Spywarefri Forum | CPU 80% belastet uden aktivitet

CPU 80% belastet uden aktivitet

[ Ignorer ] KnudPetersen
07.03.2010 17:43:31 Antal indlæg: 24	Hej med jer. Jeg har fået det problem at min CPU kører 80% belastet uden jeg foretager mig noget. Process Explorer siger det er interrupts der er problemet. Jeg kører XP home og har intet ændret. Min pc er beskyttet af ESET og Malwarebytes, er der nogen der har et forslag til at løse problemet ? Hilsen Knud
[ Ignorer ] [ # 1 ] Fromsej TeamSpywarefri
07.03.2010 17:46:29 Administrator Team Spywarefri Antal indlæg: 54701	Hvilken Windowsversion? Signatur Member of “Alliance of Security Analysis Professionals” - Alle angaben wie immer “nur mit pistole” Græd du også over eventyret om smedens kat, da du var lille? http://www.spywarefri.dk/medarbejderne/ Nierne bomaye - You’ll never walk alone qui potest, obligatur
[ Ignorer ] [ # 2 ] KnudPetersen
07.03.2010 18:33:30 Antal indlæg: 24	Windows XP Home servicepack 3 - alt er opdateret.
[ Ignorer ] [ # 3 ] Magic Emeritus
08.03.2010 06:29:56 Administrator Supporter Emeritus Antal indlæg: 29177	Ok. Vi kan lige tjekke hvad der kører på maskinen -> Hent DDS og gem programmet på dit Skrivebord: Her Dobbeltklik på DDS.scr og tillad programmet at køre. Når programmet er færdig vil det åbne to logs/tekst-filer. Gem begge filer på dit Skrivebord og kopier indholdet af txt filerne herind i dit næste indlæg. Da de er forholdsvis lange, kan du blive nødt til at sende dem i flere indlæg. Før du sender logfilerne, beder vi dig om at fjerne enhvert P2P/fildelings program, hvis du har nogen, og dette inkluderer Torrent software, før vi renser computeren.
[ Ignorer ] [ # 4 ] KnudPetersen
08.03.2010 18:48:48 Antal indlæg: 24	Her er så de 2 logfiler: DDS (Ver_09-12-01.01) - NTFSx86 Run by Gunnar Nielsen at 17:40:31,21 on 08-03-2010 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Home Edition 5.1.2600.3.1252.45.1030.18.1023.529 [GMT 1:00] AV: ESET Smart Security 4.0 On-access scanning enabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ESET Personlig firewall enabled {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\Ati2evxx.exe svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programmer\Java\jre6\bin\jusched.exe C:\Programmer\ESET\ESET Smart Security\egui.exe C:\Programmer\Analog Devices\SoundMAX\Smax4.exe C:\Programmer\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programmer\Skype\Phone\Skype.exe C:\Programmer\OpenOffice.org 3\program\soffice.exe C:\Programmer\OpenOffice.org 3\program\soffice.bin svchost.exe C:\Programmer\ESET\ESET Smart Security\ekrn.exe C:\Programmer\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Programmer\Skype\Plugin Manager\skypePM.exe C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Documents and Settings\Gunnar Nielsen\Skrivebord\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.dk/ TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\programmer\epson\epson web-to-page\EPSON Web-To-Page.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programmer\google\google toolbar\GoogleToolbar_32.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [swg] “c:\programmer\google\googletoolbarnotifier\GoogleToolbarNotifier.exe” uRun: [Skype] “c:\programmer\skype\phone\Skype.exe” /nosplash /minimized mRun: [SunJavaUpdateSched] “c:\programmer\java\jre6\bin\jusched.exe” mRun: [egui] “c:\programmer\eset\eset smart security\egui.exe” /hide /waitservice mRun: [SoundMAX] “c:\programmer\analog devices\soundmax\Smax4.exe” /tray mRun: [SoundMAXPnP] c:\programmer\analog devices\core\smax4pnp.exe mRun: [StartCCC] “c:\programmer\ati technologies\ati.ace\core-static\CLIStart.exe” MSRun dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\gunnar~1\menuen~1\progra~1\start\openof~1.lnk - c:\programmer\openoffice.org 3\program\quickstart.exe IE: E&ksporter; til Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: Google Sidewiki ... - c:\programmer\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programmer\messenger\msmsgs.exe IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\programmer\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\programmer\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} - hxxp://esupport.epson-europe.com/selftest/en/Prg/ESTPTest.