mariemarie Skrevet 20. mars 2010 Del Skrevet 20. mars 2010 (endret) Datamaskinen har blitt uutholdelig treg, og jeg har forsøkt diverse programmer for å rense maskinen. Nå skjønner jeg at jeg trenger hjelp fra noen som har peiling på mye mer enn meg. Jeg legger ved logg fra malwarebytes antimalware og combofix, og håper at noen kan hjelpe meg videre. Malwarebytes' Anti-Malware 1.44 Database version: 3886 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 20.03.2010 04:49:32 mbam-log-2010-03-20 (04-49-32).txt Scan type: Quick Scan Objects scanned: 178005 Time elapsed: 15 minute(s), 47 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) [/skjul] [skjul] ComboFix 10-03-19.08 - Marie 20.03.2010 23:07:18.1.1 - FAT32x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.601 [GMT 5,5:30] Running from: c:\documents and settings\Marie\Desktop\ComboFix.exe AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk c:\program files\Antbar\Ant.com Toolbar\tbHElper.dll c:\program files\Dealio Toolbar c:\program files\Dealio Toolbar\IE\4.0.2\config.ini c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll c:\program files\Dealio Toolbar\Res\amazon.gif c:\program files\Dealio Toolbar\Res\apple.gif c:\program files\Dealio Toolbar\Res\barnes.gif c:\program files\Dealio Toolbar\Res\bestbuy.gif c:\program files\Dealio Toolbar\Res\dealio_logo.gif c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif c:\program files\Dealio Toolbar\Res\ebay.gif c:\program files\Dealio Toolbar\Res\icon_settings.gif c:\program files\Dealio Toolbar\Res\macys.gif c:\program files\Dealio Toolbar\Res\newegg.gif c:\program files\Dealio Toolbar\Res\overstock.gif c:\program files\Dealio Toolbar\Res\search-button-hover.gif c:\program files\Dealio Toolbar\Res\search-button.gif c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif c:\program files\Dealio Toolbar\Res\search-chevron.gif c:\program files\Dealio Toolbar\Res\search_amazon.gif c:\program files\Dealio Toolbar\Res\search_dealio.gif c:\program files\Dealio Toolbar\Res\search_ebay.gif c:\program files\Dealio Toolbar\Res\search_yahoo.gif c:\program files\Dealio Toolbar\Res\target.gif c:\program files\Dealio Toolbar\Res\walmart.gif c:\program files\Dealio Toolbar\Res\widgets.xml c:\program files\Dealio Toolbar\SeARchsettings.dll c:\program files\Dealio Toolbar\SearchSettings.exe c:\program files\Dealio Toolbar\SearchSettingsRes409.dll c:\program files\Dealio Toolbar\sscfg.ini c:\program files\Dealio Toolbar\WidgiHelper.exe c:\windows\Uninstall.ini . ((((((((((((((((((((((((( Files Created from 2010-02-20 to 2010-03-20 ))))))))))))))))))))))))))))))) . 2010-03-19 22:49 . 2010-03-19 22:49 -------- d-----w- c:\documents and settings\Marie\Application Data\Malwarebytes 2010-03-19 22:49 . 2010-01-07 10:37 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-19 22:49 . 2010-03-19 22:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-03-19 22:49 . 2010-01-07 10:37 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-19 22:49 . 2010-03-19 22:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-03-19 22:33 . 2010-03-19 22:34 -------- d-----w- c:\program files\MSXML 4.0 2010-03-19 12:24 . 2010-03-19 12:24 -------- d-----w- c:\program files\Common Files\Scanner 2010-03-19 12:23 . 2009-07-30 04:07 111856 ----a-w- c:\windows\system32\wbem\canvprov.dll 2010-03-19 12:23 . 2010-03-19 12:23 -------- d-----w- c:\program files\CA 2010-03-19 11:40 . 2010-03-19 11:40 -------- d-----w- c:\documents and settings\All Users\Application Data\CA 2010-03-18 22:14 . 2010-03-09 11:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-03-18 22:14 . 2010-03-09 11:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-03-18 22:14 . 2010-03-09 11:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-03-18 22:14 . 2010-03-09 11:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-03-18 22:14 . 2010-03-09 11:08 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-03-18 22:14 . 2010-03-09 11:08 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-03-18 22:14 . 2010-03-09 11:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-03-18 22:14 . 2010-03-09 11:24 38848 ----a-w- c:\windows\system32\avastSS.scr 2010-03-18 22:14 . 2010-03-09 11:24 153184 ----a-w- c:\windows\system32\aswBoot.exe 2010-03-18 22:14 . 2010-03-18 22:14 -------- d-----w- c:\program files\Alwil Software 2010-03-18 22:14 . 2010-03-18 22:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2010-03-16 13:24 . 