Søg
Avatar billede lasse4160 Nybegynder
07. september 2008 - 13:00 Der er 5 kommentarer og
1 løsning

Snavs i mine logs?

Jeg har et problem med min pc (selv efter jeg har skiftet en del hardware) Nogle gange (1-4 gange om måneden) opfører pc'en sig mærkeligt. Det hele hakker i 1 sek og bagefter kører det fint i et 1 sek. Og sådan kører det hele tiden. CPU forbruget ligger mellem 10-25% inde i jobliste, men der er ingen af de programmer som er vist der, der bruger så mange %. Hvad kan der være galt? :S Det driver mig til vanvid, da jeg også havde det dengang inden jeg begyndte at skifte hardware.

Jeg har her nogle logs fra nogle programmer. Håber i kan hjælpe. Efter jeg genstartede i normal tilstand (superaintispyware) fik jeg ikke gemt loggen. Men programmet fandt ingenting alligevel.

Hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 12:17:17, on 07-09-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programmer\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Programmer\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Programmer\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Lasse Hansen\Lokale indstillinger\Temporary Internet Files\Content.IE5\GXU7ODUB\alternativ[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sol.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O4 - HKLM\..\Run: [VolPanel] "C:\Programmer\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [StartCCC] "C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmer\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220039988984
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programmer\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Programmer\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Programmer\Fælles filer\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Programmer\Creative\Shared Files\CTAudSvc.exe













----ComboFix 08-09-05.02 - Lasse Hansen 2008-09-07 12:54:28.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1252.45.1030.18.2926 [GMT 2:00]
Running from: C:\Documents and Settings\Lasse Hansen\Skrivebord\ComboFix\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((  Files Created from 2008-08-07 to 2008-09-07  )))))))))))))))))))))))))))))))
.