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fllesf~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll ============= SERVICES / DRIVERS =============== R0 m5288;m5288;c:\windows\system32\drivers\m5288.sys [2009-10-24 209536] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-9-11 108792] R2 ekrn;ESET Service;c:\programmer\eset\eset smart security\ekrn.exe [2009-9-11 735960] =============== Created Last 30 ================ 2010-03-07 15:52:01 3327 ——a-w- c:\windows\system32\wbem\Outlook_01cabe0e20031d18.mof 2010-03-07 13:52:36 0 d——-w- c:\windows\system32\wbem\Repository 2010-03-07 13:52:14 0 d——-r- c:\docume~1\gunnar~1\applic~1\Brother 2010-03-07 13:51:39 0 d——-w- c:\programmer\fælles filer\DESIGNER 2010-03-07 13:47:13 4708 ——a-w- c:\windows\system32\PerfStringBackup.TMP 2010-03-05 17:52:49 1355 ——a-w- c:\windows\imsins.BAK 2010-03-05 16:44:14 0 d——-w- c:\windows\pss 2010-03-05 16:17:49 293376 ———w- c:\windows\system32\browserchoice.exe 2010-03-04 17:03:03 0 d——-w- c:\docume~1\gunnar~1\applic~1\Malwarebytes 2010-03-04 17:02:53 38224 ——a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-04 17:02:45 0 d——-w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2010-03-04 17:02:44 19160 ——a-w- c:\windows\system32\drivers\mbam.sys 2010-03-04 17:02:37 0 d——-w- c:\programmer\Malwarebytes’ Anti-Malware 2010-03-03 09:12:32 142 ——a-w- c:\windows\BRVIDEO.INI 2010-03-03 09:12:32 0 ——a-w- c:\windows\brmx2001.ini 2010-03-03 09:12:14 111928 ———w- c:\windows\system32\BRRBTOOL.EXE 2010-03-03 09:12:10 77824 ———w- c:\windows\system32\brlmw03a.dll 2010-03-03 09:12:10 24223 ———w- c:\windows\system32\brlm03a.dll 2010-03-03 09:12:10 19537 ———w- c:\windows\system32\drivers\BRPAR.SYS 2010-03-03 09:12:10 114 ———w- c:\windows\system32\brlmw03a.ini 2010-03-03 09:11:57 9030 ——a-w- c:\windows\HL-2030.INI 2010-03-03 09:11:57 176128 ———w- c:\windows\system32\BROSNMP.DLL 2010-03-03 09:11:57 0 d——-w- c:\programmer\Brownie 2010-03-03 09:11:20 432 ——a-w- c:\windows\BRWMARK.INI 2010-03-03 09:09:49 54 ——a-w- c:\windows\system32\bd2030.dat 2010-03-03 09:09:48 192512 ———w- c:\windows\system32\Pdrvinst.dll 2010-03-03 09:09:48 0 d——-w- c:\programmer\Brother 2010-03-03 09:08:47 270 ——a-w- c:\windows\Brownie.ini 2010-03-03 08:43:59 376 ——a-w- c:\windows\ODBC.INI 2010-03-03 08:43:48 17920 ——a-w- c:\windows\system32\mdimon.dll 2010-03-03 08:39:49 0 d——-w- c:\windows\SHELLNEW ==================== Find3M ==================== 2010-03-07 15:52:00 79312 ——a-w- c:\windows\system32\perfc006.dat 2010-03-07 15:52:00 451242 ——a-w- c:\windows\system32\perfh006.dat 2009-12-21 19:08:01 916480 ——a-w- c:\windows\system32\wininet.dll 2009-12-21 19:08:01 916480 ——a-w- c:\windows\system32\wininet(2)(2).dll 2009-12-21 19:08:01 1208832 ——a-w- c:\windows\system32\urlmon(2)(2).dll 2009-12-21 19:07:57 1985536 ——a-w- c:\windows\system32\iertutil(2)(2).dll 2009-12-21 19:07:56 11070464 ——a-w- c:\windows\system32\ieframe(2)(2).dll 2009-12-17 07:41:56 344576 ——a-w- c:\windows\system32\mspaint.exe 2009-12-14 07:09:59 33280 ——a-w- c:\windows\system32\csrsrv.dll 2009-12-14 07:09:59 33280 ——a-w- c:\windows\system32\csrsrv(2)(2).dll 2009-12-09 10:10:19 2191744 ——a-w- c:\windows\system32\ntoskrnl.exe 2009-12-09 10:10:18 2068608 ——a-w- c:\windows\system32\ntkrnlpa.exe 2009-10-25 14:39:18 245760 —sha-w- c:\windows\system32\config\systemprofile\ietldcache\index.dat 2009-10-25 14:39:18 32768 —sha-w- c:\windows\system32\config\systemprofile\lokale indstillinger\oversigt\history.ie5\mshist012009102520091026\index.dat ============= FINISH: 17:41:08,14 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-12-01.01) Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 24-10-2009 19:55:24 System Uptime: 03-08-2010 17:08:31 (-3552 hours ago) Motherboard: ASUSTeK Computer INC. \| \| A8R-MVP Processor: AMD Athlon(tm) 64 Processor 3200+ \| Socket 939 \| 2004/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 76 GiB total, 64,391 GiB free. D: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP74: 09-12-2009 17:00:34 - Systemkontrolpunkt RP75: 09-12-2009 18:43:30 - Software Distribution Service 3.0 RP76: 10-12-2009 18:48:16 - Systemkontrolpunkt RP77: 11-12-2009 19:35:13 - Systemkontrolpunkt RP78: 13-12-2009 10:31:18 - Systemkontrolpunkt RP79: 16-12-2009 09:40:42 - Systemkontrolpunkt RP80: 17-12-2009 13:28:07 - Systemkontrolpunkt RP81: 19-12-2009 16:39:55 - Systemkontrolpunkt RP82: 21-12-2009 12:09:03 - Systemkontrolpunkt RP83: 22-12-2009 15:28:47 - Systemkontrolpunkt RP84: 25-12-2009 12:41:09 - Systemkontrolpunkt RP85: 27-12-2009 15:02:43 - Systemkontrolpunkt RP86: 28-12-2009 15:47:15 - Systemkontrolpunkt RP87: 31-12-2009 11:57:23 - Systemkontrolpunkt RP88: 01-01-2010 18:04:31 - Systemkontrolpunkt RP89: 02-01-2010 18:32:54 - Systemkontrolpunkt RP90: 04-01-2010 07:42:31 - Systemkontrolpunkt RP91: 06-01-2010 11:17:32 - Systemkontrolpunkt RP92: 07-01-2010 18:43:00 - Systemkontrolpunkt RP93: 10-01-2010 18:08:28 - Systemkontrolpunkt RP94: 12-01-2010 09:47:37 - Systemkontrolpunkt RP95: 13-01-2010 10:00:16 - Software Distribution Service 3.0 RP96: 13-01-2010 17:16:15 - Software Distribution Service 3.0 RP97: 13-01-2010 21:06:52 - Software Distribution Service 3.0 RP98: 16-01-2010 09:43:16 - Systemkontrolpunkt RP99: 17-01-2010 10:57:47 - Systemkontrolpunkt RP100: 18-01-2010 11:15:45 - Systemkontrolpunkt RP101: 20-01-2010 12:01:52 - Systemkontrolpunkt RP102: 21-01-2010 12:52:52 - Systemkontrolpunkt RP103: 22-01-2010 12:58:18 - Systemkontrolpunkt RP104: 22-01-2010 18:53:26 - Software Distribution Service 3.0 RP105: 24-01-2010 09:49:57 - Systemkontrolpunkt RP106: 25-01-2010 12:23:17 - Systemkontrolpunkt RP107: 26-01-2010 13:02:47 - Systemkontrolpunkt RP108: 29-01-2010 12:59:11 - Systemkontrolpunkt RP109: 30-01-2010 15:10:37 - Systemkontrolpunkt RP110: 31-01-2010 16:47:34 - Systemkontrolpunkt RP111: 01-02-2010 18:01:12 - Systemkontrolpunkt RP112: 04-02-2010 13:23:39 - Systemkontrolpunkt RP113: 13-02-2010 10:00:18 - Software Distribution Service 3.0 RP114: 13-02-2010 18:14:02 - Software Distribution Service 3.0 RP115: 15-02-2010 18:50:04 - Systemkontrolpunkt RP116: 17-02-2010 09:46:33 - Systemkontrolpunkt RP117: 19-02-2010 08:18:39 - Systemkontrolpunkt RP118: 20-02-2010 11:58:46 - Systemkontrolpunkt RP119: 21-02-2010 18:48:51 - Systemkontrolpunkt RP120: 23-02-2010 09:03:37 - Systemkontrolpunkt RP121: 24-02-2010 10:58:04 - Systemkontrolpunkt RP122: 24-02-2010 18:49:35 - Software Distribution Service 3.0 RP123: 26-02-2010 17:52:33 - Systemkontrolpunkt RP124: 28-02-2010 17:14:47 - Systemkontrolpunkt RP125: 02-03-2010 09:58:36 - Systemkontrolpunkt RP126: 03-03-2010 09:39:22 - Installerede Microsoft Office Professional Edition 2003 RP127: 04-03-2010 11:47:41 - Systemkontrolpunkt RP128: 05-03-2010 11:56:22 - Systemkontrolpunkt RP129: 05-03-2010 17:18:01 - Software Distribution Service 3.0 RP130: 05-03-2010 17:23:02 - Gendan handling RP131: 05-03-2010 18:52:11 - Software Distribution Service 3.0 RP132: 06-03-2010 17:35:49 - Software Distribution Service 3.0 RP133: 06-03-2010 18:09:26 - Software Distribution Service 3.0 RP134: 07-03-2010 10:00:19 - Software Distribution Service 3.0 RP135: 07-03-2010 14:46:51 - Gendan handling RP136: 07-03-2010 16:12:16 - Fjernet Google Earth. RP137: 08-03-2010 17:24:26 - Systemkontrolpunkt ==== Installed Programs ====================== ABBYY FineReader 6.0 Sprint Adobe Flash Player 10 ActiveX ATI AVIVO Codecs ATI Catalyst Install Manager ATI Display Driver Brother HL-2035 Camera RAW Plug-In for EPSON Creativity Suite Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-preinstall ccc-core-static ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner EPSON-printersoftware EPSON Attach To Email EPSON Copy Utility 3 EPSON Easy Photo Print EPSON File Manager EPSON Scan EPSON Scan Assistant EPSON Stylus CX7300_CX8300_DX7400_DX8400 Håndbog EPSON Web-To-Page ESET Smart Security ExtractNow Google Toolbar for Internet Explorer Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB976002-v5) Hotfix til Windows XP (KB952287) Hotfix til Windows XP (KB961118) Hotfix til Windows XP (KB970653-v3) Hotfix til Windows XP (KB976098-v2) Hotfix til Windows XP (KB979306) Java(TM) 6 Update 17 Malwarebytes’ Anti-Malware Marvell Miniport Driver Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Office Professional Edition 2003 Microsoft Visual C++ 2005 Redistributable Mozilla Thunderbird (2.0.0.23) Opdatering til Windows Internet Explorer 8 (KB973874) Opdatering til Windows Internet Explorer 8 (KB976662) Opdatering til Windows Internet Explorer 8 (KB976749) Opdatering til Windows XP (KB951978) Opdatering til Windows XP (KB955759) Opdatering til Windows XP (KB967715) Opdatering til Windows XP (KB968389) Opdatering til Windows XP (KB971737) Opdatering til Windows XP (KB973687) Opdatering til Windows XP (KB973815) OpenOffice.org 3.1 Sikkerhedsopdatering til Windows Internet Explorer 8 (KB971961) Sikkerhedsopdatering til Windows Internet Explorer 8 (KB974455) Sikkerhedsopdatering til Windows Internet Explorer 8 (KB976325) Sikkerhedsopdatering til Windows Internet Explorer 8 (KB978207) Sikkerhedsopdatering til Windows Media Player (KB952069) Sikkerhedsopdatering til Windows Media Player (KB954155) Sikkerhedsopdatering til Windows Media Player (KB968816) Sikkerhedsopdatering til Windows Media Player (KB973540) Sikkerhedsopdatering til Windows XP (KB923561) Sikkerhedsopdatering til Windows XP (KB946648) Sikkerhedsopdatering til Windows XP (KB950762) Sikkerhedsopdatering til Windows XP (KB950974) Sikkerhedsopdatering til Windows XP (KB951066) Sikkerhedsopdatering til Windows XP (KB951376-v2) Sikkerhedsopdatering