2010-03-16 13:24 -------- d-----w- c:\windows\SxsCaPendDel 2010-03-11 15:47 . 2009-10-23 10:58 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe 2010-03-10 12:21 . 2010-03-10 12:21 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-03-10 12:05 . 2010-03-10 12:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2010-03-09 16:58 . 2010-02-24 03:46 181632 ------w- c:\windows\system32\MpSigStub.exe 2010-03-05 09:39 . 2010-03-05 09:39 -------- d-----w- c:\program files\Common Files\Apple 2010-03-05 09:38 . 2010-03-05 09:38 -------- d-----w- c:\program files\QuickTime 2010-03-05 09:38 . 2010-03-05 09:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer 2010-02-27 14:03 . 2010-02-27 14:03 -------- d-----w- c:\documents and settings\Marie\Local Settings\Application Data\Temp 2010-02-27 13:07 . 2010-02-27 13:07 -------- d-----w- c:\documents and settings\Marie\Application Data\Ahead 2010-02-27 13:04 . 2010-02-27 13:04 -------- d-----w- c:\documents and settings\Marie\Local Settings\Application Data\Ahead 2010-02-26 03:35 . 2010-02-26 03:35 -------- d-----w- c:\documents and settings\Emily\Local Settings\Application Data\Ahead 2010-02-26 00:44 . 2010-02-26 00:44 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Ahead 2010-02-25 08:40 . 2010-02-25 08:40 -------- d-----w- c:\documents and settings\Administrator\Application Data\Ahead 2010-02-25 08:26 . 2010-02-25 08:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero 2010-02-25 08:26 . 2010-02-25 08:26 -------- d-----w- c:\program files\Nero 2010-02-25 08:26 . 2010-02-25 08:26 -------- d-----w- c:\program files\Common Files\Ahead 2010-02-25 08:25 . 2010-02-25 08:25 -------- d-----w- c:\documents and settings\Administrator\Bluetooth Software 2010-02-25 08:23 . 2010-02-25 08:23 -------- d-----w- C:\FlashVideos 2010-02-25 08:23 . 2010-02-25 08:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\Search Settings 2010-02-25 08:23 . 2010-02-25 08:23 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Conduit 2010-02-25 08:23 . 2010-02-25 08:23 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Vuze_Remote 2010-02-25 08:23 . 2010-02-25 08:23 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google 2010-02-25 08:23 . 2010-02-25 08:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\Dealio 2010-02-25 08:22 . 2010-01-01 12:11 304640 ----a-w- c:\windows\system32\xvidcore.dll 2010-02-25 08:22 . 2008-12-04 16:16 180224 ----a-w- c:\windows\system32\xvidvfw.dll 2010-02-25 08:22 . 2010-02-25 08:22 -------- d-----w- c:\program files\Easiestutils 2010-02-25 08:20 . 2010-02-25 08:20 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache 2010-02-25 08:19 . 2010-02-25 08:19 -------- d-----w- c:\documents and settings\Emily\Application Data\Search Settings 2010-02-25 08:19 . 2010-02-25 08:19 -------- d-----w- c:\documents and settings\Emily\Local Settings\Application Data\Vuze_Remote 2010-02-25 08:19 . 2010-02-25 08:19 -------- d-----w- c:\documents and settings\Emily\Local Settings\Application Data\Conduit 2010-02-25 08:19 . 2010-02-25 08:19 -------- d-----w- c:\documents and settings\Emily\Application Data\Dealio 2010-02-25 07:59 . 2010-02-25 07:59 -------- d-----w- C:\FOUND.001 2010-02-21 20:12 . 2010-02-21 20:12 10686001 ----a-w- c:\documents and settings\Marie\Application Data\Azureus\plugins\azump\mplayer.exe 2010-02-20 17:40 . 2010-02-20 17:40 -------- d-----w- C:\FOUND.000 2010-02-20 12:39 . 2010-02-20 12:39 -------- d-----w- C:\FOUND.013 2010-02-18 22:05 . 2010-02-18 22:05 -------- d-----w- c:\documents and settings\Marie\Local Settings\Application Data\ant.com 2010-02-18 22:00 . 2010-02-18 22:00 -------- d-----w- c:\program files\Antbar 2010-02-18 21:51 . 2010-02-18 21:51 -------- d-----w- c:\program files\Conduit 2010-02-18 21:51 . 2010-02-18 21:51 -------- d-----w- c:\documents and settings\Marie\Local Settings\Application Data\Conduit 2010-02-18 21:51 . 2010-02-18 21:51 -------- d-----w- c:\documents and settings\Marie\Local Settings\Application Data\Vuze_Remote 2010-02-18 21:51 . 2010-02-18 21:51 -------- d-----w- c:\program files\Vuze_Remote . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-05 11:27 . 2010-02-05 11:27 -------- d-----w- c:\documents and settings\Marie\Application Data\Search Settings 2010-02-05 11:27 . 2010-02-05 11:27 -------- d-----w- c:\documents and settings\Marie\Application Data\Dealio 2010-02-04 21:16 . 