2008-09-07 12:27 . 2008-09-07 12:27    <DIR>    d--------    C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-09-07 12:23 . 2008-09-07 12:23    <DIR>    d--------    C:\Programmer\SUPERAntiSpyware
2008-09-07 12:23 . 2008-09-07 12:23    <DIR>    d--------    C:\Documents and Settings\Lasse Hansen\Application Data\SUPERAntiSpyware.com
2008-09-07 12:23 . 2008-09-07 12:23    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-09-02 21:58 . 2008-09-02 21:58    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\e-Safekey
2008-09-02 21:14 . 2008-08-29 14:51    <DIR>    d--------    C:\Documents and Settings\Administrator\Skrivebord
2008-09-02 21:14 . 2008-08-29 12:56    <DIR>    d--h-----    C:\Documents and Settings\Administrator\Skabeloner
2008-09-02 21:14 . 2008-08-29 14:51    <DIR>    d--h-----    C:\Documents and Settings\Administrator\Printere
2008-09-02 21:14 . 2008-08-29 14:51    <DIR>    dr-------    C:\Documents and Settings\Administrator\Menuen Start
2008-09-02 21:14 . 2008-09-07 12:55    <DIR>    d--h-----    C:\Documents and Settings\Administrator\Lokale indstillinger
2008-09-02 21:14 . 2008-09-07 12:28    <DIR>    d--------    C:\Documents and Settings\Administrator\Foretrukne
2008-09-02 21:14 . 2008-09-02 21:14    <DIR>    d--------    C:\Documents and Settings\Administrator\Dokumenter
2008-09-02 21:14 . 2008-08-29 14:51    <DIR>    d--h-----    C:\Documents and Settings\Administrator\Andre computere
2008-09-02 21:14 . 2008-09-02 21:14    <DIR>    d--------    C:\Documents and Settings\Administrator
2008-09-02 17:13 . 2008-09-02 17:13    53    --a------    C:\WINDOWS\cdplayer.ini
2008-08-31 22:54 . 2008-09-06 21:56    <DIR>    d--------    C:\Documents and Settings\Lasse Hansen\Application Data\Bioshock
2008-08-31 22:53 . 2008-08-31 22:53    <DIR>    dr-h-----    C:\Documents and Settings\Lasse Hansen\Application Data\SecuROM
2008-08-31 20:08 . 2008-09-07 12:07    21,840    --a----t-    C:\WINDOWS\system32\SIntfNT.dll
2008-08-31 20:08 . 2008-09-07 12:07    17,212    --a----t-    C:\WINDOWS\system32\SIntf32.dll
2008-08-31 20:08 . 2008-09-07 12:07    12,067    --a----t-    C:\WINDOWS\system32\SIntf16.dll
2008-08-31 18:53 . 2008-08-31 18:53    108,144    --a------    C:\WINDOWS\system32\CmdLineExt.dll
2008-08-31 18:46 . 2008-08-31 18:46    <DIR>    d--------    C:\Documents and Settings\Lasse Hansen\Application Data\InstallShield Installation Information
2008-08-31 18:45 . 2008-08-31 18:45    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\Ubisoft
2008-08-31 11:01 . 2008-08-31 11:01    1,080    --a------    C:\WINDOWS\system32\settingsbkup.sfm
2008-08-31 11:01 . 2008-08-31 11:01    1,080    --a------    C:\WINDOWS\system32\settings.sfm
2008-08-30 00:29 . 2008-08-30 00:29    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\CyberLink
2008-08-30 00:28 . 2008-08-30 00:29    <DIR>    d--------    C:\Programmer\CyberLink
2008-08-30 00:26 . 2004-08-03 23:01    25,856    --a------    C:\WINDOWS\system32\drivers\usbprint.sys
2008-08-30 00:26 . 2004-08-03 23:01    25,856    --a--c---    C:\WINDOWS\system32\dllcache\usbprint.sys
2008-08-30 00:25 . 2008-08-30 00:25    <DIR>    d--h-----    C:\WINDOWS\system32\CanonIJ Uninstaller Information
2008-08-30 00:25 . 2008-08-30 00:25    <DIR>    d--h-----    C:\Programmer\CanonBJ
2008-08-30 00:25 . 2008-08-30 00:26    <DIR>    d--------    C:\Programmer\Canon
2008-08-30 00:25 . 2008-08-30 00:25    <DIR>    d--h-----    C:\Documents and Settings\All Users\Application Data\CanonBJ
2008-08-30 00:25 . 2006-11-06 07:00    198,656    --a------    C:\WINDOWS\system32\CNMLM8O.DLL
2008-08-29 23:52 . 2008-08-29 23:52    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\ATI
2008-08-29 23:48 . 2008-08-29 23:48    <DIR>    d--------    C:\ATI
2008-08-29 23:48 . 2008-07-31 21:05    593,920    ---------    C:\WINDOWS\system32\ati2sgag.exe
2008-08-29 23:45 . 2008-08-29 23:45    10    --a------    C:\WINDOWS\WININIT.INI
2008-08-29 22:57 . 2008-08-29 22:57    <DIR>    d--------    C:\Programmer\Fælles filer\xing shared
2008-08-29 22:57 . 2008-08-29 22:57    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-29 22:56 . 2008-08-29 22:56    <DIR>    d--------    C:\Program Files
2008-08-29 22:56 . 2008-08-29 22:56    499,712    --a------    C:\WINDOWS\system32\msvcp71.dll
2008-08-29 22:56 . 2008-08-29 22:56    348,160    --a------    C:\WINDOWS\system32\msvcr71.dll
2008-08-29 22:55 . 2008-08-29 22:55    <DIR>    d--------    C:\Programmer\Real
2008-08-29 22:55 . 2008-08-29 22:57    <DIR>    d--------    C:\Programmer\Fælles filer\Real
2008-08-29 22:54 . 2008-08-29 22:54    <DIR>    d--------    C:\WINDOWS\system32\Futuremark
2008-08-29 22:54 . 2007-08-20 10:05    27,672    -ra------    C:\WINDOWS\system32\drivers\Entech.sys
2008-08-29 22:54 . 1999-11-02 10:01    6,173    --a------    C:\WINDOWS\system32\drivers\Entech.vxd
2008-08-29 22:54 . 2004-06-22 15:44    5,632    --a------    C:\WINDOWS\system32\drivers\Entech64.sys
2008-08-29 22:54 . 2001-11-19 19:05    3,972    --a------    C:\WINDOWS\system32\drivers\PciBus.sys
2008-08-29 22:53 . 2008-08-29 22:54    <DIR>    d--------    C:\Programmer\Futuremark
2008-08-29 22:50 . 2008-08-29 22:50    <DIR>    d--------    C:\Programmer\Lavasoft
2008-08-29 22:50 . 2008-08-29 22:50    <DIR>    d--------    C:\Programmer\Lavalys
2008-08-29 22:50 . 2008-08-29 22:50    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-29 22:49 . 2008-09-07 12:23    <DIR>    d--------    C:\Programmer\Fælles filer\Wise Installation Wizard
2008-08-29 22:46 . 2008-08-29 22:46    <DIR>    d--------    C:\Programmer\Kaspersky Lab
2008-08-29 22:46 . 2008-08-29 22:46    <DIR>    d--------    C:\Programmer\CCleaner
2008-08-29 22:46 . 2008-09-07 12:14    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-08-29 22:46 . 2008-09-07 12:55    2,874,400    --ahs----    C:\WINDOWS\system32\drivers\fidbox.dat
2008-08-29 22:46 . 2008-08-29 23:19    96,976    --a------    C:\WINDOWS\system32\drivers\klin.dat
2008-08-29 22:46 . 2008-08-29 23:19    87,855    --a------    C:\WINDOWS\system32\drivers\klick.dat
2008-08-29 22:46 . 2008-09-07 12:55    81,696    --ahs----    C:\WINDOWS\system32\drivers\fidbox2.dat
