Mulig virus - HijackThis log

Af Semi Supporter kastermester | 25-02-2011 17:11 | 1304 visninger | 6 svar, hop til seneste

Hej HOL Min mors computer har i det seneste stykke tid haft et problem der er... midelst talt irriterende. Computeren bliver ved med at insistere på at harddisken er fuld - jeg er i fuld færd i at undersøge om det rent faktisk blot kan være at hun har fyldt harddisken op, men det ville virke mærkeligt for mig om min mor har formået et fylde 100GB data ud. Jeg har kørt HijackThis men nu er jeg ikke nogen ekspert, så jeg håber lidt at der er en af jer derude der kan spotte hvad der evt. kan være galt. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:56:40, on 25-02-2011 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.17037) Boot mode: Normal Running processes: C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe C:\\Users\\Ane Hoff\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe- C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqtra08.exe C:\\Users\\Ane Hoff\\AppData\\Local\\Google\\Update\\1.2.183.39\\Goog- leCrashHandler.exe C:\\Program Files\\Alwil Software\\Avast4\\ashDisp.exe C:\\Program Files (x86)\\Brother\\Brmfcmon\\BrMfcWnd.exe C:\\Program Files (x86)\\Brother\\ControlCenter3\\brccMCtl.exe C:\\Prog- ram Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe C:\\Program Files (x86)\\HP\\HP Software Update\\hpwuschd2.exe C:\\Program Files (x86)\\Brother\\Brmfcmon\\BrMfimon.exe C:\\Program Files (x86)\\Windows Live\\Contacts\\wlcomm.exe C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqSTE08.exe C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqbam08.exe C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqgpc01.exe C:\\Program Files (x86)\\Internet Explorer\\ieuser.exe C:\\Users\\Ane Hoff\\AppData\\Local\\Google\\Chrome\\Application\\chr- ome.exe C:\\Users\\Ane Hoff\\AppData\\Local\\Google\\Chrome\\Application\\chr- ome.exe C:\\Users\\Ane Hoff\\Downloads\\HijackThis.exe R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com[...] R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://search.imgag.com[...] R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com[...] R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com[...] R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com[...] R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://go.microsoft.com[...] R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant = R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch = R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\\Program Files (x86)\\HP\\Digital Imaging\\Smart Web Printing\\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\\Program Files (x86)\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\\Program Files (x86)\\Microsoft\\Search Enhancement Pack\\Search Helper\\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\\Program Files (x86)\\Microsoft Office\\Office12\\GrooveShellExtensions.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre6\\bin\\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\\Program Files (x86)\\Windows Live\\Toolbar\\wltcore.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\\Program Files (x86)\\HP\\Digital Imaging\\Smart Web Printing\\hpswp_BHO.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\\Program Files (x86)\\Windows Live\\Toolbar\\wltcore.dll O4 - HKLM\\..\\Run: [QLButton] "C:\\Program Files (x86)\\Quick Launch Button\\QLButton.exe" O4 - HKLM\\..\\Run: [GrooveMonitor] "C:\\Program Files (x86)\\Microsoft Office\\Office12\\GrooveMonitor.exe" O4 - HKLM\\..\\Run: [avast!] C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe O4 - HKLM\\..\\Run: [BrMfcWnd] "C:\\Program Files (x86)\\Brother\\Brmfcmon\\BrMfcWnd.exe" /AUTORUN O4 - HKLM\\..\\Run: [ControlCenter3] "C:\\Program Files (x86)\\Brother\\ControlCenter3\\brctrcen.exe" /autorun O4 - HKLM\\..\\Run: [Adobe Reader Speed Launcher] "C:\\Program Files (x86)\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe" O4 - HKLM\\..\\Run: [Adobe ARM] "C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe" O4 - HKLM\\..\\Run: [SunJavaUpdateSched] "C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe" O4 - HKLM\\..\\Run: [HP Software Update] C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe O4 - HKCU\\..\\Run: [Sidebar] C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun O4 - HKCU\\..\\Run: [MsnMsgr] "C:\\Program Files (x86)\\Windows Live\\Messenger\\MsnMsgr.Exe" /background O4 - HKCU\\..\\Run: [Google Update] "C:\\Users\\Ane Hoff\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe- " /c O4 - HKCU\\..\\Run: [WMPNSCFG] C:\\Program Files (x86)\\Windows Media Player\\WMPNSCFG.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqtra08.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\\PROGRA~2\\MICROS~1\\Office12\\EXCEL.EXE/3000- O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files (x86)\\Windows Live\\Writer\\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files (x86)\\Windows Live\\Writer\\WriterBrowserExtension.dll O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~2\\MICROS~1\\Office12\\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~2\\MICROS~1\\Office12\\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~2\\MICROS~1\\Office12\\REFIEBAR.DLL O9 - Extra button: Vis eller skjul HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\\Program Files (x86)\\HP\\Digital Imaging\\Smart Web Printing\\hpswp_BHO.dll O15 - Trusted Zone: *.danskebank.dk O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com[...] O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com[...] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com[...] O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk[...] O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\\Program Files (x86)\\Microsoft Office\\Office12\\GrooveSystemServices.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\\Windows\\system32\\browseui.dll O23 - Service: @%SystemRoot%\\system32\\Alg.exe,-112 (ALG) - Unknown owner - C:\\Windows\\System32\\alg.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashWebSv.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\\Windows\\SysWOW64\\brsvc01a.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\\Windows\\system32\\DFSR.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\\Program Files\\Intel\\Wireless\\Bin\\EvtEng.exe O23 - Service: @%systemroot%\\system32\\fxsresm.dll,-118 (Fax) - Unknown owner - C:\\Windows\\system32\\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\\Windows\\System32\\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\\System32\\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing) O23 - Service: @%systemroot%\\system32\\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\\Program Files\\Intel\\Wireless\\Bin\\RegSrvc.exe O23 - Service: @%systemroot%\\system32\\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\\Windows\\system32\\locator.exe (file missing) O23 - Service: @%SystemRoot%\\system32\\samsrv.dll,-1 (SamSs) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing) O23 - Service: @%SystemRoot%\\system32\\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\\Windows\\system32\\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\\system32\\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\\Windows\\System32\\snmptrap.exe (file missing) O23 - Service: @%systemroot%\\system32\\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\\Windows\\System32\\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\\system32\\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\\Windows\\system32\\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\\system32\\vds.exe,-100 (vds) - Unknown owner - C:\\Windows\\System32\\vds.exe (file missing) O23 - Service: @%systemroot%\\system32\\vssvc.exe,-102 (VSS) - Unknown owner - C:\\Windows\\system32\\vssvc.exe (file missing) O23 - Service: @%systemroot%\\system32\\wbengine.exe,-104 (wbengine) - Unknown owner - C:\\Windows\\system32\\wbengine.exe (file missing) O23 - Service: @%Systemroot%\\system32\\wbem\\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\\Windows\\system32\\wbem\\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\\Windows Media Player\\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\\Program Files (x86)\\Windows Media Player\\wmpnetwk.exe (file missing) -- End of file - 10214 bytes På forhånd tak.
--