2010-02-04 21:16 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Application Updater 2010-02-04 21:16 . 2010-02-04 21:16 -------- d-----w- c:\program files\Application Updater 2010-02-04 21:16 . 2010-02-04 21:16 -------- d-----w- c:\program files\YouTube Downloader 2009-12-31 12:20 . 2004-08-03 23:30 353792 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-21 14:44 . 2004-08-03 23:30 916480 ----a-w- c:\windows\system32\wininet.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2009-12-31 2349080] [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] 2009-12-31 06:23 2349080 ----a-w- c:\program files\Vuze_Remote\tbVuze.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DA3D342F-FF20-4E31-9E82-22334155730C}] 2009-06-02 10:21 2695168 ----a-w- c:\program files\Antbar\Ant.com Toolbar\tbcore3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2009-12-31 2349080] "{6CD56C02-CB4D-41B5-A0FE-B479061CCB41}"= "c:\program files\Antbar\Ant.com Toolbar\tbcore3.dll" [2009-06-02 2695168] [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKEY_CLASSES_ROOT\clsid\{6cd56c02-cb4d-41b5-a0fe-b479061ccb41}] [HKEY_CLASSES_ROOT\TBSB00982.TBSB00982.3] [HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] [HKEY_CLASSES_ROOT\TBSB00982.TBSB00982] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2009-12-31 2349080] "{6CD56C02-CB4D-41B5-A0FE-B479061CCB41}"= "c:\program files\Antbar\Ant.com Toolbar\tbcore3.dll" [2009-06-02 2695168] [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKEY_CLASSES_ROOT\clsid\{6cd56c02-cb4d-41b5-a0fe-b479061ccb41}] [HKEY_CLASSES_ROOT\TBSB00982.TBSB00982.3] [HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] [HKEY_CLASSES_ROOT\TBSB00982.TBSB00982] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sony Ericsson PC Suite"="d:\sony ericsson pc suite\SEPCSuite.exe" [2008-07-02 393216] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-07-16 25604904] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-11 39408] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-02 149040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LaunchApp"="Alaunch" [X] "AGRSMMSG"="AGRSMMSG.exe" [2005-04-15 88202] "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-01-08 102491] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-01-08 692315] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-07-14 32768] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 110592] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-05-03 344064] "FerrariWallPaper"="c:\windows\FerrariWallPaper\FerrariWP.exe" [2005-01-23 45056] "SoundMan"="SOUNDMAN.EXE" [2005-04-22 77824] "LManager"="c:\program files\Launch Manager\QtZgAcer.EXE" [2005-10-11 286720] "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 385024] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-02 153136] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-02-15 417792] "avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336] "cctray"="c:\program files\CA\CA Internet Security Suite\casc.exe" [2010-03-19 374000] "CAPPActiveProtection"="c:\program files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe" [2010-03-19 333040] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW] 2009-03-27 10:57 79368 ----a-w- c:\windows\system32\UmxWNP.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"= "c:\\Program Files\\Spotify\\spotify.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 KmxStart;KmxStart;c:\windows\system32\drivers\KmxStart.sys [08.06.2009 11:02 108024] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19.03.2010 03:44 162640] R1 KmxAgent;KmxAgent;c:\windows\system32\drivers\KmxAgent.sys [01.04.2009 10:45 73720] R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [08.01.2010 00:51 380928] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19.03.2010 03:44 19024] R2 ccSchedulerSVC;CA Common Scheduler Service;c:\program files\CA\CA Internet Security Suite\ccschedulersvc.exe [19.03.2010 17:53 128240] R2 UmxAgent;HIPS Event Manager;c:\program files\CA\SharedComponents\HIPSEngine\UmxAgent.exe [01.04.2009 10:45 875000] R2 UmxCfg;HIPS Configuration Interpreter;c:\program files\CA\SharedComponents\HIPSEngine\UmxCfg.exe [15.06.2009 11:32 760664] R2 UmxPol;HIPS Policy Manager;c:\program files\CA\SharedComponents\HIPSEngine\UmxPol.exe [01.04.2009 10:45 207352] R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [03.02.2010 20:07 100736] R3 KmxCfg;KmxCfg;c:\windows\system32\drivers\KmxCfg.sys [01.04.2009 10:45 205304] R3 PPCtlPriv;PPCtlPriv;c:\program files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe [19.03.2010 17:54 222448] S2 gupdate;Googles oppdateringstjeneste (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [03.02.2010 20:28 135664] S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys --> c:\windows\system32\DRIVERS\ewusbfake.sys [?] S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [05.04.2009 20:57 89256] S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [05.04.2009 20:57 90408] S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [05.04.2009 20:57 15016] S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [05.04.2009 20:57 122024] S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [05.04.2009 20:57 115368] S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [05.04.2009 20:57 25768] S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [05.04.2009 20:57 111784] S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [05.04.2009 20:57 117544] --- Other Services/Drivers In Memory --- *NewlyCreated* - INT15.SYS [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Contents of the 'Scheduled Tasks' folder 2010-03-19 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 07:04] 2010-03-20 c:\windows\Tasks\User_Feed_Synchronization-{333BBA8D-9D1F-46DF-B9E5-23F37F0E1578}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 23:01] 2010-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 14:58] 2010-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 14:58] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.lk/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm TCP: {4EF48772-F8FE-40A1-B3A5-9496178B1076} = 125.214.169.88 125.214.169.89 . - - - - ORPHANS REMOVED - - - - URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file) BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file) Toolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) HKLM-Run-BVRPLiveUpdate - c:\program files\Avanquest update\Engine\Setup.exe HKLM-Run-SearchSettings - c:\program files\Dealio Toolbar\SearchSettings.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-20 23:10 Windows 5.1.2600 Service Pack 3 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(920) c:\windows\system32\Ati2evxx.dll c:\windows\system32\UmxWnp.Dll c:\program files\CA\SharedComponents\PPRT\bin\CACheck.dll c:\program files\CA\SharedComponents\PPRT\bin\CAHook.dll c:\program files\CA\SharedComponents\PPRT\bin\CAServer.dll . Completion time: 2010-03-20 23:12:17 ComboFix-quarantined-files.txt 2010-03-20 17:42 Pre-Run: 20 301 873 152 bytes free Post-Run: 21 878 800 384 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - 3DD7D8BE4F30B04BDD24C1AEEE69902C Endret 21. mars 2010 av hernil fikset spoiler-rot Lenke til kommentar
Helnes Skrevet 21. mars 2010 Del Skrevet 21. mars 2010 Trenger jo ikke å være virus da, ser at du har Windows XP, noe som kan tyde på at PCen din er gammel og dermed kan du ha dårlige/gamle komponenter eller som meg, har masse åpent (20-30 faner i Google Chorme og Opera på en pc fra 2006, da går det tregt da) Men åpne oppgavebehandling, gå på prosesser og sorter slik at høyest CPU bruk er øverst så kan du se hva som gjør PCen din treg Lenke til kommentar
hernil Skrevet 21. mars 2010 Del Skrevet 21. mars 2010 Fikset litt rot med spoiler-tags og kommentarer så nå kan tråden fortsette (Eventuelle tilbakemeldinger tas på Personlig Melding og ikke i tråden) Lenke til kommentar
mariemarie Skrevet 22. mars 2010 Forfatter Del Skrevet 22. mars 2010 Trenger jo ikke å være virus da, ser at du har Windows XP, noe som kan tyde på at PCen din er gammel og dermed kan du ha dårlige/gamle komponenter eller som meg, har masse åpent (20-30 faner i Google Chorme og Opera på en pc fra 2006, da går det tregt da) Men åpne oppgavebehandling, gå på prosesser og sorter slik at høyest CPU bruk er øverst så kan du se hva som gjør PCen din treg Takk for svar:) Pcen er gammel, så den har sikkert noen dårlige komponenter. Den var ikke treg for litt siden, så jeg regner med at det må være virus. Lastet ned CA anti-spyware for litt siden, og fikk vite at det var endel risikofaktorer. Programmet viser malware, men tar det ikke bort uten at en kjøper programmet. Noen som vet om dette programmet er bra? Åpnet oppgavebahndling og sorterte, men skjønte ikke hva som gjorde pcen treg.. Hva kan jeg fjerne/ikke fjerne fra listen?? Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå