|
| |||||||
 |
 |
| | Thread Tools |
|
#1
29 marts 2009, 08:59
| ||||||||||||
| ||||||||||||
| Vista Start og Nedlukning Meget langsomt-Not Sure Hvad skal man gøre For det første er jeg under forudsætning af dette er det rigtige sted at sætte dette. Jeg gik ind i Kontrolpanel og Performance og fundet et par problemer med ydeevnen siger:
Begynder langsomt: http://i7.photobucket.com/albums/y27...tartslowly.jpg Nedlukning: http://i7.photobucket.com/albums/y27...downslowly.jpg Jeg er også kørte hijackthis og fik denne besked: http://i7.photobucket.com/albums/y27...rormessage.jpg Dette er sandsynligvis en virkelig dumt spørgsmål, men hvordan kan jeg rette op på disse? Hvis du fyrene kunne punkt mig i den rigtige retning, der ville være stor.
__________________
__________________
Euro Championships spids = Spanien & Torres <- Damn jeg burde have lagt en satsning på dem Make Poverty History Retfærdighed for de 96 <- Tag et kig Mit system: HistoryGirls Self Build!
|
|
#2
29 marts 2009, 11:19
| |||
| |||
| Vista Start og Nedlukning Meget langsomt-Not Sure Hvad skal man gøre Med Vista skal du højreklikke på HJT-ikonet og vælg 'Kør som administrator'. Har du gjort noget vedligeholdelse sidst? Diskoprydning, bedrage?
__________________  |
|
#3
30 marts 2009, 10:11
| |||
| |||
| Vista Start og Nedlukning Meget langsomt-Not Sure Hvad skal man gøre Ja jeg har jeg har kørt på Diskoprydning og bedrage for nylig ville det være, hvad der var der er årsag til problemerne? Ny HijackThis Log: Citat:
__________________ Euro Championships spids = Spanien & Torres <- Damn jeg burde have lagt en satsning på dem Make Poverty History Retfærdighed for de 96 <- Tag et kig |
|
#4
30 marts 2009, 10:30
| |||
| |||
| Vista Start og Nedlukning Meget langsomt-Not Sure Hvad skal man gøre Åbn HijackThis og vælg Må en systemscanning kun. Anbringe en markering ved siden af følgende poster: (hvis der)
Vigtigt: Luk alle vinduer undtagen HijackThis og klik derefter på Fix kontrolleres. Afslut HijackThis. ---------- Download ComboFix © by Subs fra et af nedenstående links. Vær sikker på toppen gemme den til Desktop. Link # 1 Link # 2 ** Note: Det er vigtigt, at den er gemt direkte til dit skrivebord Luk alle åbne Internet-browsere. (Firefox, Internet Explorer, osv.), før du begynder ComboFix. Midlertidigt deaktivere din antivirus, Og enhver antispyware realtid beskyttelse før udførelse af en scanning. Klik på dette link at se en liste over sikkerhedsprogrammer, der skal være slået fra, og hvordan du deaktivere dem. Dobbeltklik combofix.exe & følg instruktionerne. Når du er færdig ComboFix vil udarbejde en log for dig. Post den ComboFix log i dit næste svar. Vigtigt: Må ikke mouseclick ComboFix vindue mens den kører. Det kan få det til at stå. Husk at genaktivere dine antivirus-og antispyware beskyttelse, når ComboFix er færdig. Hvis du har problemer med ComboFix brug, se Sådan bruges ComboFix
__________________ |
|
#5
30 marts 2009, 11:37
| |||
| |||
| Vista Start og Nedlukning Meget langsomt-Not Sure Hvad skal man gøre Først tak for den hjælp og rådgivning. Jeg har gjort hvad du sagde HJT og det var fint. Men jeg har gjort som linket siger om deaktivering af AVG Beboer Skærme, men trods dette, når jeg forsøger at køre combofix det, er det stadig, siger AVG anti-virus, der kører, så jeg er ikke helt sikker på hvorfor. Vil du foreslå måske genstarte mit system?
__________________ Euro Championships spids = Spanien & Torres <- Damn jeg burde have lagt en satsning på dem Make Poverty History Retfærdighed for de 96 <- Tag et kig |
|
#6
30 marts 2009, 13:39
| |||
| |||
| Vista Start og Nedlukning Meget langsomt-Not Sure Hvad skal man gøre AVG og Combofix har dette spørgsmål. Bare køre ComboFix alligevel. Hvis AVG forsøger at blokere det så bare lade den køre.
__________________ |
|
#7
30 marts 2009, 14:21
| |||
| |||
| Vista Start og Nedlukning Meget langsomt-Not Sure Hvad skal man gøre Ret ok alle gjort. Log som ønsket. Citat:
__________________ Euro Championships spids = Spanien & Torres <- Damn jeg burde have lagt en satsning på dem Make Poverty History Retfærdighed for de 96 <- Tag et kig |
|
#8
30 marts 2009, 15:17
| |||
| |||
| Vista Start og Nedlukning Meget langsomt-Not Sure Hvad skal man gøre Slet disse filer / mapper, som følger: 1. Gå til Start > Løbe > Type Notepad.exe og klik OK at åbne Notesblok. Det skal være Notesblok ikke WordPad. 2. Kopier teksten i nedenstående kode boksen ved at markere al teksten og trykke på Ctrl + C Code: Killall:: Registry:: [-HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring \ SymantecAntiVirus] [-HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring \ SymantecFirewall] [-HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 \ E] [-HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ explorer \ mountpoints2 \ (c1865685-0291-11dc-b943-806e6f6e6963)] Firefox:: FF - prefs.js: browser.search.defaulturl - hxxp: / / search.conduit.com / ResultsExt.aspx? ctid = CT1178131 & SearchSource = 3 & q = FF - prefs.js: browser.search.selectedEngine - Web Search 4. Klik derefter på Fil > Gemme 5. Navngiv filen CFScript.txt - Gem filen på dit skrivebord 6. Derefter trække CFScript (hold venstre museknap nede, samtidig med at trække filen) og slippe det (release venstre museknap) i ComboFix.exe som du kan se i skærmbilledet nedenunder. Vigtigt: Udfør denne instruktion omhyggeligt!  ComboFix vil begynde at udføre, skal du blot følge instruktionerne. Efter genstart (når den beder om at genstarte), den vil udarbejde en log for dig. Post, at log (Combofix.txt) i dit næste svar. Bemærk: Må ikke mouseclick ComboFix vindue mens den kører. Det kan forårsage dit system til at fryse ---------- Download Norton Removal Tool (SymNRT) til dit skrivebord. Når du har hentet skal du lukke alle åbne browsere, også gemme noget arbejde, fordi det kan kræve en genstart.