2008-08-29 22:46 . 2008-09-07 12:25    42,224    --ahs----    C:\WINDOWS\system32\drivers\fidbox.idx
2008-08-29 22:46 . 2008-09-07 12:25    11,624    --ahs----    C:\WINDOWS\system32\drivers\fidbox2.idx
2008-08-29 22:45 . 2008-08-29 22:58    <DIR>    d--------    C:\Programmer\Spybot - Search & Destroy
2008-08-29 22:45 . 2008-08-29 22:45    <DIR>    d--------    C:\Programmer\RegCleaner
2008-08-29 22:45 . 2008-08-29 23:47    <DIR>    d--------    C:\Programmer\Driver Cleaner Pro
2008-08-29 22:45 . 2008-08-29 23:27    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-29 22:44 . 2008-08-29 22:57    <DIR>    d--------    C:\Programmer\SpywareBlaster
2008-08-29 22:44 . 2008-08-29 22:44    <DIR>    d--------    C:\Programmer\DivX
2008-08-29 22:44 . 2005-04-15 20:58    1,071,088    --a------    C:\WINDOWS\system32\MSCOMCTL.OCX
2008-08-29 22:44 . 2005-08-25 19:18    118,784    --a------    C:\WINDOWS\system32\MSSTDFMT.DLL
2008-08-29 22:35 . 2008-06-14 20:00    272,256    ---------    C:\WINDOWS\system32\drivers\bthport.sys
2008-08-29 22:35 . 2008-06-14 20:00    272,256    -----c---    C:\WINDOWS\system32\dllcache\bthport.sys
2008-08-29 22:25 . 2008-09-07 12:25    54,760    --a------    C:\WINDOWS\system32\BMXState-{00000006-00000000-00000001-00001102-00000005-00311102}.rfx
2008-08-29 22:25 . 2008-09-07 12:25    788    --a------    C:\WINDOWS\system32\DVCState-{00000006-00000000-00000001-00001102-00000005-00311102}.rfx
2008-08-29 22:24 . 2008-08-29 22:24    <DIR>    d--------    C:\Programmer\Fælles filer\Creative Labs Shared
2008-08-29 22:24 . 2007-02-26 15:24    94,208    --a------    C:\WINDOWS\system32\cttele32.dll
2008-08-29 22:22 . 2008-07-15 01:08    24,089,151    --a------    C:\WINDOWS\system32\AppSetup.exe
2008-08-29 22:19 . 2008-09-07 12:25    54,760    --a------    C:\WINDOWS\system32\BMXStateBkp-{00000006-00000000-00000001-00001102-00000005-00311102}.rfx
2008-08-29 22:18 . 2008-08-29 22:18    <DIR>    d--------    C:\Programmer\Fælles filer\Creative
2008-08-29 22:18 . 2008-08-29 22:18    <DIR>    d--h-----    C:\Programmer\Creative Installation Information
2008-08-29 22:18 . 2000-05-22 10:58    647,872    ---------    C:\WINDOWS\system32\Mscomct2.ocx
2008-08-29 22:18 . 1999-12-12 19:01    44,032    ---------    C:\WINDOWS\system32\CTSVCCDA.EXE
2008-08-29 22:18 . 1999-10-10 19:00    41,984    ---------    C:\WINDOWS\Ctregrun.exe
2008-08-29 22:18 . 1999-11-17 19:00    25,088    ---------    C:\WINDOWS\system32\CTSVCCTL.EXE
2008-08-29 22:18 . 2003-06-12 23:25    7,062    --a------    C:\WINDOWS\system32\audiopid.vxd
2008-08-29 22:17 . 2000-05-11 01:00    90,112    ---------    C:\WINDOWS\Updreg.EXE
2008-08-29 22:17 . 2006-06-14 11:00    82,944    --a------    C:\WINDOWS\system32\drivers\wdmaud.sys
2008-08-29 22:17 . 2006-06-14 11:00    82,944    --a--c---    C:\WINDOWS\system32\dllcache\wdmaud.sys
2008-08-29 22:17 . 2001-08-17 22:00    54,272    --a------    C:\WINDOWS\system32\drivers\swmidi.sys
2008-08-29 22:17 . 2001-08-17 22:00    54,272    --a--c---    C:\WINDOWS\system32\dllcache\swmidi.sys
2008-08-29 22:17 . 2004-08-03 23:07    52,864    --a------    C:\WINDOWS\system32\drivers\DMusic.sys
