[Løst]Uvanlig treig PC

[Gjest medlem-105476]

PC'en min har den siste tiden blitt mye treigere enn den har vært tidligere, men har ikke klart å finne noen løsning på problemet. Fulgte guiden som ligger i sticky, og endte opp med disse loggene. Noen som klarer å se hva som er feil? Eller om løsningen på problemet mitt i det heletatt har noe med malware å gjøre?

 

Combofix:

 

ComboFix 09-09-22.03 - Olav 23.09.2009 14:14.1.2 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.47.1044.18.3066.1867 [GMT 2:00]

Kjører fra: c:\users\Olav\Desktop\ComboFix.exe

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

* Anti-virus er aktiv

 

.

 

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\windows\Installer\1857f8.msi

c:\windows\Installer\75f7b.msi

c:\windows\Suyin.reg

c:\windows\Temp\log.txt

 

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2009-08-23 til 2009-09-23 )))))))))))))))))))))))))))))))))

.

 

2009-09-23 12:27 . 2009-09-23 12:28 -------- d-----w- c:\users\Olav\AppData\Local\temp

2009-09-23 12:27 . 2009-09-23 12:27 -------- d-----w- c:\users\Default\AppData\Local\temp

2009-09-23 11:16 . 2009-09-23 11:16 -------- d-----w- c:\users\Olav\AppData\Roaming\Malwarebytes

2009-09-23 11:16 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-09-23 11:16 . 2009-09-23 11:16 -------- d-----w- c:\programdata\Malwarebytes

2009-09-23 11:16 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-09-23 11:16 . 2009-09-23 11:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-09-23 09:08 . 2009-09-23 09:10 -------- d-----w- c:\users\Olav\AppData\Roaming\vlc

2009-09-23 09:07 . 2009-09-23 09:07 -------- d-----w- c:\program files\VideoLAN

2009-09-17 01:45 . 2009-09-17 01:46 -------- d-----w- c:\users\Olav\AppData\Local\Adobe

2009-09-16 21:23 . 2009-09-16 21:23 -------- d-----w- c:\users\Olav\Bluetooth Software

2009-09-16 13:38 . 2009-09-16 13:38 -------- d-----w- c:\programdata\McAfee Security Scan

2009-09-16 13:38 . 2009-09-16 13:38 -------- d-----w- c:\program files\McAfee Security Scan

2009-09-15 22:23 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll

2009-09-15 22:14 . 2009-09-22 20:45 -------- d-----w- c:\users\Olav\AppData\Roaming\Microgaming

2009-09-15 22:13 . 2009-09-15 22:13 -------- d-----w- C:\MicroGaming

2009-09-15 22:03 . 2009-09-15 22:04 -------- d-----w- c:\programdata\Office Genuine Advantage

2009-09-15 21:53 . 2009-09-15 21:53 -------- d-----w- c:\users\Olav\AppData\Local\Microsoft Help

2009-09-15 21:42 . 2009-09-15 21:42 552 ----a-w- c:\users\Olav\AppData\Local\d3d8caps.dat

2009-09-15 21:26 . 2009-09-15 21:41 55440 ----a-w- c:\windows\War3Unin.dat

2009-09-15 21:26 . 2009-09-15 21:40 2829 ----a-w- c:\windows\War3Unin.pif

2009-09-15 21:26 . 2009-09-15 21:40 139264 ----a-w- c:\windows\War3Unin.exe

2009-09-15 21:22 . 2009-09-23 10:47 -------- d-----w- c:\users\Olav\Tracing

2009-09-15 21:22 . 2009-09-23 10:47 -------- d-----w- c:\program files\Warcraft III

2009-09-15 21:21 . 2009-09-15 22:01 -------- d-----w- c:\program files\Microsoft Silverlight

2009-09-15 21:21 . 2009-09-15 21:21 -------- d-----w- c:\program files\Microsoft

2009-09-15 21:21 . 2009-09-15 21:21 -------- d-----w- c:\program files\Windows Live SkyDrive

