|
| |||||||
 |
 |
| | Thread Tools |
|
#1
29 mars 2009, 08:59
| ||||||||||||
| ||||||||||||
| Vista Starter og avslutt svært sakte-Ikke sikker på hva jeg skal gjøre Først Jeg antar at dette er riktig sted å sette dette. Jeg gikk inn på kontrollpanelet og resultater og fant et par ytelsesproblemer sier:
Starter Sakte: http://i7.photobucket.com/albums/y27...tartslowly.jpg Avslutter: http://i7.photobucket.com/albums/y27...downslowly.jpg Jeg kjørte hijackthis og fikk denne meldingen: http://i7.photobucket.com/albums/y27...rormessage.jpg Dette er sannsynligvis et veldig dumt spørsmål, men hvordan kan jeg rette på disse? Hvis dere kan peke meg i riktig retning som ville være stor.
__________________
__________________
Euro Championships tip = Spain & Torres <- Faen jeg skulle ha plassert en innsats på dem Foreta Fattigdom History Justice for de 96 <- Ta en titt Min System: HistoryGirls Self Build!
|
|
#2
29 mars 2009, 11:19
| |||
| |||
| Vista Starter og avslutt svært sakte-Ikke sikker på hva jeg skal gjøre Med Vista må du høyreklikke på HJT ikonet og velg "Kjør som Administrator". Har du gjort noe vedlikehold siste? Diskopprydding, defrag?
__________________  |
|
#3
30 mars 2009, 10:11
| |||
| |||
| Vista Starter og avslutt svært sakte-Ikke sikker på hva jeg skal gjøre Ja jeg har jeg har kjørt Diskopprydding og defrag nylig ville det være hva som er årsaken til problemene? Ny HijackThis Log: Sitat:
__________________ Euro Championships tip = Spain & Torres <- Faen jeg skulle ha plassert en innsats på dem Foreta Fattigdom History Justice for de 96 <- Ta en titt |
|
#4
30 mars 2009, 10:30
| |||
| |||
| Vista Starter og avslutt svært sakte-Ikke sikker på hva jeg skal gjøre Åpne HijackThis og velg Gjør et søk. Sett et merke ved siden av følgende oppføringer: (hvis det)
Viktig: Lukk alle vinduer unntatt HijackThis og klikk Fix kontrolleres. Avslutt HijackThis. ---------- Last ned ComboFix © av ubåter fra én av de nedenfor koblinger. Pass på at toppen lagre det til Desktop. Link # 1 Link # 2 ** Merk: Det er viktig at det er lagret direkte til skrivebordet ditt Lukk alle åpne weblesere. (Firefox, Internet Explorer, osv.) før du starter ComboFix. Midlertidig deaktivere din antivirus, Og eventuelle antispyware sanntid beskyttelse før utføre en skanning. Klikk denne koblingen å se en liste over sikkerhetsprogrammer som skal være deaktivert og hvordan du deaktiverer dem. Dobbeltklikk combofix.exe og følg instruksjonene. Når du er ferdig ComboFix vil produsere en logg for deg. Poste ComboFix logg i neste svaret. Viktig: Ikke mouseclick ComboFix's vinduet mens den kjører. Det kan føre til stall. Husk å aktivere din antivirus og antispyware beskyttelse når ComboFix er fullført. Hvis du har problemer med ComboFix bruk, se Slik bruker ComboFix
__________________ |
|
#5
30 mars 2009, 11:37
| |||
| |||
| Vista Starter og avslutt svært sakte-Ikke sikker på hva jeg skal gjøre Først takk for hjelp og råd. Jeg har gjort det du sa HJT og det var fint. Men jeg har gjort som kobling sier om deaktivere AVG bosatt skjold, men til tross for dette når jeg prøver og kjøre combofix den, den fremdeles sier AVG Anti-Virus kjører så jeg er ikke helt sikker på hvorfor. Vil du foreslå kanskje starte mitt system?
__________________ Euro Championships tip = Spain & Torres <- Faen jeg skulle ha plassert en innsats på dem Foreta Fattigdom History Justice for de 96 <- Ta en titt |
|
#6
30 mars 2009, 13:39
| |||
| |||
| Vista Starter og avslutt svært sakte-Ikke sikker på hva jeg skal gjøre AVG og Combofix har dette problemet. Bare kjøre ComboFix allikevel. Hvis AVG forsøker å blokkere den deretter bare tillate det å kjøre.
__________________ |
|
#7
30 mars 2009, 14:21
| |||
| |||
| Vista Starter og avslutt svært sakte-Ikke sikker på hva jeg skal gjøre Høyre ok gjort. Lag som har bedt om. Sitat:
__________________ Euro Championships tip = Spain & Torres <- Faen jeg skulle ha plassert en innsats på dem Foreta Fattigdom History Justice for de 96 <- Ta en titt |
|
#8
30 mars 2009, 15:17
| |||
| |||
| Vista Starter og avslutt svært sakte-Ikke sikker på hva jeg skal gjøre Slett disse filer / mapper som følger: 1. Gå til Start > Løpe > Type Notepad.exe og klikk OK å åpne Notisblokk. Det må være Notisblokk ikke Wordpad. 2. Kopier teksten i under kode boksen ved å markere all teksten og trykke Ctrl + C Code: KillAll:: Register:: [-HKEY_LOCAL_MACHINE \ Software \ Microsoft \ security center \ Monitoring \ SymantecAntiVirus] [-HKEY_LOCAL_MACHINE \ Software \ Microsoft \ security center \ Monitoring \ SymantecFirewall] [-HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 \ E] [-HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 \ (c1865685-0291-11dc-b943-806e6f6e6963)] Firefox:: FF - prefs.js: browser.search.defaulturl - hxxp: / / search.conduit.com / ResultsExt.aspx? ctid = CT1178131 & SearchSource = 3 & q = FF - prefs.js: browser.search.selectedEngine - Web Search 4. Deretter klikker du Fil > Lagre 5. Navn filen CFScript.txt - Lagre filen på skrivebordet 6. Dra CFScript (hold venstre museknapp mens du dra filen) og slipp den (release venstre museknapp) i ComboFix.exe som du ser i skjermbildet nedenfor. Viktig: Utføre denne instruksjonen nøye!  ComboFix begynner å kjøre, bare følg instruksjonene. Etter reboot (i tilfelle den ber om å reboot), vil det generere en loggfil for deg. Innlegg som log (Combofix.txt) i neste svaret. Merk: Ikke mouseclick ComboFix's vinduet mens den kjører. Som kan føre til systemet ditt til å fryse ---------- Last ned Norton Removal Tool (SymNRT) til skrivebordet ditt. Når nedlastede Lukk alle åpne lesere, også lagre arbeid fordi dette kan kreve en omstart.
