010-08-17 13:49]

.

2011-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-484763869-688789844-1801674531-1004UA.job

- c:\documents and settings\Iperia\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe [2010-08-17 13:49]

.

2011-05-04 c:\windows\Tasks\SmartDefrag_Startup.job

- c:\programfiler\IObit\Smart Defrag 2\SmartDefrag.exe [2011-04-27 15:31]

.

2011-05-04 c:\windows\Tasks\SpeedUpMyPC.job

- c:\programfiler\Uniblue\SpeedUpMyPC\spmonitor.exe [2011-04-27 13:40]

.

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2653012

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Evernote 4.0 - c:\programfiler\Evernote\Evernote\EvernoteIE.dll/204

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\programfiler\Evernote\Evernote\EvernoteIE.dll/204

TCP: {8831D70F-943D-4C26-BD86-699051733456} = 192.168.10.1

FF - ProfilePath - c:\documents and settings\Iperia\Programdata\Mozilla\Firefox\Profiles\v99k0gyt.default\

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=937811&p=

.

.

------- Filassosiasjoner -------

.

.txt=

.

- - - - TOMME PEKERE FJERNET - - - -

.

HKCU-Run-AdobeBridge - (no file)

HKLM-Run-nwiz - nwiz.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-05-05 00:39

Windows 5.1.2600 Service Pack 3 NTFS

.

skanner skjulte prosesser ...

.

skanner skjulte autostart-oppføringer ...

.

skanner skjulte filer ...

.

.

c:\docume~1\Iperia\LOKALE~1\Temp\catchme.dll 53248 bytes executable

.

skanning vellykket

skjulte filer: 1

.

**************************************************************************

.

--------------------- LÅSTE REGISTERNØKLER ---------------------

.

[HKEY_USERS\S-1-5-21-484763869-688789844-1801674531-1004\Software\SecuROM\License information*]

"datasecu"=hex:ef,9c,33,7b,6e,d0,1e,af,1e,70,72,e2,37,33,22,25,a5,6e,c2,f8,7d,

d7,2d,be,1f,36,88,18,b2,71,28,be,1e,b5,0d,46,bc,99,bd,a8,7b,af,c2,66,64,93,\

"rkeysecu"=hex:e6,e0,f5,d8,38,af,79,ba,8b,0e,8e,26,87,9a,ad,c0

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•A~*]

"AB141C35E9F4BF344B9FC010BB17F68A"=""

.

--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

.

- - - - - - - > 'winlogon.exe'(1156)

c:\programfiler\Fellesfiler\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

.

Tidspunkt ferdig: 2011-05-05 00:40:47

ComboFix-quarantined-files.txt 2011-05-04 22:40

.

Pre-Run: 213 673 426 944 byte ledig

Post-Run: 213 636 091 904 byte ledig

.

- - End Of File - - 08692551FA25D9F3D42D8F448700ABB6

Hijackthis log file

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 00:42:53, on 05.05.2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Uniblue\SpeedUpMyPC\spmonitor.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Application Updater\ApplicationUpdater.exe

C:\Programfiler\Fellesfiler\Autodesk Shared\Service\AdskScSrv.exe

C:\Programfiler\Bonjour\mDNSResponder.exe

C:\Programfiler\FileZilla Server\FileZilla Server.exe

C:\Programfiler\Firebird\Firebird_2_1\bin\fbguard.exe

C:\Programfiler\GameTracker\GSInGameService.exe

C:\Programfiler\Java\jre6\bin\jqs.exe

C:\Programfiler\Marvell\61xx\Apache2\bin\Apache.exe

C:\Programfiler\Analog Devices\Core\smax4pnp.exe

C:\Programfiler\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\svchost.exe

C:\Programfiler\Analog Devices\SoundMAX\Smax4.exe

C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe

C:\Programfiler\Logitech\GamePanel Software\LgDevAgt.exe

C:\Programfiler\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

C:\Programfiler\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Programfiler\Voddler\service\VNetManager.exe

C:\Programfiler\HTC\HTC Sync\Application Launcher\Application Launcher.exe

C:\Programfiler\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

C:\Programfiler\Logitech\GamePanel Software\Applets\LCDClock.exe

C:\Programfiler\Logitech\GamePanel Software\Applets\LCDCountdown.exe

C:\Programfiler\Windows Live\Device Manager\msgrdvmn.exe

C:\Programfiler\Google\Google Talk\googletalk.exe

C:\Programfiler\Logitech\GamePanel Software\Applets\LCDRSS.exe

C:\Programfiler\Marvell\61xx\Apache2\bin\Apache.exe

C:\Programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe

C:\Programfiler\Fellesfiler\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programfiler\Steam\Steam.exe

C:\Documents and Settings\Iperia\Lokale innstillinger\Programdata\Google\Update\1.3.21.53\GoogleCrashHandler.exe