Kaare

#1
kastermester
Semi Supporter
25-02-2011 17:16

Rapporter til Admin

Nå jeg kan se at HOL har fikset den gamle fejl med backslashes, har ikke været herinde i noget tid. Her følger lige en log der er til at arbejde med: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:56:40, on 25-02-2011 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.17037) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\Ane Hoff\AppData\Local\Google\Update\GoogleUpdate.exe C:\- Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\Ane Hoff\AppData\Local\Google\Update\1.2.183.39\GoogleCras- hHandler.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Internet Explorer\ieuser.exe C:\Users\Ane Hoff\AppData\Local\Google\Chrome\Application\chrome.ex- e C:\Users\Ane Hoff\AppData\Local\Google\Chrome\Application\chrome.ex- e C:\Users\Ane Hoff\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com[...] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.imgag.com[...] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com[...] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com[...] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com[...] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com[...] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [QLButton] "C:\Program Files (x86)\Quick Launch Button\QLButton.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [BrMfcWnd] "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] "C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" /autorun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\Ane Hoff\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Vis eller skjul HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O15 - Trusted Zone: *.danskebank.dk O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com[...] O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com[...] O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com[...] O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk[...] O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\SysWOW64\brsvc01a.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10214 bytes
--
Kaare

#2
grambler1
Mega Supporter
25-02-2011 17:19

Rapporter til Admin

Kør en ccleaner på dit registry og din computer. Og tjek lige om harddisken er fuld, det nævnte du ikke. Hvad bruger din mor disse såkaldte "Brother" programmer til? Er der flere antivirus programmer kørende samtidigt?
--
AMD 1090T m. NH-D14 @ 4gHz / Crosshair IV Formula / 4GB Mushkin Redline 6-8-6-24 / Sapphire 6950 -> 6970 / Corsair TX 950W

#3
kastermester
Semi Supporter
25-02-2011 17:46

Rapporter til Admin

C-drevet står til kun at have 100MB ledig. Men jeg kan ikke finde nogle filer min mor har lagt ind som burde fylde så meget. Jeg vil tro at hun har/burde have filer der fylder sammenlagt ca. 2GB (derudover kommer selvfølgelig diverse programmer - men her snakker vi primært bare Office pakken). Jeg vil prøve at køre en CCleaner - jeg er også igang med en fuld omgang anti-virus scan. Der kører kun et antivirus program og det er Avast. Brother programmerne er fra en gammel printer, så disse skal også fjernes, men det er noget vi selv har installeret.
--
Kaare

#4
grambler1
Mega Supporter
25-02-2011 17:49

Rapporter til Admin

#3 Fint, hun har sikkert en masse temporary files og andet skidt som der skal ryddes op i. Derudover så er det meget vigtigt at du husker at køre den registry tool, du har mange tomme keys, dette kan nedsætte performance på computeren.
--
AMD 1090T m. NH-D14 @ 4gHz / Crosshair IV Formula / 4GB Mushkin Redline 6-8-6-24 / Sapphire 6950 -> 6970 / Corsair TX 950W

#5
bobo
Gæst
25-02-2011 17:57

Rapporter til Admin

Prøv at bruge programmet TreeSize den viser hvor meget de enkelte ting fylder, så burde du kunne finde det der ligger og fylder op.
--
Gæstebruger, opret dit eget login og få din egen signatur.

#6
1ktn
Gæst
25-02-2011 18:26

Rapporter til Admin

Ved en hurtig scanning af jacken, har din mor en masse unødvendige programmer, som starter op sammen med windows. Få dem sat til manuel i services, eller som Ohke siger, brug ccleaner til at stoppe dem i "start". Men hold fingrene fra ms programmer!
--
Gæstebruger, opret dit eget login og få din egen signatur.