---------- Din Java er forældet. Ældre versioner har sårbarheder at ondsindede websteder kan bruge til at inficere dit system. Først installere de nye Søndag Java Runtime Environment Sørg for at lukke alle browservinduer, før du begynder installationen. Fjern den gamle version (s) Downloade JavaRa
Yderligere Bemærk: Den Java Quick Starter (JQS.exe) tilføjer en tjeneste til at forbedre den indledende start tidspunktet for Java applets og applikationer. For at deaktivere JQS tjeneste, hvis du ikke ønsker at bruge den, skal du gå til Start> Kontrolpanel> Java> Avanceret> Diverse og unskal du markere afkrydsningsfeltet Java Quick Starter. Klik på OK, og genstart computeren. ---------- Downloade ATF Cleaner ved Atribune til dit skrivebord. Alternativ download link Bemærk: Vista-brugere skal bruge Kør som administrator
Bemærk, at dit system vil køre langsommere for en genstart eller to efter at have brugt dette værktøj så ikke panik. Vigtigt: Genstart computeren, inden du fortsætter. ---------- Hvordan er den computer, der kører nu?
__________________ |
|
#9
31 marts 2009, 09:25
| |||
| |||
| Vista Start og Nedlukning Meget langsomt-Not Sure Hvad skal man gøre Nye ComboFix Log: ComboFix 09-03-29.04 - CHLOE 2009-03-31 16:37:20.2 - NTFSx86 Microsoft ® Windows Vista ™ Ultimate 6.0.6001.1.1252.1.1033.18.2046.1173 [GMT 1:00] Running from: C: \ Users \ CHLOE \ Desktop \ ComboFix.exe Command switches anvendes:: C: \ Users \ CHLOE \ Desktop \ CFScript.txt AV: AVG Anti-Virus Free * On-access scanning aktiveret * (Opdateret) FW: ZoneAlarm Firewall * aktiveret * * Skabt et nyt gendannelsespunkt . ((((((((((((((((((((((((( Files Created fra 2009-02-28 til 2009-03-31 ))))))))))) )))))))))))))))))))) . 2009-03-31 17:15. 2009-03-31 17:15 45.056 - a ------ C: \ Windows \ System32 \ acovcnt.exe 2009-03-30 22:26. 2009-03-30 22:26 <DIR> d -------- C: \ program files \ MediaMonkey 2009-03-29 16:23. 2008-06-20 02:14 781.344 - a ------ C: \ Windows \ System32 \ PresentationNative_v0300.dll 2009-03-29 16:23. 2008-06-20 02:14 622.080 - a ------ C: \ Windows \ System32 \ icardagt.exe 2009-03-29 16:23. 2008-06-20 02:14 326.160 - a ------ C: \ Windows \ System32 \ PresentationHost.exe 2009-03-29 16:23. 2008-06-20 02:14 105.016 - a ------ C: \ Windows \ System32 \ PresentationCFFRasterizerNativ e_v0300.dll 2009-03-29 16:23. 2008-06-20 02:14 97.800 - a ------ C: \ Windows \ System32 \ infocardapi.dll 2009-03-29 16:23. 2008-06-20 02:14 43.544 - a ------ C: \ Windows \ System32 \ PresentationHostProxy.dll 2009-03-29 16:23. 2008-06-20 02:14 37.384 - a ------ C: \ Windows \ System32 \ infocardcpl.cpl 2009-03-29 16:23. 2008-06-20 02:14 11.264 - a ------ C: \ Windows \ System32 \ icardres.dll 2009-03-29 16:15. 2008-07-27 19:03 282.112 - a ------ C: \ Windows \ System32 \ mscoree.dll 2009-03-29 16:15. 2008-07-27 19:03 96.760 - a ------ C: \ Windows \ System32 \ dfshim.dll 2009-03-29 16:15. 2008-07-27 19:03 41.984 - a ------ C: \ Windows \ System32 \ netfxperf.dll 2009-03-29 16:14. 2008-07-27 19:03 158.720 - a ------ C: \ Windows \ System32 \ mscorier.dll 2009-03-29 16:14. 2008-07-27 19:03 83.968 - a ------ C: \ Windows \ System32 \ mscories.dll 2009-03-29 13:52. 2009-03-29 13:53 <DIR> d -------- C: \ program files \ Defraggler 2009-03-29 13:26. 2008-02-23 05:38 170.496 - a ------ C: \ Windows \ System32 \ tcpipcfg.dll 2009-03-29 13:26. 2008-02-23 03:41 22.528 - a ------ C: \ Windows \ System32 \ netiougc.exe 2009-03-29 13:25. 2009-02-16 00:10 1.221.512 - a ------ C: \ Windows \ System32 \ zpeng25.dll 2009-03-17 21:57. 2009-03-17 21:57 <DIR> d -------- C: \ program files \ Microsoft 2009-03-17 21:56. 2009-03-17 21:56 <DIR> d -------- C: \ Windows \ PCHealth 2009-03-16 22:43. 2009-03-28 22:36 <DIR> d - h ----- C: \ $ AVG8.VAULT $ 2009-03-16 20:59. 2009-03-16 20:59 25 - a ------ C: \ Windows \ cdplayer.ini 2009-03-14 00:34. 2008-12-05 05:32 428.544 - a ------ C: \ Windows \ System32 \ EncDec.dll 2009-03-14 00:34. 2008-12-05 05:32 293.376 - a ------ C: \ Windows \ System32 \ psisdecd.dll 2009-03-14 00:34. 2008-12-05 05:31 217.088 - a ------ C: \ Windows \ System32 \ psisrndr.ax 2009-03-14 00:34. 2008-12-05 05:31 177.664 - a ------ C: \ Windows \ System32 \ mpg2splt.ax 2009-03-14 00:34. 2008-12-05 05:31 80.896 - a ------ C: \ Windows \ System32 \ MSNP.ax 2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ Programmer \ (00D89592-F643-4D8D-8F0F-AFAE0F14D4C3) 2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ program files \ iTunes 2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ program files \ iPod 2009-03-14 00:29. 2008-04-17 13:12 107.368 - a ------ C: \ Windows \ System32 \ GEARAspi.dll 2009-03-14 00:29. 2009-01-15 13:19 23.848 - a ------ C: \ Windows \ System32 \ drivers \ GEARAspiWDM.sys 2009-03-14 00:26. 2009-03-14 00:27 <DIR> d -------- C: \ Programmer \ QuickTime 2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ Programmer \ Kontiki 2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ program files \ Kontiki 2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ program files \ kanal4 2009-03-12 23:38. 2009-03-12 23:38 <DIR> d -------- C: \ Programmer \ kanal4 2009-03-11 22:33. 2009-03-31 17:16 <DIR> d -------- C: \ Users \ CHLOE \ Tracing 2009-03-11 22:22. 