2009-09-15 21:20 . 2009-09-15 21:21 -------- d-----w- c:\program files\Windows Live

2009-09-15 21:14 . 2009-09-15 21:14 -------- d-----w- c:\program files\Common Files\Windows Live

2009-09-15 21:05 . 2008-05-06 18:10 749568 ----a-w- c:\windows\AcerStore.exe

2009-09-15 21:05 . 2008-01-10 19:44 199176 ----a-w- c:\windows\GVUni.exe

2009-09-15 21:04 . 2009-09-15 21:04 -------- d-----w- c:\windows\Users

2009-09-15 21:04 . 2007-12-03 23:11 207368 ----a-w- c:\windows\UNINST32.EXE

2009-09-15 21:04 . 2006-11-03 05:29 21264 ----a-w- c:\windows\system32\drivers\DKbFltr.sys

2009-09-15 21:02 . 2008-04-03 09:19 20480 ----a-w- c:\windows\PATCHFUL.EXE

2009-09-15 13:16 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll

2009-09-15 13:16 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2009-09-15 13:16 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll

2009-09-15 13:16 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe

2009-09-15 13:16 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2009-09-15 13:16 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll

2009-09-15 13:16 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe

2009-09-15 13:11 . 2009-09-16 18:16 -------- d-----w- c:\users\Olav\AppData\Roaming\Spotify

2009-09-15 13:11 . 2009-09-15 13:12 -------- d-----w- c:\users\Olav\AppData\Local\Spotify

2009-09-15 13:11 . 2009-09-15 13:11 -------- d-----w- c:\program files\Spotify

2009-09-15 13:10 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll

2009-09-15 13:10 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll

2009-09-15 13:10 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll

2009-09-15 13:09 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll

2009-09-15 13:09 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll

2009-09-15 13:08 . 2009-09-15 13:08 -------- d-----w- c:\users\Olav\AppData\Local\Mozilla

2009-09-15 13:07 . 2009-09-15 13:07 -------- d-----w- c:\program files\MSXML 4.0

2009-09-15 12:35 . 2009-08-14 17:07 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys

2009-09-15 12:35 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll

2009-09-15 12:35 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE

2009-09-15 12:35 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE

2009-09-15 12:35 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE

2009-09-15 12:35 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe

2009-09-15 12:35 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE

2009-09-15 12:35 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE

2009-09-15 12:35 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE

2009-09-15 12:35 . 2009-08-14 16:29 17920 ----a-w- c:\windows\system32\netevent.dll

2009-09-15 12:33 . 2008-06-26 03:29 303616 ----a-w- c:\windows\system32\wmpeffects.dll

2009-09-15 12:25 . 2008-02-29 07:14 19000 ----a-w- c:\windows\system32\kd1394.dll

2009-09-15 12:25 . 2008-02-29 07:11 988216 ----a-w- c:\windows\system32\winload.exe

2009-09-15 12:25 . 2008-02-22 05:05 615992 ----a-w- c:\windows\system32\ci.dll

2009-09-15 12:25 . 2008-02-29 07:11 927288 ----a-w- c:\windows\system32\winresume.exe

2009-09-15 12:25 . 2008-02-29 06:53 378368 ----a-w- c:\windows\system32\srcore.dll

2009-09-15 12:25 . 2008-02-29 06:53 46592 ----a-w- c:\windows\system32\setbcdlocale.dll

2009-09-15 12:25 . 2008-02-29 06:53 40960 ----a-w- c:\windows\system32\srclient.dll

2009-09-15 12:25 . 2008-02-29 04:12 318464 ----a-w- c:\windows\system32\rstrui.exe

2009-09-15 12:25 . 2008-02-29 04:12 14848 ----a-w- c:\windows\system32\srdelayed.exe