C:\Programfiler\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

C:\Programfiler\Wakoopa\Wakoopa.exe

C:\Programfiler\uTorrent\uTorrent.exe

C:\Programfiler\Skype\Phone\Skype.exe

C:\Programfiler\Jotta\jotta.exe

C:\Programfiler\AIM\aim.exe

C:\Programfiler\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

C:\Programfiler\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

C:\Programfiler\Fellesfiler\Teleca Shared\Generic.exe

C:\Programfiler\Fellesfiler\Teleca Shared\logger.exe

C:\Programfiler\Fellesfiler\Teleca Shared\CapabilityManager.exe

C:\Programfiler\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe

C:\Programfiler\OpenOffice.org 3\program\soffice.exe

C:\Programfiler\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe

C:\Programfiler\OpenOffice.org 3\program\soffice.bin

C:\Programfiler\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe

C:\Programfiler\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe

C:\Programfiler\Firebird\Firebird_2_1\bin\fbserver.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Skype\Plugin Manager\skypePM.exe

C:\Documents and Settings\Iperia\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Iperia\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Iperia\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Iperia\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Iperia\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Iperia\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Iperia\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Iperia\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Iperia\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Iperia\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Iperia\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Iperia\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Iperia\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Iperia\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\notepad.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\msiexec.exe

C:\Programfiler\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2653012

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

R3 - URLSearchHook: Veoh Web Player Toolbar - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Programfiler\Veoh_Web_Player\tbVeoh.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programfiler\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Veoh Web Player Toolbar - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Programfiler\Veoh_Web_Player\tbVeoh.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Veoh Web Player Toolbar - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Programfiler\Veoh_Web_Player\tbVeoh.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Programfiler\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"

O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"

O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe

O4 - HKLM\..\Run: [ATICustomerCare] "C:\Programfiler\ATI\ATICustomerCare\ATICustomerCare.exe"

O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Programfiler\Logitech\GamePanel Software\LgDevAgt.exe"

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programfiler\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Programfiler\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Programfiler\Fellesfiler\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Run: [VoddlerNet Manager] C:\Programfiler\Voddler\service\VNetManager.exe

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programfiler\Fellesfiler\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [openvpn-gui] C:\Programfiler\UltraVPN\bin\openvpn-gui.exe

O4 - HKLM\..\Run: [Mobile Connectivity Suite] "C:\Programfiler\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Programfiler\Fellesfiler\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [switchBoard] C:\Programfiler\Fellesfiler\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [WindowsLivePhone] C:\Programfiler\Windows Live\Device Manager\msgrdvmn.exe /AutoRun

O4 - HKLM\..\Run: [googletalk] C:\Programfiler\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [searchSettings] "C:\Programfiler\Fellesfiler\Spigot\Search Settings\SearchSettings.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Programfiler\Fellesfiler\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Programfiler\FileZilla Server\FileZilla Server Interface.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Fellesfiler\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [RAMBooster.Net] C:\Programfiler\RAMBooster.Net\RAMBooster.exe -m

O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [steam] "C:\Programfiler\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [RGSC] C:\Programfiler\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent

O4 - HKCU\..\Run: [VeohPlugin] "C:\Programfiler\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"

O4 - HKCU\..\Run: [VOIPlay] "C:\Programfiler\VOIPlay\voiplay.exe"

O4 - HKCU\..\Run: [Wakoopa] C:\Programfiler\Wakoopa\Wakoopa.exe

O4 - HKCU\..\Run: [GameTracker] C:\Programfiler\GameTracker\GTLite.exe

O4 - HKCU\..\Run: [X-Lite 4] "C:\Programfiler\CounterPath\X-Lite 4\X-Lite4.exe"

O4 - HKCU\..\Run: [uTorrent] "C:\Programfiler\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [Jotta] "C:\Programfiler\Jotta\jotta.exe"

O4 - HKCU\..\Run: [WindowsLivePhone] "C:\Programfiler\Windows Live\Device Manager\msgrdvmn.exe" /AutoRun

O4 - HKCU\..\Run: [Aim] "C:\Programfiler\AIM\aim.exe" /d locale=en-US

O4 - HKCU\..\Run: [speedUpMyPC] "C:\Programfiler\Uniblue\SpeedUpMyPC\launcher.exe" delay 20000

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Iperia\Programdata\Dropbox\bin\Dropbox.exe

O4 - Startup: EvernoteClipper.lnk = C:\Programfiler\Evernote\Evernote\EvernoteClipper.exe

O4 - Startup: fliptoast.lnk = C:\Programfiler\fliptoast\fliptoast.exe

O4 - Startup: MagicDisc.lnk = C:\Programfiler\MagicDisc\MagicDisc.exe

O4 - Startup: OpenOffice.org 3.2.lnk = C:\Programfiler\OpenOffice.org 3\program\quickstart.exe