2008-08-29 22:17 . 2004-08-03 23:07    52,864    --a--c---    C:\WINDOWS\system32\dllcache\dmusic.sys
2008-08-29 22:17 . 2006-06-14 10:47    6,400    --a------    C:\WINDOWS\system32\drivers\splitter.sys
2008-08-29 22:17 . 2006-06-14 10:47    6,400    --a--c---    C:\WINDOWS\system32\dllcache\splitter.sys
2008-08-29 22:16 . 2008-08-29 22:16    <DIR>    d--------    C:\Documents and Settings\Lasse Hansen\Application Data\Creative
2008-08-29 22:15 . 2008-08-29 22:24    <DIR>    d--------    C:\WINDOWS\system32\Data
2008-08-29 22:15 . 2008-08-29 22:24    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\Creative
2008-08-29 22:15 . 2006-05-24 06:20    10,240    --a------    C:\WINDOWS\CTDCRES.DLL
2008-08-29 22:14 . 2008-08-29 22:18    <DIR>    d--------    C:\Programmer\Creative
2008-08-29 22:09 . 2008-08-29 22:10    <DIR>    d--h-----    C:\WINDOWS\msdownld.tmp
2008-08-29 22:09 . 2008-08-29 22:09    <DIR>    d--------    C:\WINDOWS\Logs
2008-08-29 22:08 . 2008-08-29 23:52    <DIR>    d--------    C:\Documents and Settings\Lasse Hansen\Application Data\ATI
2008-08-29 22:07 . 2008-08-29 22:07    0    --a------    C:\WINDOWS\ativpsrm.bin
2008-08-29 22:06 . 2008-08-29 22:06    <DIR>    d--------    C:\Programmer\Fælles filer\InstallShield
2008-08-29 22:06 . 2008-08-29 23:51    <DIR>    d--------    C:\Programmer\ATI Technologies
2008-08-29 22:01 . 2008-08-29 22:41    <DIR>    d--h-----    C:\WINDOWS\$hf_mig$
2008-08-29 22:01 . 2005-06-28 10:21    22,752    --a------    C:\WINDOWS\system32\spupdsvc.exe
2008-08-29 22:00 . 2007-07-30 19:19    43,352    --a------    C:\WINDOWS\system32\wups2.dll
2008-08-29 22:00 . 2007-07-30 19:18    34,136    --a------    C:\WINDOWS\system32\wucltui.dll.mui
2008-08-29 22:00 . 2007-07-30 19:19    25,944    --a------    C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-08-29 22:00 . 2007-07-30 19:19    25,944    --a------    C:\WINDOWS\system32\wuapi.dll.mui
2008-08-29 22:00 . 2007-07-30 19:18    20,824    --a------    C:\WINDOWS\system32\wuaueng.dll.mui
2008-08-29 21:59 . 2008-08-29 21:59    <DIR>    d---s----    C:\Documents and Settings\Lasse Hansen\UserData
2008-08-29 21:59 . 2008-08-29 21:59    13,646    --a------    C:\WINDOWS\system32\wpa.bak
2008-08-29 21:56 . 2008-08-29 21:56    <DIR>    d--------    C:\WINDOWS\OPTIONS
2008-08-29 21:56 . 2008-08-29 21:56    <DIR>    d--------    C:\Programmer\Realtek
2008-08-29 21:56 . 2008-08-31 20:14    <DIR>    d--h-----    C:\Programmer\InstallShield Installation Information
2008-08-29 21:56 . 2008-08-29 21:56    <DIR>    d--------    C:\Documents and Settings\Lasse Hansen\Application Data\InstallShield
2008-08-29 21:56 . 2007-08-07 11:40    98,944    -ra------    C:\WINDOWS\system32\drivers\Rtenicxp.sys
2008-08-29 21:55 . 2008-08-29 21:55    15,600    --a------    C:\WINDOWS\gdrv.sys
2008-08-29 21:53 . 2008-08-29 21:53    <DIR>    d----c---    C:\WINDOWS\system32\DRVSTORE
2008-08-29 21:53 . 2008-08-29 21:53    <DIR>    d--------    C:\Programmer\Intel
2008-08-29 21:53 . 2008-08-29 21:53    <DIR>    d--------    C:\Intel