2009-09-15 12:25 . 2008-02-29 06:35 6656 ----a-w- c:\windows\system32\kbd106n.dll

2009-09-15 12:24 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll

2009-09-15 12:24 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll

2009-09-15 12:24 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll

2009-09-15 12:24 . 2009-06-15 15:22 213504 ----a-w- c:\windows\system32\msv1_0.dll

2009-09-15 12:24 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2009-09-15 12:24 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll

2009-09-15 12:24 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll

2009-09-15 12:24 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe

2009-09-15 12:24 . 2009-06-15 15:24 156672 ----a-w- c:\windows\system32\t2embed.dll

2009-09-15 12:24 . 2009-06-15 15:20 72704 ----a-w- c:\windows\system32\fontsub.dll

2009-09-15 12:24 . 2009-06-15 12:52 289792 ----a-w- c:\windows\system32\atmfd.dll

2009-09-15 12:24 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll

2009-09-15 12:22 . 2008-06-26 03:29 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll

2009-09-15 12:20 . 2008-08-02 01:01 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2009-09-15 12:19 . 2008-05-08 21:59 90112 ----a-w- c:\windows\system32\wshext.dll

2009-09-15 12:18 . 2009-09-15 12:22 -------- d-----w- c:\program files\Acer Arcade Deluxe

2009-09-15 12:17 . 2008-10-21 05:25 1645568 ----a-w- c:\windows\system32\connect.dll

2009-09-15 12:17 . 2008-06-06 03:27 562176 ----a-w- c:\windows\system32\msdtcprx.dll

2009-09-15 12:17 . 2008-06-06 03:27 38912 ----a-w- c:\windows\system32\xolehlp.dll

2009-09-15 12:17 . 2008-12-16 02:42 288768 ----a-w- c:\windows\system32\drivers\srv.sys

2009-09-15 12:17 . 2008-09-18 04:56 125952 ----a-w- c:\windows\system32\wersvc.dll

2009-09-15 12:17 . 2008-09-18 04:56 147456 ----a-w- c:\windows\system32\Faultrep.dll

2009-09-15 12:12 . 2009-09-15 12:12 -------- d-----w- c:\programdata\eSobi

2009-09-15 12:12 . 2009-09-15 12:12 -------- d-----w- c:\program files\eSobi

2009-09-15 12:10 . 2008-02-25 14:29 6080 ----a-w- c:\windows\system32\drivers\zntport.sys

2009-09-15 12:10 . 2008-02-25 14:29 14544 ----a-w- c:\windows\system32\drivers\TVicPort.sys

2009-09-15 12:10 . 2008-02-25 14:28 238080 ----a-w- c:\windows\system32\ITEIO_64.dll

2009-09-15 12:07 . 2008-09-10 03:40 1334272 ----a-w- c:\windows\system32\msxml6.dll

2009-09-15 12:07 . 2008-04-30 14:00 204800 ----a-w- c:\windows\system32\SysHook.dll

2009-09-15 12:05 . 2009-09-15 12:05 -------- d-----w- c:\users\Olav\AppData\Local\Downloaded Installations

2009-09-15 12:03 . 2009-09-15 12:03 -------- d-----w- c:\users\Olav\AppData\Roaming\Yahoo!

2009-09-15 12:01 . 2009-09-15 12:01 -------- d-----w- c:\program files\Launch Manager

2009-09-15 11:59 . 2009-09-15 11:59 -------- d-----w- c:\users\Olav\AppData\Roaming\Acer

2009-09-15 11:57 . 2009-09-15 11:57 -------- d-----w- c:\program files\SuYin

2009-09-15 11:57 . 2008-04-25 10:09 506368 ----a-w- c:\windows\Acer Crystal Eye webcam.EXE