O4 - Startup: ZooskMessenger.lnk = C:\Programfiler\ZooskMessenger\ZooskMessenger.exe

O4 - Global Startup: WDDMStatus.lnk = C:\Programfiler\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

O4 - Global Startup: WDSmartWare.lnk = C:\Programfiler\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Programfiler\Evernote\Evernote\EvernoteIE.dll/204

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programfiler\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programfiler\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: @C:\Programfiler\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Programfiler\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Programfiler\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Programfiler\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1282056179812

O17 - HKLM\System\CCS\Services\Tcpip\..\{8831D70F-943D-4C26-BD86-699051733456}: NameServer = 192.168.10.1

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programfiler\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Application Updater - Spigot, Inc. - C:\Programfiler\Application Updater\ApplicationUpdater.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programfiler\Fellesfiler\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe

O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Programfiler\FileZilla Server\FileZilla Server.exe

O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Programfiler\Firebird\Firebird_2_1\bin\fbguard.exe

O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Programfiler\Firebird\Firebird_2_1\bin\fbserver.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GS In-Game Service - ClanServers Hosting LLC - C:\Programfiler\GameTracker\GSInGameService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe

O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - C:\Programfiler\Marvell\61xx\svc\mvraidsvc.exe

O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Programfiler\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe

O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - C:\Programfiler\Marvell\61xx\Apache2\bin\Apache.exe

O23 - Service: NMSAccess - Unknown owner - C:\Programfiler\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Programfiler\OpenVPN\bin\openvpnserv.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Programfiler\Fellesfiler\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: VoddlerNet - Voddler - C:\Programfiler\Voddler\service\voddler.exe

O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe

O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe

O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Programfiler\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Programfiler\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

--

End of file - 16928 bytes

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Start HijackThis

Velg: Do a systemscan only

Sett en hake i boksen foran disse linjene(hvis den finnes):

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2653012

O23 - Service: Application Updater - Spigot, Inc. - C:\Programfiler\Application Updater\ApplicationUpdater.exe

Denne oppføringen nedenfor er trolig lastet ned uten at du er klar over det, og er frivillig om du ønsker å fjerne. Se mer informasjon: her og her

O4 - HKLM\..\Run: [searchSettings] "C:\Programfiler\Fellesfiler\Spigot\Search Settings\SearchSettings.exe"

Avslutt alle vinduer (utenom HijackThis) og nettlesere (også dette du leser fra), og trykk Fix checked.

Merk: Hvis du blir spurt om å bekrefte å fikse en linje, bekrefter du dette.

Deretter gjør du dette:

Trykk Start - Alle Programmer - Tilbehør - Notisblokk

Kopier og Lim inn teksten i kodeboksen nedenfor, inn i Notisblokken:


@echo off
sc stop Application Updater
sc delete Application Updater
exit
[/code]

Trykk på [b]"Fil"[/b] og deretter [b]"Lagre som"[/b]

I [b]"Lagre i:"[/b] velger du [b]Skrivebord[/b]

I [b]"Filnavn"[/b] skriver du [b]FixService.bat[/b]

I [b]"Filtype"[/b] velger du [b]Alle filer[/b]

Trykk på [b]Lagre[/b] og deretter avslutt Notisblokk.

Nå går du til ditt Skrivebord, og dobbelklikker på [b]FixService.bat[/b]

Det vil åpnes et svart vindu, og avsluttes like etter. Dette er meningen, og viser bare at fila du lagde, fungerer.

[b]Deretter avslutter du HijackThis, restarter maskinen, og lager en ny logg:[/b]

Start HijackThis

Velg: [b]Do a systemscan, and save a logfile[/b]

Ser du har VeohPlayer installert, noe som blant annet viser seg i at programmet starter opp under oppstarten av maskinen, samt at det ser ut til at dette programmet har en medfølgende Toolbar i nettleseren din. Hvis dette er et program som ikke blir brukt, kan du avinstallere det fra Start->Kontrollpanel->Legg til/Fjern programmer.

Vennligst gi tilbakemelding på om dette programmet blir mye eller sjeldent brukt, eller om du ikke bruker det i det hele tatt i neste post.

En del av veiledningen var å kjøre MBAM. Gjorde du dette? I såfall ønsker jeg å se loggen den lagde. Hvis ikke, kan du kjøre en hurtig scan, som beskrevet i veiledningen.

Venligst post også Hijackthis loggen, og tilbakemelding om du brukerVeohPlayer.

MOD: Flyttet til riktig sted

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!


Start en konto

Logg inn

Har du allerede en konto? Logg inn her.


Logg inn nå

  • Hvem er aktive   0 medlemmer

    Ingen innloggede medlemmer aktive