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-29 21:19    112,144    ----a-w    C:\WINDOWS\system32\drivers\kl1.sys
2008-08-29 20:24    413,696    ----a-w    C:\WINDOWS\system32\wrap_oal.dll
2008-08-29 20:24    110,592    ----a-w    C:\WINDOWS\system32\OpenAL32.dll
2008-08-29 10:59    ---------    d-----w    C:\Programmer\microsoft frontpage
2008-08-29 10:58    ---------    d-----w    C:\Programmer\Onlinetjenester
2008-08-29 10:58    ---------    d-----w    C:\Programmer\Fælles filer\Tjenester
2008-08-01 06:38    3,266,560    ----a-w    C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-08-01 05:40    9,928,704    ----a-w    C:\WINDOWS\system32\atioglxx.dll
2008-08-01 04:58    253,952    ----a-w    C:\WINDOWS\system32\atiok3x2.dll
2008-08-01 04:33    425,984    ----a-w    C:\WINDOWS\system32\ATIDEMGX.dll
2008-08-01 04:32    311,296    ----a-w    C:\WINDOWS\system32\ati2dvag.dll
2008-08-01 04:23    184,320    ----a-w    C:\WINDOWS\system32\atipdlxx.dll
2008-08-01 04:23    143,360    ----a-w    C:\WINDOWS\system32\Oemdspif.dll
2008-08-01 04:22    43,520    ----a-w    C:\WINDOWS\system32\ati2edxx.dll
2008-08-01 04:22    26,112    ----a-w    C:\WINDOWS\system32\Ati2mdxx.exe
2008-08-01 04:22    143,360    ----a-w    C:\WINDOWS\system32\ati2evxx.dll
2008-08-01 04:21    573,440    ----a-w    C:\WINDOWS\system32\ati2evxx.exe
2008-08-01 04:19    53,248    ----a-w    C:\WINDOWS\system32\ATIDDC.DLL
2008-08-01 04:10    3,917,568    ----a-w    C:\WINDOWS\system32\ati3duag.dll
2008-08-01 03:59    2,183,552    ----a-w    C:\WINDOWS\system32\ativvaxx.dll
2008-08-01 03:46    48,640    ----a-w    C:\WINDOWS\system32\amdpcom32.dll
2008-08-01 03:42    376,832    ----a-w    C:\WINDOWS\system32\atikvmag.dll
2008-08-01 03:40    35,328    ----a-w    C:\WINDOWS\system32\atiadlxx.dll
2008-08-01 03:40    17,408    ----a-w    C:\WINDOWS\system32\atitvo32.dll
2008-08-01 03:39    53,248    ----a-w    C:\WINDOWS\system32\drivers\ati2erec.dll
2008-08-01 03:39    307,200    ----a-w    C:\WINDOWS\system32\atiiiexx.dll
2008-08-01 03:34    561,152    ----a-w    C:\WINDOWS\system32\ati2cqag.dll
2008-07-31 08:41    68,616    ----a-w    C:\WINDOWS\system32\XAPOFX1_1.dll
2008-07-31 08:41    238,088    ----a-w    C:\WINDOWS\system32\xactengine3_2.dll
2008-07-31 08:40    509,448    ----a-w    C:\WINDOWS\system32\XAudio2_2.dll
2008-07-15 16:13    15,896    ----a-w    C:\WINDOWS\system32\drivers\pfmodnt.sys
2008-07-15 16:12    1,173,016    ----a-w    C:\WINDOWS\system32\drivers\ha20x2k.sys
2008-07-15 16:11    92,696    ----a-w    C:\WINDOWS\system32\drivers\emupia2k.sys
2008-07-15 16:10    157,208    ----a-w    C:\WINDOWS\system32\drivers\ctsfm2k.sys
2008-07-15 16:09    14,360    ----a-w    C:\WINDOWS\system32\drivers\ctprxy2k.sys
2008-07-15 16:08    347,080    ----a-w    C:\WINDOWS\system32\drivers\ctdvda2k.sys
2008-07-15 16:08    127,000    ----a-w    C:\WINDOWS\system32\drivers\ctoss2k.sys
2008-07-15 16:07    527,384    ----a-w    C:\WINDOWS\system32\drivers\ctaud2k.sys
2008-07-15 16:06    511,000    ----a-w    C:\WINDOWS\system32\drivers\ctac32k.sys
2008-07-15 15:23    72,728    ----a-w    C:\WINDOWS\system32\CTHWIUT.DLL
2008-07-15 15:23    170,520    ----a-w    C:\WINDOWS\system32\CT20XUT.DLL
2008-07-15 15:22    1,323,544    ----a-w    C:\WINDOWS\system32\CTEXFIFX.DLL
2008-07-12 06:18    467,984    ----a-w    C:\WINDOWS\system32\d3dx10_39.dll
2008-07-12 06:18    3,851,784    ----a-w    C:\WINDOWS\system32\D3DX9_39.dll
2008-07-12 06:18    1,493,528    ----a-w    C:\WINDOWS\system32\D3DCompiler_39.dll
2008-07-11 13:53    86,016    ----a-w    C:\WINDOWS\system32\ctcoinst.dll
2008-07-11 13:53    181,248    ----a-w    C:\WINDOWS\system32\ctdvinst.dll
2008-07-11 13:53    11,776    ----a-w    C:\WINDOWS\INRES.DLL
2008-07-11 13:51    34,816    ----a-w    C:\WINDOWS\system32\a3d.dll
2008-07-11 13:51    27,648    ----a-w    C:\WINDOWS\system32\ac3api.dll
2008-07-11 13:50    45,056    ----a-w    C:\WINDOWS\system32\CTxfiSpk.dll
2008-07-11 13:50    35,840    ----a-w    C:\WINDOWS\system32\CTxfiBtn.dll
2008-07-11 13:50    3,072    ----a-w    C:\WINDOWS\system32\CtxfiRes.dll
2008-07-11 13:50    3,072    ----a-w    C:\WINDOWS\CTXFIRES.DLL
2008-07-11 13:50    19,968    ----a-w    C:\WINDOWS\system32\Ctxfihlp.exe
2008-07-11 13:46    969,216    ----a-w    C:\WINDOWS\system32\CTxfispi.exe
2008-07-11 13:46    43,520    ----a-w    C:\WINDOWS\system32\Ctxfireg.exe
2008-07-11 13:46    10,752    ----a-w    C:\WINDOWS\system32\Ct20xspi.dll
2008-07-11 13:40    110,080    ----a-w    C:\WINDOWS\system32\ctemupia.dll
2008-07-11 13:39    69,120    ----a-w    C:\WINDOWS\system32\ctosuser.dll
2008-07-11 13:39    64,512    ----a-w    C:\WINDOWS\system32\piaproxy.dll
2008-07-11 13:39    6,144    ----a-w    C:\WINDOWS\system32\sfman32.dll
2008-07-11 13:39    49,152    ----a-w    C:\WINDOWS\system32\ctdproxy.dll
2008-07-11 13:39    46,592    ----a-w    C:\WINDOWS\system32\ctasio.dll
2008-07-11 13:39    174,592    ----a-w    C:\WINDOWS\system32\ct_oal.dll
2008-07-11 13:39    13,312    ----a-w    C:\WINDOWS\system32\regplib.exe
2008-07-11 13:39    104,448    ----a-w    C:\WINDOWS\system32\sfms32.dll
2008-07-11 13:37    5,120    ----a-w    C:\WINDOWS\system32\enlocstr.exe
2008-07-11 13:37    10,240    ----a-w    C:\WINDOWS\system32\killapps.exe
2008-07-11 13:36    32,768    ----a-w    C:\WINDOWS\system32\devreg.dll
2008-07-07 20:32    253,952    ----a-w    C:\WINDOWS\system32\es.dll
2008-06-24 16:24    74,240    ----a-w    C:\WINDOWS\system32\mscms.dll
2008-06-23 15:41    660,992    ----a-w    C:\WINDOWS\system32\wininet.dll
2008-06-20 17:42    246,784    ----a-w    C:\WINDOWS\system32\mswsock.dll
.

(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"="C:\Programmer\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2006-07-13 122880]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 90112]
"TkBellExe"="C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" [2008-08-29 185896]
"StartCCC"="C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-07-16 61440]
"CTHelper"="CTHELPER.EXE" [2006-05-24 C:\WINDOWS\CTHELPER.EXE]
"CTxfiHlp"="CTXFIHLP.EXE" [2008-07-11 C:\WINDOWS\system32\Ctxfihlp.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-27 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Programmer\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 12:41 294912 C:\Programmer\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"E:\\Assassin's creed\\AssassinsCreed_Dx9.exe"=
"E:\\Assassin's creed\\AssassinsCreed_Dx10.exe"=
"E:\\Assassin's creed\\AssassinsCreed_Launcher.exe"=
"E:\\Company of heros\\RelicCOH.exe"=

R2 CTAudSvcService;Creative Audio Service;C:\Programmer\Creative\Shared Files\CTAudSvc.exe [2008-04-30 417792]
R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2008-07-15 1173016]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Programmer\Fælles filer\Creative Labs Shared\Service\CTAELicensing.exe [2008-08-29 79360]

*Newly Created Service* - PROCEXP90
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.sol.dk/

O16 -: {D8575CE3-3432-4540-88A9-85A1325D3375} - hxxps://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
C:\WINDOWS\Downloaded Program Files\e-Safekey.inf
C:\WINDOWS\Downloaded Program Files\e-Safekey.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 12:55:04
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  CTxfiHlp = CTXFIHLP.EXE?

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-09-07 12:55:22
ComboFix-quarantined-files.txt  2008-09-07 10:55:20

Pre-Run: 408,211,492,864 byte ledig
Post-Run: 408,206,618,624 byte ledig

270
Avatar billede levich Nybegynder
07. september 2008 - 13:02 #1
Download "Malwarebytes' Anti-Malware" her: http://www.malwarebytes.org/mbam.php
Installer programmet, start det, lav "fuld systemscanning" under fanebladet "skanner".
Bagefter klik på "vis resultater", tryk på "Fjern det valgte" og send loggen herind sammen med en ny log fra hijackthis.

Men hent den nyeste version af hijackthis herfra: http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis.
Avatar billede lasse4160 Nybegynder
07. september 2008 - 15:23 #2
Okay. Her er hijackthis log med nyeste version:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:18:51, on 07-09-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Lasse Hansen\Lokale indstillinger\Temporary Internet Files\Content.IE5\7NOSEX7N\HiJackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sol.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O4 - HKLM\..\Run: [VolPanel] "C:\Programmer\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [StartCCC] "C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmer\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220039988984
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programmer\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Programmer\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Programmer\Fælles filer\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Programmer\Creative\Shared Files\CTAudSvc.exe

--
End of file - 4177 bytes


Og her er med Malwarebytes' Anti-Malware:
Malwarebytes' Anti-Malware 1.26
Database version: 1122
Windows 5.1.2600 Service Pack 2

07-09-2008 15:23:19
mbam-log-2008-09-07 (15-23-19).txt

Skan type: Fuldstændig skanning (C:\|D:\|)
Objekter skannet: 62735
Tid tilbagelagt: 5 minute(s), 43 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 0
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)
Avatar billede levich Nybegynder
07. september 2008 - 15:34 #3
Det ser rigtig godt ud.
Avatar billede lasse4160 Nybegynder
07. september 2008 - 15:48 #4
okay...så opstår problemet altså et andet sted?
Avatar billede levich Nybegynder
07. september 2008 - 16:08 #5
Måske er det en eller anden opdatering som kører i baggrunden.
Avatar billede lasse4160 Nybegynder
21. november 2008 - 22:08 #6
gammel glemt tråd. Trækker lige point tilbage.
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
27/1222:02 Låse brugt iPad op Af drstein i iOS, iPhone & iPad
27/1219:21 Hvor finder jeg en oversigt over mine spørgsmål Af KurtG i Hjælp og fejl
27/1211:31 TP-Link Wifi extender opsat som accesspoint giver 50% up- og download, Af Uvanga i Wifi
26/1213:05 Hvorfor bliver tiff-filer større ved konvertering til samme format Af KurtG i Billedbehandling
23/1221:36 Gøre Ikonerne lidt større i proceslinjen (Windows 10) Af Ikke-ekspert i Windows
White papers
Flere white papers »