---------- Java er utdatert. Eldre versjoner har sårbarheter som skadelige nettsteder kan bruke til å infisere maskinen. Først installerer den nye Sun Java Runtime Environment Husk å lukke alle webleservinduer før du begynner å installere. Fjern den gamle versjonen (e) Laste ned JavaRa
Ytterligere Merk: Den, det Java Quick Starter (JQS.exe) legger til en tjeneste for å bedre den innledende oppstartstid i Java-appleter og programmer. Hvis du vil deaktivere JQS tjeneste hvis du ikke vil bruke den, gå til Start> Kontrollpanel> Java> Avansert> Diverse og unMerk av for Java Quick Starter. Klikk OK og start datamaskinen. ---------- Laste ned ATF Cleaner ved Atribune til skrivebordet ditt. Alternative nedlastingskoblingen Merk: Vista-brukere må bruke Kjør som Administrator
Merk at systemet vil fungere tregere for en omstart eller to etter å ha brukt dette verktøyet så ikke få panikk. Viktig: Start maskinen på nytt før du fortsetter. ---------- Hvordan er datamaskinen kjører nå?
__________________ |
|
#9
31 mars 2009, 09:25
| |||
| |||
| Vista Starter og avslutt svært sakte-Ikke sikker på hva jeg skal gjøre Ny ComboFix Log: ComboFix 09-03-29.04 - Chloe 2009-03-31 16:37:20.2 - NTFSx86 Microsoft ® Windows Vista ™ Ultimate 6.0.6001.1.1252.1.1033.18.2046.1173 [GMT 1:00] Kjører fra: c: \ brukere \ Chloe \ Skrivebord \ ComboFix.exe Command brytere brukes:: c: \ brukere \ Chloe \ Skrivebord \ CFScript.txt AV: AVG Anti-Virus Free * On-tilgang skanning aktivert * (Oppdatert) FW: ZoneAlarm Firewall * aktivert * * Opprettet et nytt gjenopprettingspunkt . ((((((((((((((((((((((((( Files Created fra 2009-02-28 til 2009-03-31 ))))))))))) )))))))))))))))))))) . 2009-03-31 17:15. 2009-03-31 17:15 45.056 - en ------ c: \ windows \ system32 \ acovcnt.exe 2009-03-30 22:26. 2009-03-30 22:26 <DIR> d -------- C: \ Program Files \ MediaMonkey 2009-03-29 16:23. 2008-06-20 02:14 781.344 - en ------ c: \ windows \ system32 \ PresentationNative_v0300.dll 2009-03-29 16:23. 2008-06-20 02:14 622.080 - en ------ c: \ windows \ system32 \ icardagt.exe 2009-03-29 16:23. 2008-06-20 02:14 326.160 - en ------ c: \ windows \ system32 \ PresentationHost.exe 2009-03-29 16:23. 2008-06-20 02:14 105.016 - en ------ c: \ windows \ system32 \ PresentationCFFRasterizerNativ e_v0300.dll 2009-03-29 16:23. 2008-06-20 02:14 97.800 - en ------ c: \ windows \ system32 \ infocardapi.dll 2009-03-29 16:23. 2008-06-20 02:14 43.544 - en ------ c: \ windows \ system32 \ PresentationHostProxy.dll 2009-03-29 16:23. 2008-06-20 02:14 37.384 - en ------ c: \ windows \ system32 \ infocardcpl.cpl 2009-03-29 16:23. 2008-06-20 02:14 11.264 - en ------ c: \ windows \ system32 \ icardres.dll 2009-03-29 16:15. 2008-07-27 19:03 282.112 - en ------ c: \ windows \ system32 \ mscoree.dll 2009-03-29 16:15. 2008-07-27 19:03 96.760 - en ------ c: \ windows \ system32 \ dfshim.dll 2009-03-29 16:15. 2008-07-27 19:03 41.984 - en ------ c: \ windows \ system32 \ netfxperf.dll 2009-03-29 16:14. 2008-07-27 19:03 158.720 - en ------ c: \ windows \ system32 \ mscorier.dll 2009-03-29 16:14. 2008-07-27 19:03 83.968 - en ------ c: \ windows \ system32 \ mscories.dll 2009-03-29 13:52. 2009-03-29 13:53 <DIR> d -------- C: \ Program Files \ Defraggler 2009-03-29 13:26. 2008-02-23 05:38 170.496 - en ------ c: \ windows \ system32 \ tcpipcfg.dll 2009-03-29 13:26. 2008-02-23 03:41 22.528 - en ------ c: \ windows \ system32 \ netiougc.exe 2009-03-29 13:25. 2009-02-16 00:10 1.221.512 - en ------ c: \ windows \ system32 \ zpeng25.dll 2009-03-17 21:57. 2009-03-17 21:57 <DIR> d -------- C: \ Program Files \ Microsoft 2009-03-17 21:56. 2009-03-17 21:56 <DIR> d -------- C: \ Windows \ PCHealth 2009-03-16 22:43. 2009-03-28 22:36 <DIR> d - h ----- C: \ $ AVG8.VAULT $ 2009-03-16 20:59. 2009-03-16 20:59 25 - en ------ C: \ Windows \ cdplayer.ini 2009-03-14 00:34. 2008-12-05 05:32 428.544 - en ------ c: \ windows \ system32 \ EncDec.dll 2009-03-14 00:34. 2008-12-05 05:32 293.376 - en ------ c: \ windows \ system32 \ psisdecd.dll 2009-03-14 00:34. 2008-12-05 05:31 217.088 - en ------ c: \ windows \ system32 \ psisrndr.ax 2009-03-14 00:34. 2008-12-05 05:31 177.664 - en ------ c: \ windows \ system32 \ mpg2splt.ax 2009-03-14 00:34. 2008-12-05 05:31 80.896 - en ------ c: \ windows \ system32 \ MSNP.ax 2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ Programdata \ (00D89592-F643-4D8D-8F0F-AFAE0F14D4C3) 2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ Program Files \ iTunes 2009-03-14 00:29. 2009-03-14 00:29 <DIR> d -------- C: \ Program Files \ iPod 2009-03-14 00:29. 2008-04-17 13:12 107.368 - en ------ c: \ windows \ system32 \ GEARAspi.dll 2009-03-14 00:29. 2009-01-15 13:19 23.848 - en ------ c: \ windows \ system32 \ drivers \ GEARAspiWDM.sys 2009-03-14 00:26. 2009-03-14 00:27 <DIR> d -------- C: \ Programfiler \ QuickTime 2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ Programdata \ Kontiki 2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ Program Files \ Kontiki 2009-03-12 23:39. 2009-03-12 23:39 <DIR> d -------- C: \ Program Files \ Channel4 2009-03-12 23:38. 