2009-09-15 11:57 . 2008-04-22 11:21 9216 ----a-w- c:\windows\usbvideo_reg.exe

2009-09-15 11:57 . 2007-10-23 08:56 200704 ----a-w- c:\windows\PLFSetI.exe

2009-09-15 11:57 . 2007-03-29 14:48 626688 ----a-w- c:\windows\Image.dll

2009-09-15 11:56 . 2009-09-15 11:56 -------- d-----w- c:\users\Olav\AppData\Roaming\InstallShield

2009-09-15 11:50 . 2007-07-16 15:20 80936 ----a-w- c:\windows\system32\drivers\btwavdt.sys

2009-09-15 11:50 . 2007-07-16 15:20 16168 ----a-w- c:\windows\system32\drivers\btwrchid.sys

2009-09-15 11:50 . 2008-02-14 16:17 80424 ----a-w- c:\windows\system32\drivers\btwaudio.sys

2009-09-15 11:49 . 2008-02-12 21:19 233472 ----a-w- c:\windows\system32\BtwRSupport.dll

2009-09-15 11:49 . 2009-09-15 11:49 -------- d-----w- c:\windows\system32\es-MX

2009-09-15 11:49 . 2009-09-15 11:49 -------- d-----w- c:\windows\system32\es-AR

2009-09-15 11:49 . 2009-09-15 11:49 -------- d-----w- c:\program files\WIDCOMM

2009-09-15 11:44 . 2009-09-15 11:44 125 ----a-w- c:\windows\xUninstall.bat

2009-09-15 11:43 . 2009-09-15 11:43 -------- d-----w- c:\windows\JMCR_DIR

2009-09-15 11:43 . 2008-03-14 01:48 290816 ----a-w- c:\windows\RTKVADDA.EXE

2009-09-15 11:41 . 2009-09-15 11:41 -------- d-----w- c:\windows\system32\RTCOM

2009-09-15 11:40 . 2009-09-15 11:40 319456 ----a-w- c:\windows\DIFxAPI.dll

2009-09-15 11:40 . 2007-07-13 22:11 8 ----a-w- c:\windows\system32\drivers\rtkhdaud.dat

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-09-23 10:53 . 2009-09-15 11:35 48992 ----a-w- c:\programdata\nvModes.dat

2009-09-23 09:01 . 2008-05-13 05:59 76478 ----a-w- c:\windows\system32\perfc014.dat

2009-09-23 09:01 . 2008-05-13 05:59 452326 ----a-w- c:\windows\system32\perfh014.dat

2009-09-16 18:09 . 2008-05-12 20:12 -------- d-----w- c:\programdata\SiteAdvisor

2009-09-16 18:09 . 2008-05-12 20:11 -------- d-----w- c:\program files\McAfee

2009-09-16 13:38 . 2008-05-12 20:11 -------- d-----w- c:\programdata\McAfee

2009-09-15 22:21 . 2008-05-12 20:14 -------- d-----w- c:\programdata\Microsoft Help

2009-09-15 21:56 . 2008-05-12 20:16 -------- d-----w- c:\program files\Microsoft Works

2009-09-15 21:04 . 2008-01-21 02:23 21560 ----a-w- c:\windows\system32\drivers\atapi.sys

2009-09-15 21:04 . 2006-11-02 08:51 28728 ----a-w- c:\windows\system32\drivers\msahci.sys

2009-09-15 13:40 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2009-09-15 13:04 . 2008-05-12 20:36 -------- d-----w- c:\program files\Acer

2009-09-15 12:23 . 2008-05-12 20:05 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-09-15 12:23 . 2009-09-15 12:23 -------- d-----w- c:\program files\Acer Inc

2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll

2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll

2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe

2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows\system32\sirenacm.dll

2009-07-18 16:06 . 2009-09-15 12:34 827904 ----a-w- c:\windows\system32\wininet.dll

2009-07-18 16:01 . 2009-09-15 12:34 78336 ----a-w- c:\windows\system32\ieencode.dll

2009-07-18 09:46 . 2009-09-15 12:34 26624 ----a-w- c:\windows\system32\ieUnatt.exe

