YMF Skrevet 8. oktober 2009 Rapporter Del Skrevet 8. oktober 2009 (endret) Pc'n min klarer ikke lenger å dra Call of Duty: MW har mine mistanker om at jeg muligens har virus.. eller så har jeg kanskje utdaterte drivere. jeg vil slette alt som jeg ikke har bruk for, vil bare vite hva jeg kan slette Fant ikkenoe med MBAM. Combofix ComboFix 09-10-07.05 - klack 08.10.2009 16:38.1.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.47.1033.18.3068.1221 [GMT 2:00] Kjører fra: c:\users\klack\Downloads\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Installer\19837.msi c:\windows\Suyin.reg . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-09-08 til 2009-10-08 ))))))))))))))))))))))))))))))))) . 2009-10-08 15:04 . 2009-10-08 15:07 -------- d-----w- c:\users\klack\AppData\Local\temp 2009-10-08 15:04 . 2009-10-08 15:04 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-10-08 13:54 . 2009-10-08 13:54 -------- d-----w- c:\users\klack\AppData\Roaming\Malwarebytes 2009-10-08 13:54 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-08 13:54 . 2009-10-08 13:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-10-08 13:54 . 2009-10-08 13:54 -------- d-----w- c:\programdata\Malwarebytes 2009-10-08 13:54 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-10-03 17:54 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll 2009-10-03 17:54 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe 2009-10-03 17:54 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2009-10-03 17:54 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll 2009-10-03 17:54 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll 2009-10-03 17:54 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2009-10-03 17:54 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll 2009-10-03 17:54 . 2009-08-06 17:23 171608 ----a-w- c:\windows\system32\wuwebv.dll 2009-10-03 17:54 . 2009-08-06 16:44 33792 ----a-w- c:\windows\system32\wuapp.exe 2009-10-02 20:14 . 2009-10-01 08:29 195440 ------w- c:\windows\system32\MpSigStub.exe 2009-09-30 22:16 . 2009-09-30 22:16 -------- d-----w- C:\Programs 2009-09-29 20:53 . 2009-09-29 20:53 -------- d-----w- c:\users\klack\AppData\Roaming\NCH Software 2009-09-29 20:53 . 2007-08-29 13:36 110592 ----a-w- c:\users\klack\AppData\Roaming\NCH Software\Components\mp3el\mp3enc.exe 2009-09-29 20:13 . 2009-09-29 20:13 -------- d-----w- c:\program files\Ask.com 2009-09-29 20:13 . 2009-09-29 20:13 -------- d-----w- c:\program files\Common Files\DVDVideoSoft 2009-09-29 20:13 . 2009-09-29 20:13 -------- d-----w- c:\program files\DVDVideoSoft 2009-09-29 20:09 . 2009-09-29 20:09 -------- d-----w- c:\programdata\NCH Swift Sound 2009-09-29 20:09 . 2009-09-29 20:09 -------- d-----w- c:\users\klack\AppData\Roaming\NCH Swift Sound 2009-09-29 20:09 . 2009-09-29 20:09 -------- d-----w- c:\program files\NCH Swift Sound 2009-09-18 16:18 . 2009-09-18 16:18 -------- d-----w- c:\users\klack\AppData\Roaming\Moyea 2009-09-18 16:17 . 2009-09-18 16:17 -------- d-----w- c:\program files\Moyea 2009-09-17 17:10 . 2008-03-13 15:48 290816 ----a-w- c:\windows\RTKVADDA.EXE 2009-09-11 00:08 . 2009-09-11 00:09 -------- d-----w- C:\Disk Images . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-08 15:06 . 2009-03-05 04:56 197831 ----a-w- c:\programdata\nvModes.dat 2009-10-08 15:05 . 2009-03-09 20:59 12 ----a-w- c:\windows\bthservsdp.dat 2009-10-08 13:24 . 2001-01-06 18:09 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-10-08 13:21 . 2009-03-05 20:50 -------- d-----w- c:\users\klack\AppData\Roaming\uTorrent 2009-10-05 14:40 . 2009-03-09 16:57 -------- d-----w- c:\program files\Common Files\Steam 2009-09-17 17:08 . 2001-01-06 18:15 319456 ----a-w- c:\windows\DIFxAPI.dll 2009-09-17 17:08 . 2009-09-17 17:08 -------- d-----w- c:\program files\Realtek 2009-09-11 01:19 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-09-07 17:15 . 2009-05-21 17:55 -------- d-----w- c:\users\klack\AppData\Roaming\Apple Computer 2009-09-07 14:58 . 2009-08-10 07:08 139072 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-09-07 14:58 . 2009-08-10 07:08 189672 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-09-07 14:11 . 2009-03-26 14:25 -------- d-----w- c:\programdata\Apple 2009-09-03 13:33 . 2009-07-13 20:01 -------- d-----w- c:\users\klack\AppData\Roaming\dvdcss 2009-09-03 11:44 . 2009-07-13 18:14 -------- d-----w- c:\program files\Heroes of Newerth 2009-08-28 12:39 . 2009-09-03 08:53 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2009-08-28 10:15 . 2009-09-03 08:53 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2009-08-27 17:51 . 2009-05-31 17:28 680 ----a-w- c:\users\klack\AppData\Local\d3d9caps.dat 2009-08-14 17:07 . 2009-09-10 08:38 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-08-14 16:29 . 2009-09-10 08:38 104960 ----a-w- c:\windows\system32\netiohlp.dll 2009-08-14 16:29 . 2009-09-10 08:38 17920 ----a-w- c:\windows\system32\netevent.dll 2009-08-14 14:16 . 2009-09-10 08:38 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE 2009-08-14 14:16 . 2009-09-10 08:38 17920 ----a-w- c:\windows\system32\ROUTE.EXE 2009-08-14 14:16 . 2009-09-10 08:38 11264 ----a-w- c:\windows\system32\MRINFO.EXE 2009-08-14 14:16 . 2009-09-10 08:38 27136 ----a-w- c:\windows\system32\NETSTAT.EXE 2009-08-14 14:16 . 2009-09-10 08:38 19968 ----a-w- c:\windows\system32\ARP.EXE 2009-08-14 14:16 . 2009-09-10 08:38 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE 2009-08-14 14:16 . 2009-09-10 08:38 10240 ----a-w- c:\windows\system32\finger.exe 2009-08-13 16:24 . 2009-08-13 16:21 -------- d-----w- c:\programdata\Mobile Broadband 2009-08-13 16:21 . 2009-08-13 16:21 -------- d-----w- c:\program files\Telenor 2009-08-10 07:08 . 2009-08-10 07:08 139152 ----a-w- c:\users\klack\AppData\Roaming\PnkBstrK.sys 2009-08-10 07:08 . 2009-08-10 07:08 139152 ----a-w- c:\users\klack\AppData\Roaming\PnkBstrK.sys 2009-08-10 07:08 . 2009-08-10 07:08 794408 ----a-w- c:\windows\system32\pbsvc.exe 2009-08-10 07:08 . 2009-08-10 07:08 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-08-08 16:13 . 2009-08-08 15:46 98304 ----a-w- c:\users\klack\AppData\Roaming\Soldat\Battleye\BEClient.dll 2009-07-18 16:06 . 2009-07-30 16:32 827904 ----a-w- c:\windows\system32\wininet.dll 2009-07-18 16:01 . 2009-07-30 16:32 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-07-18 09:46 . 2009-07-30 16:32 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-07-17 14:35 . 2009-08-13 17:03 71680 ----a-w- c:\windows\system32\atl.dll 2009-07-14 13:00 . 2009-08-13 17:03 313344 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-14 12:59 . 2009-08-13 17:03 4096 ----a-w- c:\windows\system32\dxmasf.dll 2009-07-14 12:58 . 2009-08-13 17:03 7680 ----a-w- c:\windows\system32\spwmp.dll 2009-07-14 10:59 . 2009-08-13 17:03 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-07-11 19:32 . 2009-09-10 08:38 293376 ----a-w- c:\windows\system32\wlanmsm.dll 2009-07-11 19:32 . 2009-09-10 08:38 513024 ----a-w- c:\windows\system32\wlansvc.dll 2009-07-11 19:32 . 2009-09-10 08:38 302592 ----a-w- c:\windows\system32\wlansec.dll 2009-07-11 19:29 . 2009-09-10 08:38 127488 ----a-w- c:\windows\system32\L2SecHC.dll . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{ad55c869-668e-457c-b270-0cfb2f61116f}"= "c:\program files\livetvbar\tblive.dll" [2008-07-10 1600024] [HKEY_CLASSES_ROOT\clsid\{ad55c869-668e-457c-b270-0cfb2f61116f}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ad55c869-668e-457c-b270-0cfb2f61116f}] 2008-07-10 12:04 1600024 ----a-w- c:\program files\livetvbar\tblive.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2009-06-16 15:22 1144712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{ad55c869-668e-457c-b270-0cfb2f61116f}"= "c:\program files\livetvbar\tblive.dll" [2008-07-10 1600024] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-06-16 1144712] [HKEY_CLASSES_ROOT\clsid\{ad55c869-668e-457c-b270-0cfb2f61116f}] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{AD55C869-668E-457C-B270-0CFB2F61116F}"= "c:\program files\livetvbar\tblive.dll" [2008-07-10 1600024] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-06-16 1144712] [HKEY_CLASSES_ROOT\clsid\{ad55c869-668e-457c-b270-0cfb2f61116f}] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-03-05 219952] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-05 68856] "Steam"="c:\steam\Steam.exe" [2009-08-08 1217784] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-21 182808] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-04 1037608] "eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048] "WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-03-05 24064] "ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2009-03-05 3719680] "PLFSetI"="c:\windows\PLFSetI.exe" [2008-06-30 200704] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-06-16 809480] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504] "eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-05-30 544768] "ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-07-24 147456] "CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-07-24 167936] "PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-07-18 167936] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-11-02 167936] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-13 148888] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-05-27 13781536] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-05-07 6139904] "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-20 1826816] c:\users\klack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440] Warkeys Update.lnk - c:\program files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe [2009-5-3 244736] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-3-5 1216512] Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-24 723760] Net Send GUI.lnk - c:\program files\Fomine Net Send GUI\NetSendGUI.exe [2008-2-25 258048] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000] 2009-03-05 04:57 3162624 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-430739751-1610099454-676001698-1000] "EnableNotificationsRef"=dword:00000002 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{90C3CC63-350A-4E1B-B8D4-69AF559903B3}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{0786B602-9200-4A8E-9E8D-D55816E339CE}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{ACFA88A9-0658-4423-8F36-00BF618901E1}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{84200E1F-FC35-49F7-9D33-590CAC142BB7}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{EB3A99A1-B0AC-46FA-BDB7-5D8397082668}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{3FE412CA-F5EA-41B6-AFAB-49A5B78791A5}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{75D11B41-EF22-40C2-B99F-ABCA9D6B6450}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{A69C6B86-4F1C-4DFF-BECF-EB0320C5F397}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{02CD36AC-5CF7-4394-8C78-0D245A1109C7}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe "{6C3E1111-C120-410D-9ADC-827747629748}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie "{EC1765CE-95BC-4594-9C27-0DBC13D54B2B}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program "{F0C9EAB3-A2E1-4644-8288-CA83E8D29BED}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia "{C4A946DE-4A95-490A-8216-3C27B98E1E9F}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector "{F3A48979-4426-4917-847E-CEA18480D7A1}"= c:\program files\Acer\Acer VCM\VC.exe:Acer VCM "TCP Query User{3E974972-4EAA-46F5-A789-FC0DA0C72FAA}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent "UDP Query User{9E756B0C-76EC-4485-80F4-3625A968720A}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent "{1C0FE553-A13D-4CEC-92BD-C00D389F9A9F}"= UDP:d:\games\Call Of Duty Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare "{693ADE07-3DD8-40AB-BD92-4829844B653A}"= TCP:d:\games\Call Of Duty Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare "{AE2B98A8-13C5-4484-9A93-3E7B4CCC6D73}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{B7D54A76-BF4C-4ECE-96D9-6CAB9B9E7C5D}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{F0C70D32-9A1B-4742-BAF2-07BA8D41B396}"= UDP:d:\games\Far Cry 2\bin\FarCry2.exe:Far Cry 2 "{4CD44C40-8F28-48C0-BBD7-66492039D1AD}"= TCP:d:\games\Far Cry 2\bin\FarCry2.exe:Far Cry 2 "{09BCA2D5-1FC6-454A-8738-6E9B7E65F385}"= UDP:d:\games\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater "{DE83C243-A5C7-435A-8E47-093A0EC31629}"= TCP:d:\games\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater "{EEA67206-6718-42A5-AA6D-C4E1B8183324}"= UDP:d:\games\Far Cry 2\bin\FC2Editor.exe:Editor "{8BED107F-5DDD-4D65-9632-A9379BA2E8FA}"= TCP:d:\games\Far Cry 2\bin\FC2Editor.exe:Editor "{3C3192AE-6735-494C-A257-F6A315155DFB}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{6E03550D-A0ED-43EB-8304-A64B5A668FD7}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "{680881E4-B725-40E8-8FAD-5528BF81D44A}"= UDP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe "{6B92FE5C-1158-42FB-8014-1B9867DEB7B8}"= TCP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe "{F5A80C43-2E3C-4E76-982B-9D9875CFB282}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{E26012A5-DA49-4473-ADC3-DCB6519F11A2}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{90186AA9-6B24-4792-B91D-BDF7DE3221FF}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{1CE5EA22-3AAF-45A6-B7A8-76DD7342FE27}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{D230ADFC-DCCC-4165-B6B5-0F86B0795F55}"= UDP:d:\games\Operation Flashpoint\OFDR.exe:OF Dragon Rising "{1D47094D-7377-4165-9811-72EF10C2A93C}"= TCP:d:\games\Operation Flashpoint\OFDR.exe:OF Dragon Rising [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) R0 AlfaFF;AlfaFF File System mini-filter;c:\windows\System32\drivers\AlfaFF.sys [05.03.2009 06:56 43184] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie00.fcl [05.03.2009 07:25 61424] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [03.03.2008 14:11 16384] R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [05.03.2009 07:28 81504] R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [06.01.2001 20:17 24576] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [25.04.2008 22:36 45056] R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [05.03.2009 07:28 122368] R2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [05.03.2009 19:36 233472] R2 SesamService;Sesam Control Service;c:\program files\Telenor\Mobile Broadband\Sesam\BIN\SecMIPService.exe [09.05.2008 17:01 1216296] R2 vfsFPService;Validity Fingerprint Service;c:\windows\System32\vfsFPService.exe [26.05.2008 06:43 599344] R3 itecir;ITECIR Infrared Receiver;c:\windows\System32\drivers\itecir.sys [05.03.2009 07:02 54784] R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;c:\windows\System32\drivers\L1E60x86.sys [06.01.2001 19:28 47104] R3 NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\System32\drivers\NETw5v32.sys [06.01.2001 19:28 3658752] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [30.04.2009 21:43 64032] R3 vfs101x;vfs101x;c:\windows\System32\drivers\vfs101x.sys [26.05.2008 06:44 40752] R3 wtsmpadap;Sesam Virtual Adapter;c:\windows\System32\drivers\wtsmpadap.sys [29.04.2008 16:24 39720] R3 WtSmpFlt;Sesam Adapter;c:\windows\System32\drivers\wtsmpflt.sys [29.04.2008 16:24 272424] S2 IGBASVC;iGroupTec Service;c:\program files\Acer\Acer Bio Protection\BASVC.exe [05.03.2009 06:56 3520512] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [25.04.2008 22:36 131072] S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [05.03.2009 06:54 24064] S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\System32\drivers\Gt51Ip.sys [09.07.2007 14:17 95744] S3 GT72UBUS;GT 72 U BUS;c:\windows\System32\drivers\gt72ubus.sys [26.06.2007 13:38 51968] S3 GTMM Device Service;GTMM Device Service;c:\program files\Telenor\Mobile Broadband\GtmmDeviceService.exe [02.07.2008 15:32 106496] S3 GTPTSER;GT PT SER;c:\windows\System32\drivers\gtptser.sys [30.03.2007 13:38 8064] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.ask.com?o=15015&l=dis mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0414&s=2&o=vp32&d=0309&m=aspire_8930 uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm FF - ProfilePath - c:\users\klack\AppData\Roaming\Mozilla\Firefox\Profiles\5ecm2p93.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com?o=15015&l=dis FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=DVSV5&o=15012&locale=en_US&q= FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\users\klack\AppData\Roaming\Mozilla\Firefox\Profiles\5ecm2p93.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - TOMME PEKERE FJERNET - - - - HKLM-Run-eRecoveryService - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-08 17:06 Windows 6.0.6001 Service Pack 1 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}] "ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie00.fcl" . --------------------- LÅSTE REGISTERNØKLER --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'Explorer.exe'(3340) c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll c:\windows\system32\btncopy.dll . ------------------------ Andre Kjørende Prosesser ------------------------ . c:\windows\System32\nvvsvc.exe c:\windows\System32\audiodg.exe c:\windows\System32\nvvsvc.exe c:\windows\System32\wlanext.exe c:\program files\Acer\Acer Bio Protection\CompPtcVUI.exe c:\windows\System32\agrsmsvc.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe c:\program files\Intel\WiFi\bin\EvtEng.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\acer\Mobility Center\MobilityService.exe c:\windows\System32\PnkBstrA.exe c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe c:\program files\Cyberlink\Shared files\RichVideo.exe c:\windows\System32\wbem\WMIADAP.exe . ************************************************************************** . Tidspunkt ferdig: 2009-10-08 17:12 - maskinen ble startet på nytt ComboFix-quarantined-files.txt 2009-10-08 15:12 Pre-Run: 14 530 461 696 bytes free Post-Run: 32 858 628 096 bytes free 328 --- E O F --- 2009-10-05 14:47 på forhånd takk EDIT: 09-10-09 - 10:45 Pc'n min har tidligere kjørt Call of duty: MW og 720p.mkv filer har nettop opdatert drivere. Lyden lagger også vist jeg har 2 programmer med lyd oppe samtidig, f.eks youtube og itunes, samme om jeg har på pause eller ikke.. Endret 9. oktober 2009 av ito Lenke til kommentar
norbat Skrevet 8. oktober 2009 Rapporter Del Skrevet 8. oktober 2009 Loggen viser ikke noe malware. Hva du kan slette av programmer, må du nesten selv vurdere. Avinstaller de programmene du ikke bruker fra kontrollpanel->Programmer og funksjoner. Lenke til kommentar
YMF Skrevet 8. oktober 2009 Forfatter Rapporter Del Skrevet 8. oktober 2009 Loggen viser ikke noe malware. Hva du kan slette av programmer, må du nesten selv vurdere. Avinstaller de programmene du ikke bruker fra kontrollpanel->Programmer og funksjoner. daasåå, Takk skal du ha. starter med det nå, jævlig mye drit : | Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå