[Løst]Treg maskin, kan noen se over logger?

[:utakt]

Syns maskinen min er blitt så treg i det siste. Kjørte gjennom MBAM og ComboFix nå, kunne noen tenkt seg å se over loggene?

 

MBAM:

 

 

Malwarebytes' Anti-Malware 1.36

Databaseversjon: 2178

Windows 5.1.2600 Service Pack 3

 

25.05.2009 19:47:14

mbam-log-2009-05-25 (19-47-14).txt

 

Skanntype: Rask Skann

Objekter skannet: 87710

Tid tilbakelagt: 4 minute(s), 31 second(s)

 

Minneprosesser infisert: 0

Minnemoduler infisert: 0

Registernøkler infisert: 0

Registerverdier infisert: 0

Registerfiler infisert: 0

Mapper infisert: 0

Filer infisert: 0

 

Minneprosesser infisert:

(Ingen mistenkelige filer funnet)

 

Minnemoduler infisert:

(Ingen mistenkelige filer funnet)

 

Registernøkler infisert:

(Ingen mistenkelige filer funnet)

 

Registerverdier infisert:

(Ingen mistenkelige filer funnet)

 

Registerfiler infisert:

(Ingen mistenkelige filer funnet)

 

Mapper infisert:

(Ingen mistenkelige filer funnet)

 

Filer infisert:

(Ingen mistenkelige filer funnet)

 

 

 

ComboFix:

 

 

ComboFix 09-05-25.01 - mittnavn 25.05.2009 19:50.2 - FAT32x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.767.399 [GMT 2:00]

Kjører fra: c:\documents and settings\mittnavn\Skrivebord\ComboFix.exe

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

* Opprettet nytt gjenopprettingspunkt

 

ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !!

.

 

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\windows\system32\E95THK16.EXE

c:\windows\system32\encapi32.dll

 

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2009-04-25 til 2009-05-25 )))))))))))))))))))))))))))))))))

.

 

2009-05-25 17:41 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys

2009-05-25 17:41 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys

2009-05-25 17:41 . 2009-05-25 17:41 -------- d-----w c:\programfiler\Malwarebytes' Anti-Malware

2009-05-25 17:41 . 2009-05-25 17:41 -------- d-----w c:\documents and settings\All Users\Programdata\Malwarebytes

2009-05-18 17:18 . 2009-05-18 17:18 -------- d-----r c:\documents and settings\LocalService\Favoritter

2009-05-18 16:55 . 2009-05-18 16:55 -------- d-sh--w c:\documents and settings\LocalService\IETldCache

2009-05-18 16:53 . 2009-03-30 08:33 96104 ----a-w c:\windows\system32\drivers\avipbb.sys

2009-05-18 16:53 . 2009-03-24 14:08 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys

2009-05-18 16:53 . 2009-02-13 10:29 22360 ----a-w c:\windows\system32\drivers\avgntmgr.sys

2009-05-18 16:53 . 2009-02-13 10:17 45416 ----a-w c:\windows\system32\drivers\avgntdd.sys

2009-05-18 16:53 . 2009-05-18 16:53 -------- d-----w c:\programfiler\Avira

2009-05-18 16:53 . 2009-05-18 16:53 -------- d-----w c:\documents and settings\All Users\Programdata\Avira

2009-05-11 15:46 . 2009-05-11 15:46 -------- d-sh--w c:\documents and settings\NetworkService\IETldCache

2009-05-05 16:13 . 2009-05-05 16:13 -------- d-----w c:\windows\ie8updates

2009-05-05 16:13 . 2009-02-28 04:55 105984 ------w c:\windows\system32\dllcache\iecompat.dll

2009-05-05 16:10 . 2009-05-05 16:10 -------- d--h--w c:\windows\ie8

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-04-17 10:42 . 1979-12-31 22:00 76838 ----a-w c:\windows\system32\perfc014.dat

2009-04-17 10:42 . 1979-12-31 22:00 437484 ----a-w c:\windows\system32\perfh014.dat

2009-03-08 02:34 . 1979-12-31 22:00 914944 ----a-w c:\windows\system32\wininet.dll

2009-03-08 02:34 . 1979-12-31 22:00 43008 ----a-w c:\windows\system32\licmgr10.dll

2009-03-08 02:33 . 1979-12-31 22:00 18944 ----a-w c:\windows\system32\corpol.dll

2009-03-08 02:33 . 1979-12-31 22:00 420352 ----a-w c:\windows\system32\vbscript.dll

2009-03-08 02:32 . 1979-12-31 22:00 72704 ----a-w c:\windows\system32\admparse.dll

2009-03-08 02:32 . 1979-12-31 22:00 71680 ----a-w c:\windows\system32\iesetup.dll

2009-03-08 02:31 . 1979-12-31 22:00 34816 ----a-w c:\windows\system32\imgutil.dll

2009-03-08 02:31 . 1979-12-31 22:00 48128 ----a-w c:\windows\system32\mshtmler.dll

2009-03-08 02:31 . 1979-12-31 22:00 45568 ----a-w c:\windows\system32\mshta.exe

2009-03-08 02:22 . 1979-12-31 22:00 156160 ----a-w c:\windows\system32\msls31.dll

2009-03-06 14:24 . 1979-12-31 22:00 284160 ----a-w c:\windows\system32\pdh.dll

2009-02-26 17:53 . 2006-11-07 12:59 12288 ----a-w c:\windows\system32\drivers\nhcDriver.sys

.

 

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LaunchApp"="Alaunch" [X]

"ATIPTA"="c:\progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-08-12 335872]

"SynTPLpr"="c:\programfiler\Synaptics\SynTP\SynTPLpr.exe" [2003-08-29 110592]

"SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2003-08-29 618496]

"ShowIcon_Chander_CRW Series Driver v1.17r019"="c:\programfiler\CRW\shwicon.exe" [2003-01-08 73728]

"LManager"="c:\progra~1\LAUNCH~1\CPLCL32.EXE" [2003-10-18 352256]

"IntelliPoint"="c:\programfiler\Microsoft IntelliPoint\point32.exe" [2004-06-03 204800]

"avgnt"="c:\programfiler\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"ATIModeChange"="Ati2mdxx.exe" - c:\windows\system32\Ati2mdxx.exe [2003-09-12 28672]

"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2003-07-12 54784]

"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2003-08-29 88267]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]

2008-09-16 06:44 174328 ----a-w c:\programfiler\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\system32\wbsys.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Programfiler\\NewTech Infosystems\\NTI CD-Maker\\LiveUpdate.exe"=

"c:\\Programfiler\\Free Music Zilla\\FMZilla.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Programfiler\\Mozilla Firefox\\firefox.exe"=

 

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\programfiler\Avira\AntiVir Desktop\sched.exe [18.05.2009 18:53 108289]

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

 

2007-12-13 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:57]

.

- - - - TOMME PEKERE FJERNET - - - -

 

SafeBoot-procexp90.Sys

 

 

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://ejournal.nsb.no/bin/rms?_sf=0

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

Trusted Zone: fronter.com

TCP: {C6D59063-A977-46F5-9025-7B5C6D1054B7} = 195.159.0.100

FF - ProfilePath - c:\documents and settings\mittnavn\Programdata\Mozilla\Firefox\Profiles\8xoixug8.default\

FF - prefs.js: browser.startup.homepage -

FF - prefs.js: network.proxy.type - 2

FF - plugin: c:\programfiler\Adobe\Reader\browser\nppdf32.dll

FF - plugin: c:\programfiler\Java\jre1.5.0_09\bin\NPJava11.dll

FF - plugin: c:\programfiler\Java\jre1.5.0_09\bin\NPJava12.dll

FF - plugin: c:\programfiler\Java\jre1.5.0_09\bin\NPJava13.dll

FF - plugin: c:\programfiler\Java\jre1.5.0_09\bin\NPJava14.dll

FF - plugin: c:\programfiler\Java\jre1.5.0_09\bin\NPJava32.dll

FF - plugin: c:\programfiler\Java\jre1.5.0_09\bin\NPJPI150_09.dll

FF - plugin: c:\programfiler\Java\jre1.5.0_09\bin\NPOJI610.dll

FF - plugin: c:\programfiler\VLC\npvlc.dll

 

---- FIREFOX POLICIES ----

c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-05-25 19:52

Windows 5.1.2600 Service Pack 3 FAT NTAPI

 

skanner skjulte prosesser ...

 

skanner skjulte autostart-oppføringer ...

 

skanner skjulte filer ...

 

skanning vellykket

skjulte filer: 0

 

**************************************************************************

.

--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

 

- - - - - - - > 'winlogon.exe'(576)

c:\programfiler\Stardock\Object Desktop\WindowBlinds\wbsrv.dll

.

Tidspunkt ferdig: 2009-05-25 19:53

ComboFix-quarantined-files.txt 2009-05-25 17:53

 

Pre-Run: 22 436 380 672 byte ledig

Post-Run: 22 454 566 912 byte ledig

 

136 --- E O F --- 2009-05-14 19:30

 

 

Noe skummelt?

[norbat]

Nei, loggene ser greie ut.

 

Du kunne tatt en runde med CCleaner:

Last ned CCleaner.

Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "Bare slett midlertidige filer som er eldre enn 48 timer" Klikk på 'Renser' og deretter 'Kjør CCleaner'.

 

Deretter kan du sjekke om disken trenger en defragmentering:

Tilbehør->systemverktøy->diskdefragmentering

[:utakt]

Kjører Ccleaner med jevne mellomrom, og defragmenterte disken forrige uke.

 

Det er vel bare maskinen som begynner å bli for gammel med åra. Men takk for at du så gjennom!