2009-03-11 22:22 <DIR> d -------- C: \ Programmer \ Windows Live SkyDrive 2009-03-11 22:22. 2009-03-17 21:57 <DIR> d -------- C: \ Programmer \ Windows Live 2009-03-11 21:57. 2009-03-11 21:57 <DIR> d -------- C: \ Program Files \ Common Files \ Windows Live 2009-03-11 13:13. 2009-03-11 21:47 <DIR> d -------- C: \ program files \ Amazon 2009-03-11 13:13. 2009-03-11 13:13 107.272 - a ------ C: \ Windows \ System32 \ drivers \ avgtdix.sys 2009-03-11 02:09. 2009-01-15 04:36 1.383.424 - a ------ C: \ Windows \ System32 \ Mshtml.tlb 2009-03-11 02:09. 2009-01-15 07:11 827.392 - a ------ C: \ Windows \ System32 \ Wininet.dll 2009-03-11 02:05. 2008-12-16 04:29 8.147.456 - a ------ C: \ Windows \ System32 \ wmploc.DLL 2009-03-11 02:05. 2008-12-16 06:31 7.680 - a ------ C: \ Windows \ System32 \ spwmp.dll 2009-03-11 02:05. 2008-12-16 06:31 4.096 - a ------ C: \ Windows \ System32 \ Msdxm.ocx 2009-03-11 02:05. 2008-12-16 06:31 4.096 - a ------ C: \ Windows \ System32 \ Dxmasf.dll 2009-03-11 02:03. 2008-12-16 03:42 288.768 - a ------ C: \ Windows \ System32 \ drivers \ Srv.sys 2009-03-11 02:03. 2008-11-27 05:43 268.288 - a ------ C: \ Windows \ System32 \ Schannel.dll 2009-03-11 02:02. 2009-02-09 04:10 2.033.152 - a ------ C: \ Windows \ System32 \ Win32k.sys 2009-02-06 19:52. 2009-02-06 19:52 49.504 - a ------ C: \ Windows \ System32 \ sirenacm.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) )))))))))))))))))))))))))))))))))))))))))))) . 2009-03-31 16:15 --------- d --- aw C: \ Programmer \ TEMP 2009-03-31 16:14 350.195 --- ha-w C: \ Windows \ system32 \ drivers \ vsconfig.xml 2009-03-29 14:42 --------- d ----- wc: \ Programmer \ Spybot - Search & Destroy 2009-03-29 14:42 --------- d ----- wc: \ program files \ Spybot - Search & Destroy 2009-03-29 14:42 --------- d ----- wc: \ program files \ CCleaner 2009-03-19 16:48 --------- d ----- wc: \ users \ CHLOE \ AppData \ Roaming \ uTorrent 2009-03-16 19:58 --------- d ----- wc: \ program files \ Common Files \ Real 2009-03-13 23:29 --------- d ----- wc: \ Programmer \ Apple Computer 2009-03-13 23:29 --------- d ----- wc: \ program files \ Common Files \ Apple 2009-03-13 23:27 --------- d ----- wc: \ program files \ Bonjour 2009-03-12 22:24 --------- d ----- wc: \ program files \ Google 2009-03-11 23:07 --------- d ----- wc: \ program files \ Microsoft Silverlight 2009-03-11 23:05 --------- d ----- wc: \ program files \ Windows Mail 2009-03-11 12:13 325.128 ---- aw C: \ Windows \ system32 \ drivers \ avgldx86.sys 2009-03-11 11:52 --------- d ----- wc: \ Programmer \ AVG8 2009-02-15 23:11 293.528 ---- aw C: \ Windows \ system32 \ drivers \ vsdatant.sys 2009-01-14 20:20 55.232 ---- aw C: \ Users \ CHLOE \ AppData \ Roaming \ GDIPFONTCACHEV1.DAT 2008-12-31 21:51 13.025 ---- aw C: \ Users \ CHLOE \ AppData \ Roaming \ nvModes.dat 2008-12-31 14:32 174 - sha-w C: \ program files \ desktop.ini 2008-11-19 15:31 81.920 ---- aw C: \ Users \ CHLOE \ AppData \ Roaming \ ezpinst.exe 2008-11-19 15:31 47.360 ---- aw C: \ Users \ CHLOE \ AppData \ Roaming \ pcouffin.sys 2007-05-31 18:23 77.160 ---- aw C: \ Users \ CHLOE \ DSETUP.dll 2007-05-31 18:23 503.144 ---- aw C: \ Users \ CHLOE \ DXSETUP.exe 2007-05-31 18:23 1.673.576 ---- aw C: \ Users \ CHLOE \ dsetup32.dll . ((((((((((((((((((((((((((((( SnapShot@2009-03-30_22.13.33.29 )))))))))) ))))))))))))))))))))))))))))))) . + 2009-03-31 16:14:31 2.048 - sha-w C: \ Windows \ ServiceProfiles \ LocalService \ AppData \ Lo cal \ lastalive0.dat + 2009-03-31 16:14:31 2.048 - sha-w C: \ Windows \ ServiceProfiles \ LocalService \ AppData \ Lo cal \ lastalive1.dat - 2009-03-30 21:07:56 1.048.576 - sha-w C: \ Windows \ ServiceProfiles \ LocalService \ NTUSER.DAT + 2009-03-31 16:15:44 1.048.576 - sha-w C: \ Windows \ ServiceProfiles \ LocalService \ NTUSER.DAT - 2009-03-30 21:07:56 1.048.576 - sha-w C: \ Windows \ ServiceProfiles \ NetworkService \ NTUSER.D AT + 2009-03-31 16:15:44 1.048.576 - sha-w C: \ Windows \ ServiceProfiles \ NetworkService \ NTUSER.D AT - 2009-03-30 21:07:06 16.384 - sha-w C: \ Windows \ System32 \ config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ History \ History.IE5 \ index.d på + 2009-03-31 16:14:35 16.384 - sha-w C: \ Windows \ System32 \ config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ History \ History.IE5 \ index.d på - 2009-03-30 21:07:06 32.768 - sha-w C: \ Windows \ System32 \ config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ Temporary Internet Files \ Content.IE5 \ index.dat + 2009-03-31 16:14:35 32.768 - sha-w C: \ Windows \ System32 \ config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ Temporary Internet Files \ Content.IE5 \ index.dat - 2009-03-30 21:07:06 16.384 - sha-w C: \ Windows \ System32 \ config \ systemprofile \ AppData \ R oaming \ Microsoft \ Windows \ Cookies \ index.dat + 2009-03-31 16:14:35 16.384 - sha-w C: \ Windows \ System32 \ config \ systemprofile \ AppData \ R oaming \ Microsoft \ Windows \ Cookies \ index.dat - 2009-03-30 19:05:35 126.818 ---- aw C: \ Windows \ System32 \ perfc007.dat + 2009-03-31 15:21:23 126.818 ---- aw C: \ Windows \ System32 \ perfc007.dat - 2009-03-30 19:05:35 119.076 ---- aw C: \ Windows \ System32 \ perfc009.dat + 2009-03-31 15:21:23 119.076 ---- aw C: \ Windows \ System32 \ perfc009.dat - 2009-03-30 19:05:35 127.578 ---- aw C: \ Windows \ System32 \ perfc00C.dat + 2009-03-31 15:21:23 127.578 ---- aw C: \ Windows \ System32 \ perfc00C.dat - 2009-03-30 19:05:35 124.352 ---- aw C: \ Windows \ System32 \ perfc010.dat + 2009-03-31 15:21:23 124.352 ---- aw C: \ Windows \ System32 \ perfc010.dat - 2009-03-30 19:05:35 130.866 ---- aw C: \ Windows \ System32 \ perfc013.dat + 2009-03-31 15:21:23 130.866 ---- aw C: \ Windows \ System32 \ perfc013.dat - 2009-03-30 19:05:35 130.272 ---- aw C: \ Windows \ System32 \ perfc019.dat + 2009-03-31 15:21:23 130.272 ---- aw C: \ Windows \ System32 \ perfc019.dat - 2009-03-30 19:05:35 620.942 ---- aw C: \ Windows \ System32 \ perfh007.dat + 2009-03-31 15:21:23 620.942 ---- aw C: \ Windows \ System32 \ perfh007.dat - 2009-03-30 19:05:35 644.794 ---- aw C: \ Windows \ System32 \ perfh009.dat + 2009-03-31 15:21:23 644.794 ---- aw C: \ Windows \ System32 \ perfh009.dat - 2009-03-30 19:05:35 672.380 ---- aw C: \ Windows \ System32 \ perfh00C.dat + 2009-03-31 15:21:23 672.380 ---- aw C: \ Windows \ System32 \ perfh00C.dat - 2009-03-30 19:05:35 666.234 ---- aw C: \ Windows \ System32 \ perfh010.dat + 2009-03-31 15:21:23 666.234 ---- aw C: \ Windows \ System32 \ perfh010.dat - 2009-03-30 19:05:35 669.852 ---- aw C: \ Windows \ System32 \ perfh013.dat + 2009-03-31 15:21:23 669.852 ---- aw C: \ Windows \ System32 \ perfh013.dat - 2009-03-30 19:05:35 657.990 ---- aw C: \ Windows \ System32 \ perfh019.dat + 2009-03-31 15:21:23 657.990 ---- aw C: \ Windows \ System32 \ perfh019.dat - 2009-03-30 19:03:55 17.414 ---- aw C: \ Windows \ System32 \ WDI \ (86432a0b-3c7d-4ddf-a89c-172faa90485d) \ S-1-5-21-3600620296-2450975610 - 132854369-1000_UserData.bin + 2009-03-31 16:17:14 18.026 ---- aw C: \ Windows \ System32 \ WDI \ (86432a0b-3c7d-4ddf-a89c-172faa90485d) \ S-1-5-21-3600620296-2450975610 - 132854369-1000_UserData.bin - 2009-03-30 19:03:55 81.750 ---- aw C: \ Windows \ System32 \ WDI \ BootPerformanceDiagnostics _SystemData.bin + 2009-03-31 16:17:14 81.884 ---- aw C: \ Windows \ System32 \ WDI \ BootPerformanceDiagnostics _SystemData.bin - 2009-03-30 19:03:54 68.204 ---- aw C: \ Windows \ System32 \ WDI \ ShutdownPerformanceDiagnos tics_SystemData.bin + 2009-03-31 15:15:30 68.346 ---- aw C: \ Windows \ System32 \ WDI \ ShutdownPerformanceDiagnos tics_SystemData.bin . - Snapshot reset til aktuelle dato -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) )))))))))))))))))))))))))))))))))))))))) . . * Note * empty entries & legit default entries er ikke vist REGEDIT4 [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run] "RocketDock" = "c: \ program files \ RocketDock \ RocketDock.exe" [2007-09-02 495616] "msnmsgr" = "c: \ Programmer \ Windows Live \ Messenger \ msnmsgr.exe" [2009-02-06 3885408] "WMPNSCFG" = "c: \ Programmer \ Windows Media Player \ WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "ASUS Screen Saver Protector" = "c: \ windows \ ASScrPro.exe" [2007-05-15 33136] "IFXSPMGT" = "c: \ windows \ system32 \ ifxspmgt.exe" [2007-02-26 677408] "ZoneAlarm Client" = "c: \ Programmer \ Zone Labs \ ZoneAlarm \ zlclient.exe" [2009-02-16 981384] "SynTPEnh" = "c: \ program files \ Synaptics \ SynTP \ SynTPEnh.exe" [2007-03-01 857648] [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ policies \ system] "EnableUIADesktopToggle" = 0 (0x0) [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Windows] "AppInit_DLLs" = APSHook.dll avgrsstx.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ drivers32] "msacm.ac3filter" = ac3filter.acm [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ LSA] Notification Packages REG_MULTI_SZ scecli ASWLNPkg [HKLM \ ~ \ startupfolder \ C: ^ Programmer ^ Microsoft ^ Vind OWS ^ Menuen Start ^ Programmer ^ Start ^ WinZip Quick Pick.lnk] path = C: \ Programmer \ Microsoft \ Windows \ Menuen Start \ Programmer \ Start \ WinZip Quick Pick.lnk backup = C: \ Windows \ pss \ WinZip Quick Pick.lnk.CommonStartup backupExtension =. CommonStartup [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ 4oD] - a ------ 2007-04-23 12:23 1032640 C: \ program files \ Kontiki \ KHost.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Adobe Reader Speed Launcher] - a ------ 2008-06-12 02:38 34672 D: \ program files \ Reader \ Reader_sl.exe [HKEY_LOCAL_MACHINE \ software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ ASUS Camera ScreenSaver] - a ------ 2007-05-15 05:12 37232 c: \ windows \ ASScrProlog.exe [HKEY_LOCAL_MACHINE \ software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ ATKMEDIA] - a ------ 2006-11-02 16:27 61440 c: \ program files \ ASUS \ ATK Media \ DMedia.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ AVG8_TRAY] - a ------ 2009-03-11 13:13 1601304 c: \ progra ~ 1 \ AVG \ AVG8 \ avgtray.exe [HKEY_LOCAL_MACHINE \ software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ CognizanceTS] -ra ------ 2003-12-21 22:11 17920 c: \ progra ~ 1 \ ASUSSE ~ 1 \ ASUSSE ~ 1 \ Bin \ ASTSVCC.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ ehTray.exe] - a ------ 2008-01-19 08:33 125952 c: \ windows \ ehome \ ehtray.exe [HKEY_LOCAL_MACHINE \ software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Google Update] - a ---- t-2009-03-17 22:06 133104 c: \ users \ CHLOE \ AppData \ Local \ Google \ Update \ GoogleU pdate.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ iTunesHelper] - a ------ 2009-03-11 14:52 342312 c: \ program files \ \ realsched.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ msnmsgr] - a ------ 2009-02-06 19:51 3885408 C: \ program files \ Windows Live \ Messenger \ msnmsgr.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvCplDaemon] - a ------ 2007-04-04 12:40 8429568 C: \ Windows \ System32 \ NvMcTray.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvMediaCenter] - a ------ 2007-04-04 12:40 81920 C: \ Windows \ System32 \ NvCpl.dll [HKEY_LOCAL_MACHINE \ software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvSvc] - a ------ 2007-04-04 12:40 86016 C: \ Windows \ System32 \ nvsvc.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ QuickTime Task] - a ------ 2009-01-05 17:18 413696 c: \ Programmer \ QuickTime \ QTTask.exe [HKEY_LOCAL_MACHINE \ software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ RocketDock] - a ------ 2007-09-02 13:58 495616 c: \ program files \ RocketDock \ RocketDock.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SpybotSD TeaTimer] -rahs ---- 2009-03-05 16:07 2260480 C: \ program files \ Spybot - Search & Destroy \ TeaTimer.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SunJavaUpdateSched] - a ------ 2008-06-10 04:27 144784 c: \ program files \ Java \ jre1.6.0_07 \ bin \ jusched.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ TkBellExe] - a ------ 2009-03-16 20:58 198160 c: \ program files \ Common Files \ Real \ iTunes \ iTunesHelper.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Windows Defender] - a ------ 2008-01-19 08:38 1008184 C: \ program files \ Windows Defender \ MSASCui.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ WMPNSCFG] - a ------ 2008-01-19 08:33 202240 c: \ program files \ Windows Media Player \ wmpnscfg.exe [HKEY_LOCAL_MACHINE \ software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ (0228e555-4f9c-4e35-a3ec-b109a192b4c2)] - a ------ 2005-07-15 22:48 479232 c: \ program files \ Google \ Gmail Notifier \ gnotify.exe [HKEY_LOCAL_MACHINE \ software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ RtHDVCpl] - a ------ 2007-02-15 10:07 4390912 C: \ Windows \ RtHDVCpl.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring] "DisableMonitoring" = dword: 00000001 [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring \ ZoneLabsFirewall] "DisableMonitoring" = dword: 00000001 [HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ DomainProfile] "EnableFirewall" = 0 (0x0) [HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ FirewallRules] "(71E74FA5-D1FA-4A82-9121-AE2CACB2ED04)" = Profile = Private | c: \ program files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(2FE2345B-5C77-485E-9855-FC6024DE75EC)" = Profile = Private | c: \ program files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(CC9CFD37-6799-47CF-9AEE-1063F21C5548)" = Profile = Private | c: \ program files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(3D44E6E8-68F3-42F0-B97E-1081F1354874)" = UDP: C: \ program files \ LimeWire \ LimeWire.exe: LimeWire 4.12.15 "(B2393435-26B3-4482-A391-C964F3370D66)" = TCP: C: \ program files \ LimeWire \ LimeWire.exe: LimeWire 4.12.15 "(1B1039C9-3AEF-4B2E-85CA-DA79FB7CDBD3)" = Disabled: c: \ program files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(F9EC3544-5A35-4D84-A067-E7167563791A)" = Disabled: c: \ program files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(A9CE85F3-F9BA-4875-B169-9DEF59911C8A)" = Disabled: c: \ program files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "TCP Query User (0FAAFA32-F5A3-4C35-9AFD-A648E4B3016E) c: \ \ program files \ \ utorrent \ \ utorrent.exe" = UDP: C: \ program files \ utorrent \ utorrent.exe: uTorrent "UDP Query User (CDC85196-C503-4F00-82DC-B95F8D021895) c: \ \ program files \ \ utorrent \ \ utorrent.exe" = TCP: C: \ program files \ utorrent \ utorrent.exe: uTorrent "TCP Query User (5D761702-BEB7-4B94-B693-1A7EF8E441ED) c: \ \ program files \ \ let WebTV & radio \ \ easywebtv.exe" = UDP: C: \ program files \ let WebTV & radio \ easywebtv.exe : Web-tv \ Radio \ Media "UDP Query User (A7E2F9B1-976E-49B1-960A-8FE671DECB26) c: \ \ program files \ \ let WebTV & radio \ \ easywebtv.exe" = TCP: C: \ program files \ let WebTV & radio \ easywebtv.exe : Web-tv \ Radio \ Media "(978D57EE-8CEF-4E88-B3CC-472590D8A602)" = C: \ program files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(038AD6DB-57BA-4294-B6BE-DC5AC329D87A)" = C: \ program files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "TCP Query User (20F3997A-2406-42BC-9A96-17DBA8717938) c: \ \ program files \ \ soulseek \ \ slsk.exe" = UDP: C: \ program files \ soulseek \ slsk.exe: SoulSeek "UDP Query User (EBEDABDC-8DFA-4EA4-83A0-5D79C8A2BE45) c: \ \ program files \ \ soulseek \ \ slsk.exe" = TCP: C: \ program files \ soulseek \ slsk.exe: SoulSeek "TCP Query User (A2D20908-089C-441B-B9C8-C8811AFCAB9E) c: \ \ program files \ \ limewire \ \ limewire.exe" = UDP: C: \ program files \ limewire \ limewire.exe: LimeWire "UDP Query User (0B6B64F6-D6E9-4D1D-B83A-E6E85E360C05) c: \ \ program files \ \ limewire \ \ limewire.exe" = TCP: C: \ program files \ limewire \ limewire.exe: LimeWire "(2E890455-237D-4ABA-BE37-B5E6E1862834)" = C: \ program files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(DDAAC8F6-7557-495a-82B3-EBFF9330A2CC)" = C: \ program files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(5131D757-BC24-44C9-8EA5-E268DFC6DCAC)" = C: \ program files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "TCP Query User (4C52E1A6-D998-41D5-8E99-27F21E3CA7CB) c: \ \ program files \ \ mozilla firefox \ \ firefox.exe" = UDP: C: \ program files \ mozilla firefox \ firefox.exe: Firefox "UDP Query User (80235B6B-2462-4AC3-8A59-7534841DE76B) c: \ \ program files \ \ mozilla firefox \ \ firefox.exe" = TCP: C: \ program files \ mozilla firefox \ firefox.exe: Firefox "TCP Query User (049DD1E6-8191-4983-A59D-240E79B46042) c: \ \ program files \ \ utorrent \ \ utorrent.exe" = UDP: C: \ program files \ utorrent \ utorrent.exe: uTorrent "UDP Query User (9A00A32D-A675-4425-8F5E-1528AAB521FB) c: \ \ program files \ \ utorrent \ \ utorrent.exe" = TCP: C: \ program files \ utorrent \ utorrent.exe: uTorrent "TCP Query User (348698D9-5A1D-4E1C-AC00-DBDC43BE0ACF) c: \ \ program files \ \ soulseek \ \ slsk.exe" = UDP: C: \ program files \ soulseek \ slsk.exe: SoulSeek "UDP Query User (60AFF659-3A7C-488C-9CCA-0A8589DD32FA) c: \ \ program files \ \ soulseek \ \ slsk.exe" = TCP: C: \ program files \ soulseek \ slsk.exe: SoulSeek "TCP Query User (3EF98A58-7B3C-42B1-8A5A-CF7DEF59C2A7) c: \ \ program files \ \ sopcast \ \ sopcast.exe" = UDP: C: \ program files \ sopcast \ sopcast.exe: SopCast Main Application "UDP Query User (D8A0735D-6D19-4482-A90A-35A9D023DEBE) c: \ \ program files \ \ sopcast \ \ sopcast.exe" = TCP: C: \ program files \ sopcast \ sopcast.exe: SopCast Main Application "TCP Query User (7B392C25-D64F-4897-B5CC-5C9B83106BB0) c: \ \ program files \ \ mozilla firefox \ \ firefox.exe" = UDP: C: \ program files \ mozilla firefox \ firefox.exe: Firefox "UDP Query User (9990806D-9198-4760-93E7-C65D44E1FE8A) c: \ \ program files \ \ mozilla firefox \ \ firefox.exe" = TCP: C: \ program files \ mozilla firefox \ firefox.exe: Firefox "TCP Query User (9998DAB7-D775-4620-A491-D752230551A3) c: \ \ program files \ \ Internet Explorer \ \ iexplore.exe" = UDP: C: \ program files \ Internet Explorer \ iexplore.exe: Internet Explorer "UDP Query User (B9293167-A4DC-43ED-893B-B5B1B89F9988) c: \ \ program files \ \ Internet Explorer \ \ iexplore.exe" = TCP: C: \ program files \ Internet Explorer \ iexplore.exe: Internet Explorer "TCP Query User (B04F6C2B-953A-469D-AFD8-4F3AE27A4941) c: \ \ users \ \ chloe \ \ appdata \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = UDP: C: \ users \ Chloe \ appdata \ roaming \ sopcast \ adv \ narresut adver.exe: sopadver.exe "UDP Query User (914B6A2A-9A2A-43A8-B4EA-BB1EEDC476B5) c: \ \ users \ \ chloe \ \ appdata \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = TCP: C: \ users \ Chloe \ appdata \ roaming \ sopcast \ adv \ narresut adver.exe: sopadver.exe "TCP Query User (69F8C35B-6614-4033-B40E-59012B10975A) c: \ \ program files \ \ bearflix \ \ bearflix.exe" = UDP: C: \ program files \ bearflix \ bearflix.exe: BearFlix "UDP Query User (89ABF64F-F79E-456D-9136-82A8675A3E17) c: \ \ program files \ \ bearflix \ \ bearflix.exe" = TCP: C: \ program files \ bearflix \ bearflix.exe: BearFlix "(8D76BC83-ABC9-406B-8945-366EA3B7074B)" = UDP: C: \ program files \ SmartFTP Client \ SmartFTP.exe: SmartFTP Client "(9FC79C86-3E66-4A61-AA2A-FAB0C61E0453)" = TCP: C: \ program files \ SmartFTP Client \ SmartFTP.exe: SmartFTP Client "TCP Query User (9FF9F89E-5323-45db-89F0-BA37B84180EE) c: \ \ program files \ \ TVAnts \ \ tvants.exe" = UDP: C: \ program files \ TVAnts \ tvants.exe: TVAnts "UDP Query User (C10505B7-BDD4-49BB-93E6-E73B8E6C4E33) c: \ \ program files \ \ TVAnts \ \ tvants.exe" = TCP: C: \ program files \ TVAnts \ tvants.exe: TVAnts "TCP Query User (A9E241F3-D69C-4E67-938B-33C91AB576A1) c: \ \ program files \ \ tvuplayer \ \ tvuplayer.exe" = UDP: C: \ program files \ tvuplayer \ tvuplayer.exe: TVU Player Component "UDP Query User (D3542B64-2CF9-4C20-B6CB-1D9096FF27EB) c: \ \ program files \ \ tvuplayer \ \ tvuplayer.exe" = TCP: C: \ program files \ tvuplayer \ tvuplayer.exe: TVU Player Component "(F8B68D6E-3A24-4B31-8261-FB3CA92B5740)" = C: \ program files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "TCP Query User (4E95BA55-EDF5-491D-9059-F11FF353A128) c: \ \ users \ \ chloe \ \ appdata \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = UDP: C: \ users \ Chloe \ appdata \ roaming \ sopcast \ adv \ narresut adver.exe: sopadver.exe "UDP Query User (55C79E39-F1AC-45C7-8F99-995A835F089A) D: \ \ users \ \ chloe \ \ appdata \ \ roaming \ \ opcast s \ \ adv \ \ sopadver.exe" = TCP: C: \ users \ Chloe \ appdata \ roaming \ sopcast \ adv \ narresut adver.exe: sopadver.exe "TCP Query User (A3EF2380-6740-4FD5-913E-D67F54A54B11) c: \ \ program files \ \ sopcast \ \ sopcast.exe" = UDP: C: \ program files \ sopcast \ sopcast.exe: SopCast Main Application "UDP Query User (E9C164FD-CB41-4D08-9DBA-BDDB929D1C86) c: \ \ program files \ \ sopcast \ \ sopcast.exe" = TCP: C: \ program files \ sopcast \ sopcast.exe: SopCast Main Application "TCP Query User (C1148110-2D5B-4810-8651-98FBFD3A6751) c: \ \ program files \ \ Internet Explorer \ \ iexplore.exe" = UDP: C: \ program files \ Internet Explorer \ iexplore.exe: Internet Explorer "UDP Query User (F15683E5-A578-47EE-BEB1-4541978254F4) c: \ \ program files \ \ Internet Explorer \ \ iexplore.exe" = TCP: C: \ program files \ Internet Explorer \ iexplore.exe: Internet Explorer "TCP Query User (CCA39E89-B85B-41BA-9A33-CA6DB37579E4) d: \ \ program files \ \ clue.exe" = UDP: D: \ program files \ clue.exe: Clue "UDP Query User (39F3C83F-DCF0-43B4-B149-19F3630B3078) d: \ \ program files \ \ clue.exe" = TCP: D: \ program files \ clue.exe: Clue "(01834D55-82B5-480D-BEFF-52EDB82BB8B5)" = C: \ program files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(90ECB35B-6897-4166-A35A-04BC39978BA9)" = c: \ program files \ AVG \ AVG8 \ avgemc.exe: avgemc.exe "(504F647E-1476-4948-AA42-DC1DF85CA9A8)" = c: \ program files \ AVG \ AVG8 \ avgupd.exe: avgupd.exe "(CC411EBB-9ACA-4217-9994-ABB961E83B3C)" = UDP: C: \ program files \ uTorrent \ uTorrent.exe: Antivirus (TCP-In) "(031AA3B5-F93B-4E4B-9ED7-66C6B9FFF3E8)" = TCP: C: \ program files \ uTorrent \ uTorrent.exe: Antivirus (UDP-In) "(1D54F818-ABAC-418F-8F39-17EA7664FABE)" = UDP: C: \ program files \ Bonjour \ mDNSResponder.exe: Bonjour "(3C9FFAF4-40EA-450F-A906-D34D3E2EFA72)" = TCP: C: \ program files \ Bonjour \ mDNSResponder.exe: Bonjour "(6AC9F5D1-C3AC-4878-8740-8A3E10F857E2)" = UDP: C: \ program files \ iTunes \ iTunes.exe: iTunes "(77045B5E-EC2E-4749-AC23-32130CD39567)" = TCP: C: \ program files \ iTunes \ iTunes.exe: iTunes "(00BE12C0-42CB-4B64-AA07-80A45C05B97C)" = Disabled: UDP: C: \ program files \ Sports Interactive \ Football Manager 2008 \ fm.exe: Football Manager 2008 "(0A529C81-B8E4-4809-A54B-B5141A997A78)" = Disabled: TCP: C: \ program files \ Sports Interactive \ Football Manager 2008 \ fm.exe: Football Manager 2008 [HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ PublicProfile] "EnableFirewall" = 0 (0x0) [HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ StandardProfile] "EnableFirewall" = 0 (0x0) R1 AvgLdx86; AVG Free AVI Loader Driver x86; c: \ Windows \ System32 \ drivers \ avgldx86.sys [2008-12-24 325128] R1 AvgTdiX; AVG8 Network Redirector; c: \ Windows \ System32 \ drivers \ avgtdix.sys [2009-03-11 107272] R1 ItSDisk; ItSDisk c: \ Windows \ System32 \ drivers \ itsdis k.sys [2006-05-16 23496] R1 PersonalSecureDrive; PersonalSecureDrive c: \ Windows \ System32 \ drivers \ psd.sys [2007-01-23 39080] R2 ASBroker; Logon Session Broker; C: \ Windows \ System32 \ svchost.exe-k Cognizance [2008-08-07 21504] R2 ASChannel; Local Communication Channel; C: \ Windows \ System32 \ svchost.exe-k Cognizance [2008-08-07 21504] R2 avg8emc; AVG Free8 E-mail Scanner; c: \ progra ~ 1 \ AVG \ AVG8 \ avgemc.exe [2009-03-11 903960] R2 avg8wd; AVG Free8 WatchDog c: \ progra ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe [2009-03-11 298264] R2 HDDlife HDD Access service; HDDlife HDD Access tjenesten c: \ program files \ BinarySense \ HDDlife 3 \ hldasvc.exe [2007-08-09 816376] R2 SBSDWSCService; SBSD Security Center Service c: \ program files \ Spybot - Search & Destroy \ SDWinSec.exe [2007-07-15 1153368] R2 StkSSrv; Syntek AVStream USB2.0 WebCam Service c: \ Windows \ System32 \ StkCSrv.exe [2007-02-07 24576] R3 AtcL001; NDIS miniport driver til Attansic L1 Gigabit Ethernet Controller; c: \ Windows \ System32 \ drivers \ atl01v32.sy s [2007-03-15 48128] R3 StkCMini; Syntek AVStream USB2.0 1.3M WebCam c: \ Windows \ System32 \ drivers \ StkCMini.sys [2007-02-13 1245056] [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Svchost] bthsvcs REG_MULTI_SZ BthServ Man REG_MULTI_SZ ASBroker ASChannel [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ explorer \ mountpoints2 \ H] \ shell \ AutoRun \ command - H: \ LaunchU3.exe [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ explorer \ mountpoints2 \ (1a4a90a1-32d4-11dc-aa3d-001bfc03310e)] \ shell \ AutoRun \ command - H: \ LaunchU3.exe . Indhold af "Planlagte opgaver" mappe 2009/01/11 C: \ Windows \ Tasks \ Defrag Job # 00.job - C: \ program files \ DiskTrix \ UltimateDefrag \ UDefrag.exe [] 2009/03/26 C: \ Windows \ Tasks \ GoogleUpdateTaskUserS-1-5-21-3600620296-2450975610-132854369-1000.job - C: \ Users \ CHLOE \ AppData \ Local \ Google \ Update \ GoogleU pdate.exe [2009-03-17 22:06] 2009/03/30 C: \ Windows \ Tasks \ User_Feed_Synchronization-(5963E371-2796-42F4-9A54-042DA9F406BC). Job - C: \ windows \ system32 \ msfeedssync.exe [2008-01-19 08:33] . . ------- Supplerende Scan ------- . uStart Page = hxxp: / / www.google.co.uk/ uInternet Settings, ProxyOverride = *. lokale IE: E & ksporter til Microsoft Excel - c: \ progra ~ 1 \ mikroer ~ 2 \ Office10 \ EXCEL.EXE/3000 FF - ProfilePath - c: \ users \ CHLOE \ AppData \ Roaming \ Mozilla \ Firefox \ Pro-filer \ ppnzryw9.default \ FF - prefs.js: browser.search.defaulturl - hxxp: / / search.conduit.com / ResultsExt.aspx? Ctid = CT1178131 & SearchSource = 3 & q = FF - prefs.js: browser.search.selectedEngine - Web Search FF - prefs.js: browser.startup.homepage - hxxp: / / www.google.co.uk/ FF - komponent: c: \ Programmer \ AVG \ AVG8 \ Firefox \ komponenter \ avgssff.dll FF - komponent: c: \ Programmer \ AVG \ AVG8 \ ToolbarFF \ komponenter \ vmAVGConnector. Dll FF - komponent: c: \ Programmer \ Real \ RealPlayer \ browserrecord \ komponenter \ f.eks pbrowserrecordplugin.dll FF - komponent: C: \ Users \ CHLOE \ AppData \ Roaming \ Mozilla \ Firefox \ Pro-filer \ ppnzryw9.default \ extensions \ (463F6CA5-EE3C-4be1-B7E6-7FEE11953374) \ platform \ WINNT \ components \ FoxyTunes. dll FF - plugin: c: \ Programmer \ Mozilla Firefox \ plugins \ np-mswmp.dll FF - plugin: c: \ users \ CHLOE \ AppData \ Local \ Google \ Update \ 1.2.141 .5 \ npGoogleOneClick7.dll FF - plugin: d: \ program files \ Reader \ browser \ nppdf32.dll ---- FIREFOX POLITIKKER ---- FF - user.js: general.useragent.extra.zencast - Creative ZENcast v1.02.08); user_pref (general.useragent.extra.zencast, Creative ZENcast v2.00.07. ************************************************** ************************ catchme 0.3.1375 W2K/XP/Vista - rootkit / stealth malware detector ved Gmer, http://www.gmer.net Rootkit scan 2009-03-31 17:16:10 Windows 6.0.6001 Service Pack 1 NTFS scanning skjulte processer ... "10ûÿét0ûÿ3ö9sHu [1166747253] 0x75636F44 "10ûÿét0ûÿ3ö9sHu [1166747253] 0x6F6D6D6F scanning skjulte autostart entries ... scanning skjulte filer ... scanning afsluttet med succes skjulte filer: 0 ************************************************** ************************ . --------------------- DLL'er Loaded Under Running Processes --------------------- - - - - - - -> 'Lsass.exe' (704) c: \ program files \ ASUS Security Center \ ASUS Security Protect Manager \ bin \ ASWLNPkg.dll c: \ program files \ ASUS Security Center \ ASUS Security Protect Manager \ bin \ ItMsg.dll - - - - - - -> 'Explorer.exe' (3304) c: \ program files \ RocketDock \ RocketDock.dll c: \ program files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ SFSShell.dll c: \ program files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ ItMsg.dll . ------------------------ Other Running Processes ----------------------- -- . C: \ Windows \ System32 \ audiodg.exe c: \ Windows \ System32 \ ZoneLabs \ vsmon.exe C: \ Windows \ System32 \ wlanext.exe c: \ program files \ ATK Genvejstast \ ASLDRSrv.exe c: \ program files \ ATKGFNEX \ GFNEXSrv.exe c: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe c: \ Programmer \ Symantec \ LiveUpdate \ AluSchedulerSvc.exe c: \ Programmer \ Bonjour \ mDNSResponder.exe c: \ Programmer \ Intel \ Wireless \ Bin \ EvtEng.exe c: \ progra ~ 1 \ AVG \ AVG8 \ avgrsx.exe c: \ progra ~ 1 \ AVG \ AVG8 \ avgnsx.exe c: \ Programmer \ Intel \ Intel Matrix Storage Manager \ IAANTmon.exe C: \ Windows \ System32 \ IFXTCS.exe c: \ Programmer \ Common Files \ LightScribe \ LSSrvc.exe C: \ Windows \ System32 \ IfxPsdSv.exe C: \ Windows \ System32 \ PSIService.exe c: \ Programmer \ Intel \ Wireless \ Bin \ RegSrvc.exe c: \ program files \ ASUS \ NB Probe \ SPM \ spmgr.exe c: \ Programmer \ AVG \ AVG8 \ avgcsrvx.exe c: \ program files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ asghost.exe c: \ program files \ ATK Genvejstast \ HControl.exe c: \ program files \ ATKOSD2 \ ATKOSD2.exe c: \ Programmer \ Wireless Console 2 \ wcourier.exe c: \ Programmer \ ASUS \ Splendid \ ACMON.exe c: \ program files \ P4G \ BatteryLife.exe C: \ Windows \ System32 \ ACEngSvr.exe c: \ program files \ ATK Genvejstast \ ATKOSD.exe C: \ Windows \ System32 \ IfxUAGUI.exe c: \ program files \ Infineon \ Security Platform Software \ PSDrt.exe c: \ program files \ Infineon \ Security Platform Software \ SpTNA.exe C: \ Windows \ System32 \ Wbem \ WMIADAP.exe C: \ Windows \ System32 \ dllhost.exe . ************************************************** ************************ . Completion time: 2009-03-31 17:23:29 - maskinen blev genstartet ComboFix-quarantined-files.txt 2009-03-31 16:23:16 ComboFix2.txt 2009-03-30 21:16:26 Pre-Run: 39213060096 bytes fri Post-Run: 38632595456 bytes fri Nuværende = 1 Default = 1 Failed = 0 LastKnownGood = 41 sæt = 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18, 19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35, 36,37,38,39,40,41 396 --- EOF --- 2009-03-29 15:30:34
__________________ Euro Championships spids = Spanien & Torres <- Damn jeg burde have lagt en satsning på dem Make Poverty History Retfærdighed for de 96 <- Tag et kig |
|
#10
31 marts 2009, 09:48
| |||
| |||
| Vista Start og Nedlukning Meget langsomt-Not Sure Hvad skal man gøre Med hensyn til Norton fjernelse Jeg har aldrig installeret Norton på her, så hvorfor er symantec opført?
__________________ Euro Championships spids = Spanien & Torres <- Damn jeg burde have lagt en satsning på dem Make Poverty History Retfærdighed for de 96 <- Tag et kig |
|
| |
| Bogmærker |
Lignende Tråde | ||||
| Tråd | Thread Starter | Forum | Svar | Last Post |
| Grafikkort problem kan blive Stopping Vista fra Starting normalt. | Jonmal | General Hardware Chat | 1 | 5 november 2009 11:21 |
| XP kører langsomt, Ikke Malware ... | mbonwick | Windows-operativsystemer | 3 | 24 august 2009 07:52 |
| Dell Laptop - Trouble Starter Windows - Holder afbrydelse | jazker | Laptops, Mobiles & PDA'er | 4 | 25 marts 2009 06:59 |
| Hvorfor McAfee scanne så langsomt? | stevescholes | Virus, Spyware & Sikkerhed | 3 | 29th Dec 2008 15:48 |
| Min Vista fryser kort tid efter start. | Jyan29 | General Hardware Chat | 2 | 30 november 2008 16:40 |
| Thread Tools | |
| |