til Windows XP (KB951748) Sikkerhedsopdatering til Windows XP (KB952004) Sikkerhedsopdatering til Windows XP (KB952954) Sikkerhedsopdatering til Windows XP (KB954459) Sikkerhedsopdatering til Windows XP (KB955069) Sikkerhedsopdatering til Windows XP (KB956572) Sikkerhedsopdatering til Windows XP (KB956744) Sikkerhedsopdatering til Windows XP (KB956802) Sikkerhedsopdatering til Windows XP (KB956803) Sikkerhedsopdatering til Windows XP (KB956844) Sikkerhedsopdatering til Windows XP (KB957097) Sikkerhedsopdatering til Windows XP (KB958644) Sikkerhedsopdatering til Windows XP (KB958687) Sikkerhedsopdatering til Windows XP (KB958869) Sikkerhedsopdatering til Windows XP (KB959426) Sikkerhedsopdatering til Windows XP (KB960225) Sikkerhedsopdatering til Windows XP (KB960803) Sikkerhedsopdatering til Windows XP (KB960859) Sikkerhedsopdatering til Windows XP (KB961371-v2) Sikkerhedsopdatering til Windows XP (KB961501) Sikkerhedsopdatering til Windows XP (KB968537) Sikkerhedsopdatering til Windows XP (KB969059) Sikkerhedsopdatering til Windows XP (KB969947) Sikkerhedsopdatering til Windows XP (KB970238) Sikkerhedsopdatering til Windows XP (KB970430) Sikkerhedsopdatering til Windows XP (KB971468) Sikkerhedsopdatering til Windows XP (KB971486) Sikkerhedsopdatering til Windows XP (KB971557) Sikkerhedsopdatering til Windows XP (KB971633) Sikkerhedsopdatering til Windows XP (KB971657) Sikkerhedsopdatering til Windows XP (KB972270) Sikkerhedsopdatering til Windows XP (KB973354) Sikkerhedsopdatering til Windows XP (KB973507) Sikkerhedsopdatering til Windows XP (KB973525) Sikkerhedsopdatering til Windows XP (KB973869) Sikkerhedsopdatering til Windows XP (KB973904) Sikkerhedsopdatering til Windows XP (KB974112) Sikkerhedsopdatering til Windows XP (KB974318) Sikkerhedsopdatering til Windows XP (KB974392) Sikkerhedsopdatering til Windows XP (KB974455) Sikkerhedsopdatering til Windows XP (KB974571) Sikkerhedsopdatering til Windows XP (KB975025) Sikkerhedsopdatering til Windows XP (KB975467) Sikkerhedsopdatering til Windows XP (KB975560) Sikkerhedsopdatering til Windows XP (KB975713) Sikkerhedsopdatering til Windows XP (KB977165) Sikkerhedsopdatering til Windows XP (KB977914) Sikkerhedsopdatering til Windows XP (KB978037) Sikkerhedsopdatering til Windows XP (KB978251) Sikkerhedsopdatering til Windows XP (KB978262) Sikkerhedsopdatering til Windows XP (KB978706) Skins Skype web features Skype™ 4.1 SoundMAX ULi Sata Driver Update for Microsoft .NET Framework 3.5 SP1 (KB963707) WebFldrs XP Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 8 Windows XP Service Pack 3 ==== End Of File =========================== Hilsen Knud
[ Ignorer ] [ # 5 ] Fromsej TeamSpywarefri
08.03.2010 18:59:39 Administrator Team Spywarefri Antal indlæg: 54701	Der er ikke noget i dine logs. Prøv dette: Klik på Start->Kør skriv SFC /scannow(bemærk mellemrum), klik OK. Din XP-CD skal sidde i drevet. Når den er færdig, genstart, se om det hjalp. Signatur Member of “Alliance of Security Analysis Professionals” - Alle angaben wie immer “nur mit pistole” Græd du også over eventyret om smedens kat, da du var lille? http://www.spywarefri.dk/medarbejderne/ Nierne bomaye - You’ll never walk alone qui potest, obligatur
[ Ignorer ] [ # 6 ] KnudPetersen
09.03.2010 23:30:47 Antal indlæg: 24	Det hjalp ikke med SFC - har også prøvet safe mode, det ændrede heller ikke noget, CPU stadig 80 % +- 5%. Når maskinen køres igang med Linux, står belastningen på nogle få % i tomgang. Jeg kan ikke finde nogen forklaring. MVH Knud
[ Ignorer ] [ # 7 ] Fromsej TeamSpywarefri
10.03.2010 14:24:55 Administrator Team Spywarefri Antal indlæg: 54701	Hent Combofix, og gem den i en mappe: http://download.bleepingcomputer.com/sUBs/ComboFix.exe Åbn mappen med Combofix, højreklik et tomt sted i mappen, vælg Ny->tekstdokument, åbn tekstdokumentet, kopier følgende ind: Killall:: Snapshot:: klik på Filer->Gem som, navngiv den CFScript, luk tekstdokumentet. Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du “giver slip” med musen. http://www.fromsej.saknet.dk/billeder/swfcombo.gif Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse. Kopier den fremkomne log herind. Signatur Member of “Alliance of Security Analysis Professionals” - Alle angaben wie immer “nur mit pistole” Græd du også over eventyret om smedens kat, da du var lille? http://www.spywarefri.dk/medarbejderne/ Nierne bomaye - You’ll never walk alone qui potest, obligatur
[ Ignorer ] [ # 8 ] KnudPetersen
10.03.2010 19:31:52 Antal indlæg: 24	ComboFix 10-03-09.08 - Gunnar Nielsen 10-03-2010 18:08:57.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.45.1030.18.1023.548 [GMT 1:00] Kører fra: c:\documents and settings\Gunnar Nielsen\Skrivebord\combo\ComboFix.exe Kommandoer benyttet :: c:\documents and settings\Gunnar Nielsen\Skrivebord\combo\CFScript.txt AV: ESET Smart Security 4.0 On-access scanning enabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ESET Personlig firewall enabled {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} . ((((((((((((((((((((((((((((((((((((((( Andet, der er slettet ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\recycler\S-1-5-21-725345543-1425521274-2147175445-1004 . ((((((((((((((((((((((((((((( Filer skabt fra 2010-02-10 til 2010-03-10 ))))))))))))))))))))))))))))))))))) . 2010-03-09 16:50 . 2001-08-17 19:11 48736 -c—a-w- c:\windows\system32\dllcache\srwlnd5.sys 2010-03-09 16:50 . 2001-10-04 16:07 99328 -c—a-w- c:\windows\system32\dllcache\srusd.dll 2010-03-09 16:49 . 2001-10-04 16:07 24660 -c—a-w- c:\windows\system32\dllcache\spxupchk.dll 2010-03-09 16:49 . 2001-08-17 20:51 61824 -c—a-w- c:\windows\system32\dllcache\speed.sys 2010-03-09 16:49 . 2001-10-04 16:07 106584 -c—a-w- c:\windows\system32\dllcache\spdports.dll 2010-03-09 16:48 . 2001-08-17 21:07 19072 -c—a-w- c:\windows\system32\dllcache\sparrow.sys 2010-03-09 16:48 . 2001-08-17 20:56 7552 -c—a-w- c:\windows\system32\dllcache\sonypvu1.sys 2010-03-09 16:48 . 2001-08-17 19:51 37040 -c—a-w- c:\windows\system32\dllcache\sonypi.sys 2010-03-09 16:47 . 2001-10-04 16:07 114688 -c—a-w- c:\windows\system32\dllcache\sonypi.dll 2010-03-09 16:47 . 2001-08-17 19:51 20752 -c—a-w- c:\windows\system32\dllcache\sonync.sys 2010-03-09 16:47 . 2001-08-17 20:53 9600 -c—a-w- c:\windows\system32\dllcache\sonymc.sys 2010-03-09 16:47 . 2008-04-13 18:40 7552 -c—a-w- c:\windows\system32\dllcache\sonyait.sys 2010-03-09 16:46 . 2001-08-17 20:53 7040 -c—a-w- c:\windows\system32\dllcache\snyaitmc.sys 2010-03-09 16:46 . 2001-08-17 19:51 58368 -c—a-w- c:\windows\system32\dllcache\smiminib.sys 2010-03-09 16:45 . 2001-10-04 16:07 147200 -c—a-w- c:\windows\system32\dllcache\smidispb.dll 2010-03-09 16:45 . 2001-08-17 19:12 25034 -c—a-w- c:\windows\system32\dllcache\smcpwr2n.sys 2010-03-09 16:45 . 2001-10-04 15:51 35913 -c—a-w- c:\windows\system32\dllcache\smcirda.sys 2010-03-09 16:45 . 2001-08-17 19:12 24576 -c—a-w- c:\windows\system32\dllcache\smc8000n.sys 2010-03-09 16:44 . 2001-08-17 20:57 6784 -c—a-w- c:\windows\system32\dllcache\smbhc.sys 2010-03-09 16:44 . 2008-04-13 18:36 6912 -c—a-w- c:\windows\system32\dllcache\smbclass.sys 2010-03-09 16:44 . 2008-04-13 18:36 16000 -c—a-w- c:\windows\system32\dllcache\smbbatt.sys 2010-03-09 16:44 . 2001-10-04 16:07 45568 -c—a-w- c:\windows\system32\dllcache\smb3w.dll 2010-03-09 16:44 . 2001-10-04 16:07 33792 -c—a-w- c:\windows\system32\dllcache\smb0w.dll 2010-03-09 16:43 . 2001-10-04 16:07 28672 -c—a-w- c:\windows\system32\dllcache\sma0w.dll 2010-03-09 16:43 . 2001-10-04 16:07 28160 -c—a-w- c:\windows\system32\dllcache\sm91w.dll 2010-03-09 16:43 . 2008-04-13 18:46 11136 -c—a-w- c:\windows\system32\dllcache\slip.sys 2010-03-09 16:43 . 2004-08-03 20:31 63547 -c—a-w- c:\windows\system32\dllcache\sla30nd5.sys 2010-03-09 16:43 . 2001-08-17 19:12 91294 -c—a-w- c:\windows\system32\dllcache\skfpwin.sys 2010-03-09 16:42 . 2001-10-04 15:51 95018 -c—a-w- c:\windows\system32\dllcache\sk98xwin.sys 2010-03-09 16:42 . 2001-10-04 16:07 157696 -c—a-w- c:\windows\system32\dllcache\sisv256.dll 2010-03-09 16:42 . 2001-08-17 19:50 50432 -c—a-w- c:\windows\system32\dllcache\sisv.sys 2010-03-09 16:42 . 2004-08-03 20:31 32768 -c—a-w- c:\windows\system32\dllcache\sisnic.sys 2010-03-09 16:42 . 2001-10-04 16:07 238592 -c—a-w- c:\windows\system32\dllcache\sisgrv.dll 2010-03-09 16:41 . 2001-08-17 19:50 104064 -c—a-w- c:\windows\system32\dllcache\sisgrp.sys 2010-03-09 16:41 . 2001-10-04 16:07 150144 -c—a-w- c:\windows\system32\dllcache\sis6306v.dll 2010-03-09 16:41 . 2001-08-17 19:50 68608 -c—a-w- c:\windows\system32\dllcache\sis6306p.sys 2010-03-09 16:41 . 2001-10-04 16:07 252032 -c—a-w- c:\windows\system32\dllcache\sis300iv.dll 2010-03-09 16:40 . 2001-08-17 19:50 101760 -c—a-w- c:\windows\system32\dllcache\sis300ip.sys 2010-03-09 16:40 . 2001-10-04 15:50 161760 -c—a-w- c:\windows\system32\dllcache\sgsmusb.sys 2010-03-09 16:39 . 2001-07-21 21:29 18400 -c—a-w- c:\windows\system32\dllcache\sgsmld.sys 2010-03-09 16:39 . 2001-08-17 19:51 98080 -c—a-w- c:\windows\system32\dllcache\sgiulnt5.sys 2010-03-09 16:39 . 2001-10-04 16:07 386560 -c—a-w- c:\windows\system32\dllcache\sgiul50.dll 2010-03-09 16:39 . 2001-08-17 19:19 36480 -c—a-w- c:\windows\system32\dllcache\sfmanm.sys 2010-03-09 16:38 . 2001-10-04 15:50 6784 -c—a-w- c:\windows\system32\dllcache\serscan.sys 2010-03-09 16:38 . 2001-10-04 15:50 17920 -c—a-w- c:\windows\system32\dllcache\sermouse.sys 2010-03-09 16:37 . 2001-08-17 20:53 6912 -c—a-w- c:\windows\system32\dllcache\seaddsmc.sys 2010-03-09 16:37 . 2008-04-13 18:45 11520 -c—a-w- c:\windows\system32\dllcache\scsiscan.sys 2010-03-09 16:37 . 2001-08-17 20:52 11648 -c—a-w- c:\windows\system32\dllcache\scsiprnt.sys 2010-03-09 16:37 . 2001-10-04 15:50 17536 -c—a-w- c:\windows\system32\dllcache\scr111.sys 2010-03-09 16:36 . 2001-10-04 15:50 16640 -c—a-w- c:\windows\system32\dllcache\scmstcs.sys 2010-03-09 16:36 . 2001-08-17 20:51 23936 -c—a-w- c:\windows\system32\dllcache\sccmusbm.sys 2010-03-09 16:36 . 2001-10-04 15:49 23936 -c—a-w- c:\windows\system32\dllcache\sccmn50m.sys 2010-03-09 16:36 . 2008-04-13 18:40 43904 -c—a-w- c:\windows\system32\dllcache\sbp2port.sys 2010-03-09 16:36 . 2001-10-04 16:06 495616 -c—a-w- c:\windows\system32\dllcache\sblfx.dll 2010-03-09 16:35 . 2001-08-17 19:50 75392 -c—a-w- c:\windows\system32\dllcache\s3savmxm.sys 2010-03-09 16:35 . 2001-10-04 16:07 245632 -c—a-w- c:\windows\system32\dllcache\s3savmx.dll 2010-03-09 16:35 . 2001-08-17 19:50 77824 -c—a-w- c:\windows\system32\dllcache\s3sav4m.sys 2010-03-09 16:34 . 2001-10-04 16:07 198400 -c—a-w- c:\windows\system32\dllcache\s3sav4.dll 2010-03-09 16:34 . 2001-08-17 19:50 61504 -c—a-w- c:\windows\system32\dllcache\s3sav3dm.sys 2010-03-09 16:34 . 2001-10-04 16:07 179264 -c—a-w- c:\windows\system32\dllcache\s3sav3d.dll 2010-03-09 16:34 . 2001-10-04 16:07 210496 -c—a-w- c:\windows\system32\dllcache\s3mvirge.dll 2010-03-09 16:34 . 2001-10-04 16:07 62496 -c—a-w- c:\windows\system32\dllcache\s3mtrio.dll 2010-03-09 16:33 . 2001-08-17 19:50 41216 -c—a-w- c:\windows\system32\dllcache\s3mt3d.sys 2010-03-09 16:33 . 2001-10-04 16:07 182272 -c—a-w- c:\windows\system32\dllcache\s3mt3d.dll 2010-03-09 16:33 . 2001-08-17 19:50 166720 -c—a-w- c:\windows\system32\dllcache\s3m.sys 2010-03-09 16:33 . 2001-08-17 20:57 65664 -c—a-w- c:\windows\system32\dllcache\s3legacy.sys 2010-03-09 16:32 . 2001-10-04 16:07 83456 -c—a-w- c:\windows\system32\dllcache\rwia450.dll 2010-03-09 16:32 . 2001-10-04 16:07 80896 -c—a-w- c:\windows\system32\dllcache\rwia430.dll 2010-03-09 16:32 . 2008-04-14 16:05 29696 -c—a-w- c:\windows\system32\dllcache\rw450ext.dll 2010-03-09 16:32 . 2008-04-14 16:05 28160 -c—a-w- c:\windows\system32\dllcache\rw430ext.dll 2010-03-09 16:32 . 2004-08-03 20:31 20992 -c—a-w- c:\windows\system32\dllcache\rtl8139.sys 2010-03-09 16:32 . 2001-08-17 19:12 19017 -c—a-w- c:\windows\system32\dllcache\rtl8029.sys 2010-03-09 16:31 . 2001-08-17 19:19 30720 -c—a-w- c:\windows\system32\dllcache\rthwcls.sys 2010-03-09 16:31 . 2001-10-04 16:07 9728 -c—a-w- c:\windows\system32\dllcache\rsmgrstr.dll 2010-03-09 16:31 . 2001-08-17 19:19 3840 -c—a-w- c:\windows\system32\dllcache\rpfun.sys 2010-03-09 16:31 . 2008-04-14 15:38 79104 -c—a-w- c:\windows\system32\dllcache\rocket.sys 2010-03-09 16:30 . 2001-08-17 19:12 37563 -c—a-w- c:\windows\system32\dllcache\rlnet5.sys 2010-03-09 16:30 . 2001-10-04 16:06 86097 -c—a-w- c:\windows\system32\dllcache\reslog32.dll 2010-03-09 16:29 . 2001-08-17 20:51 19584 -c—a-w- c:\windows\system32\dllcache\rasirda.sys 2010-03-09 16:29 . 2001-10-04 15:47 714858 -c—a-w- c:\windows\system32\dllcache\r2mdmkxx.sys 2010-03-09 16:29 . 2001-10-04 15:47 899274 -c—a-w- c:\windows\system32\dllcache\r2mdkxga.sys 2010-03-09 16:28 . 2001-10-04 16:07 41472 -c—a-w- c:\windows\system32\dllcache\qvusd.dll 2010-03-09 16:28 . 2001-08-17 20:53 3328 -c—a-w- c:\windows\system32\dllcache\qv2kux.sys 2010-03-09 16:28 . 2001-08-17 20:52 49024 -c—a-w- c:\windows\system32\dllcache\ql1280.sys 2010-03-09 16:27 . 2001-08-17 20:52 40448 -c—a-w- c:\windows\system32\dllcache\ql1240.sys 2010-03-09 16:27 . 2001-08-17 20:52 45312 -c—a-w- c:\windows\system32\dllcache\ql12160.sys 2010-03-09 16:27 . 2001-08-17 20:52 33152 -c—a-w- c:\windows\system32\dllcache\ql10wnt.sys 2010-03-09 16:27 . 2001-08-17 20:52 40320 -c—a-w- c:\windows\system32\dllcache\ql1080.sys 2010-03-09 16:27 . 2008-04-13 18:40 6016 -c—a-w- c:\windows\system32\dllcache\qic157.sys 2010-03-09 16:26 . 2001-08-17 20:28 130942 -c—a-w- c:\windows\system32\dllcache\ptserlv.sys 2010-03-09 16:26 . 2001-08-17 20:28 112574 -c—a-w- c:\windows\system32\dllcache\ptserlp.sys 2010-03-09 16:26 . 2001-08-17 20:28 128286 -c—a-w- c:\windows\system32\dllcache\ptserli.sys 2010-03-09 16:26 . 2008-04-14 16:05 159232 -c—a-w- c:\windows\system32\dllcache\ptpusd.dll 2010-03-09 16:26 . 2001-10-04 16:07 5632 -c—a-w- c:\windows\system32\dllcache\ptpusb.dll 2010-03-09 16:25 . 2001-10-04 16:07 35328 -c—a-w- c:\windows\system32\dllcache\psisload.dll 2010-03-09 16:25 . 2008-04-14 16:05 363520 -c—a-w- c:\windows\system32\dllcache\psisdecd.dll 2010-03-09 16:25 . 2001-10-04 15:47 16256 -c—a-w- c:\windows\system32\dllcache\pscr.sys 2010-03-09 16:25 . 2008-04-13 18:41 17664 -c—a-w- c:\windows\system32\dllcache\ppa3.sys 2010-03-09 16:24 . 2001-08-17 20:53 17792 -c—a-w- c:\windows\system32\dllcache\ppa.sys 2010-03-09 16:24 . 2008-04-13 18:40 8832 -c—a-w- c:\windows\system32\dllcache\powerfil.sys 2010-03-09 16:24 . 2001-08-17 20:53 7168 -c—a-w- c:\windows\system32\dllcache\pnrmc.sys 2010-03-09 16:23 . 2001-10-04 16:07 121344 -c—a-w- c:\windows\system32\dllcache\phvfwext.dll 2010-03-09 16:23 . 2001-08-17 21:07 19840 -c—a-w- c:\windows\system32\dllcache\philtune.sys 2010-03-09 16:23 . 2001-08-17 21:04 92416 -c—a-w- c:\windows\system32\dllcache\phildec.sys 2010-03-09 16:23 . 2001-08-17 21:04 173696 -c—a-w- c:\windows\system32\dllcache\philcam2.sys 2010-03-09 16:22 . 2001-08-17 21:04 75776 -c—a-w- c:\windows\system32\dllcache\philcam1.sys 2010-03-09 16:22 . 2001-10-04 16:07 16384 -c—a-w- c:\windows\system32\dllcache\philcam1.dll 2010-03-09 16:22 . 2008-04-14 16:04 259328 -c—a-w- c:\windows\system32\dllcache\perm3dd.dll 2010-03-09 16:22 . 2008-04-13 18:44 28032 -c—a-w- c:\windows\system32\dllcache\perm3.sys 2010-03-09 16:22 . 2008-04-14 16:04 211584 -c—a-w- c:\windows\system32\dllcache\perm2dll.dll 2010-03-09 16:22 . 2008-04-13 18:44 27904 -c—a-w- c:\windows\system32\dllcache\perm2.sys 2010-03-09 16:21 . 2001-08-17 21:07 5504 -c—a-w- c:\windows\system32\dllcache\perc2hib.sys 2010-03-09 16:21 . 2001-08-17 21:07 27296 -c—a-w- c:\windows\system32\dllcache\perc2.sys 2010-03-09 16:21 . 2004-08-03 20:06 169984 -c—a-w- c:\windows\system32\dllcache\pcx500.sys 2010-03-09 16:21 . 2001-10-04 16:07 86016 -c—a-w- c:\windows\system32\dllcache\pctspk.exe 2010-03-09 16:21 . 2001-08-17 19:11 35328 -c—a-w- c:\windows\system32\dllcache\pcntpci5.sys 2010-03-09 16:20 . 2001-08-17 19:11 29769 -c—a-w- c:\windows\system32\dllcache\pcntn5m.sys 2010-03-09 16:20 . 2001-08-17 19:11 30282 -c—a-w- c:\windows\system32\dllcache\pcntn5hl.sys 2010-03-09 16:20 . 2001-08-17 19:12 26153 -c—a-w- c:\windows\system32\dllcache\pcmlm56.sys 2010-03-09 16:20 . 2004-08-03 20:31 29502 -c—a-w- c:\windows\system32\dllcache\pca200e.sys 2010-03-09 16:20 . 2001-08-17 19:12 30495 -c—a-w- c:\windows\system32\dllcache\pc100nds.sys 2010-03-09 16:19 . 2001-10-04 16:06 42496 -c—a-w- c:\windows\system32\dllcache\ovui2rc.dll 2010-03-09 16:19 . 2001-10-04 16:07 44544 -c—a-w- c:\windows\system32\dllcache\ovui2.dll 2010-03-09 16:19 . 2001-08-17 21:05 25216 -c—a-w- c:\windows\system32\dllcache\ovsound2.sys 2010-03-09 16:19 . 2001-10-04 16:07 39424 -c—a-w- c:\windows\system32\dllcache\ovcoms.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-10 17:23 . 2009-10-28 11:03 ———— d——-w- c:\documents and settings\Gunnar Nielsen\Application Data\Skype 2010-03-10 17:23 . 2009-11-04 11:11 ———— d——-w- c:\documents and settings\Gunnar Nielsen\Application Data\skypePM 2010-03-08 19:31 . 2009-10-29 14:38 ———— d——-w- c:\programmer\Mozilla Thunderbird 2010-03-07 15:52 . 2010-03-07 13:47 4708 ——a-w- c:\windows\system32\PerfStringBackup.TMP 2010-03-07 15:52 . 2004-08-27 12:00 79312 ——a-w- c:\windows\system32\perfc006.dat 2010-03-07 15:52 . 2004-08-27 12:00 451242 ——a-w- c:\windows\system32\perfh006.dat 2010-03-07 15:35 . 2009-10-28 11:03 ———— d——-w- c:\programmer\Google 2010-03-07 15:21 . 2009-10-25 15:13 ———— d——-w- c:\programmer\Tracker Software 2010-03-07 13:55 . 2009-10-24 21:03 47120 ——a-w- c:\documents and settings\Gunnar Nielsen\Lokale indstillinger\Application Data\GDIPFONTCACHEV1.DAT 2010-03-07 13:52 . 2010-03-04 17:02 ———— d——-w- c:\programmer\Malwarebytes’ Anti-Malware 2010-03-07 13:52 . 2010-03-07 13:52 ———— d——-r- c:\documents and settings\Gunnar Nielsen\Application Data\Brother 2010-03-07 13:51 . 2010-03-07 13:51 ———— d——-w- c:\programmer\Microsoft.NET 2010-03-04 17:03 . 2010-03-04 17:03 ———— d——-w- c:\documents and settings\Gunnar Nielsen\Application Data\Malwarebytes 2010-03-04 17:02 . 2010-03-04 17:02 ———— d——-w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-03-04 16:55 . 2009-10-25 17:07 1 ——a-w- c:\documents and settings\Gunnar Nielsen\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-03-03 09:09 . 2009-10-24 21:35 ———— d—h—w- c:\programmer\InstallShield Installation Information 2010-02-12 10:03 . 2010-03-05 16:17 293376 ———w- c:\windows\system32\browserchoice.exe 2010-01-07 15:07 . 2010-03-04 17:02 38224 ——a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2010-03-04 17:02 19160 ——a-w- c:\windows\system32\drivers\mbam.sys 2009-12-31 16:50 . 2004-08-27 12:00 353792 ——a-w- c:\windows\system32\drivers\srv.sys 2009-12-21 19:08 . 2004-08-27 12:00 916480 ——a-w- c:\windows\system32\wininet.dll 2009-12-21 19:08 . 2004-08-27 12:00 916480 ——a-w- c:\windows\system32\wininet(2)(2).dll 2009-12-21 19:08 . 2004-08-27 12:00 1208832 ——a-w- c:\windows\system32\urlmon(2)(2).dll 2009-12-21 19:07 . 2009-03-08 02:32 1985536 ——a-w- c:\windows\system32\iertutil(2)(2).dll 2009-12-21 19:07 . 2009-03-08 02:39 11070464 ——a-w- c:\windows\system32\ieframe(2)(2).dll 2009-12-17 07:41 . 2009-10-24 17:49 344576 ——a-w- c:\windows\system32\mspaint.exe 2009-12-14 07:09 . 2004-08-27 12:00 33280 ——a-w- c:\windows\system32\csrsrv.dll 2009-12-14 07:09 . 2004-08-27 12:00 33280 ——a-w- c:\windows\system32\csrsrv(2)(2).dll . ((((((((((((((((((((((((((((((((((( Start steder i reg.basen )))))))))))))))))))))))))))))))))))))))))))))))) . . Bemærk tomme linier & lovlige standard linier vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “swg”=“c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2009-10-28 39408] “Skype”=“c:\programmer\Skype\Phone\Skype.exe” [2009-10-09 25623336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “SunJavaUpdateSched”=“c:\programmer\Java\jre6\bin\jusched.exe” [2009-10-11 149280] “egui”=“c:\programmer\ESET\ESET Smart Security\egui.exe” [2009-09-11 2054360] “SoundMAXPnP”=“c:\programmer\Analog Devices\Core\smax4pnp.exe” [2009-10-25 925696] “StartCCC”=“c:\programmer\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” [2009-09-18 98304] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2008-04-14 15360] c:\documents and settings\Gunnar Nielsen\Menuen Start\Programmer\Start\ OpenOffice.org 3.1.lnk - c:\programmer\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] “EnableFirewall”= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] “%windir%\\system32\\sessmgr.exe”= “%windir%\\Network Diagnostic\\xpnetdiag.exe”= “c:\\Programmer\\Skype\\Plugin Manager\\skypePM.exe”= “c:\\Programmer\\Skype\\Phone\\Skype.exe”= R0 m5288;m5288;c:\windows\system32\drivers\m5288.sys [24-10-2009 22:35 209536] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [11-09-2009 07:23 108792] R2 ekrn;ESET Service;c:\programmer\ESET\ESET Smart Security\ekrn.exe [11-09-2009 07:24 735960] . Indhold af mappen ‘Planlagte Opgaver’ 2010-03-10 c:\windows\Tasks\User_Feed_Synchronization-{56262CCF-5C8D-423B-9A13-2D92CE21A2ED}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ———- Yderligere scanning———- . uStart Page = hxxp://www.google.dk/ IE: E&ksporter; til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki ... - c:\programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-10 18:22 Windows 5.1.2600 Service Pack 3 NTFS scanner skjulte processer ... scanner skjulte autostarter ... scanner skjulte filer ... scanning gennemført med succes skjulte filer: 0 ********************************************************************** . ——————————- DLLs startet under kørende Processer——————————- - - - - - - - > ‘winlogon.exe’(928) c:\windows\system32\Ati2evxx.dll - - - - - - - > ‘explorer.exe’(2764) c:\windows\system32\webcheck.dll . ————————————Andre kørende processer———————————— . c:\programmer\Java\jre6\bin\jqs.exe c:\programmer\OpenOffice.org 3\program\soffice.exe c:\programmer\OpenOffice.org 3\program\soffice.bin c:\windows\system32\wbem\wmiapsrv.exe c:\programmer\Skype\Plugin Manager\skypePM.exe c:\windows\system32\wscntfy.exe . ************************************************************************ . Gennemført tid: 2010-03-10 18:27:40 - maskinen blev genstartet ComboFix-quarantined-files.txt 2010-03-10 17:27 Pre-Kørsel: 68.771.434.496 byte ledig Post-Kørsel: 68.964.319.232 byte ledig WindowsXP-KB310994-SP2-Home-BootDisk-DAN.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT=“Microsoft Windows Recovery Console” /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=“Microsoft Windows XP Home Edition” /noexecute=optin /fastdetect - - End Of File - - 5664F1431B0ABD35BFE15BE7CDAD8657
[ Ignorer ] [ # 9 ] Fromsej TeamSpywarefri
11.03.2010 10:00:42 Administrator Team Spywarefri Antal indlæg: 54701	Der er ikke noget at sætte en finger på. Umiddelbart ville jeg køre en Repair: http://www.fromsej.dk/Vejledninger/html/repairvej.htm Lav backup af dine vigtige ting først, det kan gå galt. Signatur Member of “Alliance of Security Analysis Professionals” - Alle angaben wie immer “nur mit pistole” Græd du også over eventyret om smedens kat, da du var lille? http://www.spywarefri.dk/medarbejderne/ Nierne bomaye - You’ll never walk alone qui potest, obligatur