Treg maskin, musikk hakker hva er galt?

[Opelmekk]

Hei og godt nyttår

 

Før jul fikk eg det problemet at musikken hakker dersom eg gjør noe annet samtidig og det tar minst 5 min å starte pcen. Så eg lurer på hva som er galt.

Har kjørt henholdsvis MBAM, CCleaner, CF, Auslogic disk defrag( C disk) og Auslogic registery defrag.

Her er loggene.

Logg fra MBAM:

 

 

 

Malwarebytes' Anti-Malware 1.31

Databaseversjon: 1565

Windows 5.1.2600 Service Pack 2

 

29.12.2008 19:43:46

mbam-log-2008-12-29 (19-43-46).txt

 

Skanntype: Rask Skann

Objekter skannet: 52551

Tid tilbakelagt: 40 minute(s), 43 second(s)

 

Minneprosesser infisert: 0

Minnemoduler infisert: 0

Registernøkler infisert: 0

Registerverdier infisert: 0

Registerfiler infisert: 1

Mapper infisert: 0

Filer infisert: 0

 

Minneprosesser infisert:

(Ingen mistenkelige filer funnet)

 

Minnemoduler infisert:

(Ingen mistenkelige filer funnet)

 

Registernøkler infisert:

(Ingen mistenkelige filer funnet)

 

Registerverdier infisert:

(Ingen mistenkelige filer funnet)

 

Registerfiler infisert:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

 

Mapper infisert:

(Ingen mistenkelige filer funnet)

 

Filer infisert:

(Ingen mistenkelige filer funnet)

 

 

 

CF logg:

 

 

ComboFix 08-12-28.04 - Jonnyboy 2008-12-29 20:50:57.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.1022.597 [GMT 1:00]

Kjører fra: c:\documents and settings\Jonnyboy\Skrivebord\ComboFix.exe

 

ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !!

.

 

((((((((((((((((((((((((((( Filer Opprettet Fra 2008-11-28 til 2008-12-29 )))))))))))))))))))))))))))))))))

.

 

2008-12-29 20:34 . 2008-12-29 20:34 <DIR> dr-h----- c:\documents and settings\Jonnyboy\Siste

2008-12-29 19:57 . 2008-12-29 19:57 <DIR> d-------- c:\programfiler\CCleaner

2008-12-24 23:41 . 2008-12-24 23:41 <DIR> d-------- c:\documents and settings\Jonnyboy\Programdata\Creative

2008-12-24 23:41 . 2008-12-24 23:44 <DIR> d-------- c:\documents and settings\All Users\Programdata\Creative

2008-12-24 23:33 . 2003-06-12 23:25 7,062 --a------ c:\windows\system32\audiopid.vxd

2008-12-24 23:31 . 2006-10-06 07:17 53,248 --------- c:\windows\Ctregrun.exe

2008-12-24 23:29 . 2004-08-03 22:58 5,504 --a------ c:\windows\system32\drivers\MSTEE.sys

2008-12-24 23:29 . 2004-08-03 22:58 5,504 --a------ c:\windows\system32\dllcache\mstee.sys

2008-12-24 23:27 . 2007-05-24 18:00 299,008 -ra------ c:\windows\system32\V0400Cvw.dll

2008-12-24 23:26 . 2008-12-24 23:26 <DIR> d-------- c:\windows\CtDrvInstall

2008-12-24 23:15 . 2008-12-24 23:15 <DIR> d-------- c:\programfiler\Fellesfiler\muvee Technologies

2008-12-24 23:14 . 2008-12-24 23:14 <DIR> d-------- c:\programfiler\muvee Technologies

2008-12-24 23:13 . 2008-12-24 23:13 <DIR> d-------- c:\documents and settings\All Users\Programdata\muvee Technologies

2008-12-24 23:07 . 2008-12-24 23:07 <DIR> d-------- c:\documents and settings\Jonnyboy\Programdata\InstallShield

2008-12-24 23:06 . 2008-12-24 23:06 <DIR> d-------- c:\programfiler\SightSpeed

2008-12-24 22:49 . 2008-12-24 23:31 <DIR> d-------- c:\programfiler\Creative

2008-12-22 23:33 . 2008-12-22 23:35 <DIR> d-------- C:\pr

2008-12-19 22:32 . 2008-12-19 22:32 <DIR> d-------- c:\programfiler\Malwarebytes' Anti-Malware

2008-12-19 22:32 . 2008-12-19 22:32 <DIR> d-------- c:\documents and settings\Jonnyboy\Programdata\Malwarebytes

2008-12-19 22:32 . 2008-12-19 22:32 <DIR> d-------- c:\documents and settings\All Users\Programdata\Malwarebytes

2008-12-19 22:32 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2008-12-19 22:32 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys

2008-12-10 21:52 . 2008-10-03 11:17 247,326 --------- c:\windows\system32\dllcache\strmdll.dll

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-29 19:34 --------- d-----w c:\documents and settings\Jonnyboy\Programdata\OpenOffice.org2

2008-12-26 16:31 --------- d-----w c:\documents and settings\Jonnyboy\Programdata\dvdcss

2008-12-24 22:32 --------- d--h--w c:\programfiler\InstallShield Installation Information

2008-12-23 13:23 --------- d-----w c:\documents and settings\Jonnyboy\Programdata\uTorrent

2008-12-12 17:36 3,081,216 ------w c:\windows\system32\dllcache\mshtml.dll

2008-11-22 15:04 --------- d-----w c:\programfiler\Windows Media Connect 2

2008-11-14 20:12 --------- d-----w c:\programfiler\World of Warcraft

2008-11-14 18:45 --------- d-----w c:\documents and settings\All Users\Programdata\Blizzard

2008-11-14 12:21 --------- d-----w c:\programfiler\Your Freedom

2008-11-14 08:14 --------- d-----w c:\programfiler\Google

2008-11-13 22:11 --------- d-----w c:\programfiler\Fellesfiler\Blizzard Entertainment

2008-11-05 02:01 --------- d-----w c:\programfiler\uTorrent

2008-11-03 22:08 148 ----a-w c:\documents and settings\Jonnyboy\Programdata\wklnhst.dat

2008-11-03 22:08 --------- d-----w c:\documents and settings\Jonnyboy\Programdata\Template

2008-10-24 11:10 453,632 ------w c:\windows\system32\dllcache\mrxsmb.sys

2008-10-23 13:01 283,648 ----a-w c:\windows\system32\gdi32.dll

2008-10-23 13:01 283,648 ------w c:\windows\system32\dllcache\gdi32.dll

2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll

2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll

2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll

2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll

2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll

2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll

2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll

2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll

2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll

2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll

2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe

2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe

2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll

2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll

2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll

2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll

2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll

2008-10-15 17:01 332,800 ------w c:\windows\system32\dllcache\netapi32.dll

2008-10-15 09:45 18,432 ------w c:\windows\system32\dllcache\iedw.exe

2008-10-03 10:17 247,326 ----a-w c:\windows\system32\strmdll.dll

2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll

.

 

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

"swg"="c:\programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-28 68856]

"DAEMON Tools Lite"="c:\programfiler\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]

"Creative Live! Cam Manager"="c:\programfiler\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2007-06-07 155648]

"CreativeTaskScheduler"="c:\programfiler\Creative\Shared Files\CTSched.exe" [2006-11-17 53341]

"ccleaner"="c:\programfiler\CCleaner\CCleaner.exe" [2008-12-19 1434864]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ATIPTA"="c:\programfiler\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-11-10 344064]

"SunJavaUpdateSched"="c:\programfiler\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]

"HP Software Update"="c:\programfiler\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]

"SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2005-06-19 729178]

"QPService"="c:\programfiler\HP\QuickPlay\QPService.exe" [2005-12-12 94208]

"eabconfg.cpl"="c:\programfiler\HPQ\Quick Launch Buttons\EabServr.exe" [2005-12-22 405504]

"Cpqset"="c:\programfiler\HPQ\Default Settings\cpqset.exe" [2005-08-01 233534]

"RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]

"hpWirelessAssistant"="c:\programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 507904]

"SSBkgdUpdate"="c:\programfiler\Fellesfiler\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]

"PaperPort PTD"="c:\programfiler\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-18 57393]

"IndexSearch"="c:\programfiler\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-18 40960]

"V0400Mon.exe"="c:\windows\V0400Mon.exe" [2007-06-03 32768]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

 

c:\documents and settings\Jonnyboy\Start-meny\Programmer\Oppstart\

OpenOffice.org 2.3.lnk - c:\programfiler\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 393216]

 

c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\

BTTray.lnk - c:\programfiler\WIDCOMM\Bluetooth-programvare\BTTray.exe [2005-08-16 577597]

HP Photosmart Premier Hurtigstart.lnk - c:\programfiler\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 73728]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.X264"= x264vfw.dll

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Programfiler\\uTorrent\\uTorrent.exe"=

"c:\\Programfiler\\RealVNC\\VNC4\\winvnc4.exe"=

 

R3 EuMusDesignVirtualAudioCableWdm_s2x;Sound2x Audio Cable (WDM);c:\windows\system32\DRIVERS\vacs2xkd.sys [2008-07-12 42880]

R3 HSFHWATI;HSFHWATI;c:\windows\system32\DRIVERS\HSFHWATI.sys [2005-08-22 231424]

S3 ASPI;Advanced SCSI Programming Interface Driver;\??\c:\windows\System32\DRIVERS\ASPI32.sys [2008-07-12 16512]

S3 VF0400Afx;VF0400 Audio FX;c:\windows\system32\Drivers\V0400Afx.sys [2008-12-24 142656]

S3 VF0400Vfx;VF0400 Video FX;c:\windows\system32\DRIVERS\V0400VFx.sys [2008-12-24 7424]

S3 VF0400Vid;Live! Cam Notebook Pro (VF0400);c:\windows\system32\DRIVERS\V0400Vid.sys [2008-12-24 166720]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99582bc4-438d-11dd-9ec7-0014a5a29c19}]

\Shell\AutoRun\command - wd_windows_tools\WDSetup.exe

 

*Newly Created Service* - PROCEXP90

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

 

2008-07-09 c:\windows\Tasks\The Used - Buried Myself Alive.job

- c:\documents and settings\Jonnyboy\Skrivebord\The Used - Buried Myself Alive.mp3 [2008-07-08 23:21]

.

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://www.hp.com

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Send til &Bluetooth - c:\programfiler\WIDCOMM\Bluetooth-programvare\btsendto_ie_ctx.htm

FF - ProfilePath - c:\documents and settings\Jonnyboy\Programdata\Mozilla\Firefox\Profiles\6vlg4lql.default\

FF - plugin: c:\programfiler\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: c:\programfiler\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

 

ATTENTION: FIREFOX POLICES IS IN FORCE

c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-29 20:54:15

Windows 5.1.2600 Service Pack 2 NTFS

 

skanner skjulte prosesser ...

 

skanner skjulte autostart-oppføringer ...

 

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Cpqset = c:\programfiler\HPQ\Default Settings\cpqset.exe????????????????|?`???? ???B?????????????hLC????????

 

skanner skjulte filer ...

 

skanning vellykket

skjulte filer: 0

 

**************************************************************************

.

--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

 

- - - - - - - > 'winlogon.exe'(1080)

c:\windows\system32\Ati2evxx.dll

.

Tidspunkt ferdig: 2008-12-29 20:55:56

ComboFix-quarantined-files.txt 2008-12-29 19:55:33

 

Pre-Run: 15ÿ915ÿ728ÿ896 byte ledig

Post-Run: 15,905,046,528 byte ledig

 

165 --- E O F --- 2008-12-29 19:28:53

 

 

Endret 1. januar 2009 av konfirmant

[norbat]

Kan ikke se noe malware, så vil tro dette skyldes noe annet en dette.

 

Du kan starte med å oppdatere windows med SP3 (via Windows Update)

[MatsB]

Hvis du har to virusprogrammer eller fler, vil pc`n være treg forbi disse vil jobbe mot hverandre. Så hvis du har flere virusprogrammer fjærn de andre og ha bare ett...

 

(dette kan være årsaken )

[r2d290]

MatsB: Combofix-loggen ville ha vist om det var 2 antivirusprogram kjørende. Etter hva jeg kan se så er det ikke installert et eneste, så jeg anbefaler trådstarter å gå til anskaffelse av dette.

 

Men ja, gi tilbakemelding på hvordan det går etter at du har oppgradert til SP3. Du kan samtidig oppdatere Java:

 

 

Det er viktig å bruke den seneste versjonen av Java, siden tidligere versjoner kan inneholde sikkerhetshull som vil øke sansynligheten for at du

blir infisert igjen. Det ser ut til at din verjson av Java er utdatert

 

Oppdatere Java:

• Trykk på følgende link, og last ned nyeste versjon av Java:http://java.com/en/download/index.jsp
  

[*]Gå til Start > Kontrollpanel > Legg til/fjern programmer.

[*]Søk i listen over alle tidligere versjoner av Java (JRE, J2SE Runtime, J2RE osv.... )

Alle disse versjonene bør ha dette bildet foran:

Velg alle du finner, og trykk på Fjern

[*]Deretter installerer du den Java-versjonen som du lastet ned i starten.

Fortell hvordan det gikk med oppdateringen.

[snippsat]

Ctrl+alt+del<prosesser>

Trykk på cpu-fane så du får høyest cpu forbruk øverst.

Følg med om en prosess bruker mye når det hakker.

[Opelmekk]

SP3 fungerte ikke

Sjekket hvilkne prosseser som bruker mye og det viste seg for at meida playeren bruket mye ved spilling av musikk og samme med for eksepmel firefox når eg spilte fra Youtube.

 

Men problemene er ute av verden nå som eg har instalert Linux Mind Fant ut at dette tok mye kortere tid

Endret 3. januar 2009 av konfirmant