2009-07-17 14:35 . 2009-09-15 12:19 71680 ----a-w- c:\windows\system32\atl.dll

2009-07-16 10:32 . 2008-05-12 20:11 130424 ----a-w- c:\windows\system32\drivers\Mpfp.sys

2009-07-14 13:00 . 2009-09-15 12:23 313344 ----a-w- c:\windows\system32\wmpdxm.dll

2009-07-14 12:59 . 2009-09-15 12:23 4096 ----a-w- c:\windows\system32\dxmasf.dll

2009-07-14 12:58 . 2009-09-15 12:23 7680 ----a-w- c:\windows\system32\spwmp.dll

2009-07-14 10:59 . 2009-09-15 12:23 8147456 ----a-w- c:\windows\system32\wmploc.DLL

2009-07-11 19:32 . 2009-09-15 12:21 302592 ----a-w- c:\windows\system32\wlansec.dll

2009-07-11 19:32 . 2009-09-15 12:21 293376 ----a-w- c:\windows\system32\wlanmsm.dll

2009-07-11 19:32 . 2009-09-15 12:21 513024 ----a-w- c:\windows\system32\wlansvc.dll

2009-07-11 19:29 . 2009-09-15 12:21 127488 ----a-w- c:\windows\system32\L2SecHC.dll

2009-07-08 11:44 . 2008-05-12 20:11 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2009-07-08 11:44 . 2008-05-12 20:11 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys

2009-07-08 11:44 . 2008-05-12 20:11 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys

2009-07-08 11:44 . 2008-05-12 20:11 214024 ----a-w- c:\windows\system32\drivers\mfehidk.sys

2009-07-08 11:43 . 2008-05-12 20:11 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys

.

 

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2008-03-04 21:38 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-22 1037608]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048]

"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-07-09 645328]

"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-03 13535776]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-03 92704]

"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]

"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-04-01 793096]

"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768]

"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]

"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-30 397312]

"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-04-10 147456]

"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-04-10 167936]

"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-04-18 167936]

"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]

"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-04-25 6111232]

"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-21 1826816]

 

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-9-15 1216512]

BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496]

McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer3"=wdmaud.drv

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

SetupExecute REG_MULTI_SZ

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{C2484D3D-1116-48C4-BFB8-B91B14183680}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent

"{360331AF-0526-4036-8C9C-082A9741303E}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{A60AD18A-2C14-44CC-BD60-C6C11FC66FEC}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{24E63513-DAAC-4D37-9D83-29B5A92E459D}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe

"{7AED87CD-4B74-40D9-8F3C-EC7AB15B2630}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe

"{ECA91F1B-CC7A-4943-9931-A76CAFA1B602}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe

"{BA18008D-E16C-42F4-8CCE-C5D21F6DA1B0}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe

"{0D970239-AEED-4ED9-A692-8560E3B2F592}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe

"{56C39839-00F8-41AC-867A-3ABBCEAB6FDC}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe

"{E22A63B7-9EE9-4636-8B2C-81D1E5FDFBC4}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector

"{F10CFDDE-F239-4C2D-A6F2-D226F627ED37}"= c:\program files\Acer\Acer VCM\VC.exe:Acer VCM

"{834BC05E-0932-4DD3-AC7F-3B2E23D6B10D}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe

"{FDCDB5FD-FCC8-4B80-BE3D-C7769ACACE73}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie

"{3C4D2D38-E994-4330-9C3F-4D88CA12D28F}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program

"{21E14889-50E8-496C-AA40-73B7FB5DB98E}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]

"EnableFirewall"= 0 (0x0)

 

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie00.fcl [15.09.2009 14:20 61424]

R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [03.03.2008 13:11 16384]

R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [15.09.2009 14:22 81504]

R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [12.05.2008 22:36 24576]

R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [15.09.2009 14:22 122368]

R3 NETw5v32;Intel® Wireless WiFi Link-kortdriver for Windows Vista 32-bit;c:\windows\System32\drivers\NETw5v32.sys [15.09.2009 23:03 3658752]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [15.09.2009 23:03 43552]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [21.01.2008 04:23 179712]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

 

2008-05-12 c:\windows\Tasks\McDefragTask.job

- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-16 19:26]

 

2008-05-12 c:\windows\Tasks\McQcTask.job

- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-16 19:26]

.

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://no.intl.acer.yahoo.com

mStart Page = hxxp://no.intl.acer.yahoo.com

mDefault_Page_URL = hxxp://no.intl.acer.yahoo.com

IE: Send bilde til &Bluetooth-enhet... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send side til &Bluetooth-enhet... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

FF - ProfilePath - c:\users\Olav\AppData\Roaming\Mozilla\Firefox\Profiles\nua8y7hb.default\

FF - prefs.js: browser.startup.homepage - www.nettavisen.no

FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

 

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");

.

- - - - TOMME PEKERE FJERNET - - - -

 

HKLM-Run-eRecoveryService - (no file)

 

 

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-09-23 14:28

Windows 6.0.6001 Service Pack 1 NTFS

 

skanner skjulte prosesser ...

 

skanner skjulte autostart-oppføringer ...

 

skanner skjulte filer ...

 

skanning vellykket

skjulte filer: 0

 

**************************************************************************

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]

"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie00.fcl"

.

--------------------- LÅSTE REGISTERNØKLER ---------------------

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

Tidspunkt ferdig: 2009-09-23 14:32

ComboFix-quarantined-files.txt 2009-09-23 12:32

 

Pre-Run: 109 116 370 944 byte ledig

Post-Run: 109 153 882 112 byte ledig

 

325 --- E O F --- 2009-09-16 01:00

 

 

 

 

 

Malwarebytes logg:

 

 

Malwarebytes' Anti-Malware 1.41

Databaseversjon: 2848

Windows 6.0.6001 Service Pack 1

 

23.09.2009 13:31:04

mbam-log-2009-09-23 (13-31-04).txt

 

Skanntype: Rask Skann

Objekter skannet: 84530

Tid tilbakelagt: 9 minute(s), 48 second(s)

 

Minneprosesser infisert: 0

Minnemoduler infisert: 0

Registernøkler infisert: 0

Registerverdier infisert: 0

Registerfiler infisert: 0

Mapper infisert: 0

Filer infisert: 0

 

Minneprosesser infisert:

(Ingen mistenkelige filer funnet)

 

Minnemoduler infisert:

(Ingen mistenkelige filer funnet)

 

Registernøkler infisert:

(Ingen mistenkelige filer funnet)

 

Registerverdier infisert:

(Ingen mistenkelige filer funnet)

 

Registerfiler infisert:

(Ingen mistenkelige filer funnet)

 

Mapper infisert:

(Ingen mistenkelige filer funnet)

 

Filer infisert:

(Ingen mistenkelige filer funnet)

 

Endret 23. september 2009 av medlem-105476

[norbat]

Kan ikke se noe malwarerelatert i loggen din så dette er sannsynligvis ikke noe med malware å gjøre. Hva legger du i 'uvanlig treig pc'?

[KimmiboyxD]

Kan ikke lese loggen jeg heller...

Endret 3. oktober 2009 av KimmiboyxD

[Bruker-158599]

Du kan ha mange oppstartsprogrammer. Det er de programmene som starter opp med pc'n, og kanskje du burde defragmentere? Før jeg linker til noe så lurer jeg på om du har gjort dette? Defragmentert og fjernet noen oppstartsprogrammer?

[Gjest medlem-105476]

Har fått ordnet opp nå. Prøvde mye forskjellig, før jeg tilslutt bare gjennoprettet til fabrikkstandard. Nå funker ting som de skal igjen, endelig! Takk for hjelpen!