2009-03-12 23:38 <DIR> d -------- C: \ Programdata \ Channel4 2009-03-11 22:33. 2009-03-31 17:16 <DIR> d -------- C: \ Users \ Chloe \ Tracing 2009-03-11 22:22. 2009-03-11 22:22 <DIR> d -------- C: \ Program Files \ Windows Live SkyDrive 2009-03-11 22:22. 2009-03-17 21:57 <DIR> d -------- C: \ Program Files \ Windows Live 2009-03-11 21:57. 2009-03-11 21:57 <DIR> d -------- C: \ Program Files \ Common Files \ Windows Live 2009-03-11 13:13. 2009-03-11 21:47 <DIR> d -------- C: \ Program Files \ Amazon 2009-03-11 13:13. 2009-03-11 13:13 107.272 - en ------ c: \ windows \ system32 \ drivers \ avgtdix.sys 2009-03-11 02:09. 2009-01-15 04:36 1.383.424 - en ------ c: \ windows \ system32 \ mshtml.tlb 2009-03-11 02:09. 2009-01-15 07:11 827.392 - en ------ c: \ windows \ system32 \ Wininet.dll 2009-03-11 02:05. 2008-12-16 04:29 8.147.456 - en ------ c: \ windows \ system32 \ wmploc.DLL 2009-03-11 02:05. 2008-12-16 06:31 7.680 - en ------ c: \ windows \ system32 \ spwmp.dll 2009-03-11 02:05. 2008-12-16 06:31 4.096 - en ------ c: \ windows \ system32 \ msdxm.ocx 2009-03-11 02:05. 2008-12-16 06:31 4.096 - en ------ c: \ windows \ system32 \ dxmasf.dll 2009-03-11 02:03. 2008-12-16 03:42 288.768 - en ------ c: \ windows \ system32 \ drivers \ Srv.sys 2009-03-11 02:03. 2008-11-27 05:43 268.288 - en ------ c: \ windows \ system32 \ Schannel.dll 2009-03-11 02:02. 2009-02-09 04:10 2.033.152 - en ------ c: \ windows \ system32 \ Win32k.sys 2009-02-06 19:52. 2009-02-06 19:52 49.504 - en ------ c: \ windows \ system32 \ sirenacm.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) )))))))))))))))))))))))))))))))))))))))))))) . 2009-03-31 16:15 --------- d --- aw C: \ Programdata \ Temp 2009-03-31 16:14 350.195 --- ha-w C: \ Windows \ system32 \ drivers \ vsconfig.xml 2009-03-29 14:42 --------- d ----- wc: \ Programdata \ Spybot - Search & Destroy 2009-03-29 14:42 --------- d ----- wc: \ Programfiler \ Spybot - Search & Destroy 2009-03-29 14:42 --------- d ----- wc: \ Programfiler \ CCleaner 2009-03-19 16:48 --------- d ----- wc: \ Users \ Chloe \ AppData \ Roaming \ uTorrent 2009-03-16 19:58 --------- d ----- wc: \ Programfiler \ Fellesfiler \ Real 2009-03-13 23:29 --------- d ----- wc: \ Programdata \ Apple Computer 2009-03-13 23:29 --------- d ----- wc: \ Programfiler \ Fellesfiler \ Apple 2009-03-13 23:27 --------- d ----- wc: \ Programfiler \ Bonjour 2009-03-12 22:24 --------- d ----- wc: \ Programfiler \ Google 2009-03-11 23:07 --------- d ----- wc: \ Programfiler \ Microsoft Silverlight 2009-03-11 23:05 --------- d ----- wc: \ Program Files \ Windows Mail 2009-03-11 12:13 325.128 ---- aw C: \ Windows \ system32 \ drivers \ avgldx86.sys 2009-03-11 11:52 --------- d ----- wc: \ Programdata \ avg8 2009-02-15 23:11 293.528 ---- aw C: \ Windows \ system32 \ drivers \ vsdatant.sys 2009-01-14 20:20 55.232 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ GDIPFONTCACHEV1.DAT 2008-12-31 21:51 13.025 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ nvModes.dat 2008-12-31 14:32 174 - SHA-w C: \ Program Files \ Desktop.ini 2008-11-19 15:31 81.920 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ ezpinst.exe 2008-11-19 15:31 47.360 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ pcouffin.sys 2007-05-31 18:23 77.160 ---- aw C: \ Users \ Chloe \ DSETUP.dll 2007-05-31 18:23 503.144 ---- aw C: \ Users \ Chloe \ DXSETUP.exe 2007-05-31 18:23 1.673.576 ---- aw C: \ Users \ Chloe \ dsetup32.dll . ((((((((((((((((((((((((((((( SnapShot@2009-03-30_22.13.33.29 )))))))))) ))))))))))))))))))))))))))))))) . + 2009-03-31 16:14:31 2.048 - SHA-w C: \ Windows \ ServiceProfiles \ LocalService \ AppData \ Lo cal \ lastalive0.dat + 2009-03-31 16:14:31 2.048 - SHA-w C: \ Windows \ ServiceProfiles \ LocalService \ AppData \ Lo cal \ lastalive1.dat - 2009-03-30 21:07:56 1.048.576 - SHA-w C: \ Windows \ ServiceProfiles \ LocalService \ Ntuser.dat + 2009-03-31 16:15:44 1.048.576 - SHA-w C: \ Windows \ ServiceProfiles \ LocalService \ Ntuser.dat - 2009-03-30 21:07:56 1.048.576 - SHA-w C: \ Windows \ ServiceProfiles \ NetworkService \ NTUSER.D AT + 2009-03-31 16:15:44 1.048.576 - SHA-w C: \ Windows \ ServiceProfiles \ NetworkService \ NTUSER.D AT - 2009-03-30 21:07:06 16.384 - SHA-w C: \ Windows \ system32 \ config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ History \ History.IE5 \ index.d på + 2009-03-31 16:14:35 16.384 - SHA-w C: \ Windows \ system32 \ config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ History \ History.IE5 \ index.d på - 2009-03-30 21:07:06 32.768 - SHA-w C: \ Windows \ system32 \ config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ Temporary Internet Files \ Content.IE5 \ index.dat + 2009-03-31 16:14:35 32.768 - SHA-w C: \ Windows \ system32 \ config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ Temporary Internet Files \ Content.IE5 \ index.dat - 2009-03-30 21:07:06 16.384 - SHA-w C: \ Windows \ system32 \ config \ systemprofile \ AppData \ R oaming \ Microsoft \ Windows \ Cookies \ index.dat + 2009-03-31 16:14:35 16.384 - SHA-w C: \ Windows \ system32 \ config \ systemprofile \ AppData \ R oaming \ Microsoft \ Windows \ Cookies \ index.dat - 2009-03-30 19:05:35 126.818 ---- aw c: \ windows \ system32 \ perfc007.dat + 2009-03-31 15:21:23 126.818 ---- aw c: \ windows \ system32 \ perfc007.dat - 2009-03-30 19:05:35 119.076 ---- aw c: \ windows \ system32 \ perfc009.dat + 2009-03-31 15:21:23 119.076 ---- aw c: \ windows \ system32 \ perfc009.dat - 2009-03-30 19:05:35 127.578 ---- aw c: \ windows \ system32 \ perfc00C.dat + 2009-03-31 15:21:23 127.578 ---- aw c: \ windows \ system32 \ perfc00C.dat - 2009-03-30 19:05:35 124.352 ---- aw c: \ windows \ system32 \ perfc010.dat + 2009-03-31 15:21:23 124.352 ---- aw c: \ windows \ system32 \ perfc010.dat - 2009-03-30 19:05:35 130.866 ---- aw c: \ windows \ system32 \ perfc013.dat + 2009-03-31 15:21:23 130.866 ---- aw c: \ windows \ system32 \ perfc013.dat - 2009-03-30 19:05:35 130.272 ---- aw c: \ windows \ system32 \ perfc019.dat + 2009-03-31 15:21:23 130.272 ---- aw c: \ windows \ system32 \ perfc019.dat - 2009-03-30 19:05:35 620.942 ---- aw c: \ windows \ system32 \ perfh007.dat + 2009-03-31 15:21:23 620.942 ---- aw c: \ windows \ system32 \ perfh007.dat - 2009-03-30 19:05:35 644.794 ---- aw c: \ windows \ system32 \ perfh009.dat + 2009-03-31 15:21:23 644.794 ---- aw c: \ windows \ system32 \ perfh009.dat - 2009-03-30 19:05:35 672.380 ---- aw c: \ windows \ system32 \ perfh00C.dat + 2009-03-31 15:21:23 672.380 ---- aw c: \ windows \ system32 \ perfh00C.dat - 2009-03-30 19:05:35 666.234 ---- aw c: \ windows \ system32 \ perfh010.dat + 2009-03-31 15:21:23 666.234 ---- aw c: \ windows \ system32 \ perfh010.dat - 2009-03-30 19:05:35 669.852 ---- aw c: \ windows \ system32 \ perfh013.dat + 2009-03-31 15:21:23 669.852 ---- aw c: \ windows \ system32 \ perfh013.dat - 2009-03-30 19:05:35 657.990 ---- aw c: \ windows \ system32 \ perfh019.dat + 2009-03-31 15:21:23 657.990 ---- aw c: \ windows \ system32 \ perfh019.dat - 2009-03-30 19:03:55 17.414 ---- aw C: \ Windows \ System32 \ WDI \ (86432a0b-3c7d-4ddf-a89c-172faa90485d) \ S-1-5-21-3600620296-2450975610 - 132854369-1000_UserData.bin + 2009-03-31 16:17:14 18.026 ---- aw C: \ Windows \ System32 \ WDI \ (86432a0b-3c7d-4ddf-a89c-172faa90485d) \ S-1-5-21-3600620296-2450975610 - 132854369-1000_UserData.bin - 2009-03-30 19:03:55 81.750 ---- aw C: \ Windows \ System32 \ WDI \ BootPerformanceDiagnostics _SystemData.bin + 2009-03-31 16:17:14 81.884 ---- aw C: \ Windows \ System32 \ WDI \ BootPerformanceDiagnostics _SystemData.bin - 2009-03-30 19:03:54 68.204 ---- aw C: \ Windows \ System32 \ WDI \ ShutdownPerformanceDiagnos tics_SystemData.bin + 2009-03-31 15:15:30 68.346 ---- aw C: \ Windows \ System32 \ WDI \ ShutdownPerformanceDiagnos tics_SystemData.bin . - Snapshot reset til dagens dato -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) )))))))))))))))))))))))))))))))))))))))) . . * Note * empty entries & legit default entries ikke vises REGEDIT4 [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run] "RocketDock" = "C: \ Program Files \ RocketDock \ RocketDock.exe" [2007-09-02 495616] "msnmsgr" = "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" [2009-02-06 3885408] "WMPNSCFG" = "C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "ASUS Screen Saver Protector" = "c: \ windows \ ASScrPro.exe" [2007-05-15 33136] "IFXSPMGT" = "c: \ windows \ system32 \ ifxspmgt.exe" [2007-02-26 677408] "ZoneAlarm Client" = "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe" [2009-02-16 981384] "SynTPEnh" = "C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe" [2007-03-01 857648] [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ curr entversion \ policies \ system] "EnableUIADesktopToggle" = 0 (0x0) [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ windows] "AppInit_DLLs" = APSHook.dll avgrsstx.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ drivers32] "msacm.ac3filter" = ac3filter.acm [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ Lsa] Notification Packages REG_MULTI_SZ scecli ASWLNPkg [HKLM \ ~ \ startupfolder \ C: ^ Programdata ^ Microsoft ^ Wind ows ^ Start Menu ^ Programs ^ Startup ^ WinZip Quick Pick.lnk] path = c: \ Programdata \ Microsoft \ Windows \ Start-meny \ Programmer \ Oppstart \ WinZip Quick Pick.lnk backup = C: \ Windows \ PSS \ WinZip Quick Pick.lnk.CommonStartup backupExtension =. CommonStartup [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ 4oD] - en ------ 2007-04-23 12:23 1032640 C: \ Program Files \ Kontiki \ KHost.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Adobe Reader Speed Launcher] - en ------ 2008-06-12 02:38 34672 D: \ Programfiler \ Reader \ reader_sl.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ ASUS Camera skjermspareralbum] - en ------ 2007-05-15 05:12 37232 c: \ windows \ ASScrProlog.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ ATKMEDIA] - en ------ 2006-11-02 16:27 61440 C: \ Program Files \ ASUS \ ATK Media \ DMedia.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ AVG8_TRAY] - en ------ 2009-03-11 13:13 1601304 c: \ progra ~ 1 \ AVG \ AVG8 \ avgtray.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ CognizanceTS] -ra ------ 2003-12-21 22:11 17920 c: \ progra ~ 1 \ ASUSSE ~ 1 \ ASUSSE ~ 1 \ Bin \ ASTSVCC.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ ehTray.exe] - en ------ 2008-01-19 08:33 125952 C: \ Windows \ ehome \ ehtray.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Google Update] - en ---- t-2009-03-17 22:06 133104 C: \ Users \ Chloe \ AppData \ Local \ Google \ Update \ GoogleU pdate.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ iTunesHelper] - en ------ 2009-03-11 14:52 342312 C: \ Program Files \ iTunes \ iTunesHelper.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ msnmsgr] - en ------ 2009-02-06 19:51 3885408 C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvCplDaemon] - en ------ 2007-04-04 12:40 8429568 c: \ windows \ system32 \ nvcpl.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvMediaCenter] - en ------ 2007-04-04 12:40 81920 c: \ windows \ system32 \ nvmctray.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvSvc] - en ------ 2007-04-04 12:40 86016 c: \ windows \ system32 \ nvsvc.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ QuickTime Task] - en ------ 2009-01-05 17:18 413696 C: \ Programfiler \ QuickTime \ QTTask.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ RocketDock] - en ------ 2007-09-02 13:58 495616 C: \ Program Files \ RocketDock \ RocketDock.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SpybotSD TeaTimer] -rahs ---- 2009-03-05 16:07 2260480 C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SunJavaUpdateSched] - en ------ 2008-06-10 04:27 144784 C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ TkBellExe] - en ------ 2009-03-16 20:58 198160 C: \ Programfiler \ Fellesfiler \ Real \ Update_OB \ realsched.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Windows Defender] - en ------ 2008-01-19 08:38 1008184 C: \ Program Files \ Windows Defender \ MSASCui.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ WMPNSCFG] - en ------ 2008-01-19 08:33 202240 C: \ Program Files \ Windows Media Player \ wmpnscfg.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ (0228e555-4f9c-4e35-a3ec-b109a192b4c2)] - en ------ 2005-07-15 22:48 479232 C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ RtHDVCpl] - en ------ 2007-02-15 10:07 4390912 C: \ Windows \ RtHDVCpl.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ security center \ Monitoring] "DisableMonitoring" = dword: 00000001 [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ security center \ Monitoring \ ZoneLabsFirewall] "DisableMonitoring" = dword: 00000001 [HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ DomainProfile] "EnableFirewall" = 0 (0x0) [HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ FirewallRules] "(71E74FA5-D1FA-4A82-9121-AE2CACB2ED04)" = Profile = Private | C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(2FE2345B-5C77-485E-9855-FC6024DE75EC)" = Profile = Private | C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(CC9CFD37-6799-47CF-9AEE-1063F21C5548)" = Profile = Private | C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(3D44E6E8-68F3-42F0-B97E-1081F1354874)" = UDP: C: \ Program Files \ LimeWire \ LimeWire.exe: LimeWire 4.12.15 "(B2393435-26B3-4482-a391-C964F3370D66)" = TCP: C: \ Program Files \ LimeWire \ LimeWire.exe: LimeWire 4.12.15 "(1B1039C9-3AEF-4B2E-85CA-DA79FB7CDBD3)" = Disabled: C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(F9EC3544-5A35-4D84-A067-E7167563791A)" = Disabled: C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(A9CE85F3-F9BA-4875-B169-9DEF59911C8A)" = Disabled: C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "TCP Query User (0FAAFA32-F5A3-4C35-9AFD-A648E4B3016E) c: \ \ Programfiler \ \ utorrent \ \ utorrent.exe" = UDP: C: \ Program Files \ utorrent \ utorrent.exe: uTorrent "UDP Query User (CDC85196-C503-4F00-82DC-B95F8D021895) c: \ \ Programfiler \ \ utorrent \ \ utorrent.exe" = TCP: C: \ Program Files \ utorrent \ utorrent.exe: uTorrent "TCP Query User (5D761702-BEB7-4B94-B693-1A7EF8E441ED) c: \ \ Program Files \ \ lett WebTV & radio \ \ easywebtv.exe" = UDP: C: \ Program Files \ lett WebTV & radio \ easywebtv.exe : Web-TV \ Radio \ Media "UDP Query User (A7E2F9B1-976E-49B1-960A-8FE671DECB26) c: \ \ Program Files \ \ lett WebTV & radio \ \ easywebtv.exe" = TCP: C: \ Program Files \ lett WebTV & radio \ easywebtv.exe : Web-TV \ Radio \ Media "(978D57EE-8CEF-4E88-B3CC-472590D8A602)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(038AD6DB-57BA-4294-B6BE-DC5AC329D87A)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "TCP Query User (20F3997A-2406-42BC-9A96-17DBA8717938) c: \ \ Program Files \ \ soulseek \ \ slsk.exe" = UDP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek "UDP Query User (EBEDABDC-8DFA-4EA4-83A0-5D79C8A2BE45) c: \ \ Program Files \ \ soulseek \ \ slsk.exe" = TCP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek "TCP Query User (A2D20908-089C-441B-B9C8-C8811AFCAB9E) c: \ \ Program Files \ \ LimeWire \ \ limewire.exe" = UDP: C: \ Program Files \ LimeWire \ limewire.exe: LimeWire "UDP Query User (0B6B64F6-D6E9-4D1D-B83A-E6E85E360C05) c: \ \ Program Files \ \ LimeWire \ \ limewire.exe" = TCP: C: \ Program Files \ LimeWire \ limewire.exe: LimeWire "(2E890455-237D-4ABA-BE37-B5E6E1862834)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(DDAAC8F6-7557-495A-82B3-EBFF9330A2CC)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(5131D757-BC24-44C9-8EA5-E268DFC6DCAC)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "TCP Query User (4C52E1A6-D998-41D5-8E99-27F21E3CA7CB) c: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = UDP: C: \ Programfiler \ Mozilla Firefox \ firefox.exe: Firefox "UDP Query User (80235B6B-2462-4AC3-8A59-7534841DE76B) c: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = TCP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox "TCP Query User (049DD1E6-8191-4983-A59D-240E79B46042) c: \ \ Programfiler \ \ utorrent \ \ utorrent.exe" = UDP: C: \ Program Files \ utorrent \ utorrent.exe: uTorrent "UDP Query User (9A00A32D-A675-4425-8F5E-1528AAB521FB) c: \ \ Programfiler \ \ utorrent \ \ utorrent.exe" = TCP: C: \ Program Files \ utorrent \ utorrent.exe: uTorrent "TCP Query User (348698D9-5A1D-4E1C-AC00-DBDC43BE0ACF) c: \ \ Program Files \ \ soulseek \ \ slsk.exe" = UDP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek "UDP Query User (60AFF659-3A7C-488C-9CCA-0A8589DD32FA) c: \ \ Program Files \ \ soulseek \ \ slsk.exe" = TCP: C: \ Program Files \ soulseek \ slsk.exe: SoulSeek "TCP Query User (3EF98A58-7B3C-42B1-8A5A-CF7DEF59C2A7) c: \ \ Program Files \ \ sopcast \ \ sopcast.exe" = UDP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Main Application "UDP Query User (D8A0735D-6D19-4482-A90A-35A9D023DEBE) c: \ \ Program Files \ \ sopcast \ \ sopcast.exe" = TCP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Main Application "TCP Query User (7B392C25-D64F-4897-B5CC-5C9B83106BB0) c: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = UDP: C: \ Programfiler \ Mozilla Firefox \ firefox.exe: Firefox "UDP Query User (9990806D-9198-4760-93E7-C65D44E1FE8A) c: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = TCP: C: \ Program Files \ Mozilla Firefox \ firefox.exe: Firefox "TCP Query User (9998DAB7-D775-4620-A491-D752230551A3) c: \ \ Programfiler \ \ Internet Explorer \ \ iexplore.exe" = UDP: C: \ Programfiler \ Internet Explorer \ iexplore.exe: Internet Explorer "UDP Query User (B9293167-A4DC-43ED-893B-B5B1B89F9988) c: \ \ Programfiler \ \ Internet Explorer \ \ iexplore.exe" = TCP: C: \ Programfiler \ Internet Explorer \ iexplore.exe: Internet Explorer "TCP Query User (B04F6C2B-953A-469D-AFD8-4F3AE27A4941) c: \ \ brukere \ \ Chloe \ \ AppData \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = UDP: C: \ Users \ Chloe \ AppData \ roaming \ sopcast \ adv \ godbit adver.exe: sopadver.exe "UDP Query User (914B6A2A-9A2A-43A8-B4EA-BB1EEDC476B5) c: \ \ brukere \ \ Chloe \ \ AppData \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = TCP: C: \ Users \ Chloe \ AppData \ roaming \ sopcast \ adv \ godbit adver.exe: sopadver.exe "TCP Query User (69F8C35B-6614-4033-B40E-59012B10975A) c: \ \ Program Files \ \ bearflix \ \ bearflix.exe" = UDP: C: \ Program Files \ bearflix \ bearflix.exe: BearFlix "UDP Query User (89ABF64F-F79E-456D-9136-82A8675A3E17) c: \ \ Program Files \ \ bearflix \ \ bearflix.exe" = TCP: C: \ Program Files \ bearflix \ bearflix.exe: BearFlix "(8D76BC83-ABC9-406B-8945-366EA3B7074B)" = UDP: C: \ Program Files \ SmartFTP Client \ SmartFTP.exe: SmartFTP Client "(9FC79C86-3E66-4A61-AA2A-FAB0C61E0453)" = TCP: C: \ Program Files \ SmartFTP Client \ SmartFTP.exe: SmartFTP Client "TCP Query User (9FF9F89E-5323-45DB-89F0-BA37B84180EE) c: \ \ Program Files \ \ tvants \ \ tvants.exe" = UDP: C: \ Program Files \ tvants \ tvants.exe: TVAnts "UDP Query User (C10505B7-BDD4-49BB-93E6-E73B8E6C4E33) c: \ \ Program Files \ \ tvants \ \ tvants.exe" = TCP: C: \ Program Files \ tvants \ tvants.exe: TVAnts "TCP Query User (A9E241F3-D69C-4E67-938B-33C91AB576A1) c: \ \ Program Files \ \ tvuplayer \ \ tvuplayer.exe" = UDP: C: \ Program Files \ tvuplayer \ tvuplayer.exe: TVU Player Component "UDP Query User (D3542B64-2CF9-4C20-B6CB-1D9096FF27EB) c: \ \ Program Files \ \ tvuplayer \ \ tvuplayer.exe" = TCP: C: \ Program Files \ tvuplayer \ tvuplayer.exe: TVU Player Component "(F8B68D6E-3A24-4B31-8261-FB3CA92B5740)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "TCP Query User (4E95BA55-EDF5-491D-9059-F11FF353A128) c: \ \ brukere \ \ Chloe \ \ AppData \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = UDP: C: \ Users \ Chloe \ AppData \ roaming \ sopcast \ adv \ godbit adver.exe: sopadver.exe "UDP Query User (55C79E39-F1AC-45C7-8F99-995A835F089A) c: \ \ brukere \ \ Chloe \ \ AppData \ \ roaming \ \ s opcast \ \ adv \ \ sopadver.exe" = TCP: C: \ Users \ Chloe \ AppData \ roaming \ sopcast \ adv \ godbit adver.exe: sopadver.exe "TCP Query User (A3EF2380-6740-4FD5-913E-D67F54A54B11) c: \ \ Program Files \ \ sopcast \ \ sopcast.exe" = UDP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Main Application "UDP Query User (E9C164FD-CB41-4D08-9DBA-BDDB929D1C86) c: \ \ Program Files \ \ sopcast \ \ sopcast.exe" = TCP: C: \ Program Files \ sopcast \ sopcast.exe: SopCast Main Application "TCP Query User (C1148110-2D5B-4810-8651-98FBFD3A6751) c: \ \ Programfiler \ \ Internet Explorer \ \ iexplore.exe" = UDP: C: \ Programfiler \ Internet Explorer \ iexplore.exe: Internet Explorer "UDP Query User (F15683E5-A578-47EE-BEB1-4541978254F4) c: \ \ Programfiler \ \ Internet Explorer \ \ iexplore.exe" = TCP: C: \ Programfiler \ Internet Explorer \ iexplore.exe: Internet Explorer "TCP Query User (CCA39E89-B85B-41BA-9A33-CA6DB37579E4) d: \ \ Program Files \ \ clue.exe" = UDP: D: \ Programfiler \ clue.exe: Clue "UDP Query User (39F3C83F-DCF0-43B4-B149-19F3630B3078) d: \ \ Program Files \ \ clue.exe" = TCP: D: \ Programfiler \ clue.exe: Clue "(01834D55-82B5-480D-BEFF-52EDB82BB8B5)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Phone) "(90ECB35B-6897-4166-A35A-04BC39978BA9)" = C: \ Program Files \ AVG \ AVG8 \ avgemc.exe: avgemc.exe "(504F647E-1476-4948-AA42-DC1DF85CA9A8)" = C: \ Program Files \ AVG \ AVG8 \ avgupd.exe: avgupd.exe "(CC411EBB-9ACA-4217-9994-ABB961E83B3C)" = UDP: C: \ Program Files \ uTorrent \ uTorrent.exe: μTorrent (TCP-In) "(031AA3B5-F93B-4E4B-9ED7-66C6B9FFF3E8)" = TCP: C: \ Program Files \ uTorrent \ uTorrent.exe: μTorrent (UDP-In) "(1D54F818-ABAC-418F-8F39-17EA7664FABE)" = UDP: C: \ Program Files \ Bonjour \ mDNSResponder.exe: Bonjour "(3C9FFAF4-40EA-450F-A906-D34D3E2EFA72)" = TCP: C: \ Program Files \ Bonjour \ mDNSResponder.exe: Bonjour "(6AC9F5D1-C3AC-4878-8740-8A3E10F857E2)" = UDP: C: \ Program Files \ iTunes \ iTunes.exe: iTunes "(77045B5E-EC2E-4749-AC23-32130CD39567)" = TCP: C: \ Program Files \ iTunes \ iTunes.exe: iTunes "(00BE12C0-42CB-4B64-AA07-80A45C05B97C)" = Disabled: UDP: C: \ Program Files \ Sports Interactive \ Football Manager 2008 \ fm.exe: Football Manager 2008 "(0A529C81-B8E4-4809-A54B-B5141A997A78)" = Disabled: TCP: C: \ Program Files \ Sports Interactive \ Football Manager 2008 \ fm.exe: Football Manager 2008 [HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ PublicProfile] "EnableFirewall" = 0 (0x0) [HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ StandardProfile] "EnableFirewall" = 0 (0x0) R1 AvgLdx86; AVG Free AVI Loader Driver x86; c: \ windows \ system32 \ drivers \ avgldx86.sys [2008-12-24 325128] R1 AvgTdiX; AVG8 Network Redirector; c: \ windows \ system32 \ drivers \ avgtdix.sys [2009-03-11 107272] R1 ItSDisk; ItSDisk; c: \ windows \ system32 \ drivers \ itsdis k.sys [2006-05-16 23496] R1 PersonalSecureDrive; PersonalSecureDrive; c: \ windows \ system32 \ drivers \ psd.sys [2007-01-23 39080] R2 ASBroker; påloggingsøkt Broker; c: \ windows \ system32 \ Svchost.exe-k Cognizance [2008-08-07 21504] R2 ASChannel; Local Communication Channel; c: \ windows \ system32 \ Svchost.exe-k Cognizance [2008-08-07 21504] R2 avg8emc; AVG Free8 E-mail Scanner; c: \ progra ~ 1 \ AVG \ AVG8 \ avgemc.exe [2009-03-11 903960] R2 avg8wd; AVG Free8 Watchdog; c: \ progra ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe [2009-03-11 298264] R2 HDDlife HDD Access service; HDDlife HDD Access service; C: \ Program Files \ BinarySense \ HDDlife 3 \ hldasvc.exe [2007-08-09 816376] R2 SBSDWSCService; SBSD Security Center Service; C: \ Program Files \ Spybot - Search & Destroy \ SDWinSec.exe [2007-07-15 1153368] R2 StkSSrv; Syntek AVStream USB2.0 WebCam Service; c: \ windows \ system32 \ StkCSrv.exe [2007-02-07 24576] R3 AtcL001; NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; c: \ windows \ system32 \ drivers \ atl01v32.sy s [2007-03-15 48128] R3 StkCMini; Syntek AVStream USB2.0 1.3M WebCam; c: \ windows \ system32 \ drivers \ StkCMini.sys [2007-02-13 1245056] [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ svchost] bthsvcs REG_MULTI_SZ BthServ Cognizance REG_MULTI_SZ ASBroker ASChannel [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ H] \ shell \ AutoRun \ command - H: \ LaunchU3.exe [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (1a4a90a1-32d4-11dc-aa3d-001bfc03310e)] \ shell \ AutoRun \ command - H: \ LaunchU3.exe . Innholdet i "Scheduled Tasks"-mappen 2009-01-11 C: \ Windows \ Tasks \ Defrag Job # 00.job - C: \ Programfiler \ DiskTrix \ UltimateDefrag \ UDefrag.exe [] 2009-03-26 C: \ Windows \ Tasks \ GoogleUpdateTaskUserS-1-5-21-3600620296-2450975610-132854369-1000.job - C: \ brukere \ Chloe \ AppData \ Local \ Google \ Update \ GoogleU pdate.exe [2009-03-17 22:06] 2009-03-30 C: \ Windows \ Tasks \ User_Feed_Synchronization-(5963E371-2796-42F4-9A54-042DA9F406BC). Jobb - C: \ windows \ system32 \ msfeedssync.exe [2008-01-19 08:33] . . ------- Tilleggsavtale Scan ------- . uStart Page = hxxp: / / www.google.co.uk/ uInternet Settings, ProxyOverride = *. local IE: E & ksporter til Microsoft Excel - c: \ progra ~ 1 \ micros ~ 2 \ Office10 \ EXCEL.EXE/3000 FF - ProfilePath - c: \ brukere \ Chloe \ AppData \ Roaming \ Mozilla \ Firefox \ Pro filer \ ppnzryw9.default \ FF - prefs.js: browser.search.defaulturl - hxxp: / / search.conduit.com / ResultsExt.aspx? Ctid = CT1178131 & SearchSource = 3 & q = FF - prefs.js: browser.search.selectedEngine - Web Search FF - prefs.js: browser.startup.homepage - hxxp: / / www.google.co.uk/ FF - del: C: \ Program Files \ AVG \ AVG8 \ Firefox \ Components \ avgssff.dll FF - del: C: \ Program Files \ AVG \ AVG8 \ ToolbarFF \ Components \ vmAVGConnector. Dll FF - del: C: \ Program Files \ Real \ RealPlayer \ browserrecord \ Components \ NPR pbrowserrecordplugin.dll FF - del: c: \ brukere \ Chloe \ AppData \ Roaming \ Mozilla \ Firefox \ Pro filer \ ppnzryw9.default \ Extensions \ (463F6CA5-EE3C-4be1-B7E6-7FEE11953374) \ plattform \ WINNT \ Components \ FoxyTunes. dll FF - plugin: C: \ Programfiler \ Mozilla Firefox \ plugins \ np-mswmp.dll FF - plugin: C: \ Users \ Chloe \ AppData \ Local \ Google \ Update \ 1.2.141 .5 \ npGoogleOneClick7.dll FF - plugin: d: \ Programfiler \ Reader \ browser \ nppdf32.dll ---- FIREFOX POLICIES ---- FF - user.js: general.useragent.extra.zencast - Creative ZENcast v1.02.08); user_pref (general.useragent.extra.zencast, Creative ZENcast v2.00.07. ************************************************** ************************ CatchMe 0.3.1375 W2K/XP/Vista - rootkit / skjulemodus malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-31 17:16:10 Windows 6.0.6001 Service Pack 1 NTFS skanning skjulte prosesser ... "10ûÿét0ûÿ3ö9sHu [1166747253] 0x75636F44 "10ûÿét0ûÿ3ö9sHu [1166747253] 0x6F6D6D6F scanning hidden autostart entries ... skanning skjulte filer ... skanning er fullført skjulte filer: 0 ************************************************** ************************ . --------------------- DLLer Loaded Under Running Processes --------------------- - - - - - - -> 'Lsass.exe' (704) C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ bin \ ASWLNPkg.dll C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ bin \ ItMsg.dll - - - - - - -> 'Explorer.exe' (3304) C: \ Program Files \ RocketDock \ RocketDock.dll C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ SFSShell.dll C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ ItMsg.dll . ------------------------ Other Running Prosesser ----------------------- -- . c: \ windows \ system32 \ audiodg.exe c: \ windows \ system32 \ ZoneLabs \ vsmon.exe c: \ windows \ system32 \ wlanext.exe C: \ Program Files \ ATK Hurtigtast \ ASLDRSrv.exe C: \ Program Files \ ATKGFNEX \ GFNEXSrv.exe c: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ Symantec \ LiveUpdate \ AluSchedulerSvc.exe C: \ Program Files \ Bonjour \ mDNSResponder.exe C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe c: \ progra ~ 1 \ AVG \ AVG8 \ avgrsx.exe c: \ progra ~ 1 \ AVG \ AVG8 \ avgnsx.exe C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ IAANTmon.exe c: \ windows \ system32 \ IFXTCS.exe c: \ Programfiler \ Fellesfiler \ LightScribe \ LSSrvc.exe c: \ windows \ system32 \ IfxPsdSv.exe c: \ windows \ system32 \ PSIService.exe C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe C: \ Program Files \ ASUS \ NB Probe \ SPM \ spmgr.exe C: \ Program Files \ AVG \ AVG8 \ avgcsrvx.exe C: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ asghost.exe C: \ Program Files \ ATK Hurtigtast \ HControl.exe C: \ Program Files \ ATKOSD2 \ ATKOSD2.exe C: \ Program Files \ Wireless Console 2 \ wcourier.exe C: \ Program Files \ ASUS \ Splendid \ ACMON.exe C: \ Program Files \ P4G \ BatteryLife.exe c: \ windows \ system32 \ ACEngSvr.exe C: \ Program Files \ ATK Hurtigtast \ ATKOSD.exe c: \ windows \ system32 \ IfxUAGUI.exe c: \ Programfiler \ Infineon \ Security Platform Software \ PSDrt.exe c: \ Programfiler \ Infineon \ Security Platform Software \ SpTNA.exe c: \ windows \ system32 \ wbem \ WMIADAP.exe c: \ windows \ system32 \ Dllhost.exe . ************************************************** ************************ . Fullføringstidspunkt: 2009-03-31 17:23:29 - maskinen ble startet på nytt ComboFix-karantene-files.txt 2009-03-31 16:23:16 ComboFix2.txt 2009-03-30 21:16:26 Pre-Run: 39213060096 bytes gratis Post-Run: 38632595456 bytes gratis Gjeldende = 1 Standard = 1 mislyktes = 0 LastKnownGood = 41 Stiller = 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18, 19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35, 36,37,38,39,40,41 396 --- EOF --- 2009-03-29 15:30:34
__________________ Euro Championships tip = Spain & Torres <- Faen jeg skulle ha plassert en innsats på dem Foreta Fattigdom History Justice for de 96 <- Ta en titt |
|
#10
31 mars 2009, 09:48
| |||
| |||
| Vista Starter og avslutt svært sakte-Ikke sikker på hva jeg skal gjøre Vedrørende Norton fjerning jeg har aldri installert Norton på her så hvorfor er Symantec oppført?
__________________ Euro Championships tip = Spain & Torres <- Faen jeg skulle ha plassert en innsats på dem Foreta Fattigdom History Justice for de 96 <- Ta en titt |
